Age | Commit message (Collapse) | Author |
|
Replacing now() with utcnow() in device info code.
|
|
Newer Google APIs can accept JWTs signed using ServiceAccountCredentials
for authentication. (See https://jwt.io/). The new behavior for
GoogleCredentials.get_application_default() will attempt to use a signed JWT
if ServiceAccountCredentials are available and no scope is specified.
Upon specifying a scope, OAuth2 authentication will be used.
|
|
|
|
|
|
|
|
|
|
Getting client.py to 100% coverage.
|
|
Move platform-specific openers to their own modules.
|
|
In particular:
- `step1_get_device_and_user_codes`
- `step2_exchange` with device info
- Making explicit the `code=` argument in calls to
`step2_exchange` in tests
- `flow_from_clientsecrets` branches with revoke and
device URI optional args
|
|
- `DeviceFlowInfo` (and using datetime now patch).
- Corner cases for `step1_get_authorize_url` and
`step2_exchange`
- Failure cases for `flow_from_clientsecrets`
- `verify_id_token` when the cached HTTP is used (i.e.
the default argument)
|
|
|
|
- Rename `_RequireCryptoOrDie()` to `_require_crypto_or_die()`
- Testing un-traversed GAE and GCE branches in
`GoogleCredentials.get_application_default()`
- Missing env. var. branch in `_get_environment_variable_file`
- Missing APPDATA branch (on Windows) for `_get_well_known_file`
- Renaming some of the long ADC test names
- Adding test for `GoogleCredentials.get_application_default()`
that actually uses the well-known file
- Branch in `GoogleCredentials.from_stream()` when filename is
False-y
- Testing `_get_application_default_credential_GAE` and
`_get_application_default_credential_GCE` (these just wrap
circular imports at run time)
- Testing `_require_crypto_or_die`
|
|
Also updating the `_do_refresh_request tests` to check
the content sent.
|
|
Testing un-traversed branches in
- `OAuth2Credentials._expires_in()`
- `OAuth2Credentials.get_access_token()`
- `OAuth2Credentials._do_refresh_request()`
|
|
|
|
- Replacing `_abstract()` with directly raising `NotImplementedError`
- Testing all abstract code paths
- Adding no-cover for a failed import
- Completely testing the base `Credentials` class
|
|
Added tests for contrib.locked_file.
|
|
|
|
100% coverage for contrib.appengine
|
|
|
|
|
|
|
|
|
|
In python 3, the code received from the browser will be binary instead of a string. Expand the API for oauth_flow.step2_exchange(code) to allow this value to be passed as is rather than decoding.
for example:
credentials = self.flow.step2_exchange(b'some random code')
test:
tox -e py34 -- tests.test_client:OAuth2WebServerFlowTest.test_exchange_success_binary_code
resolves: #443, #446
|
|
Towards #433.
|
|
Moving util.dict_to_tuple_key() into only module that uses it.
|
|
Adding common sign_blob() service account types.
|
|
|
|
Also adding service_account_email() property.
|
|
|
|
Replacing instead with assertRaises statements.
|
|
Stop sending scopes in token requests on GCE
|
|
Also check to warn a user when a scope is passed (since scopes
have no effect for GCE service accounts).
|
|
Fixes #417.
|
|
Fixing broken token acquire endpoint on GCE.
|
|
Fixes #418.
|
|
|
|
Fixes #412.
|
|
Use symbolic constant rather than literal value.
|
|
|
|
Unnecessary (and embarrassingly out-of-date) shebang lines are dropped.
License headers are trimmed to not have single-octothorpe lines above
or below. The xsrfutil_test module doc string is trimmed of repeated
information and placed properly after a blank line following the
license header.
|
|
Look at the v1 endpoint for the GCE metadata server.
|
|
We are updating all uses of the legacy GCE metadata server endpoints
(0.1 and v1beta) to use the current endpoint.
|
|
nathanielmanistaatgoogle/http-code-symbolic-constants
Use symbolic constants rather than literal integer values for HTTP codes.
|
|
Updated Google URIs.
|
|
GOOGLE_AUTH_URI update as documented at:
https://developers.google.com/identity/protocols/OAuth2UserAgent#formingtheurl
GOOGLE_TOKEN_URI update as documented at:
https://developers.google.com/identity/protocols/OAuth2InstalledApp#handlingtheresponse
GOOGLE_TOKEN_INFO_URI update as documented at:
https://developers.google.com/identity/protocols/OAuth2UserAgent#tokeninfo-validation
-update client_secrets.json with new URIs
-update unfilled_client_secrets.json with new URIs
|
|
This completes the consolidation of the two service
account credentials implementations.
In the process, also adding test coverage for some untested
code paths within the crypto helpers.
|
|
|
|
Also
- changing the svc. acct. creds constructor to take a signer
- adding two factory constructors to build from a JSON keyfile
(either by filename or already parsed)
- adding helpers to avoid re-loading file contents or re-parsing
JSON when constructing svc. acct. creds from the main
`client` module
|
|
|