Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

throw SigningException as documented #316

Merged
merged 7 commits into from Jul 31, 2019
Merged

throw SigningException as documented #316

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
fb80d0c
throw SigningException as promised
elharo Jul 31, 2019
d3d424a
fix up inner class
elharo Jul 31, 2019
23c82eb
format
elharo Jul 31, 2019
0c743f1
add todo comment
elharo Jul 31, 2019
9120a2c
Merge branch 'master' into ex
elharo Jul 31, 2019
3ee1cdb
spot the diff
elharo Jul 31, 2019
9760822
restore test
elharo Jul 31, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
21 changes: 15 additions & 6 deletions oauth2_http/java/com/google/auth/oauth2/ComputeEngineCredentials.java
View file
Open in desktop
Expand Up @@ -277,7 +277,13 @@ public static Builder newBuilder() {
return new Builder();
}

/**
* Returns the email address associated with the GCE default service account.
*
* @throws RuntimeException if the default service account cannot be read
*/
@Override
// todo(#314) getAccount should not throw a RuntimeException
public String getAccount() {
if (serviceAccountEmail == null) {
try {
Expand All @@ -304,12 +310,15 @@ public String getAccount() {
*/
@Override
public byte[] sign(byte[] toSign) {
return IamUtils.sign(
getAccount(),
this,
transportFactory.create(),
toSign,
Collections.<String, Object>emptyMap());
try {
String account = getAccount();
return IamUtils.sign(
account, this, transportFactory.create(), toSign, Collections.<String, Object>emptyMap());
} catch (SigningException ex) {
throw ex;
} catch (RuntimeException ex) {
chingor13 marked this conversation as resolved.
Show resolved Hide resolved
throw new SigningException("Signing failed", ex);
}
}

private String getDefaultServiceAccount() throws IOException {
Expand Down
1 change: 1 addition & 0 deletions oauth2_http/java/com/google/auth/oauth2/IamUtils.java
View file
Open in desktop
Expand Up @@ -66,6 +66,7 @@ class IamUtils {
* @param toSign bytes to sign
* @param additionalFields additional fields to send in the IAM call
* @return signed bytes
* @throws ServiceAccountSigner.SigningException if signing fails
*/
static byte[] sign(
String serviceAccountEmail,
Expand Down
20 changes: 20 additions & 0 deletions oauth2_http/javatests/com/google/auth/oauth2/ComputeEngineCredentialsTest.java
View file
Open in desktop
Expand Up @@ -299,6 +299,26 @@ public void sign_sameAs() throws IOException {
assertArrayEquals(expectedSignature, credentials.sign(expectedSignature));
}

@Test
public void sign_getAccountFails() throws IOException {
MockMetadataServerTransportFactory transportFactory = new MockMetadataServerTransportFactory();
final String accessToken = "1/MkSJoj1xsli0AccessToken_NKPY2";
byte[] expectedSignature = {0xD, 0xE, 0xA, 0xD};

transportFactory.transport.setAccessToken(accessToken);
transportFactory.transport.setSignature(expectedSignature);
ComputeEngineCredentials credentials =
ComputeEngineCredentials.newBuilder().setHttpTransportFactory(transportFactory).build();

try {
credentials.sign(expectedSignature);
fail();
} catch (SigningException ex) {
assertNotNull(ex.getMessage());
assertNotNull(ex.getCause());
}
}

@Test
public void sign_accessDenied_throws() {
MockMetadataServerTransportFactory transportFactory = new MockMetadataServerTransportFactory();
Expand Down