Example 86 with AccessToken
use of com.microsoft.identity.common.internal.providers.oauth2.AccessToken in project grpc-java by grpc.
the class GoogleAuthLibraryCallCredentialsTest method googleCredential_integrityDenied.
@Test
public void googleCredential_integrityDenied() {
final AccessToken token = new AccessToken("allyourbase", new Date(Long.MAX_VALUE));
final Credentials credentials = GoogleCredentials.create(token);
// Anything less than PRIVACY_AND_INTEGRITY should fail
GoogleAuthLibraryCallCredentials callCredentials = new GoogleAuthLibraryCallCredentials(credentials);
callCredentials.applyRequestMetadata(new RequestInfoImpl(SecurityLevel.INTEGRITY), executor, applier);
runPendingRunnables();
verify(applier).fail(statusCaptor.capture());
Status status = statusCaptor.getValue();
assertEquals(Status.Code.UNAUTHENTICATED, status.getCode());
}
Also used :
Status(io.grpc.Status)
AccessToken(com.google.auth.oauth2.AccessToken)
Date(java.util.Date)
Credentials(com.google.auth.Credentials)
CallCredentials(io.grpc.CallCredentials)
OAuth2Credentials(com.google.auth.oauth2.OAuth2Credentials)
GoogleCredentials(com.google.auth.oauth2.GoogleCredentials)
ServiceAccountCredentials(com.google.auth.oauth2.ServiceAccountCredentials)
Test(org.junit.Test)
Example 87 with AccessToken
use of com.microsoft.identity.common.internal.providers.oauth2.AccessToken in project grpc-java by grpc.
the class GoogleAuthLibraryCallCredentialsTest method googleCredential_privacyAndIntegrityAllowed.
@Test
public void googleCredential_privacyAndIntegrityAllowed() {
final AccessToken token = new AccessToken("allyourbase", new Date(Long.MAX_VALUE));
final Credentials credentials = GoogleCredentials.create(token);
GoogleAuthLibraryCallCredentials callCredentials = new GoogleAuthLibraryCallCredentials(credentials);
callCredentials.applyRequestMetadata(new RequestInfoImpl(SecurityLevel.PRIVACY_AND_INTEGRITY), executor, applier);
runPendingRunnables();
verify(applier).apply(headersCaptor.capture());
Metadata headers = headersCaptor.getValue();
Iterable<String> authorization = headers.getAll(AUTHORIZATION);
assertArrayEquals(new String[] { "Bearer allyourbase" }, Iterables.toArray(authorization, String.class));
}
Also used :
AccessToken(com.google.auth.oauth2.AccessToken)
Metadata(io.grpc.Metadata)
Date(java.util.Date)
Credentials(com.google.auth.Credentials)
CallCredentials(io.grpc.CallCredentials)
OAuth2Credentials(com.google.auth.oauth2.OAuth2Credentials)
GoogleCredentials(com.google.auth.oauth2.GoogleCredentials)
ServiceAccountCredentials(com.google.auth.oauth2.ServiceAccountCredentials)
Test(org.junit.Test)
Example 88 with AccessToken
use of com.microsoft.identity.common.internal.providers.oauth2.AccessToken in project cdap by cdapio.
the class ComputeEngineCredentials method getAccessTokenRemotely.
private AccessToken getAccessTokenRemotely(String endPoint) throws IOException {
URL url = new URL(endPoint);
HttpURLConnection connection = (HttpURLConnection) url.openConnection();
if (connection instanceof HttpsURLConnection) {
// TODO (CDAP-18047) enable ssl verification
disableVerifySSL(((HttpsURLConnection) connection));
}
connection.connect();
try (Reader reader = new InputStreamReader(connection.getInputStream(), StandardCharsets.UTF_8)) {
if (connection.getResponseCode() != HttpResponseStatus.OK.code()) {
throw new IOException(CharStreams.toString(reader));
}
GenericData token = GSON.fromJson(reader, GenericData.class);
if (!token.containsKey(ACCESS_TOKEN_KEY) || !token.containsKey(EXPIRES_IN_KEY)) {
throw new IOException("Received invalid token");
}
String key = token.get(ACCESS_TOKEN_KEY).toString();
Double expiration = Double.parseDouble(token.get(EXPIRES_IN_KEY).toString());
long expiresAtMilliseconds = System.currentTimeMillis() + expiration.longValue() * 1000;
return new AccessToken(key, new Date(expiresAtMilliseconds));
} finally {
connection.disconnect();
}
}
Also used :
HttpURLConnection(java.net.HttpURLConnection)
InputStreamReader(java.io.InputStreamReader)
AccessToken(com.google.auth.oauth2.AccessToken)
Reader(java.io.Reader)
InputStreamReader(java.io.InputStreamReader)
IOException(java.io.IOException)
GenericData(com.google.api.client.util.GenericData)
URL(java.net.URL)
HttpsURLConnection(javax.net.ssl.HttpsURLConnection)
Date(java.util.Date)
Example 89 with AccessToken
use of com.microsoft.identity.common.internal.providers.oauth2.AccessToken in project cdap by cdapio.
the class GCPRemoteAuthenticatorTest method testRemoteAuthenticatorReturnsValidAccessToken.
@Test
public void testRemoteAuthenticatorReturnsValidAccessToken() throws Exception {
String accessTokenValue = "access-token";
// This is just an arbitrary fixed point in time.
Instant fixedInstant = Instant.ofEpochSecond(1646358109);
Clock fixedClock = Clock.fixed(fixedInstant, ZoneId.systemDefault());
GoogleCredentials mockGoogleCredentials = mock(GoogleCredentials.class);
AccessToken accessToken = new AccessToken(accessTokenValue, Date.from(fixedInstant.plus(Duration.ofHours(1))));
when(mockGoogleCredentials.refreshAccessToken()).thenReturn(accessToken);
GCPRemoteAuthenticator gcpRemoteAuthenticator = new GCPRemoteAuthenticator(mockGoogleCredentials, fixedClock, accessToken);
// Verify expected credential value and that refresh was not called.
Credential credential = gcpRemoteAuthenticator.getCredentials();
Assert.assertEquals(accessTokenValue, credential.getValue());
verify(mockGoogleCredentials, times(0)).refreshAccessToken();
}
Also used :
Credential(io.cdap.cdap.proto.security.Credential)
AccessToken(com.google.auth.oauth2.AccessToken)
Instant(java.time.Instant)
GoogleCredentials(com.google.auth.oauth2.GoogleCredentials)
Clock(java.time.Clock)
Test(org.junit.Test)
Example 90 with AccessToken
use of com.microsoft.identity.common.internal.providers.oauth2.AccessToken in project terra-cli by DataBiosphere.
the class User method requiresReauthentication.
/**
* Return true if the user credentials are expired or do not exist on disk.
*/
public boolean requiresReauthentication() {
if (googleCredentials == null) {
return true;
}
// this method call will attempt to refresh the token if it's already expired
AccessToken accessToken = getUserAccessToken();
// check if the token is expired
logger.debug("Access token expiration date: {}", accessToken.getExpirationTime());
Date cutOffDate = new Date();
cutOffDate.setTime(cutOffDate.getTime() + CREDENTIAL_EXPIRATION_OFFSET_MS);
return accessToken.getExpirationTime().compareTo(cutOffDate) <= 0;
}
Also used :
AccessToken(com.google.auth.oauth2.AccessToken)
Date(java.util.Date)
Aggregations
AccessToken (com.google.auth.oauth2.AccessToken)78
Test (org.junit.Test)44
GoogleCredentials (com.google.auth.oauth2.GoogleCredentials)33
Date (java.util.Date)23
IOException (java.io.IOException)20
AccessToken (io.vertx.ext.auth.oauth2.AccessToken)16
Instant (java.time.Instant)10
Client (javax.ws.rs.client.Client)10
AccessToken (org.glassfish.jersey.client.oauth1.AccessToken)10
ConsumerCredentials (org.glassfish.jersey.client.oauth1.ConsumerCredentials)10
JsonObject (io.vertx.core.json.JsonObject)9
URI (java.net.URI)9
Feature (javax.ws.rs.core.Feature)8
JerseyTest (org.glassfish.jersey.test.JerseyTest)8
MockHttpTransport (com.google.api.client.testing.http.MockHttpTransport)6
ServiceAccountCredentials (com.google.auth.oauth2.ServiceAccountCredentials)6
Credential (io.cdap.cdap.proto.security.Credential)6
InputStreamReader (java.io.InputStreamReader)6
Clock (java.time.Clock)6
WebTarget (javax.ws.rs.client.WebTarget)6
