def test_get_service_account_token_with_scopes(utcnow):
ttl = 500
request = make_request(
json.dumps({"access_token": "token", "expires_in": ttl}),
headers={"content-type": "application/json"},
)
token, expiry = _metadata.get_service_account_token(request, scopes=("one", "two"))
request.assert_called_once_with(
method="GET",
url=_metadata._METADATA_ROOT + PATH + "/token?scopes=one%2Ctwo",
headers=_metadata._METADATA_HEADERS,
)
assert token == "token"
assert expiry == utcnow() + datetime.timedelta(seconds=ttl)
def test_get_service_account_token(utcnow):
ttl = 500
request = make_request(json.dumps({
'access_token': 'token',
'expires_in': ttl
}),
headers={'content-type': 'application/json'})
token, expiry = _metadata.get_service_account_token(request)
request.assert_called_once_with(method='GET',
url=_metadata._METADATA_ROOT + PATH +
'/token',
headers=_metadata._METADATA_HEADERS)
assert token == 'token'
assert expiry == utcnow() + datetime.timedelta(seconds=ttl)
def refresh(self, request):
"""Refresh the access token and scopes.
Args:
request (google.auth.transport.Request): The object used to make
HTTP requests.
Raises:
google.auth.exceptions.RefreshError: If the Compute Engine metadata
service can't be reached if if the instance has not
credentials.
"""
try:
self._retrieve_info(request)
self.token, self.expiry = _metadata.get_service_account_token(
request, service_account=self._service_account_email)
except exceptions.TransportError as exc:
raise exceptions.RefreshError(exc)
def refresh(self, request):
"""Refresh the access token and scopes.
Args:
request (google.auth.transport.Request): The object used to make
HTTP requests.
Raises:
google.auth.exceptions.RefreshError: If the Compute Engine metadata
service can't be reached if if the instance has not
credentials.
"""
try:
self._retrieve_info(request)
self.token, self.expiry = _metadata.get_service_account_token(
request,
service_account=self._service_account_email)
except exceptions.TransportError as exc:
raise exceptions.RefreshError(exc)
def refresh(self, request):
"""Refresh the access token and scopes.
Args:
request (google.auth.transport.Request): The object used to make
HTTP requests.
Raises:
google.auth.exceptions.RefreshError: If the Compute Engine metadata
service can't be reached if if the instance has not
credentials.
"""
scopes = self._scopes if self._scopes is not None else self._default_scopes
try:
self._retrieve_info(request)
self.token, self.expiry = _metadata.get_service_account_token(
request,
service_account=self._service_account_email,
scopes=scopes)
except exceptions.TransportError as caught_exc:
new_exc = exceptions.RefreshError(caught_exc)
six.raise_from(new_exc, caught_exc)
