Example 11 with ServiceAccountCredentials
use of com.google.auth.oauth2.ServiceAccountCredentials in project google-auth-library-java by google.
the class ServiceAccountCredentialsTest method refreshAccessToken_retriesForbiddenError.
@Test
public void refreshAccessToken_retriesForbiddenError() throws IOException {
final String accessToken1 = "1/MkSJoj1xsli0AccessToken_NKPY2";
final String accessToken2 = "2/MkSJoj1xsli0AccessToken_NKPY2";
MockTokenServerTransportFactory transportFactory = new MockTokenServerTransportFactory();
MockTokenServerTransport transport = transportFactory.transport;
ServiceAccountCredentials credentials = ServiceAccountCredentials.fromPkcs8(SA_CLIENT_ID, SA_CLIENT_EMAIL, SA_PRIVATE_KEY_PKCS8, SA_PRIVATE_KEY_ID, SCOPES, transportFactory, null);
transport.addServiceAccount(SA_CLIENT_EMAIL, accessToken1);
TestUtils.assertContainsBearerToken(credentials.getRequestMetadata(CALL_URI), accessToken1);
transport.addResponseSequence(new MockLowLevelHttpResponse().setStatusCode(403));
transport.addServiceAccount(SA_CLIENT_EMAIL, accessToken2);
credentials.refresh();
TestUtils.assertContainsBearerToken(credentials.getRequestMetadata(CALL_URI), accessToken2);
}
Also used :
MockLowLevelHttpResponse(com.google.api.client.testing.http.MockLowLevelHttpResponse)
MockTokenServerTransportFactory(com.google.auth.oauth2.GoogleCredentialsTest.MockTokenServerTransportFactory)
Test(org.junit.Test)
Example 12 with ServiceAccountCredentials
use of com.google.auth.oauth2.ServiceAccountCredentials in project grpc-java by grpc.
the class GoogleAuthLibraryCallCredentialsTest method jwtAccessCredentialsInRequestMetadata.
@Test
public void jwtAccessCredentialsInRequestMetadata() throws Exception {
KeyPair pair = KeyPairGenerator.getInstance("RSA").generateKeyPair();
ServiceAccountCredentials credentials = ServiceAccountCredentials.newBuilder().setClientId("test-client").setClientEmail("test-email@example.com").setPrivateKey(pair.getPrivate()).setPrivateKeyId("test-private-key-id").build();
GoogleAuthLibraryCallCredentials callCredentials = new GoogleAuthLibraryCallCredentials(credentials);
callCredentials.applyRequestMetadata(new RequestInfoImpl("example.com:123"), executor, applier);
verify(applier).apply(headersCaptor.capture());
Metadata headers = headersCaptor.getValue();
String token = Iterables.getOnlyElement(headers.getAll(AUTHORIZATION)).substring("Bearer ".length());
String[] parts = token.split("\\.", 3);
String jsonHeader = new String(BaseEncoding.base64Url().decode(parts[0]), US_ASCII);
String jsonPayload = new String(BaseEncoding.base64Url().decode(parts[1]), US_ASCII);
Map<?, ?> header = (Map<?, ?>) JsonParser.parse(jsonHeader);
assertEquals("test-private-key-id", header.get("kid"));
Map<?, ?> payload = (Map<?, ?>) JsonParser.parse(jsonPayload);
// google-auth-library-java 0.25.2 began stripping the grpc service name from the audience.
// Allow tests to pass with both the old and new versions for a while to avoid an atomic upgrade
// everywhere google-auth-library-java is used.
assertTrue("https://example.com/".equals(payload.get("aud")) || "https://example.com:123/a.service".equals(payload.get("aud")));
assertEquals("test-email@example.com", payload.get("iss"));
assertEquals("test-email@example.com", payload.get("sub"));
}
Also used :
KeyPair(java.security.KeyPair)
Metadata(io.grpc.Metadata)
ServiceAccountCredentials(com.google.auth.oauth2.ServiceAccountCredentials)
Map(java.util.Map)
Test(org.junit.Test)
Example 13 with ServiceAccountCredentials
use of com.google.auth.oauth2.ServiceAccountCredentials in project grpc-java by grpc.
the class AbstractInteropTest method jwtTokenCreds.
/**
* Test JWT-based auth.
*/
public void jwtTokenCreds(InputStream serviceAccountJson) throws Exception {
final SimpleRequest request = SimpleRequest.newBuilder().setResponseSize(314159).setPayload(Payload.newBuilder().setBody(ByteString.copyFrom(new byte[271828]))).setFillUsername(true).build();
ServiceAccountCredentials credentials = (ServiceAccountCredentials) GoogleCredentials.fromStream(serviceAccountJson);
TestServiceGrpc.TestServiceBlockingStub stub = blockingStub.withCallCredentials(MoreCallCredentials.from(credentials));
SimpleResponse response = stub.unaryCall(request);
assertEquals(credentials.getClientEmail(), response.getUsername());
assertEquals(314159, response.getPayload().getBody().size());
}
Also used :
SimpleResponse(io.grpc.testing.integration.Messages.SimpleResponse)
ServiceAccountCredentials(com.google.auth.oauth2.ServiceAccountCredentials)
SimpleRequest(io.grpc.testing.integration.Messages.SimpleRequest)
Example 14 with ServiceAccountCredentials
use of com.google.auth.oauth2.ServiceAccountCredentials in project thingsboard by thingsboard.
the class TbPubSubSettings method init.
@PostConstruct
private void init() throws IOException {
ServiceAccountCredentials credentials = ServiceAccountCredentials.fromStream(new ByteArrayInputStream(serviceAccount.getBytes()));
credentialsProvider = FixedCredentialsProvider.create(credentials);
}
Also used :
ByteArrayInputStream(java.io.ByteArrayInputStream)
ServiceAccountCredentials(com.google.auth.oauth2.ServiceAccountCredentials)
PostConstruct(javax.annotation.PostConstruct)
Example 15 with ServiceAccountCredentials
use of com.google.auth.oauth2.ServiceAccountCredentials in project thingsboard by thingsboard.
the class TbPubSubNode method initPubSubClient.
private Publisher initPubSubClient() throws IOException {
ProjectTopicName topicName = ProjectTopicName.of(config.getProjectId(), config.getTopicName());
ServiceAccountCredentials credentials = ServiceAccountCredentials.fromStream(new ByteArrayInputStream(config.getServiceAccountKey().getBytes()));
CredentialsProvider credProvider = FixedCredentialsProvider.create(credentials);
return Publisher.newBuilder(topicName).setCredentialsProvider(credProvider).build();
}
Also used :
ByteArrayInputStream(java.io.ByteArrayInputStream)
ServiceAccountCredentials(com.google.auth.oauth2.ServiceAccountCredentials)
ProjectTopicName(com.google.pubsub.v1.ProjectTopicName)
FixedCredentialsProvider(com.google.api.gax.core.FixedCredentialsProvider)
CredentialsProvider(com.google.api.gax.core.CredentialsProvider)
Aggregations
Test (org.junit.Test)18
ServiceAccountCredentials (com.google.auth.oauth2.ServiceAccountCredentials)12
MockTokenServerTransportFactory (com.google.auth.oauth2.GoogleCredentialsTest.MockTokenServerTransportFactory)10
URL (java.net.URL)5
Signature (java.security.Signature)5
MockLowLevelHttpResponse (com.google.api.client.testing.http.MockLowLevelHttpResponse)3
Metadata (io.grpc.Metadata)3
KeyPair (java.security.KeyPair)3
GenericJson (com.google.api.client.json.GenericJson)2
GoogleCredentials (com.google.auth.oauth2.GoogleCredentials)2
SimpleRequest (io.grpc.testing.integration.Messages.SimpleRequest)2
SimpleResponse (io.grpc.testing.integration.Messages.SimpleResponse)2
ByteArrayInputStream (java.io.ByteArrayInputStream)2
IOException (java.io.IOException)2
URI (java.net.URI)2
HttpHeaders (com.google.api.client.http.HttpHeaders)1
FixedClock (com.google.api.client.testing.http.FixedClock)1
CredentialsProvider (com.google.api.gax.core.CredentialsProvider)1
FixedCredentialsProvider (com.google.api.gax.core.FixedCredentialsProvider)1
HttpTransportFactory (com.google.auth.http.HttpTransportFactory)1
