Search in sources :

Example 16 with ServiceAccountCredentials

use of com.google.auth.oauth2.ServiceAccountCredentials in project grpc-java by grpc.

the class GoogleAuthLibraryCallCredentialsTest method serviceAccountWithScopeNotToJwt.

@Test
public void serviceAccountWithScopeNotToJwt() throws Exception {
    final AccessToken token = new AccessToken("allyourbase", new Date(Long.MAX_VALUE));
    KeyPair pair = KeyPairGenerator.getInstance("RSA").generateKeyPair();
    ServiceAccountCredentials credentials = new ServiceAccountCredentials(null, "email@example.com", pair.getPrivate(), null, Arrays.asList("somescope")) {

        @Override
        public AccessToken refreshAccessToken() {
            return token;
        }
    };
    GoogleAuthLibraryCallCredentials callCredentials = new GoogleAuthLibraryCallCredentials(credentials);
    callCredentials.applyRequestMetadata(method, attrs, executor, applier);
    assertEquals(1, runPendingRunnables());
    verify(applier).apply(headersCaptor.capture());
    Metadata headers = headersCaptor.getValue();
    Iterable<String> authorization = headers.getAll(AUTHORIZATION);
    assertArrayEquals(new String[] { "Bearer allyourbase" }, Iterables.toArray(authorization, String.class));
}
Also used : KeyPair(java.security.KeyPair) AccessToken(com.google.auth.oauth2.AccessToken) Metadata(io.grpc.Metadata) ServiceAccountCredentials(com.google.auth.oauth2.ServiceAccountCredentials) Date(java.util.Date) Test(org.junit.Test)

Example 17 with ServiceAccountCredentials

use of com.google.auth.oauth2.ServiceAccountCredentials in project google-cloud-java by GoogleCloudPlatform.

the class StorageImplTest method testSignUrlLeadingSlash.

@Test
public void testSignUrlLeadingSlash() throws NoSuchAlgorithmException, InvalidKeyException, SignatureException, UnsupportedEncodingException {
    String blobName = "/b1";
    EasyMock.replay(storageRpcMock);
    ServiceAccountCredentials credentials = new ServiceAccountCredentials(null, ACCOUNT, privateKey, null, null);
    storage = options.toBuilder().setCredentials(credentials).build().getService();
    URL url = storage.signUrl(BlobInfo.newBuilder(BUCKET_NAME1, blobName).build(), 14, TimeUnit.DAYS);
    String escapedBlobName = UrlEscapers.urlFragmentEscaper().escape(blobName);
    String stringUrl = url.toString();
    String expectedUrl = new StringBuilder("https://storage.googleapis.com/").append(BUCKET_NAME1).append(escapedBlobName).append("?GoogleAccessId=").append(ACCOUNT).append("&Expires=").append(42L + 1209600).append("&Signature=").toString();
    assertTrue(stringUrl.startsWith(expectedUrl));
    String signature = stringUrl.substring(expectedUrl.length());
    StringBuilder signedMessageBuilder = new StringBuilder();
    signedMessageBuilder.append(HttpMethod.GET).append("\n\n\n").append(42L + 1209600).append("\n/").append(BUCKET_NAME1).append(escapedBlobName);
    Signature signer = Signature.getInstance("SHA256withRSA");
    signer.initVerify(publicKey);
    signer.update(signedMessageBuilder.toString().getBytes(UTF_8));
    assertTrue(signer.verify(BaseEncoding.base64().decode(URLDecoder.decode(signature, UTF_8.name()))));
}
Also used : Signature(java.security.Signature) ServiceAccountCredentials(com.google.auth.oauth2.ServiceAccountCredentials) URL(java.net.URL) Test(org.junit.Test)

Example 18 with ServiceAccountCredentials

use of com.google.auth.oauth2.ServiceAccountCredentials in project google-auth-library-java by google.

the class ServiceAccountCredentialsTest method refreshAccessToken_retriesIOException.

@Test
public void refreshAccessToken_retriesIOException() throws IOException {
    final String accessToken1 = "1/MkSJoj1xsli0AccessToken_NKPY2";
    final String accessToken2 = "2/MkSJoj1xsli0AccessToken_NKPY2";
    MockTokenServerTransportFactory transportFactory = new MockTokenServerTransportFactory();
    MockTokenServerTransport transport = transportFactory.transport;
    ServiceAccountCredentials credentials = ServiceAccountCredentials.fromPkcs8(SA_CLIENT_ID, SA_CLIENT_EMAIL, SA_PRIVATE_KEY_PKCS8, SA_PRIVATE_KEY_ID, SCOPES, transportFactory, null);
    transport.addServiceAccount(SA_CLIENT_EMAIL, accessToken1);
    TestUtils.assertContainsBearerToken(credentials.getRequestMetadata(CALL_URI), accessToken1);
    transport.addResponseErrorSequence(new IOException());
    transport.addServiceAccount(SA_CLIENT_EMAIL, accessToken2);
    credentials.refresh();
    TestUtils.assertContainsBearerToken(credentials.getRequestMetadata(CALL_URI), accessToken2);
}
Also used : MockTokenServerTransportFactory(com.google.auth.oauth2.GoogleCredentialsTest.MockTokenServerTransportFactory) IOException(java.io.IOException) Test(org.junit.Test)

Example 19 with ServiceAccountCredentials

use of com.google.auth.oauth2.ServiceAccountCredentials in project google-auth-library-java by google.

the class ServiceAccountCredentialsTest method refreshAccessToken_retriesServerError.

@Test
public void refreshAccessToken_retriesServerError() throws IOException {
    final String accessToken1 = "1/MkSJoj1xsli0AccessToken_NKPY2";
    final String accessToken2 = "2/MkSJoj1xsli0AccessToken_NKPY2";
    MockTokenServerTransportFactory transportFactory = new MockTokenServerTransportFactory();
    MockTokenServerTransport transport = transportFactory.transport;
    ServiceAccountCredentials credentials = ServiceAccountCredentials.fromPkcs8(SA_CLIENT_ID, SA_CLIENT_EMAIL, SA_PRIVATE_KEY_PKCS8, SA_PRIVATE_KEY_ID, SCOPES, transportFactory, null);
    transport.addServiceAccount(SA_CLIENT_EMAIL, accessToken1);
    TestUtils.assertContainsBearerToken(credentials.getRequestMetadata(CALL_URI), accessToken1);
    transport.addResponseSequence(new MockLowLevelHttpResponse().setStatusCode(500));
    transport.addServiceAccount(SA_CLIENT_EMAIL, accessToken2);
    credentials.refresh();
    TestUtils.assertContainsBearerToken(credentials.getRequestMetadata(CALL_URI), accessToken2);
}
Also used : MockLowLevelHttpResponse(com.google.api.client.testing.http.MockLowLevelHttpResponse) MockTokenServerTransportFactory(com.google.auth.oauth2.GoogleCredentialsTest.MockTokenServerTransportFactory) Test(org.junit.Test)

Example 20 with ServiceAccountCredentials

use of com.google.auth.oauth2.ServiceAccountCredentials in project google-auth-library-java by google.

the class ServiceAccountCredentialsTest method refreshAccessToken_refreshesToken.

@Test
public void refreshAccessToken_refreshesToken() throws IOException {
    final String accessToken1 = "1/MkSJoj1xsli0AccessToken_NKPY2";
    final String accessToken2 = "2/MkSJoj1xsli0AccessToken_NKPY2";
    MockTokenServerTransportFactory transportFactory = new MockTokenServerTransportFactory();
    MockTokenServerTransport transport = transportFactory.transport;
    ServiceAccountCredentials credentials = ServiceAccountCredentials.fromPkcs8(SA_CLIENT_ID, SA_CLIENT_EMAIL, SA_PRIVATE_KEY_PKCS8, SA_PRIVATE_KEY_ID, SCOPES, transportFactory, null);
    transport.addServiceAccount(SA_CLIENT_EMAIL, accessToken1);
    TestUtils.assertContainsBearerToken(credentials.getRequestMetadata(CALL_URI), accessToken1);
    transport.addServiceAccount(SA_CLIENT_EMAIL, accessToken2);
    credentials.refresh();
    TestUtils.assertContainsBearerToken(credentials.getRequestMetadata(CALL_URI), accessToken2);
}
Also used : MockTokenServerTransportFactory(com.google.auth.oauth2.GoogleCredentialsTest.MockTokenServerTransportFactory) Test(org.junit.Test)

Aggregations

Test (org.junit.Test)18 ServiceAccountCredentials (com.google.auth.oauth2.ServiceAccountCredentials)12 MockTokenServerTransportFactory (com.google.auth.oauth2.GoogleCredentialsTest.MockTokenServerTransportFactory)10 URL (java.net.URL)5 Signature (java.security.Signature)5 MockLowLevelHttpResponse (com.google.api.client.testing.http.MockLowLevelHttpResponse)3 Metadata (io.grpc.Metadata)3 KeyPair (java.security.KeyPair)3 GenericJson (com.google.api.client.json.GenericJson)2 GoogleCredentials (com.google.auth.oauth2.GoogleCredentials)2 SimpleRequest (io.grpc.testing.integration.Messages.SimpleRequest)2 SimpleResponse (io.grpc.testing.integration.Messages.SimpleResponse)2 ByteArrayInputStream (java.io.ByteArrayInputStream)2 IOException (java.io.IOException)2 URI (java.net.URI)2 HttpHeaders (com.google.api.client.http.HttpHeaders)1 FixedClock (com.google.api.client.testing.http.FixedClock)1 CredentialsProvider (com.google.api.gax.core.CredentialsProvider)1 FixedCredentialsProvider (com.google.api.gax.core.FixedCredentialsProvider)1 HttpTransportFactory (com.google.auth.http.HttpTransportFactory)1