Do not assume that http.DefaultClient and http.DefaultTransport is always available.

google/appenginevm.go

@@ -3,29 +3,40 @@
 package google
 
 import (
-	"net/http"
-
 	"github.com/golang/oauth2"
 	"google.golang.org/appengine"
+	"google.golang.org/appengine/urlfetch"
 )
 
 // AppEngineConfig represents a configuration for an
 // App Engine application's Google service account.
 type AppEngineConfig struct {
-	context appengine.Context
-	scopes  []string
+	// Transport represents the default transport to be used while constructing
+	// oauth2.Transport instances from this configuration.
+	Transport *urlfetch.Transport
+	context   appengine.Context
+
+	scopes []string
 }
 
 // NewAppEngineConfig creates a new AppEngineConfig for the
 // provided auth scopes.
 func NewAppEngineConfig(context appengine.Context, scopes []string) *AppEngineConfig {
-	return &AppEngineConfig{context: context, scopes: scopes}
+	return &AppEngineConfig{
+		Transport: &urlfetch.Transport{
+			Context:                       context,
+			Deadline:                      0,
+			AllowInvalidServerCertificate: false,
+		},
+		context: context,
+		scopes:  scopes,
+	}
 }
 
 // NewTransport returns a transport that authorizes
 // the requests with the application's service account.
 func (c *AppEngineConfig) NewTransport() *oauth2.Transport {
-	return oauth2.NewTransport(http.DefaultTransport, c, nil)
+	return oauth2.NewTransport(c.Transport, c, nil)
 }
 
 // FetchToken fetches a new access token for the provided scopes.