def test_auth_client_raises_not_found(tmpdir, caplog):
"""Client initialization raises when keyfile not found."""
tmp_keydir = tmpdir.mkdir('keys')
no_keyfile = os.path.join(tmp_keydir, 'not-existent.json')
with pytest.raises(exceptions.GCPGordonError) as e:
auth.GAuthClient(keyfile=no_keyfile)
e.match(f'Keyfile {no_keyfile} was not found.')
assert 1 == len(caplog.records)
def test_auth_client_raises_json(tmpdir, caplog):
"""Client initialization raises when keyfile not valid json."""
tmp_keyfile = tmpdir.mkdir('keys').join('broken_keyfile.json')
tmp_keyfile.write('broken json')
with pytest.raises(exceptions.GCPGordonError) as e:
auth.GAuthClient(keyfile=tmp_keyfile)
e.match(f'Keyfile {tmp_keyfile} is not valid JSON.')
assert 1 == len(caplog.records)
def _get_gce_client(self, keyfile_path, scopes):
tag_blacklist = self.config.get('tag_blacklist', [])
_metadata_blacklist = self.config.get('metadata_blacklist', [])
metadata_blacklist = [dict([pair]) for pair in _metadata_blacklist]
gce_auth = auth.GAuthClient(keyfile_path, scopes=scopes,
session=self.session)
return gce.GCEClient(gce_auth, self.session,
blacklisted_tags=tag_blacklist,
blacklisted_metadata=metadata_blacklist)
def test_auth_client_initialize_app_default_cred(monkeypatch,
app_default_cred_file_content,
tmpdir,
mock_oauth2_credentials):
"""Test credentials is initialize
using application default credentials"""
p = tmpdir.mkdir("adc").join("adc.json")
p.write(app_default_cred_file_content)
monkeypatch.setenv("GOOGLE_APPLICATION_CREDENTIALS",
p.dirpath() + "/adc.json")
client = auth.GAuthClient()
assert isinstance(client.creds, credentials.Credentials)
assert not isinstance(client.creds, service_account.Credentials)
def _init_auth(self):
# a publisher client can't be made with credentials if a channel is
# already made/provided, which is what happens when the emulator is
# running ಠ_ಠ
# See (https://github.com/GoogleCloudPlatform/
# google-cloud-python/pull/4839)
auth_client = None
if not os.environ.get('PUBSUB_EMULATOR_HOST'):
scopes = self.config.get('scopes')
# creating a dummy `session` as the pubsub.PublisherClient never
# uses it but without it aiohttp will complain about an unclosed
# client session that would otherwise be made by default
auth_client = auth.GAuthClient(keyfile=self.config['keyfile'],
scopes=scopes,
session='noop')
return auth_client
async def test_auth_client_default(scopes, provide_session, provide_loop,
event_loop, fake_keyfile, fake_keyfile_data,
mock_service_acct, custom_event_loop,
session):
"""GAuthClient is created with expected attributes."""
kwargs = {
'keyfile': fake_keyfile,
'scopes': scopes,
}
if provide_session:
kwargs['session'] = session
if provide_loop:
kwargs['loop'] = custom_event_loop
client = auth.GAuthClient(**kwargs)
assert fake_keyfile_data == client._keydata
if not scopes:
scopes = ['cloud-platform']
exp_scopes = [f'https://www.googleapis.com/auth/{s}' for s in scopes]
assert exp_scopes == client.scopes
assert isinstance(client._session, aiohttp.client.ClientSession)
if provide_session:
assert session is client._session
else:
assert session is not client._session
# the session fixture cleans up the session, but when we don't
# provide the session, it gets created for us, so we have to
# clean up ourselves
await client._session.close()
if provide_loop and not provide_session:
assert custom_event_loop is client._session.loop
else:
assert custom_event_loop is not client._session.loop
assert not client.token
assert not client.expiry
def _get_crm_client(self, keyfile_path, scopes):
crm_auth = auth.GAuthClient(keyfile_path,
scopes=scopes,
session=self.session)
return gcrm.GCRMClient(crm_auth, self.session)
def _init_auth(self):
return auth.GAuthClient(keyfile=self.config.get('keyfile'),
scopes=self.config.get('scopes'))
def _init_auth(self):
scopes = self.config.get('scopes')
return auth.GAuthClient(keyfile=self.config['keyfile'], scopes=scopes)
async def client_with_app_default_cred(session, mock_oauth2_credentials):
yield auth.GAuthClient(session=session)
await session.close()
async def client(fake_keyfile, mock_service_acct, session, event_loop):
yield auth.GAuthClient(keyfile=fake_keyfile, session=session)
await session.close()
async def client_with_compute_engine_cred(session,
mock_compute_engine_credentials):
yield auth.GAuthClient(session=session)
await session.close()
