public ContainerRegistryAuthSupplier build() { final GoogleCredentials credentials = this.credentials.createScoped(scopes); // log some sort of identifier for the credentials, which requires looking at the // instance type if (credentials instanceof ServiceAccountCredentials) { final String clientEmail = ((ServiceAccountCredentials) credentials).getClientEmail(); log.info("loaded credentials for service account with clientEmail={}", clientEmail); } else if (credentials instanceof UserCredentials) { final String clientId = ((UserCredentials) credentials).getClientId(); log.info("loaded credentials for user account with clientId={}", clientId); } final Clock clock = Clock.systemDefaultZone(); final DefaultCredentialRefresher refresher = new DefaultCredentialRefresher(); return new ContainerRegistryAuthSupplier(credentials, clock, minimumExpiryMillis, refresher); } }
/** * Returns credentials defined by a JSON file stream using the format supported by the Cloud SDK. * * @param credentialsStream the stream with the credential definition. * @return the credential defined by the credentialsStream. * @throws IOException if the credential cannot be created from the stream. **/ public static UserCredentials fromStream(InputStream credentialsStream) throws IOException { return fromStream(credentialsStream, OAuth2Utils.HTTP_TRANSPORT_FACTORY); }
@Override public String toString() { return MoreObjects.toStringHelper(this) .add("requestMetadata", getRequestMetadataInternal()) .add("temporaryAccess", getAccessToken()) .add("clientId", clientId) .add("refreshToken", refreshToken) .add("tokenServerUri", tokenServerUri) .add("transportFactoryClassName", transportFactoryClassName) .toString(); }
@Test public void saveAndRestoreUserCredential_saveAndRestored_throws() throws IOException { UserCredentials userCredentials = UserCredentials.newBuilder() .setClientId(CLIENT_ID) .setClientSecret(CLIENT_SECRET) .setRefreshToken(REFRESH_TOKEN) .build(); File file = File.createTempFile("GOOGLE_APPLICATION_CREDENTIALS", null, null); file.deleteOnExit(); String filePath = file.getAbsolutePath(); userCredentials.save(filePath); FileInputStream inputStream = new FileInputStream(new File(filePath)); UserCredentials restoredCredentials = UserCredentials.fromStream(inputStream); assertEquals(userCredentials.getClientId(), restoredCredentials.getClientId()); assertEquals(userCredentials.getClientSecret(), restoredCredentials.getClientSecret()); assertEquals(userCredentials.getRefreshToken(), restoredCredentials.getRefreshToken()); }
/** * Returns user credentials defined by JSON contents using the format supported by the Cloud SDK. * * @param json a map from the JSON representing the credentials. * @param transportFactory HTTP transport factory, creates the transport used to get access * tokens. * @return the credentials defined by the JSON. * @throws IOException if the credential cannot be created from the JSON. **/ static UserCredentials fromJson(Map<String, Object> json, HttpTransportFactory transportFactory) throws IOException { String clientId = (String) json.get("client_id"); String clientSecret = (String) json.get("client_secret"); String refreshToken = (String) json.get("refresh_token"); if (clientId == null || clientSecret == null || refreshToken == null) { throw new IOException("Error reading user credential from JSON, " + " expecting 'client_id', 'client_secret' and 'refresh_token'."); } return UserCredentials.newBuilder() .setClientId(clientId) .setClientSecret(clientSecret) .setRefreshToken(refreshToken) .setAccessToken(null) .setHttpTransportFactory(transportFactory) .setTokenServerUri(null) .build(); }
.build(); UserCredentials originalCredentials = UserCredentials.newBuilder() .setClientId(CLIENT_ID_VALUE) .setClientSecret(CLIENT_SECRET) assertEquals(REFRESH_TOKEN, credentials1.getRefreshToken()); assertEquals(accessTokenValue1, credentials1.getAccessToken().getTokenValue()); credentials1.refresh(); assertEquals(REFRESH_TOKEN, credentials1.getRefreshToken()); assertEquals(accessTokenValue2, credentials1.getAccessToken().getTokenValue()); assertEquals(REFRESH_TOKEN, credentials2.getRefreshToken()); assertEquals(accessTokenValue2, credentials2.getAccessToken().getTokenValue());
@Test public void equals_false_tokenServer() throws IOException { final URI tokenServer1 = URI.create("https://foo1.com/bar"); final URI tokenServer2 = URI.create("https://foo2.com/bar"); AccessToken accessToken = new AccessToken(ACCESS_TOKEN, null); MockHttpTransportFactory httpTransportFactory = new MockHttpTransportFactory(); UserCredentials credentials = UserCredentials.newBuilder() .setClientId(CLIENT_ID) .setClientSecret(CLIENT_SECRET) .setRefreshToken(REFRESH_TOKEN) .setAccessToken(accessToken) .setHttpTransportFactory(httpTransportFactory) .setTokenServerUri(tokenServer1) .build(); UserCredentials otherCredentials = UserCredentials.newBuilder() .setClientId(CLIENT_ID) .setClientSecret(CLIENT_SECRET) .setRefreshToken(REFRESH_TOKEN) .setAccessToken(accessToken) .setHttpTransportFactory(httpTransportFactory) .setTokenServerUri(tokenServer2) .build(); assertFalse(credentials.equals(otherCredentials)); assertFalse(otherCredentials.equals(credentials)); }
@Test public void getCredentials_storedCredentials_returnsStored() throws IOException { TokenStore tokenStore = new MemoryTokensStorage(); UserCredentials initialCredentials = UserCredentials.newBuilder() .setClientId(CLIENT_ID_VALUE) .setClientSecret(CLIENT_SECRET) .setRefreshToken(REFRESH_TOKEN) .setAccessToken(ACCESS_TOKEN) .build(); UserAuthorizer authorizer = UserAuthorizer.newBuilder() .setClientId(CLIENT_ID) .setScopes(SCOPES) .setTokenStore(tokenStore) .build(); authorizer.storeCredentials(USER_ID, initialCredentials); UserCredentials credentials = authorizer.getCredentials(USER_ID); assertEquals(REFRESH_TOKEN, credentials.getRefreshToken()); assertEquals(ACCESS_TOKEN_VALUE, credentials.getAccessToken().getTokenValue()); assertEquals(EXPIRATION_TIME, credentials.getAccessToken().getExpirationTimeMillis()); }
@Test public void getRequestMetadata_initialToken_hasAccessToken() throws IOException { MockTokenServerTransportFactory transportFactory = new MockTokenServerTransportFactory(); transportFactory.transport.addClient(CLIENT_ID, CLIENT_SECRET); AccessToken accessToken = new AccessToken(ACCESS_TOKEN, null); UserCredentials userCredentials = UserCredentials.newBuilder() .setClientId(CLIENT_ID) .setClientSecret(CLIENT_SECRET) .setAccessToken(accessToken) .setHttpTransportFactory(transportFactory) .build(); Map<String, List<String>> metadata = userCredentials.getRequestMetadata(CALL_URI); TestUtils.assertContainsBearerToken(metadata, ACCESS_TOKEN); }
/** * Puts the end user credentials in long term storage. * * @param userId Application's identifier for the end user. * @param credentials UserCredentials instance for the authorized consent. * @throws IOException An error storing the credentials. */ public void storeCredentials(String userId, UserCredentials credentials) throws IOException { if (tokenStore == null) { throw new IllegalStateException("Cannot store tokens if tokenStore is not specified."); } AccessToken accessToken = credentials.getAccessToken(); String acessTokenValue = null; Date expiresBy = null; if (accessToken != null) { acessTokenValue = accessToken.getTokenValue(); expiresBy = accessToken.getExpirationTime(); } String refreshToken = credentials.getRefreshToken(); GenericJson tokenStateJson = new GenericJson(); tokenStateJson.setFactory(OAuth2Utils.JSON_FACTORY); tokenStateJson.put("access_token", acessTokenValue); tokenStateJson.put("expiration_time_millis", expiresBy.getTime()); if (refreshToken != null) { tokenStateJson.put("refresh_token", refreshToken); } String tokenState = tokenStateJson.toString(); tokenStore.store(userId, tokenState); }
@Test public void constructor_storesRefreshToken() { UserCredentials credentials = UserCredentials.newBuilder() .setClientId(CLIENT_ID) .setClientSecret(CLIENT_SECRET) .setRefreshToken(REFRESH_TOKEN) .build(); assertEquals(REFRESH_TOKEN, credentials.getRefreshToken()); }
@Test public void serialize() throws IOException, ClassNotFoundException { final URI tokenServer = URI.create("https://foo.com/bar"); MockTokenServerTransportFactory transportFactory = new MockTokenServerTransportFactory(); AccessToken accessToken = new AccessToken(ACCESS_TOKEN, null); UserCredentials credentials = UserCredentials.newBuilder() .setClientId(CLIENT_ID) .setClientSecret(CLIENT_SECRET) .setRefreshToken(REFRESH_TOKEN) .setAccessToken(accessToken) .setHttpTransportFactory(transportFactory) .setTokenServerUri(tokenServer) .build(); UserCredentials deserializedCredentials = serializeAndDeserialize(credentials); assertEquals(credentials, deserializedCredentials); assertEquals(credentials.hashCode(), deserializedCredentials.hashCode()); assertEquals(credentials.toString(), deserializedCredentials.toString()); assertSame(deserializedCredentials.clock, Clock.SYSTEM); }
public UserCredentials build() { return new UserCredentials( clientId, clientSecret, refreshToken, getAccessToken(), transportFactory,tokenServerUri); } }
@Test public void getAndStoreCredentialsFromCode_getAndStoresCredentials() throws IOException { final String accessTokenValue1 = "1/MkSJoj1xsli0AccessToken_NKPY2"; final String accessTokenValue2 = "2/MkSJoj1xsli0AccessToken_NKPY2"; MockTokenServerTransportFactory transportFactory = new MockTokenServerTransportFactory(); transportFactory.transport.addClient(CLIENT_ID_VALUE, CLIENT_SECRET); transportFactory.transport.addAuthorizationCode(CODE, REFRESH_TOKEN, accessTokenValue1); TokenStore tokenStore = new MemoryTokensStorage(); UserAuthorizer authorizer = UserAuthorizer.newBuilder() .setClientId(CLIENT_ID) .setScopes(SCOPES) .setTokenStore(tokenStore) .setHttpTransportFactory(transportFactory) .build(); UserCredentials credentials1 = authorizer.getAndStoreCredentialsFromCode(USER_ID, CODE, BASE_URI); assertEquals(REFRESH_TOKEN, credentials1.getRefreshToken()); assertEquals(accessTokenValue1, credentials1.getAccessToken().getTokenValue()); // Refresh the token to get update from token server transportFactory.transport.addRefreshToken(REFRESH_TOKEN, accessTokenValue2); credentials1.refresh(); assertEquals(REFRESH_TOKEN, credentials1.getRefreshToken()); assertEquals(accessTokenValue2, credentials1.getAccessToken().getTokenValue()); // Load a second credentials instance UserCredentials credentials2 = authorizer.getCredentials(USER_ID); // Verify that token refresh stored the updated tokens assertEquals(REFRESH_TOKEN, credentials2.getRefreshToken()); assertEquals(accessTokenValue2, credentials2.getAccessToken().getTokenValue()); }
@Test public void saveUserCredentials_saved_throws() throws IOException { UserCredentials userCredentials = UserCredentials.newBuilder() .setClientId(CLIENT_ID) .setClientSecret(CLIENT_SECRET) .setRefreshToken(REFRESH_TOKEN) .build(); File file = File.createTempFile("GOOGLE_APPLICATION_CREDENTIALS", null, null); file.deleteOnExit(); String filePath = file.getAbsolutePath(); userCredentials.save(filePath); }
@Test public void createScopedRequired_false() { UserCredentials userCredentials = UserCredentials.newBuilder() .setClientId(CLIENT_ID) .setClientSecret(CLIENT_SECRET) .setRefreshToken(REFRESH_TOKEN) .build(); assertFalse(userCredentials.createScopedRequired()); }
@Test public void createScoped_same() { UserCredentials userCredentials = UserCredentials.newBuilder() .setClientId(CLIENT_ID) .setClientSecret(CLIENT_SECRET) .setRefreshToken(REFRESH_TOKEN) .build(); assertSame(userCredentials, userCredentials.createScoped(SCOPES)); }
@Test public void toString_containsFields() throws IOException { AccessToken accessToken = new AccessToken(ACCESS_TOKEN, null); final URI tokenServer = URI.create("https://foo.com/bar"); MockTokenServerTransportFactory transportFactory = new MockTokenServerTransportFactory(); UserCredentials credentials = UserCredentials.newBuilder() .setClientId(CLIENT_ID) .setClientSecret(CLIENT_SECRET) .setRefreshToken(REFRESH_TOKEN) .setAccessToken(accessToken) .setHttpTransportFactory(transportFactory) .setTokenServerUri(tokenServer) .build(); String expectedToString = String.format( "UserCredentials{requestMetadata=%s, temporaryAccess=%s, clientId=%s, refreshToken=%s, " + "tokenServerUri=%s, transportFactoryClassName=%s}", ImmutableMap.of(AuthHttpConstants.AUTHORIZATION, ImmutableList.of(OAuth2Utils.BEARER_PREFIX + accessToken.getTokenValue())), accessToken.toString(), CLIENT_ID, REFRESH_TOKEN, tokenServer, MockTokenServerTransportFactory.class.getName()); assertEquals(expectedToString, credentials.toString()); }
@Test public void hashCode_equals() throws IOException { final URI tokenServer = URI.create("https://foo.com/bar"); MockTokenServerTransportFactory transportFactory = new MockTokenServerTransportFactory(); AccessToken accessToken = new AccessToken(ACCESS_TOKEN, null); UserCredentials credentials = UserCredentials.newBuilder() .setClientId(CLIENT_ID) .setClientSecret(CLIENT_SECRET) .setRefreshToken(REFRESH_TOKEN) .setAccessToken(accessToken) .setHttpTransportFactory(transportFactory) .setTokenServerUri(tokenServer) .build(); UserCredentials otherCredentials = UserCredentials.newBuilder() .setClientId(CLIENT_ID) .setClientSecret(CLIENT_SECRET) .setRefreshToken(REFRESH_TOKEN) .setAccessToken(accessToken) .setHttpTransportFactory(transportFactory) .setTokenServerUri(tokenServer) .build(); assertEquals(credentials.hashCode(), otherCredentials.hashCode()); }
@Test public void getRequestMetadata_initialTokenRefreshed_throws() throws IOException { MockTokenServerTransportFactory transportFactory = new MockTokenServerTransportFactory(); transportFactory.transport.addClient(CLIENT_ID, CLIENT_SECRET); AccessToken accessToken = new AccessToken(ACCESS_TOKEN, null); UserCredentials userCredentials = UserCredentials.newBuilder() .setClientId(CLIENT_ID) .setClientSecret(CLIENT_SECRET) .setAccessToken(accessToken) .setHttpTransportFactory(transportFactory) .build(); try { userCredentials.refresh(); fail("Should not be able to refresh without refresh token."); } catch (IllegalStateException expected) { // Expected } }