Use local private credentials (json key file) to refresh GCS access token

[beinan]

Generating and refresh GCS access token by the local private credentials (json key file)
Support the credentials of either "service_account" or "authorized_user" type
Added to both presto-cli and presto-jdbc

== RELEASE NOTES ==

General Changes
* Use local private credentials (json key file) to refresh GCS access token
presto-cli --extra-credential hive.gcs.credentials.path="${PRIVATE_KEY_JSON_PATH}"

[ChunxuTang]

Do we need to hardcode the URL here? Maybe we can move it to a static variable.

[beinan]

Good catch, will extract it as a constant val

[ChunxuTang]

The GCP documentation here (https://developers.google.com/identity/protocols/oauth2) recommends creating a signed JWT with the client ID and a private key from the GCP credential. Is this step automatically covered in the Google OAuth libs?

[beinan]

Good call, I guess not. I will post another commit or PR to support JWT with a given client ID

[ChunxuTang]

Is the synchronized keyword necessary here? Will this function be invoked in a multi-threaded situation?

[beinan]

Good call. This interceptor is used by presto-cli and presto-jdbc. I think presto-jdbc might have some queries running in parallel. Even for a single query, during the http conversation, there are still multiple http calls, some of which might be triggered in an asynchronous way.

[ChunxuTang]

Gotcha. Thanks for your explanation.

[zhenxiao]

add one blank line between private static final and private final

[beinan]

done

[zhenxiao]

shall we keep hive here? kind of misleading. If the session property is already defined, could we import the string from other class?

[beinan]

The "hive.gcs.credentials.path" is the key I newly added. The other 'hive.gcs.oauth' is an existing one, which can be also found in presto-hive.

presto-hive/src/main/java/com/facebook/presto/hive/gcs/GcsConfigurationProvider.java
28: private static final String GCS_OAUTH_KEY = "hive.gcs.oauth";

If we imported the constant "hive.gcs.oauth" from presto-hive, we might introduce a new dependency from presto-client to presto-hive. Shall we do that?

I'm just thinking the name of these two keys need to be consistent.

[zhenxiao]

get it. no need to have dependency from presto-hive
keep hive.gcs.credentials.path is fine

[zhenxiao]

remove this blank line

[beinan]

done

[zhenxiao]

make constant:
https://www.googleapis.com/auth/devstorage.read_only

[beinan]

done

[zhenxiao]

oh, this PR is a dependency of:
prestodb/presto-hadoop-apache#43

[beinan]

We have updated the version to 2.7.4-8 in another pr

[zhenxiao]

static import GCSOAuthInterceptor.GCS_CREDENTIALS_PATH_KEY

[beinan]

done

[zhenxiao]

shall we keep the blank line?

[beinan]

done

[zhenxiao]

keep the blank line for format

[beinan]

done

[zhenxiao]

LGTM
@beinan could you please re-run the test?