Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add self signed jwt support #572

Merged
merged 14 commits into from Mar 16, 2021
Merged

feat: add self signed jwt support #572

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
14 commits
Select commit Hold shift + click to select a range
4d8eca8
feat: add self signed jwt support
arithmetic1728 Feb 14, 2021
efa550d
Merge branch 'master' into self_signed_jwt
arithmetic1728 Feb 16, 2021
dbe00a1
update
arithmetic1728 Feb 18, 2021
c235ed9
chore: add more tests
arithmetic1728 Feb 18, 2021
160472a
Merge branch 'master' into self_signed_jwt
arithmetic1728 Feb 25, 2021
558a352
Merge branch 'master' into self_signed_jwt
bshaffer Mar 9, 2021
bafc374
update
arithmetic1728 Mar 9, 2021
f17ce66
update defaultscopes
arithmetic1728 Mar 10, 2021
4754e78
update default scopes
arithmetic1728 Mar 11, 2021
6c6cff0
Merge branch 'master' into self_signed_jwt
arithmetic1728 Mar 11, 2021
4409507
update
arithmetic1728 Mar 15, 2021
e6b6000
update ComputeEngineCredentials
arithmetic1728 Mar 15, 2021
4952a70
improve test coverage
arithmetic1728 Mar 15, 2021
8af2eaa
update
arithmetic1728 Mar 16, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
30 changes: 25 additions & 5 deletions oauth2_http/java/com/google/auth/oauth2/AppEngineCredentials.java
View file
Open in desktop
Expand Up @@ -79,18 +79,32 @@ class AppEngineCredentials extends GoogleCredentials implements ServiceAccountSi
private transient Method getSignature;
private transient String account;

AppEngineCredentials(Collection<String> scopes) throws IOException {
this.scopes = scopes == null ? ImmutableSet.<String>of() : ImmutableList.copyOf(scopes);
AppEngineCredentials(Collection<String> scopes, Collection<String> defaultScopes)
throws IOException {
// Use defaultScopes only when scopes don't exist.
if (scopes == null || scopes.isEmpty()) {
this.scopes =
defaultScopes == null ? ImmutableList.<String>of() : ImmutableList.copyOf(defaultScopes);
} else {
this.scopes = ImmutableList.copyOf(scopes);
}
this.scopesRequired = this.scopes.isEmpty();
init();
}

AppEngineCredentials(Collection<String> scopes, AppEngineCredentials unscoped) {
AppEngineCredentials(
Collection<String> scopes, Collection<String> defaultScopes, AppEngineCredentials unscoped) {
bshaffer marked this conversation as resolved.
Show resolved Hide resolved
this.appIdentityService = unscoped.appIdentityService;
this.getAccessToken = unscoped.getAccessToken;
this.getAccessTokenResult = unscoped.getAccessTokenResult;
this.getExpirationTime = unscoped.getExpirationTime;
this.scopes = scopes == null ? ImmutableSet.<String>of() : ImmutableList.copyOf(scopes);
// Use defaultScopes only when scopes don't exist.
if (scopes == null || scopes.isEmpty()) {
this.scopes =
defaultScopes == null ? ImmutableSet.<String>of() : ImmutableList.copyOf(defaultScopes);
} else {
this.scopes = ImmutableList.copyOf(scopes);
}
this.scopesRequired = this.scopes.isEmpty();
}

Expand Down Expand Up @@ -145,7 +159,13 @@ public boolean createScopedRequired() {

@Override
public GoogleCredentials createScoped(Collection<String> scopes) {
return new AppEngineCredentials(scopes, this);
return new AppEngineCredentials(scopes, null, this);
}

@Override
public GoogleCredentials createScoped(
Collection<String> scopes, Collection<String> defaultScopes) {
return new AppEngineCredentials(scopes, defaultScopes, this);
}

@Override
Expand Down
23 changes: 19 additions & 4 deletions oauth2_http/java/com/google/auth/oauth2/ComputeEngineCredentials.java
View file
Open in desktop
Expand Up @@ -109,14 +109,22 @@ public class ComputeEngineCredentials extends GoogleCredentials
* @param transportFactory HTTP transport factory, creates the transport used to get access
* tokens.
* @param scopes scope strings for the APIs to be called. May be null or an empty collection.
* @param defaultScopes default scope strings for the APIs to be called. May be null or an empty
* collection. Default scopes are ignored if scopes are provided.
*/
private ComputeEngineCredentials(
HttpTransportFactory transportFactory, Collection<String> scopes) {
HttpTransportFactory transportFactory,
Collection<String> scopes,
Collection<String> defaultScopes) {
arithmetic1728 marked this conversation as resolved.
Show resolved Hide resolved
this.transportFactory =
firstNonNull(
transportFactory,
getFromServiceLoader(HttpTransportFactory.class, OAuth2Utils.HTTP_TRANSPORT_FACTORY));
this.transportFactoryClassName = this.transportFactory.getClass().getName();
// Use defaultScopes only when scopes don't exist.
if (scopes == null || scopes.isEmpty()) {
scopes = defaultScopes;
}
if (scopes == null) {
this.scopes = ImmutableSet.<String>of();
} else {
Expand All @@ -129,7 +137,14 @@ private ComputeEngineCredentials(
/** Clones the compute engine account with the specified scopes. */
@Override
public GoogleCredentials createScoped(Collection<String> newScopes) {
return new ComputeEngineCredentials(this.transportFactory, newScopes);
return new ComputeEngineCredentials(this.transportFactory, newScopes, null);
}

/** Clones the compute engine account with the specified scopes. */
@Override
public GoogleCredentials createScoped(
Collection<String> newScopes, Collection<String> newDefaultScopes) {
return new ComputeEngineCredentials(this.transportFactory, newScopes, newDefaultScopes);
}

/**
Expand All @@ -138,7 +153,7 @@ public GoogleCredentials createScoped(Collection<String> newScopes) {
* @return new ComputeEngineCredentials
*/
public static ComputeEngineCredentials create() {
return new ComputeEngineCredentials(null, null);
return new ComputeEngineCredentials(null, null, null);
}

public final Collection<String> getScopes() {
Expand Down Expand Up @@ -465,7 +480,7 @@ public Collection<String> getScopes() {
}

public ComputeEngineCredentials build() {
return new ComputeEngineCredentials(transportFactory, scopes);
return new ComputeEngineCredentials(transportFactory, scopes, null);
}
}
}
3 changes: 2 additions & 1 deletion oauth2_http/java/com/google/auth/oauth2/DefaultCredentialsProvider.java
View file
Open in desktop
Expand Up @@ -301,7 +301,8 @@ private GoogleCredentials tryGetAppEngineCredential() throws IOException {
if (!onAppEngine) {
return null;
}
return new AppEngineCredentials(Collections.<String>emptyList());
return new AppEngineCredentials(
Collections.<String>emptyList(), Collections.<String>emptyList());
}

private final GoogleCredentials tryGetComputeCredentials(HttpTransportFactory transportFactory) {
Expand Down
14 changes: 14 additions & 0 deletions oauth2_http/java/com/google/auth/oauth2/GoogleCredentials.java
View file
Open in desktop
Expand Up @@ -235,6 +235,20 @@ public GoogleCredentials createScoped(Collection<String> scopes) {
return this;
}

/**
* If the credentials support scopes, creates a copy of the the identity with the specified scopes
* and default scopes; otherwise, returns the same instance. This is mainly used by client
* libraries.
*
* @param scopes Collection of scopes to request.
* @param defaultScopes Collection of default scopes to request.
* @return GoogleCredentials with requested scopes.
*/
public GoogleCredentials createScoped(
Collection<String> scopes, Collection<String> defaultScopes) {
return this;
}

/**
* If the credentials support scopes, creates a copy of the the identity with the specified
* scopes; otherwise, returns the same instance.
Expand Down