test: add more tests for service account quota projects (#527)
Follow up to #519
diff --git a/tests/oauth2/test_credentials.py b/tests/oauth2/test_credentials.py
index 69d9fbc..ceb8cdf 100644
--- a/tests/oauth2/test_credentials.py
+++ b/tests/oauth2/test_credentials.py
@@ -309,6 +309,7 @@
headers = {}
creds.apply(headers)
assert headers["x-goog-user-project"] == "quota-project-123"
+ assert "token" in headers["authorization"]
def test_apply_with_no_quota_project_id(self):
creds = credentials.Credentials(
@@ -322,6 +323,7 @@
headers = {}
creds.apply(headers)
assert "x-goog-user-project" not in headers
+ assert "token" in headers["authorization"]
def test_with_quota_project(self):
creds = credentials.Credentials(
diff --git a/tests/oauth2/test_service_account.py b/tests/oauth2/test_service_account.py
index 7f27dad..4c75e37 100644
--- a/tests/oauth2/test_service_account.py
+++ b/tests/oauth2/test_service_account.py
@@ -178,6 +178,31 @@
payload = jwt.decode(token, PUBLIC_CERT_BYTES)
assert payload["sub"] == subject
+ def test_apply_with_quota_project_id(self):
+ credentials = service_account.Credentials(
+ SIGNER,
+ self.SERVICE_ACCOUNT_EMAIL,
+ self.TOKEN_URI,
+ quota_project_id="quota-project-123",
+ )
+
+ headers = {}
+ credentials.apply(headers, token="token")
+
+ assert headers["x-goog-user-project"] == "quota-project-123"
+ assert "token" in headers["authorization"]
+
+ def test_apply_with_no_quota_project_id(self):
+ credentials = service_account.Credentials(
+ SIGNER, self.SERVICE_ACCOUNT_EMAIL, self.TOKEN_URI
+ )
+
+ headers = {}
+ credentials.apply(headers, token="token")
+
+ assert "x-goog-user-project" not in headers
+ assert "token" in headers["authorization"]
+
@mock.patch("google.oauth2._client.jwt_grant", autospec=True)
def test_refresh_success(self, jwt_grant):
credentials = self.make_credentials()