use of com.google.auth.oauth2.ServiceAccountCredentials in project grpc-java by grpc.
the class GoogleAuthLibraryCallCredentialsTest method serviceAccountWithScopeNotToJwt.
@Test
public void serviceAccountWithScopeNotToJwt() throws Exception {
final AccessToken token = new AccessToken("allyourbase", new Date(Long.MAX_VALUE));
KeyPair pair = KeyPairGenerator.getInstance("RSA").generateKeyPair();
ServiceAccountCredentials credentials = new ServiceAccountCredentials(null, "email@example.com", pair.getPrivate(), null, Arrays.asList("somescope")) {
@Override
public AccessToken refreshAccessToken() {
return token;
}
};
GoogleAuthLibraryCallCredentials callCredentials = new GoogleAuthLibraryCallCredentials(credentials);
callCredentials.applyRequestMetadata(method, attrs, executor, applier);
assertEquals(1, runPendingRunnables());
verify(applier).apply(headersCaptor.capture());
Metadata headers = headersCaptor.getValue();
Iterable<String> authorization = headers.getAll(AUTHORIZATION);
assertArrayEquals(new String[] { "Bearer allyourbase" }, Iterables.toArray(authorization, String.class));
}
use of com.google.auth.oauth2.ServiceAccountCredentials in project grpc-java by grpc.
the class GoogleAuthLibraryCallCredentialsTest method serviceAccountToJwt.
@Test
public void serviceAccountToJwt() throws Exception {
KeyPair pair = KeyPairGenerator.getInstance("RSA").generateKeyPair();
ServiceAccountCredentials credentials = new ServiceAccountCredentials(null, "email@example.com", pair.getPrivate(), null, null) {
@Override
public AccessToken refreshAccessToken() {
throw new AssertionError();
}
};
GoogleAuthLibraryCallCredentials callCredentials = new GoogleAuthLibraryCallCredentials(credentials);
callCredentials.applyRequestMetadata(method, attrs, executor, applier);
assertEquals(1, runPendingRunnables());
verify(applier).apply(headersCaptor.capture());
Metadata headers = headersCaptor.getValue();
String[] authorization = Iterables.toArray(headers.getAll(AUTHORIZATION), String.class);
assertEquals(1, authorization.length);
assertTrue(authorization[0], authorization[0].startsWith("Bearer "));
// JWT is reasonably long. Normal tokens aren't.
assertTrue(authorization[0], authorization[0].length() > 300);
}
use of com.google.auth.oauth2.ServiceAccountCredentials in project grpc-java by grpc.
the class AbstractInteropTest method serviceAccountCreds.
/** Sends a large unary rpc with service account credentials. */
public void serviceAccountCreds(String jsonKey, InputStream credentialsStream, String authScope) throws Exception {
// cast to ServiceAccountCredentials to double-check the right type of object was created.
GoogleCredentials credentials = ServiceAccountCredentials.class.cast(GoogleCredentials.fromStream(credentialsStream));
credentials = credentials.createScoped(Arrays.<String>asList(authScope));
TestServiceGrpc.TestServiceBlockingStub stub = blockingStub.withCallCredentials(MoreCallCredentials.from(credentials));
final SimpleRequest request = SimpleRequest.newBuilder().setFillUsername(true).setFillOauthScope(true).setResponseSize(314159).setResponseType(PayloadType.COMPRESSABLE).setPayload(Payload.newBuilder().setBody(ByteString.copyFrom(new byte[271828]))).build();
final SimpleResponse response = stub.unaryCall(request);
assertFalse(response.getUsername().isEmpty());
assertTrue("Received username: " + response.getUsername(), jsonKey.contains(response.getUsername()));
assertFalse(response.getOauthScope().isEmpty());
assertTrue("Received oauth scope: " + response.getOauthScope(), authScope.contains(response.getOauthScope()));
final SimpleResponse goldenResponse = SimpleResponse.newBuilder().setOauthScope(response.getOauthScope()).setUsername(response.getUsername()).setPayload(Payload.newBuilder().setType(PayloadType.COMPRESSABLE).setBody(ByteString.copyFrom(new byte[314159]))).build();
assertEquals(goldenResponse, response);
}
use of com.google.auth.oauth2.ServiceAccountCredentials in project google-cloud-java by GoogleCloudPlatform.
the class StorageImplTest method testSignUrlLeadingSlash.
@Test
public void testSignUrlLeadingSlash() throws NoSuchAlgorithmException, InvalidKeyException, SignatureException, UnsupportedEncodingException {
String blobName = "/b1";
EasyMock.replay(storageRpcMock);
ServiceAccountCredentials credentials = new ServiceAccountCredentials(null, ACCOUNT, privateKey, null, null);
storage = options.toBuilder().setCredentials(credentials).build().getService();
URL url = storage.signUrl(BlobInfo.newBuilder(BUCKET_NAME1, blobName).build(), 14, TimeUnit.DAYS);
String escapedBlobName = UrlEscapers.urlFragmentEscaper().escape(blobName);
String stringUrl = url.toString();
String expectedUrl = new StringBuilder("https://storage.googleapis.com/").append(BUCKET_NAME1).append(escapedBlobName).append("?GoogleAccessId=").append(ACCOUNT).append("&Expires=").append(42L + 1209600).append("&Signature=").toString();
assertTrue(stringUrl.startsWith(expectedUrl));
String signature = stringUrl.substring(expectedUrl.length());
StringBuilder signedMessageBuilder = new StringBuilder();
signedMessageBuilder.append(HttpMethod.GET).append("\n\n\n").append(42L + 1209600).append("\n/").append(BUCKET_NAME1).append(escapedBlobName);
Signature signer = Signature.getInstance("SHA256withRSA");
signer.initVerify(publicKey);
signer.update(signedMessageBuilder.toString().getBytes(UTF_8));
assertTrue(signer.verify(BaseEncoding.base64().decode(URLDecoder.decode(signature, UTF_8.name()))));
}
use of com.google.auth.oauth2.ServiceAccountCredentials in project zhcet-web by zhcet-amu.
the class FirebaseService method initializeFirebase.
private void initializeFirebase() throws IOException {
try {
String messagingScope = "https://www.googleapis.com/auth/firebase.messaging";
googleCredential = GoogleCredential.fromStream(firebaseLocator.getServiceAccountStream()).createScoped(Collections.singletonList(messagingScope));
GoogleCredentials googleCredentials = GoogleCredentials.fromStream(firebaseLocator.getServiceAccountStream());
projectId = ((ServiceAccountCredentials) googleCredentials).getProjectId();
if (projectId == null)
throw new RuntimeException("Project ID must not be null");
FirebaseOptions options = new FirebaseOptions.Builder().setCredentials(googleCredentials).setDatabaseUrl(getDatabaseUrl()).setStorageBucket(getStorageBucket()).build();
FirebaseApp.initializeApp(options);
log.info(ConsoleHelper.green("Firebase Initialized"));
} catch (IllegalStateException ise) {
log.info(ConsoleHelper.yellow("Firebase already initialized"));
} catch (IllegalArgumentException e) {
uninitialized = true;
log.error("Firebase couldn't be initialized", e);
}
}
Aggregations