use of org.glassfish.jersey.client.oauth1.AccessToken in project grpc-java by grpc.
the class GoogleAuthLibraryCallCredentialsTest method googleCredential_integrityDenied.
@Test
public void googleCredential_integrityDenied() {
final AccessToken token = new AccessToken("allyourbase", new Date(Long.MAX_VALUE));
final Credentials credentials = GoogleCredentials.create(token);
// Anything less than PRIVACY_AND_INTEGRITY should fail
GoogleAuthLibraryCallCredentials callCredentials = new GoogleAuthLibraryCallCredentials(credentials);
callCredentials.applyRequestMetadata(new RequestInfoImpl(SecurityLevel.INTEGRITY), executor, applier);
runPendingRunnables();
verify(applier).fail(statusCaptor.capture());
Status status = statusCaptor.getValue();
assertEquals(Status.Code.UNAUTHENTICATED, status.getCode());
}
use of org.glassfish.jersey.client.oauth1.AccessToken in project grpc-java by grpc.
the class GoogleAuthLibraryCallCredentialsTest method googleCredential_privacyAndIntegrityAllowed.
@Test
public void googleCredential_privacyAndIntegrityAllowed() {
final AccessToken token = new AccessToken("allyourbase", new Date(Long.MAX_VALUE));
final Credentials credentials = GoogleCredentials.create(token);
GoogleAuthLibraryCallCredentials callCredentials = new GoogleAuthLibraryCallCredentials(credentials);
callCredentials.applyRequestMetadata(new RequestInfoImpl(SecurityLevel.PRIVACY_AND_INTEGRITY), executor, applier);
runPendingRunnables();
verify(applier).apply(headersCaptor.capture());
Metadata headers = headersCaptor.getValue();
Iterable<String> authorization = headers.getAll(AUTHORIZATION);
assertArrayEquals(new String[] { "Bearer allyourbase" }, Iterables.toArray(authorization, String.class));
}
use of org.glassfish.jersey.client.oauth1.AccessToken in project cdap by cdapio.
the class ComputeEngineCredentials method getAccessTokenRemotely.
private AccessToken getAccessTokenRemotely(String endPoint) throws IOException {
URL url = new URL(endPoint);
HttpURLConnection connection = (HttpURLConnection) url.openConnection();
if (connection instanceof HttpsURLConnection) {
// TODO (CDAP-18047) enable ssl verification
disableVerifySSL(((HttpsURLConnection) connection));
}
connection.connect();
try (Reader reader = new InputStreamReader(connection.getInputStream(), StandardCharsets.UTF_8)) {
if (connection.getResponseCode() != HttpResponseStatus.OK.code()) {
throw new IOException(CharStreams.toString(reader));
}
GenericData token = GSON.fromJson(reader, GenericData.class);
if (!token.containsKey(ACCESS_TOKEN_KEY) || !token.containsKey(EXPIRES_IN_KEY)) {
throw new IOException("Received invalid token");
}
String key = token.get(ACCESS_TOKEN_KEY).toString();
Double expiration = Double.parseDouble(token.get(EXPIRES_IN_KEY).toString());
long expiresAtMilliseconds = System.currentTimeMillis() + expiration.longValue() * 1000;
return new AccessToken(key, new Date(expiresAtMilliseconds));
} finally {
connection.disconnect();
}
}
use of org.glassfish.jersey.client.oauth1.AccessToken in project cdap by cdapio.
the class GCPRemoteAuthenticatorTest method testRemoteAuthenticatorReturnsValidAccessToken.
@Test
public void testRemoteAuthenticatorReturnsValidAccessToken() throws Exception {
String accessTokenValue = "access-token";
// This is just an arbitrary fixed point in time.
Instant fixedInstant = Instant.ofEpochSecond(1646358109);
Clock fixedClock = Clock.fixed(fixedInstant, ZoneId.systemDefault());
GoogleCredentials mockGoogleCredentials = mock(GoogleCredentials.class);
AccessToken accessToken = new AccessToken(accessTokenValue, Date.from(fixedInstant.plus(Duration.ofHours(1))));
when(mockGoogleCredentials.refreshAccessToken()).thenReturn(accessToken);
GCPRemoteAuthenticator gcpRemoteAuthenticator = new GCPRemoteAuthenticator(mockGoogleCredentials, fixedClock, accessToken);
// Verify expected credential value and that refresh was not called.
Credential credential = gcpRemoteAuthenticator.getCredentials();
Assert.assertEquals(accessTokenValue, credential.getValue());
verify(mockGoogleCredentials, times(0)).refreshAccessToken();
}
use of org.glassfish.jersey.client.oauth1.AccessToken in project terra-cli by DataBiosphere.
the class User method requiresReauthentication.
/**
* Return true if the user credentials are expired or do not exist on disk.
*/
public boolean requiresReauthentication() {
if (googleCredentials == null) {
return true;
}
// this method call will attempt to refresh the token if it's already expired
AccessToken accessToken = getUserAccessToken();
// check if the token is expired
logger.debug("Access token expiration date: {}", accessToken.getExpirationTime());
Date cutOffDate = new Date();
cutOffDate.setTime(cutOffDate.getTime() + CREDENTIAL_EXPIRATION_OFFSET_MS);
return accessToken.getExpirationTime().compareTo(cutOffDate) <= 0;
}
Aggregations