Skip to content
This repository has been archived by the owner on Sep 5, 2023. It is now read-only.

Commit

Permalink
Browse files Browse the repository at this point in the history
fix: enable self signed jwt for grpc (#102)
PiperOrigin-RevId: 386504689

Source-Link: googleapis/googleapis@762094a

Source-Link: googleapis/googleapis-gen@6bfc480
  • Loading branch information
gcf-owl-bot[bot] committed Jul 24, 2021
1 parent eb25bdd commit a7a1fc2
Show file tree
Hide file tree
Showing 2 changed files with 22 additions and 13 deletions.
Expand Up @@ -365,6 +365,10 @@ def __init__(
client_cert_source_for_mtls=client_cert_source_func,
quota_project_id=client_options.quota_project_id,
client_info=client_info,
always_use_jwt_access=(
Transport == type(self).get_transport_class("grpc")
or Transport == type(self).get_transport_class("grpc_asyncio")
),
)

def list_approval_requests(
Expand Down
31 changes: 18 additions & 13 deletions tests/unit/gapic/accessapproval_v1/test_access_approval.py
Expand Up @@ -122,26 +122,14 @@ def test_access_approval_client_from_service_account_info(client_class):
assert client.transport._host == "accessapproval.googleapis.com:443"


@pytest.mark.parametrize(
"client_class", [AccessApprovalClient, AccessApprovalAsyncClient,]
)
def test_access_approval_client_service_account_always_use_jwt(client_class):
with mock.patch.object(
service_account.Credentials, "with_always_use_jwt_access", create=True
) as use_jwt:
creds = service_account.Credentials(None, None, None)
client = client_class(credentials=creds)
use_jwt.assert_not_called()


@pytest.mark.parametrize(
"transport_class,transport_name",
[
(transports.AccessApprovalGrpcTransport, "grpc"),
(transports.AccessApprovalGrpcAsyncIOTransport, "grpc_asyncio"),
],
)
def test_access_approval_client_service_account_always_use_jwt_true(
def test_access_approval_client_service_account_always_use_jwt(
transport_class, transport_name
):
with mock.patch.object(
Expand All @@ -151,6 +139,13 @@ def test_access_approval_client_service_account_always_use_jwt_true(
transport = transport_class(credentials=creds, always_use_jwt_access=True)
use_jwt.assert_called_once_with(True)

with mock.patch.object(
service_account.Credentials, "with_always_use_jwt_access", create=True
) as use_jwt:
creds = service_account.Credentials(None, None, None)
transport = transport_class(credentials=creds, always_use_jwt_access=False)
use_jwt.assert_not_called()


@pytest.mark.parametrize(
"client_class", [AccessApprovalClient, AccessApprovalAsyncClient,]
Expand Down Expand Up @@ -231,6 +226,7 @@ def test_access_approval_client_client_options(
client_cert_source_for_mtls=None,
quota_project_id=None,
client_info=transports.base.DEFAULT_CLIENT_INFO,
always_use_jwt_access=True,
)

# Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is
Expand All @@ -247,6 +243,7 @@ def test_access_approval_client_client_options(
client_cert_source_for_mtls=None,
quota_project_id=None,
client_info=transports.base.DEFAULT_CLIENT_INFO,
always_use_jwt_access=True,
)

# Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is
Expand All @@ -263,6 +260,7 @@ def test_access_approval_client_client_options(
client_cert_source_for_mtls=None,
quota_project_id=None,
client_info=transports.base.DEFAULT_CLIENT_INFO,
always_use_jwt_access=True,
)

# Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has
Expand Down Expand Up @@ -291,6 +289,7 @@ def test_access_approval_client_client_options(
client_cert_source_for_mtls=None,
quota_project_id="octopus",
client_info=transports.base.DEFAULT_CLIENT_INFO,
always_use_jwt_access=True,
)


Expand Down Expand Up @@ -357,6 +356,7 @@ def test_access_approval_client_mtls_env_auto(
client_cert_source_for_mtls=expected_client_cert_source,
quota_project_id=None,
client_info=transports.base.DEFAULT_CLIENT_INFO,
always_use_jwt_access=True,
)

# Check the case ADC client cert is provided. Whether client cert is used depends on
Expand Down Expand Up @@ -390,6 +390,7 @@ def test_access_approval_client_mtls_env_auto(
client_cert_source_for_mtls=expected_client_cert_source,
quota_project_id=None,
client_info=transports.base.DEFAULT_CLIENT_INFO,
always_use_jwt_access=True,
)

# Check the case client_cert_source and ADC client cert are not provided.
Expand All @@ -411,6 +412,7 @@ def test_access_approval_client_mtls_env_auto(
client_cert_source_for_mtls=None,
quota_project_id=None,
client_info=transports.base.DEFAULT_CLIENT_INFO,
always_use_jwt_access=True,
)


Expand Down Expand Up @@ -441,6 +443,7 @@ def test_access_approval_client_client_options_scopes(
client_cert_source_for_mtls=None,
quota_project_id=None,
client_info=transports.base.DEFAULT_CLIENT_INFO,
always_use_jwt_access=True,
)


Expand Down Expand Up @@ -471,6 +474,7 @@ def test_access_approval_client_client_options_credentials_file(
client_cert_source_for_mtls=None,
quota_project_id=None,
client_info=transports.base.DEFAULT_CLIENT_INFO,
always_use_jwt_access=True,
)


Expand All @@ -490,6 +494,7 @@ def test_access_approval_client_client_options_from_dict():
client_cert_source_for_mtls=None,
quota_project_id=None,
client_info=transports.base.DEFAULT_CLIENT_INFO,
always_use_jwt_access=True,
)


Expand Down

0 comments on commit a7a1fc2

Please sign in to comment.