blob: f7767887bfa73905bfcd811041d4b1495fe9bdf6 [file] [log] [blame]
Jon Wayne Parrott924191c2017-02-15 16:43:23 -08001# Copyright 2017 Google Inc.
2#
3# Licensed under the Apache License, Version 2.0 (the "License");
4# you may not use this file except in compliance with the License.
5# You may obtain a copy of the License at
6#
7# http://www.apache.org/licenses/LICENSE-2.0
8#
9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS,
11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12# See the License for the specific language governing permissions and
13# limitations under the License.
14
15import base64
16import datetime
17import json
18
19import mock
20import pytest
21from six.moves import http_client
22
23from google.auth import exceptions
24from google.auth import iam
25from google.auth import transport
26import google.auth.credentials
27
28
29def make_request(status, data=None):
30 response = mock.Mock(spec=transport.Response)
31 response.status = status
32
33 if data is not None:
34 response.data = json.dumps(data).encode('utf-8')
35
36 return mock.Mock(return_value=response, spec=transport.Request)
37
38
39def make_credentials():
40 class CredentialsImpl(google.auth.credentials.Credentials):
41 def __init__(self):
42 super(CredentialsImpl, self).__init__()
43 self.token = 'token'
44 # Force refresh
45 self.expiry = datetime.datetime.min
46
47 def refresh(self, request):
48 pass
49
50 return CredentialsImpl()
51
52
53class TestSigner(object):
54 def test_constructor(self):
55 request = mock.sentinel.request
56 credentials = mock.Mock(spec=google.auth.credentials.Credentials)
57
58 signer = iam.Signer(
59 request, credentials, mock.sentinel.service_account_email)
60
61 assert signer._request == mock.sentinel.request
62 assert signer._credentials == credentials
63 assert (signer._service_account_email ==
64 mock.sentinel.service_account_email)
65
66 def test_key_id(self):
Jon Wayne Parrott924191c2017-02-15 16:43:23 -080067 signer = iam.Signer(
Jon Wayne Parrott254befe2017-02-22 14:37:31 -080068 mock.sentinel.request,
69 mock.sentinel.credentials,
70 mock.sentinel.service_account_email)
Jon Wayne Parrott924191c2017-02-15 16:43:23 -080071
Jon Wayne Parrott254befe2017-02-22 14:37:31 -080072 assert signer.key_id is None
Jon Wayne Parrott924191c2017-02-15 16:43:23 -080073
74 def test_sign_bytes(self):
75 signature = b'DEADBEEF'
76 encoded_signature = base64.b64encode(signature).decode('utf-8')
77 request = make_request(
78 http_client.OK, data={'signature': encoded_signature})
79 credentials = make_credentials()
80
81 signer = iam.Signer(
82 request, credentials, mock.sentinel.service_account_email)
83
84 returned_signature = signer.sign('123')
85
86 assert returned_signature == signature
87
88 def test_sign_bytes_failure(self):
89 request = make_request(http_client.UNAUTHORIZED)
90 credentials = make_credentials()
91
92 signer = iam.Signer(
93 request, credentials, mock.sentinel.service_account_email)
94
95 with pytest.raises(exceptions.TransportError):
96 signer.sign('123')