def create_assertion_session_local(self, subject=None):
# conf = self.GSHEET_CREDS
with open('credentials.json') as cred:
conf = json.load(cred)
token_url = conf['token_uri']
issuer = conf['client_email']
key = conf['private_key']
key_id = conf.get('private_key_id')
header = {'alg': 'RS256'}
if key_id:
header['kid'] = key_id
# Google puts scope in payload
claims = {'scope': ' '.join(self.GSHEET_SCOPES)}
return AssertionSession(
grant_type=AssertionSession.JWT_BEARER_GRANT_TYPE,
token_url=token_url,
token_endpoint="https://oauth2.googleapis.com/token",
issuer=issuer,
audience=token_url,
claims=claims,
subject=subject,
key=key,
header=header,
)
def __create_assertion_session(conf_file, scopes, subject=None):
with open(conf_file, 'r') as f:
conf = json.load(f)
token_url = conf['token_uri']
issuer = conf['client_email']
key = conf['private_key']
key_id = conf.get('private_key_id')
header = {'alg': 'RS256'}
if key_id:
header['kid'] = key_id
# Google puts scope in payload
claims = {'scope': ' '.join(scopes)}
from authlib.integrations.requests_client import AssertionSession
return AssertionSession(
grant_type=AssertionSession.JWT_BEARER_GRANT_TYPE,
token_url=token_url,
issuer=issuer,
audience=token_url,
claims=claims,
subject=subject,
key=key,
header=header,
token_endpoint=True)
def test_without_alg(self):
sess = AssertionSession(
'https://i.b/token',
grant_type=AssertionSession.JWT_BEARER_GRANT_TYPE,
issuer='foo',
subject='foo',
audience='foo',
key='secret',
)
self.assertRaises(ValueError, sess.get, 'https://i.b')
def create_assertion_session(conf_file, scopes, subject=None):
with open(conf_file) as f:
conf = json.load(f)
token_url = conf['token_uri']
issuer = conf['client_email']
key = conf['private_key']
key_id = conf.get('private_key_id')
header = {'alg': 'RS256'}
if key_id:
header['kid'] = key_id
claims = {'scope': ' '.join(scopes)}
return AssertionSession(
grant_type=AssertionSession.JWT_BEARER_GRANT_TYPE,
token_endpoint=token_url,
issuer=issuer,
audience=token_url,
claims=claims,
subject=subject,
key=key,
header=header,
)
def create_assertion_session(conf_file, subject=None):
with open(conf_file, 'r') as f:
conf = json.load(f)
key_id = conf.get('private_key_id')
header = {'alg': 'RS256'}
if key_id:
header['kid'] = key_id
scopes = [
'https://spreadsheets.google.com/feeds',
'https://www.googleapis.com/auth/drive']
# Google puts scope in payload
claims = {'scope': ' '.join(scopes)}
return AssertionSession(
grant_type=AssertionSession.JWT_BEARER_GRANT_TYPE,
token_endpoint=conf['token_uri'],
issuer=conf['client_email'],
audience=conf['token_uri'],
claims=claims,
subject=subject,
key=conf['private_key'],
header=header,
)
def test_refresh_token(self):
def verifier(r, **kwargs):
resp = mock.MagicMock()
if r.url == 'https://i.b/token':
self.assertIn('assertion=', r.body)
resp.json = lambda: self.token
return resp
sess = AssertionSession(
'https://i.b/token',
grant_type=AssertionSession.JWT_BEARER_GRANT_TYPE,
issuer='foo',
subject='foo',
audience='foo',
alg='HS256',
key='secret',
)
sess.send = verifier
sess.get('https://i.b')
# trigger more case
now = int(time.time())
sess = AssertionSession('https://i.b/token',
issuer='foo',
subject=None,
audience='foo',
issued_at=now,
expires_at=now + 3600,
header={'alg': 'HS256'},
key='secret',
scope='email',
claims={'test_mode': 'true'})
sess.send = verifier
sess.get('https://i.b')
# trigger for branch test case
sess.get('https://i.b')
def create_assertion_session(conf_file, scopes=None, subject=None):
with open(conf_file, "r") as f:
return AssertionSession(**asdict(Creds(json.load(f), scopes, subject)))