Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

feat: service account is able to use a private token endpoint #784

Merged
merged 13 commits into from
Jul 14, 2021
Merged
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Fix unit tests
  • Loading branch information
liuchaoren committed Jul 14, 2021
commit 4353bc654b2c8d1b5025f61c1975407ebcee16c3
4 changes: 2 additions & 2 deletions tests/oauth2/test_service_account.py
Original file line number Diff line number Diff line change
@@ -167,7 +167,7 @@ def test__make_authorization_grant_assertion(self):
token = credentials._make_authorization_grant_assertion()
payload = jwt.decode(token, PUBLIC_CERT_BYTES)
assert payload["iss"] == self.SERVICE_ACCOUNT_EMAIL
assert payload["aud"] == self.TOKEN_URI
assert payload["aud"] == service_account._GOOGLE_OAUTH2_TOKEN_ENDPOINT

def test__make_authorization_grant_assertion_scoped(self):
credentials = self.make_credentials()
@@ -440,7 +440,7 @@ def test__make_authorization_grant_assertion(self):
token = credentials._make_authorization_grant_assertion()
payload = jwt.decode(token, PUBLIC_CERT_BYTES)
assert payload["iss"] == self.SERVICE_ACCOUNT_EMAIL
assert payload["aud"] == self.TOKEN_URI
assert payload["aud"] == service_account._GOOGLE_OAUTH2_TOKEN_ENDPOINT
assert payload["target_audience"] == self.TARGET_AUDIENCE

@mock.patch("google.oauth2._client.id_token_jwt_grant", autospec=True)
10 changes: 8 additions & 2 deletions tests_async/oauth2/test_service_account_async.py
Original file line number Diff line number Diff line change
@@ -152,7 +152,10 @@ def test__make_authorization_grant_assertion(self):
token = credentials._make_authorization_grant_assertion()
payload = jwt.decode(token, test_service_account.PUBLIC_CERT_BYTES)
assert payload["iss"] == self.SERVICE_ACCOUNT_EMAIL
assert payload["aud"] == self.TOKEN_URI
assert (
payload["aud"]
== service_account.service_account._GOOGLE_OAUTH2_TOKEN_ENDPOINT
)

def test__make_authorization_grant_assertion_scoped(self):
credentials = self.make_credentials()
@@ -311,7 +314,10 @@ def test__make_authorization_grant_assertion(self):
token = credentials._make_authorization_grant_assertion()
payload = jwt.decode(token, test_service_account.PUBLIC_CERT_BYTES)
assert payload["iss"] == self.SERVICE_ACCOUNT_EMAIL
assert payload["aud"] == self.TOKEN_URI
assert (
payload["aud"]
== service_account.service_account._GOOGLE_OAUTH2_TOKEN_ENDPOINT
)
assert payload["target_audience"] == self.TARGET_AUDIENCE

@mock.patch("google.oauth2._client_async.id_token_jwt_grant", autospec=True)