Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / google-auth-library-python / f30b45a9b2f824c494724548732c5ce838218c30 / . / tests / test__default.py
blob: b769fc78460b7046c467802da17bdf8f33f04a9f [file] [log] [blame]
C.J. Collier37141e42020-02-13 13:49:49 -0800[diff] [blame]1# Copyright 2016 Google LLC
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]2#
3# Licensed under the Apache License, Version 2.0 (the "License");
4# you may not use this file except in compliance with the License.
5# You may obtain a copy of the License at
6#
7# http://www.apache.org/licenses/LICENSE-2.0
8#
9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS,
11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12# See the License for the specific language governing permissions and
13# limitations under the License.
14
15import json
16import os
17
18import mock
19import pytest
20
21from google.auth import _default
Jon Wayne Parrott2148fde2016-10-24 13:44:25 -0700[diff] [blame]22from google.auth import app_engine
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]23from google.auth import compute_engine
24from google.auth import environment_vars
25from google.auth import exceptions
26from google.oauth2 import service_account
27import google.oauth2.credentials
28
29
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]30DATA_DIR = os.path.join(os.path.dirname(__file__), "data")
31AUTHORIZED_USER_FILE = os.path.join(DATA_DIR, "authorized_user.json")
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]32
33with open(AUTHORIZED_USER_FILE) as fh:
34 AUTHORIZED_USER_FILE_DATA = json.load(fh)
35
Thea Flowersa8d93482018-05-31 14:52:06 -0700[diff] [blame]36AUTHORIZED_USER_CLOUD_SDK_FILE = os.path.join(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]37 DATA_DIR, "authorized_user_cloud_sdk.json"
38)
Thea Flowersa8d93482018-05-31 14:52:06 -0700[diff] [blame]39
arithmetic1728f30b45a2020-06-17 23:36:04 -0700[diff] [blame^]40AUTHORIZED_USER_CLOUD_SDK_WITH_QUOTA_PROJECT_ID_FILE = os.path.join(
41 DATA_DIR, "authorized_user_cloud_sdk_with_quota_project_id.json"
42)
43
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]44SERVICE_ACCOUNT_FILE = os.path.join(DATA_DIR, "service_account.json")
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]45
46with open(SERVICE_ACCOUNT_FILE) as fh:
47 SERVICE_ACCOUNT_FILE_DATA = json.load(fh)
48
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]49LOAD_FILE_PATCH = mock.patch(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]50 "google.auth._default._load_credentials_from_file",
51 return_value=(mock.sentinel.credentials, mock.sentinel.project_id),
52 autospec=True,
53)
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]54
55
weitaiting6e86c932017-08-12 03:26:59 +0800[diff] [blame]56def test__load_credentials_from_missing_file():
57 with pytest.raises(exceptions.DefaultCredentialsError) as excinfo:
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]58 _default._load_credentials_from_file("")
weitaiting6e86c932017-08-12 03:26:59 +0800[diff] [blame]59
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]60 assert excinfo.match(r"not found")
weitaiting6e86c932017-08-12 03:26:59 +0800[diff] [blame]61
62
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]63def test__load_credentials_from_file_invalid_json(tmpdir):
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]64 jsonfile = tmpdir.join("invalid.json")
65 jsonfile.write("{")
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]66
67 with pytest.raises(exceptions.DefaultCredentialsError) as excinfo:
68 _default._load_credentials_from_file(str(jsonfile))
69
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]70 assert excinfo.match(r"not a valid json file")
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]71
72
73def test__load_credentials_from_file_invalid_type(tmpdir):
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]74 jsonfile = tmpdir.join("invalid.json")
75 jsonfile.write(json.dumps({"type": "not-a-real-type"}))
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]76
77 with pytest.raises(exceptions.DefaultCredentialsError) as excinfo:
78 _default._load_credentials_from_file(str(jsonfile))
79
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]80 assert excinfo.match(r"does not have a valid type")
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]81
82
83def test__load_credentials_from_file_authorized_user():
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]84 credentials, project_id = _default._load_credentials_from_file(AUTHORIZED_USER_FILE)
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]85 assert isinstance(credentials, google.oauth2.credentials.Credentials)
86 assert project_id is None
87
88
89def test__load_credentials_from_file_authorized_user_bad_format(tmpdir):
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]90 filename = tmpdir.join("authorized_user_bad.json")
91 filename.write(json.dumps({"type": "authorized_user"}))
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]92
93 with pytest.raises(exceptions.DefaultCredentialsError) as excinfo:
94 _default._load_credentials_from_file(str(filename))
95
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]96 assert excinfo.match(r"Failed to load authorized user")
97 assert excinfo.match(r"missing fields")
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]98
99
Thea Flowersa8d93482018-05-31 14:52:06 -0700[diff] [blame]100def test__load_credentials_from_file_authorized_user_cloud_sdk():
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]101 with pytest.warns(UserWarning, match="Cloud SDK"):
Thea Flowersa8d93482018-05-31 14:52:06 -0700[diff] [blame]102 credentials, project_id = _default._load_credentials_from_file(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]103 AUTHORIZED_USER_CLOUD_SDK_FILE
104 )
Thea Flowersa8d93482018-05-31 14:52:06 -0700[diff] [blame]105 assert isinstance(credentials, google.oauth2.credentials.Credentials)
106 assert project_id is None
107
arithmetic1728f30b45a2020-06-17 23:36:04 -0700[diff] [blame^]108 # No warning if the json file has quota project id.
109 credentials, project_id = _default._load_credentials_from_file(
110 AUTHORIZED_USER_CLOUD_SDK_WITH_QUOTA_PROJECT_ID_FILE
111 )
112 assert isinstance(credentials, google.oauth2.credentials.Credentials)
113 assert project_id is None
114
Thea Flowersa8d93482018-05-31 14:52:06 -0700[diff] [blame]115
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]116def test__load_credentials_from_file_service_account():
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]117 credentials, project_id = _default._load_credentials_from_file(SERVICE_ACCOUNT_FILE)
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]118 assert isinstance(credentials, service_account.Credentials)
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]119 assert project_id == SERVICE_ACCOUNT_FILE_DATA["project_id"]
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]120
121
122def test__load_credentials_from_file_service_account_bad_format(tmpdir):
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]123 filename = tmpdir.join("serivce_account_bad.json")
124 filename.write(json.dumps({"type": "service_account"}))
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]125
126 with pytest.raises(exceptions.DefaultCredentialsError) as excinfo:
127 _default._load_credentials_from_file(str(filename))
128
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]129 assert excinfo.match(r"Failed to load service account")
130 assert excinfo.match(r"missing fields")
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]131
132
133@mock.patch.dict(os.environ, {}, clear=True)
134def test__get_explicit_environ_credentials_no_env():
135 assert _default._get_explicit_environ_credentials() == (None, None)
136
137
138@LOAD_FILE_PATCH
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]139def test__get_explicit_environ_credentials(load, monkeypatch):
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]140 monkeypatch.setenv(environment_vars.CREDENTIALS, "filename")
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]141
142 credentials, project_id = _default._get_explicit_environ_credentials()
143
144 assert credentials is mock.sentinel.credentials
145 assert project_id is mock.sentinel.project_id
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]146 load.assert_called_with("filename")
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]147
148
149@LOAD_FILE_PATCH
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]150def test__get_explicit_environ_credentials_no_project_id(load, monkeypatch):
151 load.return_value = mock.sentinel.credentials, None
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]152 monkeypatch.setenv(environment_vars.CREDENTIALS, "filename")
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]153
154 credentials, project_id = _default._get_explicit_environ_credentials()
155
156 assert credentials is mock.sentinel.credentials
157 assert project_id is None
158
159
160@LOAD_FILE_PATCH
Jon Wayne Parrott8784b232016-11-10 12:53:55 -0800[diff] [blame]161@mock.patch(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]162 "google.auth._cloud_sdk.get_application_default_credentials_path", autospec=True
163)
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]164def test__get_gcloud_sdk_credentials(get_adc_path, load):
165 get_adc_path.return_value = SERVICE_ACCOUNT_FILE
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]166
167 credentials, project_id = _default._get_gcloud_sdk_credentials()
168
169 assert credentials is mock.sentinel.credentials
170 assert project_id is mock.sentinel.project_id
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]171 load.assert_called_with(SERVICE_ACCOUNT_FILE)
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]172
173
Jon Wayne Parrott8784b232016-11-10 12:53:55 -0800[diff] [blame]174@mock.patch(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]175 "google.auth._cloud_sdk.get_application_default_credentials_path", autospec=True
176)
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]177def test__get_gcloud_sdk_credentials_non_existent(get_adc_path, tmpdir):
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]178 non_existent = tmpdir.join("non-existent")
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]179 get_adc_path.return_value = str(non_existent)
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]180
181 credentials, project_id = _default._get_gcloud_sdk_credentials()
182
183 assert credentials is None
184 assert project_id is None
185
186
187@mock.patch(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]188 "google.auth._cloud_sdk.get_project_id",
189 return_value=mock.sentinel.project_id,
190 autospec=True,
191)
192@mock.patch("os.path.isfile", return_value=True, autospec=True)
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]193@LOAD_FILE_PATCH
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]194def test__get_gcloud_sdk_credentials_project_id(load, unused_isfile, get_project_id):
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]195 # Don't return a project ID from load file, make the function check
196 # the Cloud SDK project.
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]197 load.return_value = mock.sentinel.credentials, None
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]198
199 credentials, project_id = _default._get_gcloud_sdk_credentials()
200
201 assert credentials == mock.sentinel.credentials
202 assert project_id == mock.sentinel.project_id
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]203 assert get_project_id.called
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]204
205
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]206@mock.patch("google.auth._cloud_sdk.get_project_id", return_value=None, autospec=True)
207@mock.patch("os.path.isfile", return_value=True)
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]208@LOAD_FILE_PATCH
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]209def test__get_gcloud_sdk_credentials_no_project_id(load, unused_isfile, get_project_id):
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]210 # Don't return a project ID from load file, make the function check
211 # the Cloud SDK project.
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]212 load.return_value = mock.sentinel.credentials, None
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]213
214 credentials, project_id = _default._get_gcloud_sdk_credentials()
215
216 assert credentials == mock.sentinel.credentials
217 assert project_id is None
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]218 assert get_project_id.called
219
220
221class _AppIdentityModule(object):
222 """The interface of the App Idenity app engine module.
223 See https://cloud.google.com/appengine/docs/standard/python/refdocs\
224 /google.appengine.api.app_identity.app_identity
225 """
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]226
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]227 def get_application_id(self):
228 raise NotImplementedError()
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]229
230
Jon Wayne Parrott2148fde2016-10-24 13:44:25 -0700[diff] [blame]231@pytest.fixture
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]232def app_identity(monkeypatch):
Jon Wayne Parrott2148fde2016-10-24 13:44:25 -0700[diff] [blame]233 """Mocks the app_identity module for google.auth.app_engine."""
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]234 app_identity_module = mock.create_autospec(_AppIdentityModule, instance=True)
235 monkeypatch.setattr(app_engine, "app_identity", app_identity_module)
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]236 yield app_identity_module
Jon Wayne Parrott2148fde2016-10-24 13:44:25 -0700[diff] [blame]237
238
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]239def test__get_gae_credentials(app_identity):
240 app_identity.get_application_id.return_value = mock.sentinel.project
Jon Wayne Parrott2148fde2016-10-24 13:44:25 -0700[diff] [blame]241
242 credentials, project_id = _default._get_gae_credentials()
243
244 assert isinstance(credentials, app_engine.Credentials)
245 assert project_id == mock.sentinel.project
246
247
James Wilson6e0781b2018-12-20 20:38:52 -0500[diff] [blame]248def test__get_gae_credentials_no_app_engine():
249 import sys
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]250
251 with mock.patch.dict("sys.modules"):
252 sys.modules["google.auth.app_engine"] = None
James Wilson6e0781b2018-12-20 20:38:52 -0500[diff] [blame]253 credentials, project_id = _default._get_gae_credentials()
254 assert credentials is None
255 assert project_id is None
256
257
Jon Wayne Parrott2148fde2016-10-24 13:44:25 -0700[diff] [blame]258def test__get_gae_credentials_no_apis():
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]259 assert _default._get_gae_credentials() == (None, None)
260
261
262@mock.patch(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]263 "google.auth.compute_engine._metadata.ping", return_value=True, autospec=True
264)
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]265@mock.patch(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]266 "google.auth.compute_engine._metadata.get_project_id",
267 return_value="example-project",
268 autospec=True,
269)
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]270def test__get_gce_credentials(unused_get, unused_ping):
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]271 credentials, project_id = _default._get_gce_credentials()
272
273 assert isinstance(credentials, compute_engine.Credentials)
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]274 assert project_id == "example-project"
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]275
276
Jon Wayne Parrott8784b232016-11-10 12:53:55 -0800[diff] [blame]277@mock.patch(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]278 "google.auth.compute_engine._metadata.ping", return_value=False, autospec=True
279)
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]280def test__get_gce_credentials_no_ping(unused_ping):
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]281 credentials, project_id = _default._get_gce_credentials()
282
283 assert credentials is None
284 assert project_id is None
285
286
287@mock.patch(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]288 "google.auth.compute_engine._metadata.ping", return_value=True, autospec=True
289)
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]290@mock.patch(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]291 "google.auth.compute_engine._metadata.get_project_id",
292 side_effect=exceptions.TransportError(),
293 autospec=True,
294)
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]295def test__get_gce_credentials_no_project_id(unused_get, unused_ping):
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]296 credentials, project_id = _default._get_gce_credentials()
297
298 assert isinstance(credentials, compute_engine.Credentials)
299 assert project_id is None
300
301
James Wilson6e0781b2018-12-20 20:38:52 -0500[diff] [blame]302def test__get_gce_credentials_no_compute_engine():
303 import sys
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]304
305 with mock.patch.dict("sys.modules"):
306 sys.modules["google.auth.compute_engine"] = None
James Wilson6e0781b2018-12-20 20:38:52 -0500[diff] [blame]307 credentials, project_id = _default._get_gce_credentials()
308 assert credentials is None
309 assert project_id is None
310
311
Jon Wayne Parrott8784b232016-11-10 12:53:55 -0800[diff] [blame]312@mock.patch(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]313 "google.auth.compute_engine._metadata.ping", return_value=False, autospec=True
314)
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]315def test__get_gce_credentials_explicit_request(ping):
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]316 _default._get_gce_credentials(mock.sentinel.request)
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]317 ping.assert_called_with(request=mock.sentinel.request)
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]318
319
320@mock.patch(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]321 "google.auth._default._get_explicit_environ_credentials",
Jon Wayne Parrott8784b232016-11-10 12:53:55 -0800[diff] [blame]322 return_value=(mock.sentinel.credentials, mock.sentinel.project_id),
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]323 autospec=True,
324)
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]325def test_default_early_out(unused_get):
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]326 assert _default.default() == (mock.sentinel.credentials, mock.sentinel.project_id)
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]327
328
329@mock.patch(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]330 "google.auth._default._get_explicit_environ_credentials",
Jon Wayne Parrott8784b232016-11-10 12:53:55 -0800[diff] [blame]331 return_value=(mock.sentinel.credentials, mock.sentinel.project_id),
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]332 autospec=True,
333)
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]334def test_default_explict_project_id(unused_get, monkeypatch):
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]335 monkeypatch.setenv(environment_vars.PROJECT, "explicit-env")
336 assert _default.default() == (mock.sentinel.credentials, "explicit-env")
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]337
338
339@mock.patch(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]340 "google.auth._default._get_explicit_environ_credentials",
Jon Wayne Parrott8784b232016-11-10 12:53:55 -0800[diff] [blame]341 return_value=(mock.sentinel.credentials, mock.sentinel.project_id),
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]342 autospec=True,
343)
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]344def test_default_explict_legacy_project_id(unused_get, monkeypatch):
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]345 monkeypatch.setenv(environment_vars.LEGACY_PROJECT, "explicit-env")
346 assert _default.default() == (mock.sentinel.credentials, "explicit-env")
Jon Wayne Parrottce37cba2016-11-07 16:41:42 -0800[diff] [blame]347
348
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]349@mock.patch("logging.Logger.warning", autospec=True)
Jon Wayne Parrottce37cba2016-11-07 16:41:42 -0800[diff] [blame]350@mock.patch(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]351 "google.auth._default._get_explicit_environ_credentials",
352 return_value=(mock.sentinel.credentials, None),
353 autospec=True,
354)
Jacob Hayes15af07b2017-12-13 14:09:47 -0600[diff] [blame]355@mock.patch(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]356 "google.auth._default._get_gcloud_sdk_credentials",
357 return_value=(mock.sentinel.credentials, None),
358 autospec=True,
359)
Jacob Hayes15af07b2017-12-13 14:09:47 -0600[diff] [blame]360@mock.patch(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]361 "google.auth._default._get_gae_credentials",
362 return_value=(mock.sentinel.credentials, None),
363 autospec=True,
364)
Jacob Hayes15af07b2017-12-13 14:09:47 -0600[diff] [blame]365@mock.patch(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]366 "google.auth._default._get_gce_credentials",
367 return_value=(mock.sentinel.credentials, None),
368 autospec=True,
369)
Jacob Hayes15af07b2017-12-13 14:09:47 -0600[diff] [blame]370def test_default_without_project_id(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]371 unused_gce, unused_gae, unused_sdk, unused_explicit, logger_warning
372):
373 assert _default.default() == (mock.sentinel.credentials, None)
Jacob Hayes15af07b2017-12-13 14:09:47 -0600[diff] [blame]374 logger_warning.assert_called_with(mock.ANY, mock.ANY, mock.ANY)
375
376
377@mock.patch(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]378 "google.auth._default._get_explicit_environ_credentials",
379 return_value=(None, None),
380 autospec=True,
381)
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]382@mock.patch(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]383 "google.auth._default._get_gcloud_sdk_credentials",
384 return_value=(None, None),
385 autospec=True,
386)
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]387@mock.patch(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]388 "google.auth._default._get_gae_credentials",
389 return_value=(None, None),
390 autospec=True,
391)
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]392@mock.patch(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]393 "google.auth._default._get_gce_credentials",
394 return_value=(None, None),
395 autospec=True,
396)
Jon Wayne Parrottaadb3de2016-10-19 09:34:05 -0700[diff] [blame]397def test_default_fail(unused_gce, unused_gae, unused_sdk, unused_explicit):
398 with pytest.raises(exceptions.DefaultCredentialsError):
399 assert _default.default()
Jon Wayne Parrott8a7e5062016-11-07 16:45:17 -0800[diff] [blame]400
401
402@mock.patch(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]403 "google.auth._default._get_explicit_environ_credentials",
Jon Wayne Parrott8784b232016-11-10 12:53:55 -0800[diff] [blame]404 return_value=(mock.sentinel.credentials, mock.sentinel.project_id),
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]405 autospec=True,
406)
407@mock.patch("google.auth.credentials.with_scopes_if_required", autospec=True)
Jacob Hayes15af07b2017-12-13 14:09:47 -0600[diff] [blame]408def test_default_scoped(with_scopes, unused_get):
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]409 scopes = ["one", "two"]
Jon Wayne Parrott8a7e5062016-11-07 16:45:17 -0800[diff] [blame]410
411 credentials, project_id = _default.default(scopes=scopes)
412
Jon Wayne Parrott78fec2c2017-06-30 10:25:08 -0700[diff] [blame]413 assert credentials == with_scopes.return_value
Jon Wayne Parrott8a7e5062016-11-07 16:45:17 -0800[diff] [blame]414 assert project_id == mock.sentinel.project_id
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]415 with_scopes.assert_called_once_with(mock.sentinel.credentials, scopes)
James Wilson6e0781b2018-12-20 20:38:52 -0500[diff] [blame]416
417
418@mock.patch(
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]419 "google.auth._default._get_explicit_environ_credentials",
James Wilson6e0781b2018-12-20 20:38:52 -0500[diff] [blame]420 return_value=(mock.sentinel.credentials, mock.sentinel.project_id),
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]421 autospec=True,
422)
James Wilson6e0781b2018-12-20 20:38:52 -0500[diff] [blame]423def test_default_no_app_engine_compute_engine_module(unused_get):
424 """
425 google.auth.compute_engine and google.auth.app_engine are both optional
426 to allow not including them when using this package. This verifies
427 that default fails gracefully if these modules are absent
428 """
429 import sys
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]430
431 with mock.patch.dict("sys.modules"):
432 sys.modules["google.auth.compute_engine"] = None
433 sys.modules["google.auth.app_engine"] = None
James Wilson6e0781b2018-12-20 20:38:52 -0500[diff] [blame]434 assert _default.default() == (
Bu Sun Kim9eec0912019-10-21 17:04:21 -0700[diff] [blame]435 mock.sentinel.credentials,
436 mock.sentinel.project_id,
437 )