def test_generate_identity_binding_access_token(self): # Setup Expected Response access_token = "accessToken-1938933922" expected_response = {"access_token": access_token} expected_response = common_pb2.GenerateIdentityBindingAccessTokenResponse( **expected_response ) # Mock the API response channel = ChannelStub(responses=[expected_response]) patch = mock.patch("google.api_core.grpc_helpers.create_channel") with patch as create_channel: create_channel.return_value = channel client = iam_credentials_v1.IAMCredentialsClient() # Setup Request name = client.service_account_path("[PROJECT]", "[SERVICE_ACCOUNT]") scope = [] jwt = "jwt105671" response = client.generate_identity_binding_access_token(name, scope, jwt) assert expected_response == response assert len(channel.requests) == 1 expected_request = common_pb2.GenerateIdentityBindingAccessTokenRequest( name=name, scope=scope, jwt=jwt ) actual_request = channel.requests[0][1] assert expected_request == actual_request
def test_sign_jwt(self): # Setup Expected Response key_id = "keyId-1134673157" signed_jwt = "signedJwt-979546844" expected_response = {"key_id": key_id, "signed_jwt": signed_jwt} expected_response = common_pb2.SignJwtResponse(**expected_response) # Mock the API response channel = ChannelStub(responses=[expected_response]) patch = mock.patch("google.api_core.grpc_helpers.create_channel") with patch as create_channel: create_channel.return_value = channel client = iam_credentials_v1.IAMCredentialsClient() # Setup Request name = client.service_account_path("[PROJECT]", "[SERVICE_ACCOUNT]") payload = "-114" response = client.sign_jwt(name, payload) assert expected_response == response assert len(channel.requests) == 1 expected_request = common_pb2.SignJwtRequest(name=name, payload=payload) actual_request = channel.requests[0][1] assert expected_request == actual_request
def test_generate_id_token(self): # Setup Expected Response token = "token110541305" expected_response = {"token": token} expected_response = common_pb2.GenerateIdTokenResponse(**expected_response) # Mock the API response channel = ChannelStub(responses=[expected_response]) patch = mock.patch("google.api_core.grpc_helpers.create_channel") with patch as create_channel: create_channel.return_value = channel client = iam_credentials_v1.IAMCredentialsClient() # Setup Request name = client.service_account_path("[PROJECT]", "[SERVICE_ACCOUNT]") audience = "audience975628804" response = client.generate_id_token(name, audience) assert expected_response == response assert len(channel.requests) == 1 expected_request = common_pb2.GenerateIdTokenRequest( name=name, audience=audience ) actual_request = channel.requests[0][1] assert expected_request == actual_request
def test_create_signed_read_url_v4_w_access_token( storage_client, signing_bucket, service_account, ): client = iam_credentials_v1.IAMCredentialsClient() service_account_email = service_account.service_account_email name = path_template.expand( "projects/{project}/serviceAccounts/{service_account}", project="-", service_account=service_account_email, ) scope = [ "https://www.googleapis.com/auth/devstorage.read_write", "https://www.googleapis.com/auth/iam", ] response = client.generate_access_token(name=name, scope=scope) _create_signed_read_url_helper( storage_client, signing_bucket, version="v4", service_account_email=service_account_email, access_token=response.access_token, )
def test_generate_access_token_exception(self): # Mock the API response channel = ChannelStub(responses=[CustomException()]) patch = mock.patch("google.api_core.grpc_helpers.create_channel") with patch as create_channel: create_channel.return_value = channel client = iam_credentials_v1.IAMCredentialsClient() # Setup request name = client.service_account_path("[PROJECT]", "[SERVICE_ACCOUNT]") scope = [] with pytest.raises(CustomException): client.generate_access_token(name, scope)
from google.cloud import storage from google.cloud._helpers import _NOW, _datetime_to_rfc3339 from google.oauth2.service_account import Credentials as ServiceAccountCredentials from viur.core import db, errors, exposed, forcePost, forceSSL, internalExposed, securitykey, utils from viur.core.bones import * from viur.core.prototypes.tree import Tree, TreeSkel from viur.core.skeleton import skeletonByKind from viur.core.tasks import PeriodicTask, callDeferred from viur.core.utils import projectID from google.cloud import iam_credentials_v1 credentials, project = google.auth.default() client = storage.Client(project, credentials) bucket = client.lookup_bucket("%s.appspot.com" % projectID) iamClient = iam_credentials_v1.IAMCredentialsClient() def importBlobFromViur2(dlKey): if not conf.get("viur.viur2import.blobsource"): return False existingImport = db.Get(db.Key("viur-viur2-blobimport", dlKey)) if existingImport: if existingImport["success"]: return existingImport["dlurl"] return False try: importDataReq = urlopen( conf["viur.viur2import.blobsource"]["infoURL"] + dlKey) except: marker = db.Entity(db.Key("viur-viur2-blobimport", dlKey))