From 20f82e22b7e8c6c7fdd29e08eaf7b4cf2abdcf37 Mon Sep 17 00:00:00 2001 From: Kenji Imamula Date: Fri, 31 Jul 2020 05:40:02 +0900 Subject: [PATCH] fix: set Content-Type header in the request to signBlob API to avoid Invalid JSON payload error (#439) `auth.create_custom_token()` results in an error: ``` Failed to sign custom token. Error calling the IAM signBytes API:{ (...) "error": { "code": 400, "message": "Invalid JSON payload received. Unknown name \"{\"bytesToSign\": \"...\"}\": Cannot bind query parameter. Field '{\"bytesToSign\": \"...\"}' could not be found in request message.", "status": "INVALID_ARGUMENT", "details": [ { "@type": "type.googleapis.com/google.rpc.BadRequest", "fieldViolations": [ { "description": "Invalid JSON payload received. Unknown name \"{\"bytesToSign\": \"...\"}\": Cannot bind query parameter. Field '{\"bytesToSign\": \"...\"}' could not be found in request message." } ] } ] } } ``` I have confirmed setting `'Content-Type': 'application/json'` header resolves the problem. --- google/auth/iam.py | 2 +- tests/test_iam.py | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/google/auth/iam.py b/google/auth/iam.py index bd0500457..d83b25180 100644 --- a/google/auth/iam.py +++ b/google/auth/iam.py @@ -69,7 +69,7 @@ def _make_signing_request(self, message): method = "POST" url = _SIGN_BLOB_URI.format(self._service_account_email) - headers = {} + headers = {"Content-Type": "application/json"} body = json.dumps( {"bytesToSign": base64.b64encode(message).decode("utf-8")} ).encode("utf-8") diff --git a/tests/test_iam.py b/tests/test_iam.py index 4367fe7a8..cb2c26f73 100644 --- a/tests/test_iam.py +++ b/tests/test_iam.py @@ -89,6 +89,8 @@ def test_sign_bytes(self): returned_signature = signer.sign("123") assert returned_signature == signature + kwargs = request.call_args.kwargs + assert kwargs["headers"]["Content-Type"] == "application/json" def test_sign_bytes_failure(self): request = make_request(http_client.UNAUTHORIZED)