|
|
|
@ -2206,13 +2206,13 @@ static int aws_external_account_creds_httpcli_post_success( |
|
|
|
|
class TestExternalAccountCredentials final |
|
|
|
|
: public grpc_core::ExternalAccountCredentials { |
|
|
|
|
public: |
|
|
|
|
TestExternalAccountCredentials(ExternalAccountCredentialsOptions options, |
|
|
|
|
TestExternalAccountCredentials(Options options, |
|
|
|
|
std::vector<std::string> scopes) |
|
|
|
|
: ExternalAccountCredentials(std::move(options), std::move(scopes)) {} |
|
|
|
|
|
|
|
|
|
protected: |
|
|
|
|
void RetrieveSubjectToken( |
|
|
|
|
HTTPRequestContext* ctx, const ExternalAccountCredentialsOptions& options, |
|
|
|
|
HTTPRequestContext* ctx, const Options& options, |
|
|
|
|
std::function<void(std::string, grpc_error*)> cb) override { |
|
|
|
|
cb("test_subject_token", GRPC_ERROR_NONE); |
|
|
|
|
} |
|
|
|
@ -2224,7 +2224,7 @@ static void test_external_account_creds_success(void) { |
|
|
|
|
grpc_auth_metadata_context auth_md_ctx = {test_service_url, test_method, |
|
|
|
|
nullptr, nullptr}; |
|
|
|
|
grpc_core::Json credential_source(""); |
|
|
|
|
TestExternalAccountCredentials::ExternalAccountCredentialsOptions options = { |
|
|
|
|
TestExternalAccountCredentials::Options options = { |
|
|
|
|
"external_account", // type;
|
|
|
|
|
"audience", // audience;
|
|
|
|
|
"subject_token_type", // subject_token_type;
|
|
|
|
@ -2262,7 +2262,7 @@ static void test_external_account_creds_success_with_url_encode(void) { |
|
|
|
|
grpc_auth_metadata_context auth_md_ctx = {test_service_url, test_method, |
|
|
|
|
nullptr, nullptr}; |
|
|
|
|
grpc_core::Json credential_source(""); |
|
|
|
|
TestExternalAccountCredentials::ExternalAccountCredentialsOptions options = { |
|
|
|
|
TestExternalAccountCredentials::Options options = { |
|
|
|
|
"external_account", // type;
|
|
|
|
|
"audience_!@#$", // audience;
|
|
|
|
|
"subject_token_type_!@#$", // subject_token_type;
|
|
|
|
@ -2292,7 +2292,7 @@ test_external_account_creds_success_with_service_account_impersonation(void) { |
|
|
|
|
grpc_auth_metadata_context auth_md_ctx = {test_service_url, test_method, |
|
|
|
|
nullptr, nullptr}; |
|
|
|
|
grpc_core::Json credential_source(""); |
|
|
|
|
TestExternalAccountCredentials::ExternalAccountCredentialsOptions options = { |
|
|
|
|
TestExternalAccountCredentials::Options options = { |
|
|
|
|
"external_account", // type;
|
|
|
|
|
"audience", // audience;
|
|
|
|
|
"subject_token_type", // subject_token_type;
|
|
|
|
@ -2322,7 +2322,7 @@ static void test_external_account_creds_failure_invalid_token_url(void) { |
|
|
|
|
grpc_auth_metadata_context auth_md_ctx = {test_service_url, test_method, |
|
|
|
|
nullptr, nullptr}; |
|
|
|
|
grpc_core::Json credential_source(""); |
|
|
|
|
TestExternalAccountCredentials::ExternalAccountCredentialsOptions options = { |
|
|
|
|
TestExternalAccountCredentials::Options options = { |
|
|
|
|
"external_account", // type;
|
|
|
|
|
"audience", // audience;
|
|
|
|
|
"subject_token_type", // subject_token_type;
|
|
|
|
@ -2356,7 +2356,7 @@ test_external_account_creds_failure_invalid_service_account_impersonation_url( |
|
|
|
|
grpc_auth_metadata_context auth_md_ctx = {test_service_url, test_method, |
|
|
|
|
nullptr, nullptr}; |
|
|
|
|
grpc_core::Json credential_source(""); |
|
|
|
|
TestExternalAccountCredentials::ExternalAccountCredentialsOptions options = { |
|
|
|
|
TestExternalAccountCredentials::Options options = { |
|
|
|
|
"external_account", // type;
|
|
|
|
|
"audience", // audience;
|
|
|
|
|
"subject_token_type", // subject_token_type;
|
|
|
|
@ -2391,7 +2391,7 @@ test_external_account_creds_failure_token_exchange_response_missing_access_token |
|
|
|
|
grpc_auth_metadata_context auth_md_ctx = {test_service_url, test_method, |
|
|
|
|
nullptr, nullptr}; |
|
|
|
|
grpc_core::Json credential_source(""); |
|
|
|
|
TestExternalAccountCredentials::ExternalAccountCredentialsOptions options = { |
|
|
|
|
TestExternalAccountCredentials::Options options = { |
|
|
|
|
"external_account", // type;
|
|
|
|
|
"audience", // audience;
|
|
|
|
|
"subject_token_type", // subject_token_type;
|
|
|
|
@ -2431,19 +2431,18 @@ static void test_url_external_account_creds_success_format_text(void) { |
|
|
|
|
valid_url_external_account_creds_options_credential_source_format_text, |
|
|
|
|
&error); |
|
|
|
|
GPR_ASSERT(error == GRPC_ERROR_NONE); |
|
|
|
|
grpc_core::ExternalAccountCredentials::ExternalAccountCredentialsOptions |
|
|
|
|
options = { |
|
|
|
|
"external_account", // type;
|
|
|
|
|
"audience", // audience;
|
|
|
|
|
"subject_token_type", // subject_token_type;
|
|
|
|
|
"", // service_account_impersonation_url;
|
|
|
|
|
"https://foo.com:5555/token", // token_url;
|
|
|
|
|
"https://foo.com:5555/token_info", // token_info_url;
|
|
|
|
|
credential_source, // credential_source;
|
|
|
|
|
"quota_project_id", // quota_project_id;
|
|
|
|
|
"client_id", // client_id;
|
|
|
|
|
"client_secret", // client_secret;
|
|
|
|
|
}; |
|
|
|
|
grpc_core::ExternalAccountCredentials::Options options = { |
|
|
|
|
"external_account", // type;
|
|
|
|
|
"audience", // audience;
|
|
|
|
|
"subject_token_type", // subject_token_type;
|
|
|
|
|
"", // service_account_impersonation_url;
|
|
|
|
|
"https://foo.com:5555/token", // token_url;
|
|
|
|
|
"https://foo.com:5555/token_info", // token_info_url;
|
|
|
|
|
credential_source, // credential_source;
|
|
|
|
|
"quota_project_id", // quota_project_id;
|
|
|
|
|
"client_id", // client_id;
|
|
|
|
|
"client_secret", // client_secret;
|
|
|
|
|
}; |
|
|
|
|
auto creds = |
|
|
|
|
grpc_core::UrlExternalAccountCredentials::Create(options, {}, &error); |
|
|
|
|
GPR_ASSERT(creds != nullptr); |
|
|
|
@ -2469,19 +2468,18 @@ test_url_external_account_creds_success_with_qurey_params_format_text(void) { |
|
|
|
|
valid_url_external_account_creds_options_credential_source_with_qurey_params_format_text, |
|
|
|
|
&error); |
|
|
|
|
GPR_ASSERT(error == GRPC_ERROR_NONE); |
|
|
|
|
grpc_core::ExternalAccountCredentials::ExternalAccountCredentialsOptions |
|
|
|
|
options = { |
|
|
|
|
"external_account", // type;
|
|
|
|
|
"audience", // audience;
|
|
|
|
|
"subject_token_type", // subject_token_type;
|
|
|
|
|
"", // service_account_impersonation_url;
|
|
|
|
|
"https://foo.com:5555/token", // token_url;
|
|
|
|
|
"https://foo.com:5555/token_info", // token_info_url;
|
|
|
|
|
credential_source, // credential_source;
|
|
|
|
|
"quota_project_id", // quota_project_id;
|
|
|
|
|
"client_id", // client_id;
|
|
|
|
|
"client_secret", // client_secret;
|
|
|
|
|
}; |
|
|
|
|
grpc_core::ExternalAccountCredentials::Options options = { |
|
|
|
|
"external_account", // type;
|
|
|
|
|
"audience", // audience;
|
|
|
|
|
"subject_token_type", // subject_token_type;
|
|
|
|
|
"", // service_account_impersonation_url;
|
|
|
|
|
"https://foo.com:5555/token", // token_url;
|
|
|
|
|
"https://foo.com:5555/token_info", // token_info_url;
|
|
|
|
|
credential_source, // credential_source;
|
|
|
|
|
"quota_project_id", // quota_project_id;
|
|
|
|
|
"client_id", // client_id;
|
|
|
|
|
"client_secret", // client_secret;
|
|
|
|
|
}; |
|
|
|
|
auto creds = |
|
|
|
|
grpc_core::UrlExternalAccountCredentials::Create(options, {}, &error); |
|
|
|
|
GPR_ASSERT(creds != nullptr); |
|
|
|
@ -2506,19 +2504,18 @@ static void test_url_external_account_creds_success_format_json(void) { |
|
|
|
|
valid_url_external_account_creds_options_credential_source_format_json, |
|
|
|
|
&error); |
|
|
|
|
GPR_ASSERT(error == GRPC_ERROR_NONE); |
|
|
|
|
grpc_core::ExternalAccountCredentials::ExternalAccountCredentialsOptions |
|
|
|
|
options = { |
|
|
|
|
"external_account", // type;
|
|
|
|
|
"audience", // audience;
|
|
|
|
|
"subject_token_type", // subject_token_type;
|
|
|
|
|
"", // service_account_impersonation_url;
|
|
|
|
|
"https://foo.com:5555/token", // token_url;
|
|
|
|
|
"https://foo.com:5555/token_info", // token_info_url;
|
|
|
|
|
credential_source, // credential_source;
|
|
|
|
|
"quota_project_id", // quota_project_id;
|
|
|
|
|
"client_id", // client_id;
|
|
|
|
|
"client_secret", // client_secret;
|
|
|
|
|
}; |
|
|
|
|
grpc_core::ExternalAccountCredentials::Options options = { |
|
|
|
|
"external_account", // type;
|
|
|
|
|
"audience", // audience;
|
|
|
|
|
"subject_token_type", // subject_token_type;
|
|
|
|
|
"", // service_account_impersonation_url;
|
|
|
|
|
"https://foo.com:5555/token", // token_url;
|
|
|
|
|
"https://foo.com:5555/token_info", // token_info_url;
|
|
|
|
|
credential_source, // credential_source;
|
|
|
|
|
"quota_project_id", // quota_project_id;
|
|
|
|
|
"client_id", // client_id;
|
|
|
|
|
"client_secret", // client_secret;
|
|
|
|
|
}; |
|
|
|
|
auto creds = |
|
|
|
|
grpc_core::UrlExternalAccountCredentials::Create(options, {}, &error); |
|
|
|
|
GPR_ASSERT(creds != nullptr); |
|
|
|
@ -2539,19 +2536,18 @@ test_url_external_account_creds_failure_invalid_credential_source_url(void) { |
|
|
|
|
grpc_core::Json credential_source = grpc_core::Json::Parse( |
|
|
|
|
invalid_url_external_account_creds_options_credential_source, &error); |
|
|
|
|
GPR_ASSERT(error == GRPC_ERROR_NONE); |
|
|
|
|
grpc_core::ExternalAccountCredentials::ExternalAccountCredentialsOptions |
|
|
|
|
options = { |
|
|
|
|
"external_account", // type;
|
|
|
|
|
"audience", // audience;
|
|
|
|
|
"subject_token_type", // subject_token_type;
|
|
|
|
|
"", // service_account_impersonation_url;
|
|
|
|
|
"https://foo.com:5555/token", // token_url;
|
|
|
|
|
"https://foo.com:5555/token_info", // token_info_url;
|
|
|
|
|
credential_source, // credential_source;
|
|
|
|
|
"quota_project_id", // quota_project_id;
|
|
|
|
|
"client_id", // client_id;
|
|
|
|
|
"client_secret", // client_secret;
|
|
|
|
|
}; |
|
|
|
|
grpc_core::ExternalAccountCredentials::Options options = { |
|
|
|
|
"external_account", // type;
|
|
|
|
|
"audience", // audience;
|
|
|
|
|
"subject_token_type", // subject_token_type;
|
|
|
|
|
"", // service_account_impersonation_url;
|
|
|
|
|
"https://foo.com:5555/token", // token_url;
|
|
|
|
|
"https://foo.com:5555/token_info", // token_info_url;
|
|
|
|
|
credential_source, // credential_source;
|
|
|
|
|
"quota_project_id", // quota_project_id;
|
|
|
|
|
"client_id", // client_id;
|
|
|
|
|
"client_secret", // client_secret;
|
|
|
|
|
}; |
|
|
|
|
auto creds = |
|
|
|
|
grpc_core::UrlExternalAccountCredentials::Create(options, {}, &error); |
|
|
|
|
GPR_ASSERT(creds == nullptr); |
|
|
|
@ -2577,19 +2573,18 @@ static void test_file_external_account_creds_success_format_text(void) { |
|
|
|
|
absl::StrReplaceAll(subject_token_path, {{"\\", "\\\\"}})), |
|
|
|
|
&error); |
|
|
|
|
GPR_ASSERT(error == GRPC_ERROR_NONE); |
|
|
|
|
grpc_core::ExternalAccountCredentials::ExternalAccountCredentialsOptions |
|
|
|
|
options = { |
|
|
|
|
"external_account", // type;
|
|
|
|
|
"audience", // audience;
|
|
|
|
|
"subject_token_type", // subject_token_type;
|
|
|
|
|
"", // service_account_impersonation_url;
|
|
|
|
|
"https://foo.com:5555/token", // token_url;
|
|
|
|
|
"https://foo.com:5555/token_info", // token_info_url;
|
|
|
|
|
credential_source, // credential_source;
|
|
|
|
|
"quota_project_id", // quota_project_id;
|
|
|
|
|
"client_id", // client_id;
|
|
|
|
|
"client_secret", // client_secret;
|
|
|
|
|
}; |
|
|
|
|
grpc_core::ExternalAccountCredentials::Options options = { |
|
|
|
|
"external_account", // type;
|
|
|
|
|
"audience", // audience;
|
|
|
|
|
"subject_token_type", // subject_token_type;
|
|
|
|
|
"", // service_account_impersonation_url;
|
|
|
|
|
"https://foo.com:5555/token", // token_url;
|
|
|
|
|
"https://foo.com:5555/token_info", // token_info_url;
|
|
|
|
|
credential_source, // credential_source;
|
|
|
|
|
"quota_project_id", // quota_project_id;
|
|
|
|
|
"client_id", // client_id;
|
|
|
|
|
"client_secret", // client_secret;
|
|
|
|
|
}; |
|
|
|
|
auto creds = |
|
|
|
|
grpc_core::FileExternalAccountCredentials::Create(options, {}, &error); |
|
|
|
|
GPR_ASSERT(creds != nullptr); |
|
|
|
@ -2627,19 +2622,18 @@ static void test_file_external_account_creds_success_format_json(void) { |
|
|
|
|
absl::StrReplaceAll(subject_token_path, {{"\\", "\\\\"}})), |
|
|
|
|
&error); |
|
|
|
|
GPR_ASSERT(error == GRPC_ERROR_NONE); |
|
|
|
|
grpc_core::ExternalAccountCredentials::ExternalAccountCredentialsOptions |
|
|
|
|
options = { |
|
|
|
|
"external_account", // type;
|
|
|
|
|
"audience", // audience;
|
|
|
|
|
"subject_token_type", // subject_token_type;
|
|
|
|
|
"", // service_account_impersonation_url;
|
|
|
|
|
"https://foo.com:5555/token", // token_url;
|
|
|
|
|
"https://foo.com:5555/token_info", // token_info_url;
|
|
|
|
|
credential_source, // credential_source;
|
|
|
|
|
"quota_project_id", // quota_project_id;
|
|
|
|
|
"client_id", // client_id;
|
|
|
|
|
"client_secret", // client_secret;
|
|
|
|
|
}; |
|
|
|
|
grpc_core::ExternalAccountCredentials::Options options = { |
|
|
|
|
"external_account", // type;
|
|
|
|
|
"audience", // audience;
|
|
|
|
|
"subject_token_type", // subject_token_type;
|
|
|
|
|
"", // service_account_impersonation_url;
|
|
|
|
|
"https://foo.com:5555/token", // token_url;
|
|
|
|
|
"https://foo.com:5555/token_info", // token_info_url;
|
|
|
|
|
credential_source, // credential_source;
|
|
|
|
|
"quota_project_id", // quota_project_id;
|
|
|
|
|
"client_id", // client_id;
|
|
|
|
|
"client_secret", // client_secret;
|
|
|
|
|
}; |
|
|
|
|
auto creds = |
|
|
|
|
grpc_core::FileExternalAccountCredentials::Create(options, {}, &error); |
|
|
|
|
GPR_ASSERT(creds != nullptr); |
|
|
|
@ -2664,19 +2658,18 @@ static void test_file_external_account_creds_failure_file_not_found(void) { |
|
|
|
|
grpc_core::Json credential_source = |
|
|
|
|
grpc_core::Json::Parse("{\"file\":\"non_exisiting_file\"}", &error); |
|
|
|
|
GPR_ASSERT(error == GRPC_ERROR_NONE); |
|
|
|
|
grpc_core::ExternalAccountCredentials::ExternalAccountCredentialsOptions |
|
|
|
|
options = { |
|
|
|
|
"external_account", // type;
|
|
|
|
|
"audience", // audience;
|
|
|
|
|
"subject_token_type", // subject_token_type;
|
|
|
|
|
"", // service_account_impersonation_url;
|
|
|
|
|
"https://foo.com:5555/token", // token_url;
|
|
|
|
|
"https://foo.com:5555/token_info", // token_info_url;
|
|
|
|
|
credential_source, // credential_source;
|
|
|
|
|
"quota_project_id", // quota_project_id;
|
|
|
|
|
"client_id", // client_id;
|
|
|
|
|
"client_secret", // client_secret;
|
|
|
|
|
}; |
|
|
|
|
grpc_core::ExternalAccountCredentials::Options options = { |
|
|
|
|
"external_account", // type;
|
|
|
|
|
"audience", // audience;
|
|
|
|
|
"subject_token_type", // subject_token_type;
|
|
|
|
|
"", // service_account_impersonation_url;
|
|
|
|
|
"https://foo.com:5555/token", // token_url;
|
|
|
|
|
"https://foo.com:5555/token_info", // token_info_url;
|
|
|
|
|
credential_source, // credential_source;
|
|
|
|
|
"quota_project_id", // quota_project_id;
|
|
|
|
|
"client_id", // client_id;
|
|
|
|
|
"client_secret", // client_secret;
|
|
|
|
|
}; |
|
|
|
|
auto creds = |
|
|
|
|
grpc_core::FileExternalAccountCredentials::Create(options, {}, &error); |
|
|
|
|
GPR_ASSERT(creds != nullptr); |
|
|
|
@ -2714,19 +2707,18 @@ static void test_file_external_account_creds_failure_invalid_json_content( |
|
|
|
|
absl::StrReplaceAll(subject_token_path, {{"\\", "\\\\"}})), |
|
|
|
|
&error); |
|
|
|
|
GPR_ASSERT(error == GRPC_ERROR_NONE); |
|
|
|
|
grpc_core::ExternalAccountCredentials::ExternalAccountCredentialsOptions |
|
|
|
|
options = { |
|
|
|
|
"external_account", // type;
|
|
|
|
|
"audience", // audience;
|
|
|
|
|
"subject_token_type", // subject_token_type;
|
|
|
|
|
"", // service_account_impersonation_url;
|
|
|
|
|
"https://foo.com:5555/token", // token_url;
|
|
|
|
|
"https://foo.com:5555/token_info", // token_info_url;
|
|
|
|
|
credential_source, // credential_source;
|
|
|
|
|
"quota_project_id", // quota_project_id;
|
|
|
|
|
"client_id", // client_id;
|
|
|
|
|
"client_secret", // client_secret;
|
|
|
|
|
}; |
|
|
|
|
grpc_core::ExternalAccountCredentials::Options options = { |
|
|
|
|
"external_account", // type;
|
|
|
|
|
"audience", // audience;
|
|
|
|
|
"subject_token_type", // subject_token_type;
|
|
|
|
|
"", // service_account_impersonation_url;
|
|
|
|
|
"https://foo.com:5555/token", // token_url;
|
|
|
|
|
"https://foo.com:5555/token_info", // token_info_url;
|
|
|
|
|
credential_source, // credential_source;
|
|
|
|
|
"quota_project_id", // quota_project_id;
|
|
|
|
|
"client_id", // client_id;
|
|
|
|
|
"client_secret", // client_secret;
|
|
|
|
|
}; |
|
|
|
|
auto creds = |
|
|
|
|
grpc_core::FileExternalAccountCredentials::Create(options, {}, &error); |
|
|
|
|
GPR_ASSERT(creds != nullptr); |
|
|
|
@ -2755,19 +2747,18 @@ static void test_aws_external_account_creds_success(void) { |
|
|
|
|
grpc_core::Json credential_source = grpc_core::Json::Parse( |
|
|
|
|
valid_aws_external_account_creds_options_credential_source, &error); |
|
|
|
|
GPR_ASSERT(error == GRPC_ERROR_NONE); |
|
|
|
|
grpc_core::ExternalAccountCredentials::ExternalAccountCredentialsOptions |
|
|
|
|
options = { |
|
|
|
|
"external_account", // type;
|
|
|
|
|
"audience", // audience;
|
|
|
|
|
"subject_token_type", // subject_token_type;
|
|
|
|
|
"", // service_account_impersonation_url;
|
|
|
|
|
"https://foo.com:5555/token", // token_url;
|
|
|
|
|
"https://foo.com:5555/token_info", // token_info_url;
|
|
|
|
|
credential_source, // credential_source;
|
|
|
|
|
"quota_project_id", // quota_project_id;
|
|
|
|
|
"client_id", // client_id;
|
|
|
|
|
"client_secret", // client_secret;
|
|
|
|
|
}; |
|
|
|
|
grpc_core::ExternalAccountCredentials::Options options = { |
|
|
|
|
"external_account", // type;
|
|
|
|
|
"audience", // audience;
|
|
|
|
|
"subject_token_type", // subject_token_type;
|
|
|
|
|
"", // service_account_impersonation_url;
|
|
|
|
|
"https://foo.com:5555/token", // token_url;
|
|
|
|
|
"https://foo.com:5555/token_info", // token_info_url;
|
|
|
|
|
credential_source, // credential_source;
|
|
|
|
|
"quota_project_id", // quota_project_id;
|
|
|
|
|
"client_id", // client_id;
|
|
|
|
|
"client_secret", // client_secret;
|
|
|
|
|
}; |
|
|
|
|
auto creds = |
|
|
|
|
grpc_core::AwsExternalAccountCredentials::Create(options, {}, &error); |
|
|
|
|
GPR_ASSERT(creds != nullptr); |
|
|
|
@ -2793,19 +2784,18 @@ static void test_aws_external_account_creds_success_path_region_env_keys_url( |
|
|
|
|
grpc_core::Json credential_source = grpc_core::Json::Parse( |
|
|
|
|
valid_aws_external_account_creds_options_credential_source, &error); |
|
|
|
|
GPR_ASSERT(error == GRPC_ERROR_NONE); |
|
|
|
|
grpc_core::ExternalAccountCredentials::ExternalAccountCredentialsOptions |
|
|
|
|
options = { |
|
|
|
|
"external_account", // type;
|
|
|
|
|
"audience", // audience;
|
|
|
|
|
"subject_token_type", // subject_token_type;
|
|
|
|
|
"", // service_account_impersonation_url;
|
|
|
|
|
"https://foo.com:5555/token", // token_url;
|
|
|
|
|
"https://foo.com:5555/token_info", // token_info_url;
|
|
|
|
|
credential_source, // credential_source;
|
|
|
|
|
"quota_project_id", // quota_project_id;
|
|
|
|
|
"client_id", // client_id;
|
|
|
|
|
"client_secret", // client_secret;
|
|
|
|
|
}; |
|
|
|
|
grpc_core::ExternalAccountCredentials::Options options = { |
|
|
|
|
"external_account", // type;
|
|
|
|
|
"audience", // audience;
|
|
|
|
|
"subject_token_type", // subject_token_type;
|
|
|
|
|
"", // service_account_impersonation_url;
|
|
|
|
|
"https://foo.com:5555/token", // token_url;
|
|
|
|
|
"https://foo.com:5555/token_info", // token_info_url;
|
|
|
|
|
credential_source, // credential_source;
|
|
|
|
|
"quota_project_id", // quota_project_id;
|
|
|
|
|
"client_id", // client_id;
|
|
|
|
|
"client_secret", // client_secret;
|
|
|
|
|
}; |
|
|
|
|
auto creds = |
|
|
|
|
grpc_core::AwsExternalAccountCredentials::Create(options, {}, &error); |
|
|
|
|
GPR_ASSERT(creds != nullptr); |
|
|
|
@ -2834,19 +2824,18 @@ static void test_aws_external_account_creds_success_path_region_url_keys_env( |
|
|
|
|
grpc_core::Json credential_source = grpc_core::Json::Parse( |
|
|
|
|
valid_aws_external_account_creds_options_credential_source, &error); |
|
|
|
|
GPR_ASSERT(error == GRPC_ERROR_NONE); |
|
|
|
|
grpc_core::ExternalAccountCredentials::ExternalAccountCredentialsOptions |
|
|
|
|
options = { |
|
|
|
|
"external_account", // type;
|
|
|
|
|
"audience", // audience;
|
|
|
|
|
"subject_token_type", // subject_token_type;
|
|
|
|
|
"", // service_account_impersonation_url;
|
|
|
|
|
"https://foo.com:5555/token", // token_url;
|
|
|
|
|
"https://foo.com:5555/token_info", // token_info_url;
|
|
|
|
|
credential_source, // credential_source;
|
|
|
|
|
"quota_project_id", // quota_project_id;
|
|
|
|
|
"client_id", // client_id;
|
|
|
|
|
"client_secret", // client_secret;
|
|
|
|
|
}; |
|
|
|
|
grpc_core::ExternalAccountCredentials::Options options = { |
|
|
|
|
"external_account", // type;
|
|
|
|
|
"audience", // audience;
|
|
|
|
|
"subject_token_type", // subject_token_type;
|
|
|
|
|
"", // service_account_impersonation_url;
|
|
|
|
|
"https://foo.com:5555/token", // token_url;
|
|
|
|
|
"https://foo.com:5555/token_info", // token_info_url;
|
|
|
|
|
credential_source, // credential_source;
|
|
|
|
|
"quota_project_id", // quota_project_id;
|
|
|
|
|
"client_id", // client_id;
|
|
|
|
|
"client_secret", // client_secret;
|
|
|
|
|
}; |
|
|
|
|
auto creds = |
|
|
|
|
grpc_core::AwsExternalAccountCredentials::Create(options, {}, &error); |
|
|
|
|
GPR_ASSERT(creds != nullptr); |
|
|
|
@ -2878,19 +2867,18 @@ static void test_aws_external_account_creds_success_path_region_env_keys_env( |
|
|
|
|
grpc_core::Json credential_source = grpc_core::Json::Parse( |
|
|
|
|
valid_aws_external_account_creds_options_credential_source, &error); |
|
|
|
|
GPR_ASSERT(error == GRPC_ERROR_NONE); |
|
|
|
|
grpc_core::ExternalAccountCredentials::ExternalAccountCredentialsOptions |
|
|
|
|
options = { |
|
|
|
|
"external_account", // type;
|
|
|
|
|
"audience", // audience;
|
|
|
|
|
"subject_token_type", // subject_token_type;
|
|
|
|
|
"", // service_account_impersonation_url;
|
|
|
|
|
"https://foo.com:5555/token", // token_url;
|
|
|
|
|
"https://foo.com:5555/token_info", // token_info_url;
|
|
|
|
|
credential_source, // credential_source;
|
|
|
|
|
"quota_project_id", // quota_project_id;
|
|
|
|
|
"client_id", // client_id;
|
|
|
|
|
"client_secret", // client_secret;
|
|
|
|
|
}; |
|
|
|
|
grpc_core::ExternalAccountCredentials::Options options = { |
|
|
|
|
"external_account", // type;
|
|
|
|
|
"audience", // audience;
|
|
|
|
|
"subject_token_type", // subject_token_type;
|
|
|
|
|
"", // service_account_impersonation_url;
|
|
|
|
|
"https://foo.com:5555/token", // token_url;
|
|
|
|
|
"https://foo.com:5555/token_info", // token_info_url;
|
|
|
|
|
credential_source, // credential_source;
|
|
|
|
|
"quota_project_id", // quota_project_id;
|
|
|
|
|
"client_id", // client_id;
|
|
|
|
|
"client_secret", // client_secret;
|
|
|
|
|
}; |
|
|
|
|
auto creds = |
|
|
|
|
grpc_core::AwsExternalAccountCredentials::Create(options, {}, &error); |
|
|
|
|
GPR_ASSERT(creds != nullptr); |
|
|
|
@ -2916,19 +2904,18 @@ static void test_aws_external_account_creds_failure_unmatched_environment_id( |
|
|
|
|
invalid_aws_external_account_creds_options_credential_source_unmatched_environment_id, |
|
|
|
|
&error); |
|
|
|
|
GPR_ASSERT(error == GRPC_ERROR_NONE); |
|
|
|
|
grpc_core::ExternalAccountCredentials::ExternalAccountCredentialsOptions |
|
|
|
|
options = { |
|
|
|
|
"external_account", // type;
|
|
|
|
|
"audience", // audience;
|
|
|
|
|
"subject_token_type", // subject_token_type;
|
|
|
|
|
"", // service_account_impersonation_url;
|
|
|
|
|
"https://foo.com:5555/token", // token_url;
|
|
|
|
|
"https://foo.com:5555/token_info", // token_info_url;
|
|
|
|
|
credential_source, // credential_source;
|
|
|
|
|
"quota_project_id", // quota_project_id;
|
|
|
|
|
"client_id", // client_id;
|
|
|
|
|
"client_secret", // client_secret;
|
|
|
|
|
}; |
|
|
|
|
grpc_core::ExternalAccountCredentials::Options options = { |
|
|
|
|
"external_account", // type;
|
|
|
|
|
"audience", // audience;
|
|
|
|
|
"subject_token_type", // subject_token_type;
|
|
|
|
|
"", // service_account_impersonation_url;
|
|
|
|
|
"https://foo.com:5555/token", // token_url;
|
|
|
|
|
"https://foo.com:5555/token_info", // token_info_url;
|
|
|
|
|
credential_source, // credential_source;
|
|
|
|
|
"quota_project_id", // quota_project_id;
|
|
|
|
|
"client_id", // client_id;
|
|
|
|
|
"client_secret", // client_secret;
|
|
|
|
|
}; |
|
|
|
|
auto creds = |
|
|
|
|
grpc_core::AwsExternalAccountCredentials::Create(options, {}, &error); |
|
|
|
|
GPR_ASSERT(creds == nullptr); |
|
|
|
@ -2950,19 +2937,18 @@ static void test_aws_external_account_creds_failure_invalid_region_url(void) { |
|
|
|
|
invalid_aws_external_account_creds_options_credential_source_invalid_region_url, |
|
|
|
|
&error); |
|
|
|
|
GPR_ASSERT(error == GRPC_ERROR_NONE); |
|
|
|
|
grpc_core::ExternalAccountCredentials::ExternalAccountCredentialsOptions |
|
|
|
|
options = { |
|
|
|
|
"external_account", // type;
|
|
|
|
|
"audience", // audience;
|
|
|
|
|
"subject_token_type", // subject_token_type;
|
|
|
|
|
"", // service_account_impersonation_url;
|
|
|
|
|
"https://foo.com:5555/token", // token_url;
|
|
|
|
|
"https://foo.com:5555/token_info", // token_info_url;
|
|
|
|
|
credential_source, // credential_source;
|
|
|
|
|
"quota_project_id", // quota_project_id;
|
|
|
|
|
"client_id", // client_id;
|
|
|
|
|
"client_secret", // client_secret;
|
|
|
|
|
}; |
|
|
|
|
grpc_core::ExternalAccountCredentials::Options options = { |
|
|
|
|
"external_account", // type;
|
|
|
|
|
"audience", // audience;
|
|
|
|
|
"subject_token_type", // subject_token_type;
|
|
|
|
|
"", // service_account_impersonation_url;
|
|
|
|
|
"https://foo.com:5555/token", // token_url;
|
|
|
|
|
"https://foo.com:5555/token_info", // token_info_url;
|
|
|
|
|
credential_source, // credential_source;
|
|
|
|
|
"quota_project_id", // quota_project_id;
|
|
|
|
|
"client_id", // client_id;
|
|
|
|
|
"client_secret", // client_secret;
|
|
|
|
|
}; |
|
|
|
|
auto creds = |
|
|
|
|
grpc_core::AwsExternalAccountCredentials::Create(options, {}, &error); |
|
|
|
|
GPR_ASSERT(creds != nullptr); |
|
|
|
@ -2991,19 +2977,18 @@ static void test_aws_external_account_creds_failure_invalid_url(void) { |
|
|
|
|
invalid_aws_external_account_creds_options_credential_source_invalid_url, |
|
|
|
|
&error); |
|
|
|
|
GPR_ASSERT(error == GRPC_ERROR_NONE); |
|
|
|
|
grpc_core::ExternalAccountCredentials::ExternalAccountCredentialsOptions |
|
|
|
|
options = { |
|
|
|
|
"external_account", // type;
|
|
|
|
|
"audience", // audience;
|
|
|
|
|
"subject_token_type", // subject_token_type;
|
|
|
|
|
"", // service_account_impersonation_url;
|
|
|
|
|
"https://foo.com:5555/token", // token_url;
|
|
|
|
|
"https://foo.com:5555/token_info", // token_info_url;
|
|
|
|
|
credential_source, // credential_source;
|
|
|
|
|
"quota_project_id", // quota_project_id;
|
|
|
|
|
"client_id", // client_id;
|
|
|
|
|
"client_secret", // client_secret;
|
|
|
|
|
}; |
|
|
|
|
grpc_core::ExternalAccountCredentials::Options options = { |
|
|
|
|
"external_account", // type;
|
|
|
|
|
"audience", // audience;
|
|
|
|
|
"subject_token_type", // subject_token_type;
|
|
|
|
|
"", // service_account_impersonation_url;
|
|
|
|
|
"https://foo.com:5555/token", // token_url;
|
|
|
|
|
"https://foo.com:5555/token_info", // token_info_url;
|
|
|
|
|
credential_source, // credential_source;
|
|
|
|
|
"quota_project_id", // quota_project_id;
|
|
|
|
|
"client_id", // client_id;
|
|
|
|
|
"client_secret", // client_secret;
|
|
|
|
|
}; |
|
|
|
|
auto creds = |
|
|
|
|
grpc_core::AwsExternalAccountCredentials::Create(options, {}, &error); |
|
|
|
|
GPR_ASSERT(creds != nullptr); |
|
|
|
@ -3031,19 +3016,18 @@ static void test_aws_external_account_creds_failure_missing_role_name(void) { |
|
|
|
|
invalid_aws_external_account_creds_options_credential_source_missing_role_name, |
|
|
|
|
&error); |
|
|
|
|
GPR_ASSERT(error == GRPC_ERROR_NONE); |
|
|
|
|
grpc_core::ExternalAccountCredentials::ExternalAccountCredentialsOptions |
|
|
|
|
options = { |
|
|
|
|
"external_account", // type;
|
|
|
|
|
"audience", // audience;
|
|
|
|
|
"subject_token_type", // subject_token_type;
|
|
|
|
|
"", // service_account_impersonation_url;
|
|
|
|
|
"https://foo.com:5555/token", // token_url;
|
|
|
|
|
"https://foo.com:5555/token_info", // token_info_url;
|
|
|
|
|
credential_source, // credential_source;
|
|
|
|
|
"quota_project_id", // quota_project_id;
|
|
|
|
|
"client_id", // client_id;
|
|
|
|
|
"client_secret", // client_secret;
|
|
|
|
|
}; |
|
|
|
|
grpc_core::ExternalAccountCredentials::Options options = { |
|
|
|
|
"external_account", // type;
|
|
|
|
|
"audience", // audience;
|
|
|
|
|
"subject_token_type", // subject_token_type;
|
|
|
|
|
"", // service_account_impersonation_url;
|
|
|
|
|
"https://foo.com:5555/token", // token_url;
|
|
|
|
|
"https://foo.com:5555/token_info", // token_info_url;
|
|
|
|
|
credential_source, // credential_source;
|
|
|
|
|
"quota_project_id", // quota_project_id;
|
|
|
|
|
"client_id", // client_id;
|
|
|
|
|
"client_secret", // client_secret;
|
|
|
|
|
}; |
|
|
|
|
auto creds = |
|
|
|
|
grpc_core::AwsExternalAccountCredentials::Create(options, {}, &error); |
|
|
|
|
GPR_ASSERT(creds != nullptr); |
|
|
|
@ -3074,19 +3058,18 @@ test_aws_external_account_creds_failure_invalid_regional_cred_verification_url( |
|
|
|
|
invalid_aws_external_account_creds_options_credential_source_invalid_regional_cred_verification_url, |
|
|
|
|
&error); |
|
|
|
|
GPR_ASSERT(error == GRPC_ERROR_NONE); |
|
|
|
|
grpc_core::ExternalAccountCredentials::ExternalAccountCredentialsOptions |
|
|
|
|
options = { |
|
|
|
|
"external_account", // type;
|
|
|
|
|
"audience", // audience;
|
|
|
|
|
"subject_token_type", // subject_token_type;
|
|
|
|
|
"", // service_account_impersonation_url;
|
|
|
|
|
"https://foo.com:5555/token", // token_url;
|
|
|
|
|
"https://foo.com:5555/token_info", // token_info_url;
|
|
|
|
|
credential_source, // credential_source;
|
|
|
|
|
"quota_project_id", // quota_project_id;
|
|
|
|
|
"client_id", // client_id;
|
|
|
|
|
"client_secret", // client_secret;
|
|
|
|
|
}; |
|
|
|
|
grpc_core::ExternalAccountCredentials::Options options = { |
|
|
|
|
"external_account", // type;
|
|
|
|
|
"audience", // audience;
|
|
|
|
|
"subject_token_type", // subject_token_type;
|
|
|
|
|
"", // service_account_impersonation_url;
|
|
|
|
|
"https://foo.com:5555/token", // token_url;
|
|
|
|
|
"https://foo.com:5555/token_info", // token_info_url;
|
|
|
|
|
credential_source, // credential_source;
|
|
|
|
|
"quota_project_id", // quota_project_id;
|
|
|
|
|
"client_id", // client_id;
|
|
|
|
|
"client_secret", // client_secret;
|
|
|
|
|
}; |
|
|
|
|
auto creds = |
|
|
|
|
grpc_core::AwsExternalAccountCredentials::Create(options, {}, &error); |
|
|
|
|
GPR_ASSERT(creds != nullptr); |
|
|
|
@ -3106,6 +3089,92 @@ test_aws_external_account_creds_failure_invalid_regional_cred_verification_url( |
|
|
|
|
GRPC_ERROR_UNREF(error); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
static void test_external_account_credentials_create_success(void) { |
|
|
|
|
// url credentials
|
|
|
|
|
const char* url_options_string = |
|
|
|
|
"{\"type\":\"external_account\",\"audience\":\"audience\",\"subject_" |
|
|
|
|
"token_type\":\"subject_token_type\",\"service_account_impersonation_" |
|
|
|
|
"url\":\"service_account_impersonation_url\",\"token_url\":\"https://" |
|
|
|
|
"foo.com:5555/token\",\"token_info_url\":\"https://foo.com:5555/" |
|
|
|
|
"token_info\",\"credential_source\":{\"url\":\"https://foo.com:5555/" |
|
|
|
|
"generate_subject_token_format_json\",\"headers\":{\"Metadata-Flavor\":" |
|
|
|
|
"\"Google\"},\"format\":{\"type\":\"json\",\"subject_token_field_name\":" |
|
|
|
|
"\"access_token\"}},\"quota_project_id\":\"quota_" |
|
|
|
|
"project_id\",\"client_id\":\"client_id\",\"client_secret\":\"client_" |
|
|
|
|
"secret\"}"; |
|
|
|
|
const char* url_scopes_string = "scope1,scope2"; |
|
|
|
|
grpc_call_credentials* url_creds = grpc_external_account_credentials_create( |
|
|
|
|
url_options_string, url_scopes_string); |
|
|
|
|
GPR_ASSERT(url_creds != nullptr); |
|
|
|
|
url_creds->Unref(); |
|
|
|
|
// file credentials
|
|
|
|
|
const char* file_options_string = |
|
|
|
|
"{\"type\":\"external_account\",\"audience\":\"audience\",\"subject_" |
|
|
|
|
"token_type\":\"subject_token_type\",\"service_account_impersonation_" |
|
|
|
|
"url\":\"service_account_impersonation_url\",\"token_url\":\"https://" |
|
|
|
|
"foo.com:5555/token\",\"token_info_url\":\"https://foo.com:5555/" |
|
|
|
|
"token_info\",\"credential_source\":{\"file\":\"credentials_file_path\"}," |
|
|
|
|
"\"quota_project_id\":\"quota_" |
|
|
|
|
"project_id\",\"client_id\":\"client_id\",\"client_secret\":\"client_" |
|
|
|
|
"secret\"}"; |
|
|
|
|
const char* file_scopes_string = "scope1,scope2"; |
|
|
|
|
grpc_call_credentials* file_creds = grpc_external_account_credentials_create( |
|
|
|
|
file_options_string, file_scopes_string); |
|
|
|
|
GPR_ASSERT(file_creds != nullptr); |
|
|
|
|
file_creds->Unref(); |
|
|
|
|
// aws credentials
|
|
|
|
|
const char* aws_options_string = |
|
|
|
|
"{\"type\":\"external_account\",\"audience\":\"audience\",\"subject_" |
|
|
|
|
"token_type\":\"subject_token_type\",\"service_account_impersonation_" |
|
|
|
|
"url\":\"service_account_impersonation_url\",\"token_url\":\"https://" |
|
|
|
|
"foo.com:5555/token\",\"token_info_url\":\"https://foo.com:5555/" |
|
|
|
|
"token_info\",\"credential_source\":{\"environment_id\":\"aws1\"," |
|
|
|
|
"\"region_url\":\"https://foo.com:5555/region_url\",\"url\":\"https://" |
|
|
|
|
"foo.com:5555/url\",\"regional_cred_verification_url\":\"https://" |
|
|
|
|
"foo.com:5555/regional_cred_verification_url_{region}\"}," |
|
|
|
|
"\"quota_project_id\":\"quota_" |
|
|
|
|
"project_id\",\"client_id\":\"client_id\",\"client_secret\":\"client_" |
|
|
|
|
"secret\"}"; |
|
|
|
|
const char* aws_scopes_string = "scope1,scope2"; |
|
|
|
|
grpc_call_credentials* aws_creds = grpc_external_account_credentials_create( |
|
|
|
|
aws_options_string, aws_scopes_string); |
|
|
|
|
GPR_ASSERT(aws_creds != nullptr); |
|
|
|
|
aws_creds->Unref(); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
static void |
|
|
|
|
test_external_account_credentials_create_failure_invalid_json_format(void) { |
|
|
|
|
const char* options_string = "invalid_json"; |
|
|
|
|
grpc_call_credentials* creds = |
|
|
|
|
grpc_external_account_credentials_create(options_string, ""); |
|
|
|
|
GPR_ASSERT(creds == nullptr); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
static void |
|
|
|
|
test_external_account_credentials_create_failure_invalid_options_format(void) { |
|
|
|
|
const char* options_string = "{\"random_key\":\"random_value\"}"; |
|
|
|
|
grpc_call_credentials* creds = |
|
|
|
|
grpc_external_account_credentials_create(options_string, ""); |
|
|
|
|
GPR_ASSERT(creds == nullptr); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
static void |
|
|
|
|
test_external_account_credentials_create_failure_invalid_options_credential_source( |
|
|
|
|
void) { |
|
|
|
|
const char* options_string = |
|
|
|
|
"{\"type\":\"external_account\",\"audience\":\"audience\",\"subject_" |
|
|
|
|
"token_type\":\"subject_token_type\",\"service_account_impersonation_" |
|
|
|
|
"url\":\"service_account_impersonation_url\",\"token_url\":\"https://" |
|
|
|
|
"foo.com:5555/token\",\"token_info_url\":\"https://foo.com:5555/" |
|
|
|
|
"token_info\",\"credential_source\":{\"random_key\":\"random_value\"}," |
|
|
|
|
"\"quota_project_id\":\"quota_" |
|
|
|
|
"project_id\",\"client_id\":\"client_id\",\"client_secret\":\"client_" |
|
|
|
|
"secret\"}"; |
|
|
|
|
grpc_call_credentials* creds = |
|
|
|
|
grpc_external_account_credentials_create(options_string, ""); |
|
|
|
|
GPR_ASSERT(creds == nullptr); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
int main(int argc, char** argv) { |
|
|
|
|
grpc::testing::TestEnvironment env(argc, argv); |
|
|
|
|
grpc_init(); |
|
|
|
@ -3173,6 +3242,10 @@ int main(int argc, char** argv) { |
|
|
|
|
test_aws_external_account_creds_failure_invalid_url(); |
|
|
|
|
test_aws_external_account_creds_failure_missing_role_name(); |
|
|
|
|
test_aws_external_account_creds_failure_invalid_regional_cred_verification_url(); |
|
|
|
|
test_external_account_credentials_create_success(); |
|
|
|
|
test_external_account_credentials_create_failure_invalid_json_format(); |
|
|
|
|
test_external_account_credentials_create_failure_invalid_options_format(); |
|
|
|
|
test_external_account_credentials_create_failure_invalid_options_credential_source(); |
|
|
|
|
grpc_shutdown(); |
|
|
|
|
return 0; |
|
|
|
|
} |
|
|
|
|