Make _ServiceAccountCredentials public.

Also - changing the svc. acct. creds constructor to take a signer - adding two factory constructors to build from a JSON keyfile (either by filename or already parsed) - adding helpers to avoid re-loading file contents or re-parsing JSON when constructing svc. acct. creds from the main `client` module
author: Danny Hermes <daniel.j.hermes@gmail.com> 2016-02-04 18:45:20 -0800
committer: Danny Hermes <daniel.j.hermes@gmail.com> 2016-02-04 18:45:20 -0800
commit: 91b3c614509be22a3b5f2ab72ae99e5d890c13fe (patch)
tree: fc6be7c22c34c178a7c5f42ecee9d8400d7fec66 /tests/test_service_account.py
parent: 7c6938c0ac9391363e90b28f16f1e55418666bf4 (diff)
download: oauth2client-91b3c614509be22a3b5f2ab72ae99e5d890c13fe.tar.gz
1 files changed, 88 insertions, 32 deletions
diff --git a/tests/test_service_account.py b/tests/test_service_account.py
index df48f31..58c49a3 100644
--- a/tests/test_service_account.py
+++ b/tests/test_service_account.py
@@ -21,36 +21,41 @@ import datetime
 import json
 import os
 import rsa
-import unittest
+import tempfile
 
 import mock
+import unittest2
 
 from .http_mock import HttpMockSequence
-from oauth2client.service_account import _ServiceAccountCredentials
+from oauth2client import crypt
+from oauth2client.service_account import ServiceAccountCredentials
+from oauth2client.service_account import SERVICE_ACCOUNT
+
+
+def data_filename(filename):
+    return os.path.join(os.path.dirname(__file__), 'data', filename)
 
 
 def datafile(filename):
-    # TODO(orestica): Refactor this using pkgutil.get_data
-    f = open(os.path.join(os.path.dirname(__file__), 'data', filename), 'rb')
-    data = f.read()
-    f.close()
-    return data
+    with open(data_filename(filename), 'rb') as file_obj:
+        return file_obj.read()
 
 
-class ServiceAccountCredentialsTests(unittest.TestCase):
+class ServiceAccountCredentialsTests(unittest2.TestCase):
 
     def setUp(self):
-        self.service_account_id = '123'
+        self.client_id = '123'
         self.service_account_email = 'dummy@google.com'
         self.private_key_id = 'ABCDEF'
         self.private_key = datafile('pem_from_pkcs12.pem')
         self.scopes = ['dummy_scope']
-        self.credentials = _ServiceAccountCredentials(
-            self.service_account_id,
+        self.signer = crypt.Signer.from_string(self.private_key)
+        self.credentials = ServiceAccountCredentials(
             self.service_account_email,
-            self.private_key_id,
-            self.private_key,
-            [])
+            self.signer,
+            private_key_id=self.private_key_id,
+            client_id=self.client_id,
+        )
 
     def test_sign_blob(self):
         private_key_id, signature = self.credentials.sign_blob('Google')
@@ -71,23 +76,78 @@ class ServiceAccountCredentialsTests(unittest.TestCase):
         self.assertEqual(self.service_account_email,
                          self.credentials.service_account_email)
 
+    @staticmethod
+    def _from_json_keyfile_name_helper(payload, scopes=None):
+        filehandle, filename = tempfile.mkstemp()
+        os.close(filehandle)
+        try:
+            with open(filename, 'w') as file_obj:
+                json.dump(payload, file_obj)
+            return ServiceAccountCredentials.from_json_keyfile_name(
+                filename, scopes=scopes)
+        finally:
+            os.remove(filename)
+
+    @mock.patch('oauth2client.crypt.Signer.from_string',
+                return_value=object())
+    def test_from_json_keyfile_name_factory(self, signer_factory):
+        client_id = 'id123'
+        client_email= 'foo@bar.com'
+        private_key_id = 'pkid456'
+        private_key = 's3kr3tz'
+        payload = {
+            'type': SERVICE_ACCOUNT,
+            'client_id': client_id,
+            'client_email': client_email,
+            'private_key_id': private_key_id,
+            'private_key': private_key,
+        }
+        scopes = ['foo', 'bar']
+        creds = self._from_json_keyfile_name_helper(payload, scopes=scopes)
+        self.assertIsInstance(creds, ServiceAccountCredentials)
+        self.assertEqual(creds.client_id, client_id)
+        self.assertEqual(creds._service_account_email, client_email)
+        self.assertEqual(creds._private_key_id, private_key_id)
+        self.assertEqual(creds._private_key_pkcs8_pem, private_key)
+        self.assertEqual(creds._scopes, ' '.join(scopes))
+        # Check stub.
+        self.assertEqual(creds._signer, signer_factory.return_value)
+        signer_factory.assert_called_once_with(private_key)
+
+    def test_from_json_keyfile_name_factory_bad_type(self):
+        type_ = 'bad-type'
+        self.assertNotEqual(type_, SERVICE_ACCOUNT)
+        payload = {'type': type_}
+        with self.assertRaises(ValueError):
+            self._from_json_keyfile_name_helper(payload)
+
+    def test_from_json_keyfile_name_factory_missing_field(self):
+        payload = {
+            'type': SERVICE_ACCOUNT,
+            'client_id': 'my-client',
+        }
+        with self.assertRaises(KeyError):
+            self._from_json_keyfile_name_helper(payload)
+
     def test_create_scoped_required_without_scopes(self):
         self.assertTrue(self.credentials.create_scoped_required())
 
     def test_create_scoped_required_with_scopes(self):
-        self.credentials = _ServiceAccountCredentials(
-            self.service_account_id,
+        signer = object()
+        self.credentials = ServiceAccountCredentials(
             self.service_account_email,
-            self.private_key_id,
-            self.private_key,
-            self.scopes)
+            signer,
+            scopes=self.scopes,
+            private_key_id=self.private_key_id,
+            client_id=self.client_id,
+        )
         self.assertFalse(self.credentials.create_scoped_required())
 
     def test_create_scoped(self):
         new_credentials = self.credentials.create_scoped(self.scopes)
         self.assertNotEqual(self.credentials, new_credentials)
-        self.assertTrue(isinstance(new_credentials,
-                                   _ServiceAccountCredentials))
+        self.assertIsInstance(new_credentials,
+                              ServiceAccountCredentials)
         self.assertEqual('dummy_scope', new_credentials._scopes)
 
     @mock.patch('oauth2client.client._UTCNOW')
@@ -102,16 +162,12 @@ class ServiceAccountCredentialsTests(unittest.TestCase):
         signed_value = b'signed-content'
         signer.sign = mock.MagicMock(name='sign',
                                      return_value=signed_value)
-        signer_patch = mock.patch('oauth2client.crypt.Signer.from_string',
-                                  return_value=signer)
-        with signer_patch as signer_factory:
-            credentials = _ServiceAccountCredentials(
-                self.service_account_id,
-                self.service_account_email,
-                self.private_key_id,
-                self.private_key,
-                '',
-            )
+        credentials = ServiceAccountCredentials(
+            self.service_account_email,
+            signer,
+            private_key_id=self.private_key_id,
+            client_id=self.client_id,
+        )
 
         # Begin testing.
         lifetime = 2  # number of seconds in which the token expires
@@ -196,4 +252,4 @@ class ServiceAccountCredentialsTests(unittest.TestCase):
 
 
 if __name__ == '__main__':  # pragma: NO COVER
-    unittest.main()
+    unittest2.main()
author	Danny Hermes <daniel.j.hermes@gmail.com>	2016-02-04 18:45:20 -0800
committer	Danny Hermes <daniel.j.hermes@gmail.com>	2016-02-04 18:45:20 -0800
commit	91b3c614509be22a3b5f2ab72ae99e5d890c13fe (patch)
tree	fc6be7c22c34c178a7c5f42ecee9d8400d7fec66 /tests/test_service_account.py
parent	7c6938c0ac9391363e90b28f16f1e55418666bf4 (diff)
download	oauth2client-91b3c614509be22a3b5f2ab72ae99e5d890c13fe.tar.gz