Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / google-auth-library-python / 9eec091cd4340f8e57dd0e837a7e8df808f9f5bd / . / tests / test__default.py
blob: 2c86f3ffbf564b2d517243cf217d8204a9b7ad60 [file] [log] [blame]
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]1# Copyright 2016 Google Inc.
2#
3# Licensed under the Apache License, Version 2.0 (the "License");
4# you may not use this file except in compliance with the License.
5# You may obtain a copy of the License at
6#
7# http://www.apache.org/licenses/LICENSE-2.0
8#
9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS,
11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12# See the License for the specific language governing permissions and
13# limitations under the License.
14
15import json
16import os
17
18import mock
19import pytest
20
21from google.auth import _default
Jon Wayne Parrott2148fde2016-10-24 13:44:25 -0700[diff] [blame]22from google.auth import app_engine
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]23from google.auth import compute_engine
24from google.auth import environment_vars
25from google.auth import exceptions
26from google.oauth2 import service_account
27import google.oauth2.credentials
28
29
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]30DATA_DIR = os.path.join(os.path.dirname(__file__), "data")
31AUTHORIZED_USER_FILE = os.path.join(DATA_DIR, "authorized_user.json")
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]32
33with open(AUTHORIZED_USER_FILE) as fh:
34 AUTHORIZED_USER_FILE_DATA = json.load(fh)
35
Thea Flowersa8d93482018-05-31 14:52:06 -0700[diff] [blame]36AUTHORIZED_USER_CLOUD_SDK_FILE = os.path.join(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]37 DATA_DIR, "authorized_user_cloud_sdk.json"
38)
Thea Flowersa8d93482018-05-31 14:52:06 -0700[diff] [blame]39
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]40SERVICE_ACCOUNT_FILE = os.path.join(DATA_DIR, "service_account.json")
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]41
42with open(SERVICE_ACCOUNT_FILE) as fh:
43 SERVICE_ACCOUNT_FILE_DATA = json.load(fh)
44
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]45LOAD_FILE_PATCH = mock.patch(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]46 "google.auth._default._load_credentials_from_file",
47 return_value=(mock.sentinel.credentials, mock.sentinel.project_id),
48 autospec=True,
49)
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]50
51
weitaiting6e86c932017-08-12 03:26:59 +0800[diff] [blame]52def test__load_credentials_from_missing_file():
53 with pytest.raises(exceptions.DefaultCredentialsError) as excinfo:
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]54 _default._load_credentials_from_file("")
weitaiting6e86c932017-08-12 03:26:59 +0800[diff] [blame]55
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]56 assert excinfo.match(r"not found")
weitaiting6e86c932017-08-12 03:26:59 +0800[diff] [blame]57
58
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]59def test__load_credentials_from_file_invalid_json(tmpdir):
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]60 jsonfile = tmpdir.join("invalid.json")
61 jsonfile.write("{")
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]62
63 with pytest.raises(exceptions.DefaultCredentialsError) as excinfo:
64 _default._load_credentials_from_file(str(jsonfile))
65
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]66 assert excinfo.match(r"not a valid json file")
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]67
68
69def test__load_credentials_from_file_invalid_type(tmpdir):
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]70 jsonfile = tmpdir.join("invalid.json")
71 jsonfile.write(json.dumps({"type": "not-a-real-type"}))
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]72
73 with pytest.raises(exceptions.DefaultCredentialsError) as excinfo:
74 _default._load_credentials_from_file(str(jsonfile))
75
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]76 assert excinfo.match(r"does not have a valid type")
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]77
78
79def test__load_credentials_from_file_authorized_user():
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]80 credentials, project_id = _default._load_credentials_from_file(AUTHORIZED_USER_FILE)
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]81 assert isinstance(credentials, google.oauth2.credentials.Credentials)
82 assert project_id is None
83
84
85def test__load_credentials_from_file_authorized_user_bad_format(tmpdir):
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]86 filename = tmpdir.join("authorized_user_bad.json")
87 filename.write(json.dumps({"type": "authorized_user"}))
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]88
89 with pytest.raises(exceptions.DefaultCredentialsError) as excinfo:
90 _default._load_credentials_from_file(str(filename))
91
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]92 assert excinfo.match(r"Failed to load authorized user")
93 assert excinfo.match(r"missing fields")
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]94
95
Thea Flowersa8d93482018-05-31 14:52:06 -0700[diff] [blame]96def test__load_credentials_from_file_authorized_user_cloud_sdk():
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]97 with pytest.warns(UserWarning, match="Cloud SDK"):
Thea Flowersa8d93482018-05-31 14:52:06 -0700[diff] [blame]98 credentials, project_id = _default._load_credentials_from_file(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]99 AUTHORIZED_USER_CLOUD_SDK_FILE
100 )
Thea Flowersa8d93482018-05-31 14:52:06 -0700[diff] [blame]101 assert isinstance(credentials, google.oauth2.credentials.Credentials)
102 assert project_id is None
103
104
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]105def test__load_credentials_from_file_service_account():
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]106 credentials, project_id = _default._load_credentials_from_file(SERVICE_ACCOUNT_FILE)
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]107 assert isinstance(credentials, service_account.Credentials)
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]108 assert project_id == SERVICE_ACCOUNT_FILE_DATA["project_id"]
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]109
110
111def test__load_credentials_from_file_service_account_bad_format(tmpdir):
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]112 filename = tmpdir.join("serivce_account_bad.json")
113 filename.write(json.dumps({"type": "service_account"}))
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]114
115 with pytest.raises(exceptions.DefaultCredentialsError) as excinfo:
116 _default._load_credentials_from_file(str(filename))
117
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]118 assert excinfo.match(r"Failed to load service account")
119 assert excinfo.match(r"missing fields")
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]120
121
122@mock.patch.dict(os.environ, {}, clear=True)
123def test__get_explicit_environ_credentials_no_env():
124 assert _default._get_explicit_environ_credentials() == (None, None)
125
126
127@LOAD_FILE_PATCH
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]128def test__get_explicit_environ_credentials(load, monkeypatch):
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]129 monkeypatch.setenv(environment_vars.CREDENTIALS, "filename")
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]130
131 credentials, project_id = _default._get_explicit_environ_credentials()
132
133 assert credentials is mock.sentinel.credentials
134 assert project_id is mock.sentinel.project_id
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]135 load.assert_called_with("filename")
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]136
137
138@LOAD_FILE_PATCH
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]139def test__get_explicit_environ_credentials_no_project_id(load, monkeypatch):
140 load.return_value = mock.sentinel.credentials, None
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]141 monkeypatch.setenv(environment_vars.CREDENTIALS, "filename")
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]142
143 credentials, project_id = _default._get_explicit_environ_credentials()
144
145 assert credentials is mock.sentinel.credentials
146 assert project_id is None
147
148
149@LOAD_FILE_PATCH
Jon Wayne Parrott8784b232016-11-10 12:53:55 -0800[diff] [blame]150@mock.patch(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]151 "google.auth._cloud_sdk.get_application_default_credentials_path", autospec=True
152)
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]153def test__get_gcloud_sdk_credentials(get_adc_path, load):
154 get_adc_path.return_value = SERVICE_ACCOUNT_FILE
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]155
156 credentials, project_id = _default._get_gcloud_sdk_credentials()
157
158 assert credentials is mock.sentinel.credentials
159 assert project_id is mock.sentinel.project_id
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]160 load.assert_called_with(SERVICE_ACCOUNT_FILE)
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]161
162
Jon Wayne Parrott8784b232016-11-10 12:53:55 -0800[diff] [blame]163@mock.patch(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]164 "google.auth._cloud_sdk.get_application_default_credentials_path", autospec=True
165)
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]166def test__get_gcloud_sdk_credentials_non_existent(get_adc_path, tmpdir):
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]167 non_existent = tmpdir.join("non-existent")
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]168 get_adc_path.return_value = str(non_existent)
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]169
170 credentials, project_id = _default._get_gcloud_sdk_credentials()
171
172 assert credentials is None
173 assert project_id is None
174
175
176@mock.patch(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]177 "google.auth._cloud_sdk.get_project_id",
178 return_value=mock.sentinel.project_id,
179 autospec=True,
180)
181@mock.patch("os.path.isfile", return_value=True, autospec=True)
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]182@LOAD_FILE_PATCH
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]183def test__get_gcloud_sdk_credentials_project_id(load, unused_isfile, get_project_id):
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]184 # Don't return a project ID from load file, make the function check
185 # the Cloud SDK project.
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]186 load.return_value = mock.sentinel.credentials, None
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]187
188 credentials, project_id = _default._get_gcloud_sdk_credentials()
189
190 assert credentials == mock.sentinel.credentials
191 assert project_id == mock.sentinel.project_id
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]192 assert get_project_id.called
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]193
194
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]195@mock.patch("google.auth._cloud_sdk.get_project_id", return_value=None, autospec=True)
196@mock.patch("os.path.isfile", return_value=True)
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]197@LOAD_FILE_PATCH
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]198def test__get_gcloud_sdk_credentials_no_project_id(load, unused_isfile, get_project_id):
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]199 # Don't return a project ID from load file, make the function check
200 # the Cloud SDK project.
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]201 load.return_value = mock.sentinel.credentials, None
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]202
203 credentials, project_id = _default._get_gcloud_sdk_credentials()
204
205 assert credentials == mock.sentinel.credentials
206 assert project_id is None
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]207 assert get_project_id.called
208
209
210class _AppIdentityModule(object):
211 """The interface of the App Idenity app engine module.
212 See https://cloud.google.com/appengine/docs/standard/python/refdocs\
213 /google.appengine.api.app_identity.app_identity
214 """
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]215
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]216 def get_application_id(self):
217 raise NotImplementedError()
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]218
219
Jon Wayne Parrott2148fde2016-10-24 13:44:25 -0700[diff] [blame]220@pytest.fixture
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]221def app_identity(monkeypatch):
Jon Wayne Parrott2148fde2016-10-24 13:44:25 -0700[diff] [blame]222 """Mocks the app_identity module for google.auth.app_engine."""
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]223 app_identity_module = mock.create_autospec(_AppIdentityModule, instance=True)
224 monkeypatch.setattr(app_engine, "app_identity", app_identity_module)
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]225 yield app_identity_module
Jon Wayne Parrott2148fde2016-10-24 13:44:25 -0700[diff] [blame]226
227
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]228def test__get_gae_credentials(app_identity):
229 app_identity.get_application_id.return_value = mock.sentinel.project
Jon Wayne Parrott2148fde2016-10-24 13:44:25 -0700[diff] [blame]230
231 credentials, project_id = _default._get_gae_credentials()
232
233 assert isinstance(credentials, app_engine.Credentials)
234 assert project_id == mock.sentinel.project
235
236
James Wilson6e0781b2018-12-20 20:38:52 -0500[diff] [blame]237def test__get_gae_credentials_no_app_engine():
238 import sys
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]239
240 with mock.patch.dict("sys.modules"):
241 sys.modules["google.auth.app_engine"] = None
James Wilson6e0781b2018-12-20 20:38:52 -0500[diff] [blame]242 credentials, project_id = _default._get_gae_credentials()
243 assert credentials is None
244 assert project_id is None
245
246
Jon Wayne Parrott2148fde2016-10-24 13:44:25 -0700[diff] [blame]247def test__get_gae_credentials_no_apis():
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]248 assert _default._get_gae_credentials() == (None, None)
249
250
251@mock.patch(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]252 "google.auth.compute_engine._metadata.ping", return_value=True, autospec=True
253)
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]254@mock.patch(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]255 "google.auth.compute_engine._metadata.get_project_id",
256 return_value="example-project",
257 autospec=True,
258)
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]259def test__get_gce_credentials(unused_get, unused_ping):
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]260 credentials, project_id = _default._get_gce_credentials()
261
262 assert isinstance(credentials, compute_engine.Credentials)
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]263 assert project_id == "example-project"
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]264
265
Jon Wayne Parrott8784b232016-11-10 12:53:55 -0800[diff] [blame]266@mock.patch(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]267 "google.auth.compute_engine._metadata.ping", return_value=False, autospec=True
268)
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]269def test__get_gce_credentials_no_ping(unused_ping):
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]270 credentials, project_id = _default._get_gce_credentials()
271
272 assert credentials is None
273 assert project_id is None
274
275
276@mock.patch(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]277 "google.auth.compute_engine._metadata.ping", return_value=True, autospec=True
278)
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]279@mock.patch(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]280 "google.auth.compute_engine._metadata.get_project_id",
281 side_effect=exceptions.TransportError(),
282 autospec=True,
283)
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]284def test__get_gce_credentials_no_project_id(unused_get, unused_ping):
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]285 credentials, project_id = _default._get_gce_credentials()
286
287 assert isinstance(credentials, compute_engine.Credentials)
288 assert project_id is None
289
290
James Wilson6e0781b2018-12-20 20:38:52 -0500[diff] [blame]291def test__get_gce_credentials_no_compute_engine():
292 import sys
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]293
294 with mock.patch.dict("sys.modules"):
295 sys.modules["google.auth.compute_engine"] = None
James Wilson6e0781b2018-12-20 20:38:52 -0500[diff] [blame]296 credentials, project_id = _default._get_gce_credentials()
297 assert credentials is None
298 assert project_id is None
299
300
Jon Wayne Parrott8784b232016-11-10 12:53:55 -0800[diff] [blame]301@mock.patch(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]302 "google.auth.compute_engine._metadata.ping", return_value=False, autospec=True
303)
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]304def test__get_gce_credentials_explicit_request(ping):
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]305 _default._get_gce_credentials(mock.sentinel.request)
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]306 ping.assert_called_with(request=mock.sentinel.request)
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]307
308
309@mock.patch(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]310 "google.auth._default._get_explicit_environ_credentials",
Jon Wayne Parrott8784b232016-11-10 12:53:55 -0800[diff] [blame]311 return_value=(mock.sentinel.credentials, mock.sentinel.project_id),
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]312 autospec=True,
313)
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]314def test_default_early_out(unused_get):
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]315 assert _default.default() == (mock.sentinel.credentials, mock.sentinel.project_id)
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]316
317
318@mock.patch(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]319 "google.auth._default._get_explicit_environ_credentials",
Jon Wayne Parrott8784b232016-11-10 12:53:55 -0800[diff] [blame]320 return_value=(mock.sentinel.credentials, mock.sentinel.project_id),
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]321 autospec=True,
322)
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]323def test_default_explict_project_id(unused_get, monkeypatch):
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]324 monkeypatch.setenv(environment_vars.PROJECT, "explicit-env")
325 assert _default.default() == (mock.sentinel.credentials, "explicit-env")
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]326
327
328@mock.patch(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]329 "google.auth._default._get_explicit_environ_credentials",
Jon Wayne Parrott8784b232016-11-10 12:53:55 -0800[diff] [blame]330 return_value=(mock.sentinel.credentials, mock.sentinel.project_id),
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]331 autospec=True,
332)
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]333def test_default_explict_legacy_project_id(unused_get, monkeypatch):
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]334 monkeypatch.setenv(environment_vars.LEGACY_PROJECT, "explicit-env")
335 assert _default.default() == (mock.sentinel.credentials, "explicit-env")
Jon Wayne Parrottce37cba2016-11-07 16:41:42 -0800[diff] [blame]336
337
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]338@mock.patch("logging.Logger.warning", autospec=True)
Jon Wayne Parrottce37cba2016-11-07 16:41:42 -0800[diff] [blame]339@mock.patch(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]340 "google.auth._default._get_explicit_environ_credentials",
341 return_value=(mock.sentinel.credentials, None),
342 autospec=True,
343)
Jacob Hayes15af07b2017-12-13 14:09:47 -0600[diff] [blame]344@mock.patch(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]345 "google.auth._default._get_gcloud_sdk_credentials",
346 return_value=(mock.sentinel.credentials, None),
347 autospec=True,
348)
Jacob Hayes15af07b2017-12-13 14:09:47 -0600[diff] [blame]349@mock.patch(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]350 "google.auth._default._get_gae_credentials",
351 return_value=(mock.sentinel.credentials, None),
352 autospec=True,
353)
Jacob Hayes15af07b2017-12-13 14:09:47 -0600[diff] [blame]354@mock.patch(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]355 "google.auth._default._get_gce_credentials",
356 return_value=(mock.sentinel.credentials, None),
357 autospec=True,
358)
Jacob Hayes15af07b2017-12-13 14:09:47 -0600[diff] [blame]359def test_default_without_project_id(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]360 unused_gce, unused_gae, unused_sdk, unused_explicit, logger_warning
361):
362 assert _default.default() == (mock.sentinel.credentials, None)
Jacob Hayes15af07b2017-12-13 14:09:47 -0600[diff] [blame]363 logger_warning.assert_called_with(mock.ANY, mock.ANY, mock.ANY)
364
365
366@mock.patch(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]367 "google.auth._default._get_explicit_environ_credentials",
368 return_value=(None, None),
369 autospec=True,
370)
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]371@mock.patch(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]372 "google.auth._default._get_gcloud_sdk_credentials",
373 return_value=(None, None),
374 autospec=True,
375)
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]376@mock.patch(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]377 "google.auth._default._get_gae_credentials",
378 return_value=(None, None),
379 autospec=True,
380)
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]381@mock.patch(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]382 "google.auth._default._get_gce_credentials",
383 return_value=(None, None),
384 autospec=True,
385)
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]386def test_default_fail(unused_gce, unused_gae, unused_sdk, unused_explicit):
387 with pytest.raises(exceptions.DefaultCredentialsError):
388 assert _default.default()
Jon Wayne Parrott8a7e5062016-11-07 16:45:17 -0800[diff] [blame]389
390
391@mock.patch(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]392 "google.auth._default._get_explicit_environ_credentials",
Jon Wayne Parrott8784b232016-11-10 12:53:55 -0800[diff] [blame]393 return_value=(mock.sentinel.credentials, mock.sentinel.project_id),
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]394 autospec=True,
395)
396@mock.patch("google.auth.credentials.with_scopes_if_required", autospec=True)
Jacob Hayes15af07b2017-12-13 14:09:47 -0600[diff] [blame]397def test_default_scoped(with_scopes, unused_get):
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]398 scopes = ["one", "two"]
Jon Wayne Parrott8a7e5062016-11-07 16:45:17 -0800[diff] [blame]399
400 credentials, project_id = _default.default(scopes=scopes)
401
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]402 assert credentials == with_scopes.return_value
Jon Wayne Parrott8a7e5062016-11-07 16:45:17 -0800[diff] [blame]403 assert project_id == mock.sentinel.project_id
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]404 with_scopes.assert_called_once_with(mock.sentinel.credentials, scopes)
James Wilson6e0781b2018-12-20 20:38:52 -0500[diff] [blame]405
406
407@mock.patch(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]408 "google.auth._default._get_explicit_environ_credentials",
James Wilson6e0781b2018-12-20 20:38:52 -0500[diff] [blame]409 return_value=(mock.sentinel.credentials, mock.sentinel.project_id),
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]410 autospec=True,
411)
James Wilson6e0781b2018-12-20 20:38:52 -0500[diff] [blame]412def test_default_no_app_engine_compute_engine_module(unused_get):
413 """
414 google.auth.compute_engine and google.auth.app_engine are both optional
415 to allow not including them when using this package. This verifies
416 that default fails gracefully if these modules are absent
417 """
418 import sys
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]419
420 with mock.patch.dict("sys.modules"):
421 sys.modules["google.auth.compute_engine"] = None
422 sys.modules["google.auth.app_engine"] = None
James Wilson6e0781b2018-12-20 20:38:52 -0500[diff] [blame]423 assert _default.default() == (
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame^]424 mock.sentinel.credentials,
425 mock.sentinel.project_id,
426 )