Add compute engine system tests (#54)
diff --git a/google/auth/compute_engine/_metadata.py b/google/auth/compute_engine/_metadata.py
index a107015..e5abf20 100644
--- a/google/auth/compute_engine/_metadata.py
+++ b/google/auth/compute_engine/_metadata.py
@@ -35,7 +35,7 @@
# This is used to ping the metadata server, it avoids the cost of a DNS
# lookup.
_METADATA_IP_ROOT = 'http://169.254.169.254'
-_METADATA_FLAVOR_HEADER = 'metdata-flavor'
+_METADATA_FLAVOR_HEADER = 'metadata-flavor'
_METADATA_FLAVOR_VALUE = 'Google'
_METADATA_HEADERS = {_METADATA_FLAVOR_HEADER: _METADATA_FLAVOR_VALUE}
diff --git a/google/auth/compute_engine/credentials.py b/google/auth/compute_engine/credentials.py
index f0616d1..cd215c5 100644
--- a/google/auth/compute_engine/credentials.py
+++ b/google/auth/compute_engine/credentials.py
@@ -19,7 +19,6 @@
"""
-from google.auth import _helpers
from google.auth import credentials
from google.auth import exceptions
from google.auth.compute_engine import _metadata
@@ -71,7 +70,7 @@
service_account=self._service_account_email)
self._service_account_email = info['email']
- self._scopes = _helpers.string_to_scopes(info['scopes'])
+ self._scopes = info['scopes']
def refresh(self, request):
"""Refresh the access token and scopes.
diff --git a/system_tests/test_compute_engine.py b/system_tests/test_compute_engine.py
new file mode 100644
index 0000000..c4b0c7b
--- /dev/null
+++ b/system_tests/test_compute_engine.py
@@ -0,0 +1,38 @@
+# Copyright 2016 Google Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import pytest
+
+from google.auth import _helpers
+from google.auth import compute_engine
+from google.auth.compute_engine import _metadata
+
+
+@pytest.fixture(autouse=True)
+def check_gce_environment(request):
+ if not _metadata.ping(request):
+ pytest.skip('Compute Engine metadata service is not available.')
+
+
+def test_refresh(request, token_info):
+ credentials = compute_engine.Credentials()
+
+ credentials.refresh(request)
+
+ assert credentials.token is not None
+ assert credentials._service_account_email is not None
+
+ info = token_info(credentials.token)
+ info_scopes = _helpers.string_to_scopes(info['scope'])
+ assert set(info_scopes) == set(credentials.scopes)
diff --git a/system_tests/test_service_account.py b/system_tests/test_service_account.py
index e897c6f..4ac0b43 100644
--- a/system_tests/test_service_account.py
+++ b/system_tests/test_service_account.py
@@ -12,9 +12,11 @@
# See the License for the specific language governing permissions and
# limitations under the License.
+import pytest
+
+from google.auth import _helpers
from google.auth import exceptions
from google.oauth2 import service_account
-import pytest
@pytest.fixture
@@ -38,6 +40,7 @@
info = token_info(credentials.token)
assert info['email'] == credentials._service_account_email
- assert info['scope'] == (
- 'https://www.googleapis.com/auth/userinfo.email '
- 'https://www.googleapis.com/auth/userinfo.profile')
+ info_scopes = _helpers.string_to_scopes(info['scope'])
+ assert set(info_scopes) == set([
+ 'https://www.googleapis.com/auth/userinfo.email',
+ 'https://www.googleapis.com/auth/userinfo.profile'])
diff --git a/tests/compute_engine/test_credentials.py b/tests/compute_engine/test_credentials.py
index 90ce2fe..daa61fe 100644
--- a/tests/compute_engine/test_credentials.py
+++ b/tests/compute_engine/test_credentials.py
@@ -42,7 +42,7 @@
get_mock.side_effect = [{
# First request is for sevice account info.
'email': 'service-account@example.com',
- 'scopes': 'one two'
+ 'scopes': ['one', 'two']
}, {
# Second request is for the token.
'access_token': 'token',