Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: ensure both refreshMargin and expirationMargin are set when using OAuth2CredentialsWithRefresh #1131

Merged
merged 2 commits into from
Jan 19, 2023
Merged

fix: ensure both refreshMargin and expirationMargin are set when using OAuth2CredentialsWithRefresh #1131

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
e6e927b
fix: Ensure both refreshMargin and expirationMargin are set when usin…
lsirac Jan 19, 2023
2e0b021
fix: review
lsirac Jan 19, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 12 additions & 0 deletions oauth2_http/java/com/google/auth/oauth2/OAuth2Credentials.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -151,6 +151,18 @@ public final AccessToken getAccessToken() {
return null;
}

/** Returns the credentials' refresh margin. */
lsirac marked this conversation as resolved.
Show resolved Hide resolved
@VisibleForTesting
Duration getRefreshMargin() {
return this.refreshMargin;
}

/** Returns the credentials' expiration margin. */
@VisibleForTesting
Duration getExpirationMargin() {
return this.expirationMargin;
}

@Override
public void getRequestMetadata(
final URI uri, Executor executor, final RequestMetadataCallback callback) {
Expand Down
12 changes: 11 additions & 1 deletion oauth2_http/java/com/google/auth/oauth2/OAuth2CredentialsWithRefresh.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,16 @@ public interface OAuth2RefreshHandler {

private final OAuth2RefreshHandler refreshHandler;

protected OAuth2CredentialsWithRefresh(Builder builder) {
super(builder.getAccessToken(), builder.getRefreshMargin(), builder.getExpirationMargin());
// An expiration time must be provided.
if (builder.getAccessToken() != null && builder.getAccessToken().getExpirationTime() == null) {
throw new IllegalArgumentException(
"The provided access token must contain the expiration time.");
}
this.refreshHandler = checkNotNull(builder.refreshHandler);
}

protected OAuth2CredentialsWithRefresh(
AccessToken accessToken, OAuth2RefreshHandler refreshHandler) {
super(accessToken);
Expand Down Expand Up @@ -101,7 +111,7 @@ public Builder setRefreshHandler(OAuth2RefreshHandler handler) {
}

public OAuth2CredentialsWithRefresh build() {
return new OAuth2CredentialsWithRefresh(getAccessToken(), refreshHandler);
return new OAuth2CredentialsWithRefresh(this);
}
}
}
109 changes: 108 additions & 1 deletion oauth2_http/javatests/com/google/auth/oauth2/OAuth2CredentialsWithRefreshTest.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,19 +31,26 @@

package com.google.auth.oauth2;

import static com.google.auth.oauth2.OAuth2Credentials.DEFAULT_EXPIRATION_MARGIN;
import static com.google.auth.oauth2.OAuth2Credentials.DEFAULT_REFRESH_MARGIN;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.fail;

import com.google.auth.TestUtils;
import java.io.IOException;
import java.net.URI;
import java.time.Duration;
import java.time.temporal.ChronoUnit;
import java.util.Date;
import java.util.List;
import java.util.Map;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.junit.runners.JUnit4;

/** Tests for {@link OAuth2CredentialsWithRefresh}. */
@RunWith(JUnit4.class)
public class OAuth2CredentialsWithRefreshTest {

private static final AccessToken ACCESS_TOKEN = new AccessToken("accessToken", new Date());

@Test
Expand All @@ -65,6 +72,85 @@ public AccessToken refreshAccessToken() {
assertEquals(refreshHandler, credential.getRefreshHandler());
}

@Test
public void builder_withRefreshAndExpirationMargins() {
OAuth2CredentialsWithRefresh.OAuth2RefreshHandler refreshHandler =
new OAuth2CredentialsWithRefresh.OAuth2RefreshHandler() {
@Override
public AccessToken refreshAccessToken() {
return null;
}
};

Duration refreshMargin = Duration.of(10, ChronoUnit.SECONDS);
Duration expirationMargin = Duration.of(12, ChronoUnit.SECONDS);

OAuth2CredentialsWithRefresh credential =
(OAuth2CredentialsWithRefresh)
OAuth2CredentialsWithRefresh.newBuilder()
.setAccessToken(ACCESS_TOKEN)
.setRefreshHandler(refreshHandler)
.setRefreshMargin(refreshMargin)
.setExpirationMargin(expirationMargin)
.build();

assertEquals(ACCESS_TOKEN, credential.getAccessToken());
assertEquals(refreshMargin, credential.getRefreshMargin());
assertEquals(expirationMargin, credential.getExpirationMargin());
assertEquals(refreshHandler, credential.getRefreshHandler());
}

@Test
public void builder_onlyRefreshMarginSet() {
OAuth2CredentialsWithRefresh.OAuth2RefreshHandler refreshHandler =
new OAuth2CredentialsWithRefresh.OAuth2RefreshHandler() {
@Override
public AccessToken refreshAccessToken() {
return null;
}
};

Duration refreshMargin = Duration.of(10, ChronoUnit.SECONDS);

OAuth2CredentialsWithRefresh credential =
(OAuth2CredentialsWithRefresh)
OAuth2CredentialsWithRefresh.newBuilder()
.setAccessToken(ACCESS_TOKEN)
.setRefreshHandler(refreshHandler)
.setRefreshMargin(refreshMargin)
.build();

assertEquals(ACCESS_TOKEN, credential.getAccessToken());
assertEquals(refreshMargin, credential.getRefreshMargin());
assertEquals(DEFAULT_EXPIRATION_MARGIN, credential.getExpirationMargin());
assertEquals(refreshHandler, credential.getRefreshHandler());
}

@Test
public void builder_onlyExpirationMarginSet() {
OAuth2CredentialsWithRefresh.OAuth2RefreshHandler refreshHandler =
new OAuth2CredentialsWithRefresh.OAuth2RefreshHandler() {
@Override
public AccessToken refreshAccessToken() {
return null;
}
};

Duration expirationMargin = Duration.of(12, ChronoUnit.SECONDS);
OAuth2CredentialsWithRefresh credential =
(OAuth2CredentialsWithRefresh)
OAuth2CredentialsWithRefresh.newBuilder()
.setAccessToken(ACCESS_TOKEN)
.setRefreshHandler(refreshHandler)
.setExpirationMargin(expirationMargin)
.build();

assertEquals(ACCESS_TOKEN, credential.getAccessToken());
assertEquals(DEFAULT_REFRESH_MARGIN, credential.getRefreshMargin());
assertEquals(expirationMargin, credential.getExpirationMargin());
assertEquals(refreshHandler, credential.getRefreshHandler());
}

@Test
public void builder_noAccessToken() {
OAuth2CredentialsWithRefresh.newBuilder()
Expand Down Expand Up @@ -119,4 +205,25 @@ public AccessToken refreshAccessToken() {

assertEquals(refreshedToken, accessToken);
}

@Test
public void getRequestMetadata() throws IOException {
URI uri = URI.create("http://googleapis.com/testapi/v1/foo");
final AccessToken refreshedToken = new AccessToken("refreshedAccessToken", new Date());
OAuth2CredentialsWithRefresh credentials =
OAuth2CredentialsWithRefresh.newBuilder()
.setAccessToken(ACCESS_TOKEN)
.setRefreshHandler(
new OAuth2CredentialsWithRefresh.OAuth2RefreshHandler() {
@Override
public AccessToken refreshAccessToken() {
return refreshedToken;
}
})
.build();

Map<String, List<String>> metadata = credentials.getRequestMetadata(uri);

TestUtils.assertContainsBearerToken(metadata, refreshedToken.getTokenValue());
}
}