diff --git a/oauth2_http/java/com/google/auth/oauth2/ComputeEngineCredentials.java b/oauth2_http/java/com/google/auth/oauth2/ComputeEngineCredentials.java index 536ef87aa..f9406a99f 100644 --- a/oauth2_http/java/com/google/auth/oauth2/ComputeEngineCredentials.java +++ b/oauth2_http/java/com/google/auth/oauth2/ComputeEngineCredentials.java @@ -73,7 +73,7 @@ public class ComputeEngineCredentials extends GoogleCredentials implements Servi // Note: the explicit IP address is used to avoid name server resolution issues. static final String DEFAULT_METADATA_SERVER_URL = "http://169.254.169.254"; - static final String SIGN_BLOB_URL_FORMAT = "https://iam.googleapis.com/v1/projects/-/serviceAccounts/%s:signBlob?alt=json"; + static final String SIGN_BLOB_URL_FORMAT = "https://iamcredentials.googleapis.com/v1/projects/-/serviceAccounts/%s:signBlob"; // Note: the explicit `timeout` and `tries` below is a workaround. The underlying // issue is that resolving an unknown host on some networks will take @@ -283,7 +283,7 @@ public String getAccount() { * @param toSign bytes to sign * @return signed bytes * @throws SigningException if the attempt to sign the provided bytes failed - * @see Blob Signing + * @see Blob Signing */ @Override public byte[] sign(byte[] toSign) { @@ -302,7 +302,7 @@ private String getSignature(String bytes) throws IOException { GenericUrl genericUrl = new GenericUrl(signBlobUrl); GenericData signRequest = new GenericData(); - signRequest.set("bytesToSign", bytes); + signRequest.set("payload", bytes); JsonHttpContent signContent = new JsonHttpContent(OAuth2Utils.JSON_FACTORY, signRequest); HttpRequest request = transportFactory.create().createRequestFactory().buildPostRequest(genericUrl, signContent); Map> headers = getRequestMetadata(); @@ -335,7 +335,7 @@ private String getSignature(String bytes) throws IOException { } GenericData responseData = response.parseAs(GenericData.class); - return OAuth2Utils.validateString(responseData, "signature", PARSE_ERROR_SIGNATURE); + return OAuth2Utils.validateString(responseData, "signedBlob", PARSE_ERROR_SIGNATURE); } private String getDefaultServiceAccount() throws IOException { diff --git a/oauth2_http/javatests/com/google/auth/oauth2/MockMetadataServerTransport.java b/oauth2_http/javatests/com/google/auth/oauth2/MockMetadataServerTransport.java index 95e032b04..522eecd9a 100644 --- a/oauth2_http/javatests/com/google/auth/oauth2/MockMetadataServerTransport.java +++ b/oauth2_http/javatests/com/google/auth/oauth2/MockMetadataServerTransport.java @@ -140,7 +140,7 @@ public LowLevelHttpResponse execute() throws IOException { // Create the JSON response GenericJson signContents = new GenericJson(); signContents.setFactory(OAuth2Utils.JSON_FACTORY); - signContents.put("signature", BaseEncoding.base64().encode(signature)); + signContents.put("signedBlob", BaseEncoding.base64().encode(signature)); String signature = signContents.toPrettyString();