Search in sources :

Example 21 with AccessToken

use of org.glassfish.jersey.client.oauth1.AccessToken in project docker-client by spotify.

the class ContainerRegistryAuthSupplierTest method testAuthForSwarm_TokenWithoutExpirationDoesNotCauseRefresh.

@Test
public void testAuthForSwarm_TokenWithoutExpirationDoesNotCauseRefresh() throws Exception {
    final AccessToken accessToken = new AccessToken(tokenValue, null);
    final GoogleCredentials credentials = new GoogleCredentials(accessToken);
    final ContainerRegistryAuthSupplier supplier = new ContainerRegistryAuthSupplier(credentials, clock, TimeUnit.SECONDS.toMillis(minimumExpirationSecs), refresher);
    assertThat(supplier.authForSwarm(), matchesAccessToken(accessToken));
    verify(refresher, never()).refresh(credentials);
}
Also used : AccessToken(com.google.auth.oauth2.AccessToken) GoogleCredentials(com.google.auth.oauth2.GoogleCredentials) Test(org.junit.Test)

Example 22 with AccessToken

use of org.glassfish.jersey.client.oauth1.AccessToken in project docker-client by spotify.

the class ContainerRegistryAuthSupplierTest method testAuthForBuild_TokenWithoutExpirationDoesNotCauseRefresh.

@Test
public void testAuthForBuild_TokenWithoutExpirationDoesNotCauseRefresh() throws Exception {
    final AccessToken accessToken = new AccessToken(tokenValue, null);
    final GoogleCredentials credentials = new GoogleCredentials(accessToken);
    final ContainerRegistryAuthSupplier supplier = new ContainerRegistryAuthSupplier(credentials, clock, TimeUnit.SECONDS.toMillis(minimumExpirationSecs), refresher);
    final RegistryConfigs configs = supplier.authForBuild();
    assertThat(configs.configs().values(), is(not(empty())));
    assertThat(configs.configs().values(), everyItem(matchesAccessToken(accessToken)));
    verify(refresher, never()).refresh(credentials);
}
Also used : RegistryConfigs(com.spotify.docker.client.messages.RegistryConfigs) AccessToken(com.google.auth.oauth2.AccessToken) GoogleCredentials(com.google.auth.oauth2.GoogleCredentials) Test(org.junit.Test)

Example 23 with AccessToken

use of org.glassfish.jersey.client.oauth1.AccessToken in project docker-client by spotify.

the class ContainerRegistryAuthSupplier method authForBuild.

@Override
public RegistryConfigs authForBuild() throws DockerException {
    final AccessToken accessToken;
    try {
        accessToken = getAccessToken();
    } catch (IOException e) {
        // do not fail as the GCR access token may not be necessary for building the image currently
        // being built
        log.warn("unable to get access token for Google Container Registry, " + "configuration for building image will not contain RegistryAuth for GCR", e);
        return RegistryConfigs.empty();
    }
    final Map<String, RegistryAuth> configs = new HashMap<>(GCR_REGISTRIES.size());
    for (String serverName : GCR_REGISTRIES) {
        configs.put(serverName, authForAccessToken(accessToken));
    }
    return RegistryConfigs.create(configs);
}
Also used : HashMap(java.util.HashMap) AccessToken(com.google.auth.oauth2.AccessToken) IOException(java.io.IOException) RegistryAuth(com.spotify.docker.client.messages.RegistryAuth)

Example 24 with AccessToken

use of org.glassfish.jersey.client.oauth1.AccessToken in project cdap by caskdata.

the class ComputeEngineCredentials method getAccessTokenRemotely.

private AccessToken getAccessTokenRemotely(String endPoint) throws IOException {
    URL url = new URL(endPoint);
    HttpURLConnection connection = (HttpURLConnection) url.openConnection();
    if (connection instanceof HttpsURLConnection) {
        // TODO (CDAP-18047) enable ssl verification
        disableVerifySSL(((HttpsURLConnection) connection));
    }
    connection.connect();
    try (Reader reader = new InputStreamReader(connection.getInputStream(), StandardCharsets.UTF_8)) {
        if (connection.getResponseCode() != HttpResponseStatus.OK.code()) {
            throw new IOException(CharStreams.toString(reader));
        }
        GenericData token = GSON.fromJson(reader, GenericData.class);
        if (!token.containsKey(ACCESS_TOKEN_KEY) || !token.containsKey(EXPIRES_IN_KEY)) {
            throw new IOException("Received invalid token");
        }
        String key = token.get(ACCESS_TOKEN_KEY).toString();
        Double expiration = Double.parseDouble(token.get(EXPIRES_IN_KEY).toString());
        long expiresAtMilliseconds = System.currentTimeMillis() + expiration.longValue() * 1000;
        return new AccessToken(key, new Date(expiresAtMilliseconds));
    } finally {
        connection.disconnect();
    }
}
Also used : HttpURLConnection(java.net.HttpURLConnection) InputStreamReader(java.io.InputStreamReader) AccessToken(com.google.auth.oauth2.AccessToken) Reader(java.io.Reader) InputStreamReader(java.io.InputStreamReader) IOException(java.io.IOException) GenericData(com.google.api.client.util.GenericData) URL(java.net.URL) HttpsURLConnection(javax.net.ssl.HttpsURLConnection) Date(java.util.Date)

Example 25 with AccessToken

use of org.glassfish.jersey.client.oauth1.AccessToken in project artifact-registry-maven-tools by GoogleCloudPlatform.

the class GcloudCredentials method getGcloudAccessToken.

private static AccessToken getGcloudAccessToken() throws IOException {
    ProcessBuilder processBuilder = new ProcessBuilder();
    String gcloud = gCloudCommand();
    processBuilder.command(gcloud, "config", "config-helper", "--format=json(credential)");
    Process process = processBuilder.start();
    try {
        int exitCode = process.waitFor();
        String stdOut = readStreamToString(process.getInputStream());
        if (exitCode != 0) {
            String stdErr = readStreamToString(process.getErrorStream());
            throw new IOException(String.format("gcloud exited with status: %d\nOutput:\n%s\nError Output:\n%s\n", exitCode, stdOut, stdErr));
        }
        GenericData result = JSON_FACTORY.fromString(stdOut, GenericData.class);
        Map credential = (Map) result.get("credential");
        if (credential == null) {
            throw new IOException("No credential returned from gcloud");
        }
        if (!credential.containsKey(KEY_ACCESS_TOKEN) || !credential.containsKey(KEY_TOKEN_EXPIRY)) {
            throw new IOException("Malformed response from gcloud");
        }
        DateFormat df = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'");
        df.setTimeZone(TimeZone.getTimeZone("UTC"));
        Date expiry = df.parse((String) credential.get(KEY_TOKEN_EXPIRY));
        return new AccessToken((String) credential.get(KEY_ACCESS_TOKEN), expiry);
    } catch (InterruptedException e) {
        Thread.currentThread().interrupt();
        throw new IOException(e);
    } catch (ParseException e) {
        throw new IOException("Failed to parse timestamp from gcloud output", e);
    }
}
Also used : IOException(java.io.IOException) GenericData(com.google.api.client.util.GenericData) Date(java.util.Date) AccessToken(com.google.auth.oauth2.AccessToken) SimpleDateFormat(java.text.SimpleDateFormat) DateFormat(java.text.DateFormat) ParseException(java.text.ParseException) Map(java.util.Map) SimpleDateFormat(java.text.SimpleDateFormat)

Aggregations

AccessToken (com.google.auth.oauth2.AccessToken)71 Test (org.junit.Test)41 GoogleCredentials (com.google.auth.oauth2.GoogleCredentials)29 Date (java.util.Date)22 IOException (java.io.IOException)19 AccessToken (io.vertx.ext.auth.oauth2.AccessToken)16 Client (javax.ws.rs.client.Client)10 AccessToken (org.glassfish.jersey.client.oauth1.AccessToken)10 ConsumerCredentials (org.glassfish.jersey.client.oauth1.ConsumerCredentials)10 JsonObject (io.vertx.core.json.JsonObject)9 URI (java.net.URI)9 Feature (javax.ws.rs.core.Feature)8 JerseyTest (org.glassfish.jersey.test.JerseyTest)8 MockHttpTransport (com.google.api.client.testing.http.MockHttpTransport)6 InputStreamReader (java.io.InputStreamReader)6 Instant (java.time.Instant)6 WebTarget (javax.ws.rs.client.WebTarget)6 LoggingFeature (org.glassfish.jersey.logging.LoggingFeature)6 OAuth2Credentials (com.google.auth.oauth2.OAuth2Credentials)5 OAuth2TokenImpl (io.vertx.ext.auth.oauth2.impl.OAuth2TokenImpl)5