Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: service account is able to use a private token endpoint #784

Merged
merged 13 commits into from Jul 14, 2021
Merged

feat: service account is able to use a private token endpoint #784

Changes from 11 commits
Commits
Show all changes
13 commits
Select commit Hold shift + click to select a range
30a57c5
Service account can use a private token endpoint in Private Service C…
liuchaoren Jun 25, 2021
6645b67
Fix format issue
liuchaoren Jun 25, 2021
596b248
Reformat to be style compliant
liuchaoren Jun 25, 2021
b76cb7b
Merge branch 'master' into master
liuchaoren Jun 28, 2021
d116008
Merge branch 'master' into master
liuchaoren Jul 2, 2021
e5217c1
Hardcode the aud to be https://oauth2.googleapis.com/token
liuchaoren Jul 2, 2021
7259644
Hardcode the aud to be https://oauth2.googleapis.com/token
liuchaoren Jul 2, 2021
0b6e18e
Merge branch 'master' of github.com:liuchaoren/google-auth-library-py…
liuchaoren Jul 2, 2021
aa4e804
Merge branch 'master' of github.com:liuchaoren/google-auth-library-py…
liuchaoren Jul 2, 2021
39cce4a
Merge branch 'master' of github.com:liuchaoren/google-auth-library-py…
liuchaoren Jul 2, 2021
5499faf
Revert the change in the test_service_account
liuchaoren Jul 2, 2021
1ef3974
Merge branch 'master' into master
busunkim96 Jul 13, 2021
4353bc6
Fix unit tests
liuchaoren Jul 14, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
5 changes: 3 additions & 2 deletions google/oauth2/service_account.py
View file
Open in desktop
Expand Up @@ -80,6 +80,7 @@
from google.oauth2 import _client

_DEFAULT_TOKEN_LIFETIME_SECS = 3600 # 1 hour in seconds
_GOOGLE_OAUTH2_TOKEN_ENDPOINT = "https://oauth2.googleapis.com/token"


class Credentials(
Expand Down Expand Up @@ -382,7 +383,7 @@ def _make_authorization_grant_assertion(self):
# The issuer must be the service account email.
"iss": self._service_account_email,
# The audience must be the auth token endpoint's URI
"aud": self._token_uri,
"aud": _GOOGLE_OAUTH2_TOKEN_ENDPOINT,
"scope": _helpers.scopes_to_string(self._scopes or ()),
}

Expand Down Expand Up @@ -643,7 +644,7 @@ def _make_authorization_grant_assertion(self):
# The issuer must be the service account email.
"iss": self.service_account_email,
# The audience must be the auth token endpoint's URI
"aud": self._token_uri,
"aud": _GOOGLE_OAUTH2_TOKEN_ENDPOINT,
# The target audience specifies which service the ID token is
# intended for.
"target_audience": self._target_audience,
Expand Down