@Test
public void createAssertion_withTokenUri_correct() throws IOException {
PrivateKey privateKey = ServiceAccountCredentials.privateKeyFromPkcs8(SA_PRIVATE_KEY_PKCS8);
List<String> scopes = Arrays.asList("scope1", "scope2");
ServiceAccountCredentials credentials = ServiceAccountCredentials.newBuilder()
.setClientId(SA_CLIENT_ID)
.setClientEmail(SA_CLIENT_EMAIL)
.setPrivateKey(privateKey)
.setPrivateKeyId(SA_PRIVATE_KEY_ID)
.setScopes(scopes)
.setServiceAccountUser(SERVICE_ACCOUNT_USER)
.setProjectId(PROJECT_ID)
.build();
JsonFactory jsonFactory = OAuth2Utils.JSON_FACTORY;
long currentTimeMillis = Clock.SYSTEM.currentTimeMillis();
String assertion =
credentials.createAssertion(jsonFactory, currentTimeMillis, "https://foo.com/bar");
JsonWebSignature signature = JsonWebSignature.parse(jsonFactory, assertion);
JsonWebToken.Payload payload = signature.getPayload();
assertEquals(SA_CLIENT_EMAIL, payload.getIssuer());
assertEquals("https://foo.com/bar", payload.getAudience());
assertEquals(currentTimeMillis / 1000, (long) payload.getIssuedAtTimeSeconds());
assertEquals(currentTimeMillis / 1000 + 3600, (long) payload.getExpirationTimeSeconds());
assertEquals(SERVICE_ACCOUNT_USER, payload.getSubject());
assertEquals(Joiner.on(' ').join(scopes), payload.get("scope"));
}