Examples with Payload com.google.api.client.json.webtoken.JsonWebToken.Payload used on opensource projects

Example 1 with Payload

use of com.google.api.client.json.webtoken.JsonWebToken.Payload in project google-auth-library-java by googleapis.

the class ComputeEngineCredentialsTest method idTokenWithAudience_license.

@Test
@SuppressWarnings("unchecked")
void idTokenWithAudience_license() throws IOException {
    MockMetadataServerTransportFactory transportFactory = new MockMetadataServerTransportFactory();
    ComputeEngineCredentials credentials = ComputeEngineCredentials.newBuilder().setHttpTransportFactory(transportFactory).build();
    String targetAudience = "https://foo.bar";
    IdTokenCredentials tokenCredential = IdTokenCredentials.newBuilder().setIdTokenProvider(credentials).setTargetAudience(targetAudience).setOptions(Arrays.asList(IdTokenProvider.Option.FORMAT_FULL, IdTokenProvider.Option.LICENSES_TRUE)).build();
    tokenCredential.refresh();
    Payload p = tokenCredential.getIdToken().getJsonWebSignature().getPayload();
    assertTrue(p.containsKey("google"), "Full ID Token format not provided");
    ArrayMap<String, ArrayMap> googleClaim = (ArrayMap<String, ArrayMap>) p.get("google");
    assertTrue(googleClaim.containsKey("license"));
}

Example 2 with Payload

use of com.google.api.client.json.webtoken.JsonWebToken.Payload in project google-auth-library-java by google.

the class ImpersonatedCredentialsTest method idTokenWithAudience_withEmail.

@Test
void idTokenWithAudience_withEmail() throws IOException {
    mockTransportFactory.transport.setTargetPrincipal(IMPERSONATED_CLIENT_EMAIL);
    mockTransportFactory.transport.setAccessToken(ACCESS_TOKEN);
    mockTransportFactory.transport.setExpireTime(getDefaultExpireTime());
    ImpersonatedCredentials targetCredentials = ImpersonatedCredentials.create(sourceCredentials, IMPERSONATED_CLIENT_EMAIL, null, IMMUTABLE_SCOPES_LIST, VALID_LIFETIME, mockTransportFactory);
    mockTransportFactory.transport.setIdToken(TOKEN_WITH_EMAIL);
    String targetAudience = "https://foo.bar";
    IdTokenCredentials tokenCredential = IdTokenCredentials.newBuilder().setIdTokenProvider(targetCredentials).setTargetAudience(targetAudience).setOptions(Arrays.asList(IdTokenProvider.Option.INCLUDE_EMAIL)).build();
    tokenCredential.refresh();
    assertEquals(TOKEN_WITH_EMAIL, tokenCredential.getAccessToken().getTokenValue());
    Payload p = tokenCredential.getIdToken().getJsonWebSignature().getPayload();
    assertTrue(p.containsKey("email"));
}

Example 3 with Payload

use of com.google.api.client.json.webtoken.JsonWebToken.Payload in project google-auth-library-java by google.

the class ComputeEngineCredentialsTest method idTokenWithAudience_full.

@Test
@SuppressWarnings("unchecked")
void idTokenWithAudience_full() throws IOException {
    MockMetadataServerTransportFactory transportFactory = new MockMetadataServerTransportFactory();
    ComputeEngineCredentials credentials = ComputeEngineCredentials.newBuilder().setHttpTransportFactory(transportFactory).build();
    String targetAudience = "https://foo.bar";
    IdTokenCredentials tokenCredential = IdTokenCredentials.newBuilder().setIdTokenProvider(credentials).setTargetAudience(targetAudience).setOptions(Arrays.asList(IdTokenProvider.Option.FORMAT_FULL)).build();
    tokenCredential.refresh();
    Payload p = tokenCredential.getIdToken().getJsonWebSignature().getPayload();
    assertTrue(p.containsKey("google"), "Full ID Token format not provided");
    ArrayMap<String, ArrayMap> googleClaim = (ArrayMap<String, ArrayMap>) p.get("google");
    assertTrue(googleClaim.containsKey("compute_engine"));
}

Example 4 with Payload

use of com.google.api.client.json.webtoken.JsonWebToken.Payload in project google-auth-library-java by google.

the class ComputeEngineCredentialsTest method idTokenWithAudience_license.

@Test
@SuppressWarnings("unchecked")
void idTokenWithAudience_license() throws IOException {
    MockMetadataServerTransportFactory transportFactory = new MockMetadataServerTransportFactory();
    ComputeEngineCredentials credentials = ComputeEngineCredentials.newBuilder().setHttpTransportFactory(transportFactory).build();
    String targetAudience = "https://foo.bar";
    IdTokenCredentials tokenCredential = IdTokenCredentials.newBuilder().setIdTokenProvider(credentials).setTargetAudience(targetAudience).setOptions(Arrays.asList(IdTokenProvider.Option.FORMAT_FULL, IdTokenProvider.Option.LICENSES_TRUE)).build();
    tokenCredential.refresh();
    Payload p = tokenCredential.getIdToken().getJsonWebSignature().getPayload();
    assertTrue(p.containsKey("google"), "Full ID Token format not provided");
    ArrayMap<String, ArrayMap> googleClaim = (ArrayMap<String, ArrayMap>) p.get("google");
    assertTrue(googleClaim.containsKey("license"));
}

Example 5 with Payload

use of com.google.api.client.json.webtoken.JsonWebToken.Payload in project styx by spotify.

the class GoogleIdTokenAuth method getServiceAccountToken.

private String getServiceAccountToken(ServiceAccountCredentials credential, String targetAudience) throws IOException, GeneralSecurityException {
    log.debug("Fetching service account id token for {}", credential.getAccount());
    final TokenRequest request = new TokenRequest(this.httpTransport, JSON_FACTORY, new GenericUrl(credential.getTokenServerUri()), "urn:ietf:params:oauth:grant-type:jwt-bearer");
    final Header header = jwtHeader();
    final Payload payload = jwtPayload(targetAudience, credential.getAccount(), credential.getTokenServerUri().toString());
    request.put("assertion", JsonWebSignature.signUsingRsaSha256(credential.getPrivateKey(), JSON_FACTORY, header, payload));
    final TokenResponse response = request.execute();
    return (String) response.get("id_token");
}