def test_auth_connection(self):
# Test a bogus auth type
self.assertRaises(GoogleAuthError, GoogleOAuth2Credential, *GCE_PARAMS,
**{'auth_type': 'XX'})
# Try to create an OAuth2 credential when dealing with a GCS S3
# interoperability auth type.
self.assertRaises(GoogleAuthError, GoogleOAuth2Credential, *GCE_PARAMS,
**{'auth_type': GoogleAuthType.GCS_S3})
kwargs = {}
if SHA256:
kwargs['auth_type'] = GoogleAuthType.SA
cred1 = GoogleOAuth2Credential(*GCE_PARAMS_PEM_KEY, **kwargs)
self.assertTrue(isinstance(cred1.oauth2_conn,
GoogleServiceAcctAuthConnection))
cred1 = GoogleOAuth2Credential(*GCE_PARAMS_JSON_KEY, **kwargs)
self.assertTrue(isinstance(cred1.oauth2_conn,
GoogleServiceAcctAuthConnection))
cred1 = GoogleOAuth2Credential(*GCE_PARAMS_KEY, **kwargs)
self.assertTrue(isinstance(cred1.oauth2_conn,
GoogleServiceAcctAuthConnection))
kwargs['auth_type'] = GoogleAuthType.IA
cred2 = GoogleOAuth2Credential(*GCE_PARAMS_IA, **kwargs)
self.assertTrue(isinstance(cred2.oauth2_conn,
GoogleInstalledAppAuthConnection))
kwargs['auth_type'] = GoogleAuthType.GCE
cred3 = GoogleOAuth2Credential(*GCE_PARAMS_GCE, **kwargs)
self.assertTrue(isinstance(cred3.oauth2_conn,
GoogleGCEServiceAcctAuthConnection))
def test_init_oauth2(self):
kwargs = {'auth_type': GoogleAuthType.IA}
cred = GoogleOAuth2Credential(*GCE_PARAMS, **kwargs)
# If there is a viable token file, this gets used first
self.assertEqual(cred.token, STUB_TOKEN_FROM_FILE)
# No token file, get a new token. Check that it gets written to file.
with mock.patch.object(GoogleOAuth2Credential, '_get_token_from_file',
return_value=None):
cred = GoogleOAuth2Credential(*GCE_PARAMS, **kwargs)
expected = STUB_IA_TOKEN
expected['expire_time'] = cred.token['expire_time']
self.assertEqual(cred.token, expected)
cred._write_token_to_file.assert_called_once_with()
def __init__(self, user_id, key, secure=True, auth_type=None,
credential_file=None, **kwargs):
self.auth_type = auth_type or GoogleAuthType.guess_type(user_id)
if GoogleAuthType.is_oauth2(self.auth_type):
self.oauth2_credential = GoogleOAuth2Credential(
user_id, key, self.auth_type, credential_file, **kwargs)
else:
self.oauth2_credential = None
super(GoogleStorageConnection, self).__init__(user_id, key, secure,
**kwargs)
def test_refresh(self):
args = list(GCE_PARAMS) + [GoogleAuthType.GCE]
cred = GoogleOAuth2Credential(*args)
cred._refresh_token = mock.Mock()
# Test getting an unexpired access token.
tomorrow = datetime.datetime.now() + datetime.timedelta(days=1)
cred.token = {'access_token': 'Access Token!',
'expire_time': _utc_timestamp(tomorrow)}
cred.access_token
self.assertFalse(cred._refresh_token.called)
# Test getting an expired access token.
yesterday = datetime.datetime.now() - datetime.timedelta(days=1)
cred.token = {'access_token': 'Access Token!',
'expire_time': _utc_timestamp(yesterday)}
cred.access_token
self.assertTrue(cred._refresh_token.called)
def test_auth_connection(self):
# Test a bogus auth type
self.assertRaises(GoogleAuthError, GoogleOAuth2Credential, *GCE_PARAMS,
**{"auth_type": "XX"})
# Try to create an OAuth2 credential when dealing with a GCS S3
# interoperability auth type.
self.assertRaises(
GoogleAuthError,
GoogleOAuth2Credential,
*GCE_PARAMS,
**{"auth_type": GoogleAuthType.GCS_S3},
)
kwargs = {}
if SHA256:
kwargs["auth_type"] = GoogleAuthType.SA
cred1 = GoogleOAuth2Credential(*GCE_PARAMS_PEM_KEY_FILE, **kwargs)
self.assertTrue(
isinstance(cred1.oauth2_conn, GoogleServiceAcctAuthConnection))
cred1 = GoogleOAuth2Credential(*GCE_PARAMS_JSON_KEY_FILE, **kwargs)
self.assertTrue(
isinstance(cred1.oauth2_conn, GoogleServiceAcctAuthConnection))
cred1 = GoogleOAuth2Credential(*GCE_PARAMS_PEM_KEY, **kwargs)
self.assertTrue(
isinstance(cred1.oauth2_conn, GoogleServiceAcctAuthConnection))
cred1 = GoogleOAuth2Credential(*GCE_PARAMS_JSON_KEY, **kwargs)
self.assertTrue(
isinstance(cred1.oauth2_conn, GoogleServiceAcctAuthConnection))
cred1 = GoogleOAuth2Credential(*GCE_PARAMS_KEY, **kwargs)
self.assertTrue(
isinstance(cred1.oauth2_conn, GoogleServiceAcctAuthConnection))
kwargs["auth_type"] = GoogleAuthType.SA
cred1 = GoogleOAuth2Credential(*GCE_PARAMS_JSON_KEY_STR, **kwargs)
self.assertTrue(
isinstance(cred1.oauth2_conn, GoogleServiceAcctAuthConnection))
self.assertRaises(GoogleAuthError, GoogleOAuth2Credential,
*GCE_PARAMS, **kwargs)
# Invalid pem key
kwargs["auth_type"] = GoogleAuthType.SA
expected_msg = "Unable to decode provided PEM key:"
self.assertRaisesRegex(
GoogleAuthError,
expected_msg,
GoogleOAuth2Credential,
*GCE_PARAMS_PEM_KEY_FILE_INVALID,
**kwargs,
)
kwargs["auth_type"] = GoogleAuthType.SA
expected_msg = "Unable to decode provided PEM key:"
self.assertRaisesRegex(
GoogleAuthError,
expected_msg,
GoogleOAuth2Credential,
*GCE_PARAMS_JSON_KEY_INVALID,
**kwargs,
)
kwargs["auth_type"] = GoogleAuthType.IA
cred2 = GoogleOAuth2Credential(*GCE_PARAMS_IA, **kwargs)
self.assertTrue(
isinstance(cred2.oauth2_conn, GoogleInstalledAppAuthConnection))
kwargs["auth_type"] = GoogleAuthType.GCE
cred3 = GoogleOAuth2Credential(*GCE_PARAMS_GCE, **kwargs)
self.assertTrue(
isinstance(cred3.oauth2_conn, GoogleGCEServiceAcctAuthConnection))
