@Test() public void credential_with_invalid_scope() throws IOException, IllegalStateException { GoogleCredentials sourceCredentials = getSourceCredentials(); try { ImpersonatedCredentials targetCredentials = ImpersonatedCredentials.create(sourceCredentials, IMPERSONATED_CLIENT_EMAIL, null, null, VALID_LIFETIME); targetCredentials.refreshAccessToken().getTokenValue(); fail(String.format("Should throw exception with message containing '%s'", "Scopes cannot be null")); } catch (IllegalStateException expected) { assertTrue(expected.getMessage().contains("Scopes cannot be null")); } }
@Test() public void credential_with_invalid_lifetime() throws IOException, IllegalStateException { GoogleCredentials sourceCredentials = getSourceCredentials(); try { ImpersonatedCredentials targetCredentials = ImpersonatedCredentials.create(sourceCredentials, IMPERSONATED_CLIENT_EMAIL, null, SCOPES, INVALID_LIFETIME); targetCredentials.refreshAccessToken().getTokenValue(); fail(String.format("Should throw exception with message containing '%s'", "lifetime must be less than or equal to 3600")); } catch (IllegalStateException expected) { assertTrue(expected.getMessage().contains("lifetime must be less than or equal to 3600")); } }
@Test() public void refreshAccessToken_unauthorized() throws IOException { GoogleCredentials sourceCredentials = getSourceCredentials(); String expectedMessage = "The caller does not have permission"; MockIAMCredentialsServiceTransportFactory mtransportFactory = new MockIAMCredentialsServiceTransportFactory(); mtransportFactory.transport.setTargetPrincipal(IMPERSONATED_CLIENT_EMAIL); mtransportFactory.transport.setTokenResponseErrorCode(HttpStatusCodes.STATUS_CODE_UNAUTHORIZED); mtransportFactory.transport.setTokenResponseErrorContent( generateErrorJson(HttpStatusCodes.STATUS_CODE_UNAUTHORIZED, expectedMessage, "global", "forbidden")); ImpersonatedCredentials targetCredentials = ImpersonatedCredentials.create(sourceCredentials, IMPERSONATED_CLIENT_EMAIL, null, SCOPES, VALID_LIFETIME, mtransportFactory); try { targetCredentials.refreshAccessToken().getTokenValue(); fail(String.format("Should throw exception with message containing '%s'", expectedMessage)); } catch (IOException expected) { assertEquals("Error requesting access token", expected.getMessage()); assertTrue(expected.getCause().getMessage().contains(expectedMessage)); } }
@Test() public void refreshAccessToken_malformedTarget() throws IOException { GoogleCredentials sourceCredentials = getSourceCredentials(); MockIAMCredentialsServiceTransportFactory mtransportFactory = new MockIAMCredentialsServiceTransportFactory(); String invalidTargetEmail = "foo"; String expectedMessage = "Request contains an invalid argument"; mtransportFactory.transport.setTargetPrincipal(invalidTargetEmail); mtransportFactory.transport.setTokenResponseErrorCode(HttpStatusCodes.STATUS_CODE_BAD_REQUEST); mtransportFactory.transport.setTokenResponseErrorContent( generateErrorJson(HttpStatusCodes.STATUS_CODE_BAD_REQUEST, expectedMessage, "global", "badRequest")); ImpersonatedCredentials targetCredentials = ImpersonatedCredentials.create(sourceCredentials, invalidTargetEmail, null, SCOPES, VALID_LIFETIME, mtransportFactory); try { targetCredentials.refreshAccessToken().getTokenValue(); fail(String.format("Should throw exception with message containing '%s'", expectedMessage)); } catch (IOException expected) { assertEquals("Error requesting access token", expected.getMessage()); assertTrue(expected.getCause().getMessage().contains(expectedMessage)); } }
@Test() public void refreshAccessToken_invalidDate() throws IOException, IllegalStateException { GoogleCredentials sourceCredentials = getSourceCredentials(); String expectedMessage = "Unparseable date"; MockIAMCredentialsServiceTransportFactory mtransportFactory = new MockIAMCredentialsServiceTransportFactory(); mtransportFactory.transport.setTargetPrincipal(IMPERSONATED_CLIENT_EMAIL); mtransportFactory.transport.setAccessToken("foo"); mtransportFactory.transport.setexpireTime("1973-09-29T15:01:23"); ImpersonatedCredentials targetCredentials = ImpersonatedCredentials.create(sourceCredentials, IMPERSONATED_CLIENT_EMAIL, null, SCOPES, VALID_LIFETIME, mtransportFactory); try { targetCredentials.refreshAccessToken().getTokenValue(); fail(String.format("Should throw exception with message containing '%s'", expectedMessage)); } catch (IOException expected) { assertTrue(expected.getMessage().contains(expectedMessage)); } }
@Test() public void refreshAccessToken_delegates_success() throws IOException, IllegalStateException { GoogleCredentials sourceCredentials = getSourceCredentials(); MockIAMCredentialsServiceTransportFactory mtransportFactory = new MockIAMCredentialsServiceTransportFactory(); mtransportFactory.transport.setTargetPrincipal(IMPERSONATED_CLIENT_EMAIL); mtransportFactory.transport.setAccessToken(ACCESS_TOKEN); mtransportFactory.transport.setexpireTime(getDefaultExpireTime()); List<String> delegates = Arrays.asList("delegate-account@iam.gserviceaccount.com"); ImpersonatedCredentials targetCredentials = ImpersonatedCredentials.create(sourceCredentials, IMPERSONATED_CLIENT_EMAIL, delegates, SCOPES, VALID_LIFETIME, mtransportFactory); assertEquals(ACCESS_TOKEN, targetCredentials.refreshAccessToken().getTokenValue()); }
@Test() public void refreshAccessToken_success() throws IOException, IllegalStateException { GoogleCredentials sourceCredentials = getSourceCredentials(); MockIAMCredentialsServiceTransportFactory mtransportFactory = new MockIAMCredentialsServiceTransportFactory(); mtransportFactory.transport.setTargetPrincipal(IMPERSONATED_CLIENT_EMAIL); mtransportFactory.transport.setAccessToken(ACCESS_TOKEN); mtransportFactory.transport.setexpireTime(getDefaultExpireTime()); ImpersonatedCredentials targetCredentials = ImpersonatedCredentials.create(sourceCredentials, IMPERSONATED_CLIENT_EMAIL, null, SCOPES, VALID_LIFETIME, mtransportFactory); assertEquals(ACCESS_TOKEN, targetCredentials.refreshAccessToken().getTokenValue()); }