Exemplos de IAMCredentialsClient em Python

Exemplo n.º 1

    def test_generate_identity_binding_access_token(self):
        # Setup Expected Response
        access_token = "accessToken-1938933922"
        expected_response = {"access_token": access_token}
        expected_response = common_pb2.GenerateIdentityBindingAccessTokenResponse(
            **expected_response
        )

        # Mock the API response
        channel = ChannelStub(responses=[expected_response])
        patch = mock.patch("google.api_core.grpc_helpers.create_channel")
        with patch as create_channel:
            create_channel.return_value = channel
            client = iam_credentials_v1.IAMCredentialsClient()

        # Setup Request
        name = client.service_account_path("[PROJECT]", "[SERVICE_ACCOUNT]")
        scope = []
        jwt = "jwt105671"

        response = client.generate_identity_binding_access_token(name, scope, jwt)
        assert expected_response == response

        assert len(channel.requests) == 1
        expected_request = common_pb2.GenerateIdentityBindingAccessTokenRequest(
            name=name, scope=scope, jwt=jwt
        )
        actual_request = channel.requests[0][1]
        assert expected_request == actual_request

Exemplo n.º 2

    def test_sign_jwt(self):
        # Setup Expected Response
        key_id = "keyId-1134673157"
        signed_jwt = "signedJwt-979546844"
        expected_response = {"key_id": key_id, "signed_jwt": signed_jwt}
        expected_response = common_pb2.SignJwtResponse(**expected_response)

        # Mock the API response
        channel = ChannelStub(responses=[expected_response])
        patch = mock.patch("google.api_core.grpc_helpers.create_channel")
        with patch as create_channel:
            create_channel.return_value = channel
            client = iam_credentials_v1.IAMCredentialsClient()

        # Setup Request
        name = client.service_account_path("[PROJECT]", "[SERVICE_ACCOUNT]")
        payload = "-114"

        response = client.sign_jwt(name, payload)
        assert expected_response == response

        assert len(channel.requests) == 1
        expected_request = common_pb2.SignJwtRequest(name=name, payload=payload)
        actual_request = channel.requests[0][1]
        assert expected_request == actual_request

Exemplo n.º 3

    def test_generate_id_token(self):
        # Setup Expected Response
        token = "token110541305"
        expected_response = {"token": token}
        expected_response = common_pb2.GenerateIdTokenResponse(**expected_response)

        # Mock the API response
        channel = ChannelStub(responses=[expected_response])
        patch = mock.patch("google.api_core.grpc_helpers.create_channel")
        with patch as create_channel:
            create_channel.return_value = channel
            client = iam_credentials_v1.IAMCredentialsClient()

        # Setup Request
        name = client.service_account_path("[PROJECT]", "[SERVICE_ACCOUNT]")
        audience = "audience975628804"

        response = client.generate_id_token(name, audience)
        assert expected_response == response

        assert len(channel.requests) == 1
        expected_request = common_pb2.GenerateIdTokenRequest(
            name=name, audience=audience
        )
        actual_request = channel.requests[0][1]
        assert expected_request == actual_request

Exemplo n.º 4

def test_create_signed_read_url_v4_w_access_token(
    storage_client,
    signing_bucket,
    service_account,
):
    client = iam_credentials_v1.IAMCredentialsClient()
    service_account_email = service_account.service_account_email
    name = path_template.expand(
        "projects/{project}/serviceAccounts/{service_account}",
        project="-",
        service_account=service_account_email,
    )
    scope = [
        "https://www.googleapis.com/auth/devstorage.read_write",
        "https://www.googleapis.com/auth/iam",
    ]
    response = client.generate_access_token(name=name, scope=scope)

    _create_signed_read_url_helper(
        storage_client,
        signing_bucket,
        version="v4",
        service_account_email=service_account_email,
        access_token=response.access_token,
    )

Exemplo n.º 5

    def test_generate_access_token_exception(self):
        # Mock the API response
        channel = ChannelStub(responses=[CustomException()])
        patch = mock.patch("google.api_core.grpc_helpers.create_channel")
        with patch as create_channel:
            create_channel.return_value = channel
            client = iam_credentials_v1.IAMCredentialsClient()

        # Setup request
        name = client.service_account_path("[PROJECT]", "[SERVICE_ACCOUNT]")
        scope = []

        with pytest.raises(CustomException):
            client.generate_access_token(name, scope)

Exemplo n.º 6

from google.cloud import storage
from google.cloud._helpers import _NOW, _datetime_to_rfc3339
from google.oauth2.service_account import Credentials as ServiceAccountCredentials

from viur.core import db, errors, exposed, forcePost, forceSSL, internalExposed, securitykey, utils
from viur.core.bones import *
from viur.core.prototypes.tree import Tree, TreeSkel
from viur.core.skeleton import skeletonByKind
from viur.core.tasks import PeriodicTask, callDeferred
from viur.core.utils import projectID
from google.cloud import iam_credentials_v1

credentials, project = google.auth.default()
client = storage.Client(project, credentials)
bucket = client.lookup_bucket("%s.appspot.com" % projectID)
iamClient = iam_credentials_v1.IAMCredentialsClient()


def importBlobFromViur2(dlKey):
    if not conf.get("viur.viur2import.blobsource"):
        return False
    existingImport = db.Get(db.Key("viur-viur2-blobimport", dlKey))
    if existingImport:
        if existingImport["success"]:
            return existingImport["dlurl"]
        return False
    try:
        importDataReq = urlopen(
            conf["viur.viur2import.blobsource"]["infoURL"] + dlKey)
    except:
        marker = db.Entity(db.Key("viur-viur2-blobimport", dlKey))