diff options
author | Danny Hermes <daniel.j.hermes@gmail.com> | 2016-02-04 18:45:20 -0800 |
---|---|---|
committer | Danny Hermes <daniel.j.hermes@gmail.com> | 2016-02-04 18:45:20 -0800 |
commit | 91b3c614509be22a3b5f2ab72ae99e5d890c13fe (patch) | |
tree | fc6be7c22c34c178a7c5f42ecee9d8400d7fec66 /tests/test_service_account.py | |
parent | 7c6938c0ac9391363e90b28f16f1e55418666bf4 (diff) | |
download | oauth2client-91b3c614509be22a3b5f2ab72ae99e5d890c13fe.tar.gz |
Make _ServiceAccountCredentials public.
Also
- changing the svc. acct. creds constructor to take a signer
- adding two factory constructors to build from a JSON keyfile
(either by filename or already parsed)
- adding helpers to avoid re-loading file contents or re-parsing
JSON when constructing svc. acct. creds from the main
`client` module
Diffstat (limited to 'tests/test_service_account.py')
-rw-r--r-- | tests/test_service_account.py | 120 |
1 files changed, 88 insertions, 32 deletions
diff --git a/tests/test_service_account.py b/tests/test_service_account.py index df48f31..58c49a3 100644 --- a/tests/test_service_account.py +++ b/tests/test_service_account.py @@ -21,36 +21,41 @@ import datetime import json import os import rsa -import unittest +import tempfile import mock +import unittest2 from .http_mock import HttpMockSequence -from oauth2client.service_account import _ServiceAccountCredentials +from oauth2client import crypt +from oauth2client.service_account import ServiceAccountCredentials +from oauth2client.service_account import SERVICE_ACCOUNT + + +def data_filename(filename): + return os.path.join(os.path.dirname(__file__), 'data', filename) def datafile(filename): - # TODO(orestica): Refactor this using pkgutil.get_data - f = open(os.path.join(os.path.dirname(__file__), 'data', filename), 'rb') - data = f.read() - f.close() - return data + with open(data_filename(filename), 'rb') as file_obj: + return file_obj.read() -class ServiceAccountCredentialsTests(unittest.TestCase): +class ServiceAccountCredentialsTests(unittest2.TestCase): def setUp(self): - self.service_account_id = '123' + self.client_id = '123' self.service_account_email = 'dummy@google.com' self.private_key_id = 'ABCDEF' self.private_key = datafile('pem_from_pkcs12.pem') self.scopes = ['dummy_scope'] - self.credentials = _ServiceAccountCredentials( - self.service_account_id, + self.signer = crypt.Signer.from_string(self.private_key) + self.credentials = ServiceAccountCredentials( self.service_account_email, - self.private_key_id, - self.private_key, - []) + self.signer, + private_key_id=self.private_key_id, + client_id=self.client_id, + ) def test_sign_blob(self): private_key_id, signature = self.credentials.sign_blob('Google') @@ -71,23 +76,78 @@ class ServiceAccountCredentialsTests(unittest.TestCase): self.assertEqual(self.service_account_email, self.credentials.service_account_email) + @staticmethod + def _from_json_keyfile_name_helper(payload, scopes=None): + filehandle, filename = tempfile.mkstemp() + os.close(filehandle) + try: + with open(filename, 'w') as file_obj: + json.dump(payload, file_obj) + return ServiceAccountCredentials.from_json_keyfile_name( + filename, scopes=scopes) + finally: + os.remove(filename) + + @mock.patch('oauth2client.crypt.Signer.from_string', + return_value=object()) + def test_from_json_keyfile_name_factory(self, signer_factory): + client_id = 'id123' + client_email= 'foo@bar.com' + private_key_id = 'pkid456' + private_key = 's3kr3tz' + payload = { + 'type': SERVICE_ACCOUNT, + 'client_id': client_id, + 'client_email': client_email, + 'private_key_id': private_key_id, + 'private_key': private_key, + } + scopes = ['foo', 'bar'] + creds = self._from_json_keyfile_name_helper(payload, scopes=scopes) + self.assertIsInstance(creds, ServiceAccountCredentials) + self.assertEqual(creds.client_id, client_id) + self.assertEqual(creds._service_account_email, client_email) + self.assertEqual(creds._private_key_id, private_key_id) + self.assertEqual(creds._private_key_pkcs8_pem, private_key) + self.assertEqual(creds._scopes, ' '.join(scopes)) + # Check stub. + self.assertEqual(creds._signer, signer_factory.return_value) + signer_factory.assert_called_once_with(private_key) + + def test_from_json_keyfile_name_factory_bad_type(self): + type_ = 'bad-type' + self.assertNotEqual(type_, SERVICE_ACCOUNT) + payload = {'type': type_} + with self.assertRaises(ValueError): + self._from_json_keyfile_name_helper(payload) + + def test_from_json_keyfile_name_factory_missing_field(self): + payload = { + 'type': SERVICE_ACCOUNT, + 'client_id': 'my-client', + } + with self.assertRaises(KeyError): + self._from_json_keyfile_name_helper(payload) + def test_create_scoped_required_without_scopes(self): self.assertTrue(self.credentials.create_scoped_required()) def test_create_scoped_required_with_scopes(self): - self.credentials = _ServiceAccountCredentials( - self.service_account_id, + signer = object() + self.credentials = ServiceAccountCredentials( self.service_account_email, - self.private_key_id, - self.private_key, - self.scopes) + signer, + scopes=self.scopes, + private_key_id=self.private_key_id, + client_id=self.client_id, + ) self.assertFalse(self.credentials.create_scoped_required()) def test_create_scoped(self): new_credentials = self.credentials.create_scoped(self.scopes) self.assertNotEqual(self.credentials, new_credentials) - self.assertTrue(isinstance(new_credentials, - _ServiceAccountCredentials)) + self.assertIsInstance(new_credentials, + ServiceAccountCredentials) self.assertEqual('dummy_scope', new_credentials._scopes) @mock.patch('oauth2client.client._UTCNOW') @@ -102,16 +162,12 @@ class ServiceAccountCredentialsTests(unittest.TestCase): signed_value = b'signed-content' signer.sign = mock.MagicMock(name='sign', return_value=signed_value) - signer_patch = mock.patch('oauth2client.crypt.Signer.from_string', - return_value=signer) - with signer_patch as signer_factory: - credentials = _ServiceAccountCredentials( - self.service_account_id, - self.service_account_email, - self.private_key_id, - self.private_key, - '', - ) + credentials = ServiceAccountCredentials( + self.service_account_email, + signer, + private_key_id=self.private_key_id, + client_id=self.client_id, + ) # Begin testing. lifetime = 2 # number of seconds in which the token expires @@ -196,4 +252,4 @@ class ServiceAccountCredentialsTests(unittest.TestCase): if __name__ == '__main__': # pragma: NO COVER - unittest.main() + unittest2.main() |