Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / google-auth-library-python / d94e65c0e441183403608d762b92b30b77e21eeb^! / . / google / oauth2
commitd94e65c0e441183403608d762b92b30b77e21eeb[log] [tgz]
authorarithmetic1728 <58957152+arithmetic1728@users.noreply.github.com>Tue Jul 20 12:09:57 2021 -0700
committerGitHub <noreply@github.com>Tue Jul 20 13:09:57 2021 -0600
treea170d7535f74e4efae1921285ed79589f55b451c
parentdfad66128c6ee7513e5565d39bc7b002055dd0d5 [diff]
revert: revert "feat: service account is able to use a private token endpoint (#784)" (#808)

revert "feat: service account is able to use a private token endpoint (#784)" until b/194191737 is fixed.

This reverts commit 0e264092e35ac02ad68d5d91424ecba5397daa41.
diff --git a/google/oauth2/service_account.py b/google/oauth2/service_account.py
index 8f18f26..dd36589 100644
--- a/google/oauth2/service_account.py
+++ b/google/oauth2/service_account.py

@@ -80,7 +80,6 @@
 from google.oauth2 import _client
 
 _DEFAULT_TOKEN_LIFETIME_SECS = 3600  # 1 hour in seconds
-_GOOGLE_OAUTH2_TOKEN_ENDPOINT = "https://oauth2.googleapis.com/token"
 
 
 class Credentials(
@@ -383,7 +382,7 @@
             # The issuer must be the service account email.
             "iss": self._service_account_email,
             # The audience must be the auth token endpoint's URI
-            "aud": _GOOGLE_OAUTH2_TOKEN_ENDPOINT,
+            "aud": self._token_uri,
             "scope": _helpers.scopes_to_string(self._scopes or ()),
         }
 
@@ -644,7 +643,7 @@
             # The issuer must be the service account email.
             "iss": self.service_account_email,
             # The audience must be the auth token endpoint's URI
-            "aud": _GOOGLE_OAUTH2_TOKEN_ENDPOINT,
+            "aud": self._token_uri,
             # The target audience specifies which service the ID token is
             # intended for.
             "target_audience": self._target_audience,