Skip to content

Commit

Permalink
Add serialization tests for subclasses of ExternalAccountCredentials
Browse files Browse the repository at this point in the history
Note that PluggableAuthCredentials uses a non-serializable ExecutableHandler.
It's not clear that this can/should be a serializable credential source.
  • Loading branch information
jmahonin committed Feb 16, 2023
1 parent e029280 commit bc2d63b
Show file tree
Hide file tree
Showing 4 changed files with 83 additions and 17 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,7 @@
import com.google.api.client.json.GenericJson;
import com.google.api.client.json.JsonParser;
import com.google.api.client.testing.http.MockLowLevelHttpRequest;
import com.google.api.client.util.Clock;
import com.google.auth.TestUtils;
import com.google.auth.oauth2.AwsCredentials.AwsCredentialSource;
import com.google.auth.oauth2.ExternalAccountCredentialsTest.MockExternalAccountCredentialsTransportFactory;
Expand All @@ -62,7 +63,7 @@

/** Tests for {@link AwsCredentials}. */
@RunWith(JUnit4.class)
public class AwsCredentialsTest {
public class AwsCredentialsTest extends BaseSerializationTest {

private static final String STS_URL = "https://sts.googleapis.com";
private static final String AWS_CREDENTIALS_URL = "https://169.254.169.254";
Expand Down Expand Up @@ -1025,6 +1026,34 @@ public void builder() {
assertEquals(credentials.getEnvironmentProvider(), SystemEnvironmentProvider.getInstance());
}

@Test
public void serialize() throws IOException, ClassNotFoundException {
List<String> scopes = Arrays.asList("scope1", "scope2");

AwsCredentials testCredentials =
(AwsCredentials)
AwsCredentials.newBuilder()
.setHttpTransportFactory(OAuth2Utils.HTTP_TRANSPORT_FACTORY)
.setAudience("audience")
.setSubjectTokenType("subjectTokenType")
.setTokenUrl(STS_URL)
.setTokenInfoUrl("tokenInfoUrl")
.setCredentialSource(AWS_CREDENTIAL_SOURCE)
.setTokenInfoUrl("tokenInfoUrl")
.setServiceAccountImpersonationUrl(SERVICE_ACCOUNT_IMPERSONATION_URL)
.setQuotaProjectId("quotaProjectId")
.setClientId("clientId")
.setClientSecret("clientSecret")
.setScopes(scopes)
.build();

AwsCredentials deserializedCredentials = serializeAndDeserialize(testCredentials);
assertEquals(testCredentials, deserializedCredentials);
assertEquals(testCredentials.hashCode(), deserializedCredentials.hashCode());
assertEquals(testCredentials.toString(), deserializedCredentials.toString());
assertSame(deserializedCredentials.clock, Clock.SYSTEM);
}

private static void ValidateRequest(
MockLowLevelHttpRequest request, String expectedUrl, Map<String, String> expectedHeaders) {
assertEquals(expectedUrl, request.getUrl());
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -31,15 +31,11 @@

package com.google.auth.oauth2;

import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertNull;
import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail;
import static org.junit.Assert.*;

import com.google.api.client.http.HttpTransport;
import com.google.api.client.testing.http.MockHttpTransport;
import com.google.api.client.util.Clock;
import com.google.auth.TestUtils;
import com.google.auth.http.HttpTransportFactory;
import com.google.auth.oauth2.ExternalAccountAuthorizedUserCredentialsTest.MockExternalAccountAuthorizedUserCredentialsTransportFactory;
Expand All @@ -62,7 +58,7 @@

/** Test case for {@link GoogleCredentials}. */
@RunWith(JUnit4.class)
public class GoogleCredentialsTest {
public class GoogleCredentialsTest extends BaseSerializationTest {

private static final String SA_CLIENT_EMAIL =
"36680232662-vrd7ji19qe3nelgchd0ah2csanun6bnr@developer.gserviceaccount.com";
Expand Down Expand Up @@ -589,6 +585,16 @@ public void createWithQuotaProject() {
assertEquals(null, sameCredentials.getQuotaProjectId());
}

@Test
public void serialize() throws IOException, ClassNotFoundException {
final GoogleCredentials testCredentials = new GoogleCredentials.Builder().build();
GoogleCredentials deserializedCredentials = serializeAndDeserialize(testCredentials);
assertEquals(testCredentials, deserializedCredentials);
assertEquals(testCredentials.hashCode(), deserializedCredentials.hashCode());
assertEquals(testCredentials.toString(), deserializedCredentials.toString());
assertSame(deserializedCredentials.clock, Clock.SYSTEM);
}

private static void testFromStreamException(InputStream stream, String expectedMessageContent) {
try {
GoogleCredentials.fromStream(stream, DUMMY_TRANSPORT_FACTORY);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -33,13 +33,11 @@

import static com.google.auth.oauth2.MockExternalAccountCredentialsTransport.SERVICE_ACCOUNT_IMPERSONATION_URL;
import static com.google.auth.oauth2.OAuth2Utils.JSON_FACTORY;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail;
import static org.junit.Assert.*;

import com.google.api.client.http.HttpTransport;
import com.google.api.client.json.GenericJson;
import com.google.api.client.util.Clock;
import com.google.auth.TestUtils;
import com.google.auth.http.HttpTransportFactory;
import com.google.auth.oauth2.IdentityPoolCredentials.IdentityPoolCredentialSource;
Expand All @@ -59,7 +57,7 @@

/** Tests for {@link IdentityPoolCredentials}. */
@RunWith(JUnit4.class)
public class IdentityPoolCredentialsTest {
public class IdentityPoolCredentialsTest extends BaseSerializationTest {

private static final String STS_URL = "https://sts.googleapis.com";

Expand Down Expand Up @@ -732,6 +730,24 @@ public void builder_emptyWorkforceUserProjectWithWorkforceAudience() {
assertTrue(credentials.isWorkforcePoolConfiguration());
}

@Test
public void serialize() throws IOException, ClassNotFoundException {
IdentityPoolCredentials testCredentials =
(IdentityPoolCredentials)
IdentityPoolCredentials.newBuilder(FILE_SOURCED_CREDENTIAL)
.setServiceAccountImpersonationUrl(SERVICE_ACCOUNT_IMPERSONATION_URL)
.setQuotaProjectId("quotaProjectId")
.setClientId("clientId")
.setClientSecret("clientSecret")
.build();

IdentityPoolCredentials deserializedCredentials = serializeAndDeserialize(testCredentials);
assertEquals(testCredentials, deserializedCredentials);
assertEquals(testCredentials.hashCode(), deserializedCredentials.hashCode());
assertEquals(testCredentials.toString(), deserializedCredentials.toString());
assertSame(deserializedCredentials.clock, Clock.SYSTEM);
}

static InputStream writeIdentityPoolCredentialsStream(
String tokenUrl,
String url,
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -32,9 +32,7 @@
package com.google.auth.oauth2;

import static com.google.auth.oauth2.MockExternalAccountCredentialsTransport.SERVICE_ACCOUNT_IMPERSONATION_URL;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNull;
import static org.junit.Assert.fail;
import static org.junit.Assert.*;

import com.google.api.client.http.HttpTransport;
import com.google.api.client.json.GenericJson;
Expand All @@ -45,6 +43,7 @@
import com.google.auth.oauth2.PluggableAuthCredentials.PluggableAuthCredentialSource;
import java.io.IOException;
import java.io.InputStream;
import java.io.NotSerializableException;
import java.math.BigDecimal;
import java.util.Arrays;
import java.util.HashMap;
Expand All @@ -54,7 +53,7 @@
import org.junit.Test;

/** Tests for {@link PluggableAuthCredentials}. */
public class PluggableAuthCredentialsTest {
public class PluggableAuthCredentialsTest extends BaseSerializationTest {
// The default timeout for waiting for the executable to finish (30 seconds).
private static final int DEFAULT_EXECUTABLE_TIMEOUT_MS = 30 * 1000;
// The minimum timeout for waiting for the executable to finish (5 seconds).
Expand Down Expand Up @@ -436,6 +435,22 @@ public void createdScoped_clonedCredentialWithAddedScopes() {
assertEquals(credentials.getExecutableHandler(), newCredentials.getExecutableHandler());
}

@Test
public void serialize() throws IOException, ClassNotFoundException {
PluggableAuthCredentials testCredentials =
(PluggableAuthCredentials)
PluggableAuthCredentials.newBuilder(CREDENTIAL)
.setExecutableHandler(options -> "pluggableAuthToken")
.setServiceAccountImpersonationUrl(SERVICE_ACCOUNT_IMPERSONATION_URL)
.setQuotaProjectId("quotaProjectId")
.setClientId("clientId")
.setClientSecret("clientSecret")
.build();

// PluggableAuthCredentials are not serializable
assertThrows(NotSerializableException.class, () -> serializeAndDeserialize(testCredentials));
}

private static CredentialSource buildCredentialSource() {
return buildCredentialSource("command", null, null);
}
Expand Down

0 comments on commit bc2d63b

Please sign in to comment.