make work with out-of-band oauth2 token more pleasant

9 years ago · cd7a4054de
parent 2a31304d7f
commit cd7a4054de
3 changed files with 32 additions and 12 deletions
--- a/src/csharp/Grpc.Auth/Grpc.Auth.csproj
+++ b/src/csharp/Grpc.Auth/Grpc.Auth.csproj
@ -79,7 +79,7 @@
    </Compile>
    <Compile Include="Properties\AssemblyInfo.cs" />
    <Compile Include="GoogleCredential.cs" />
-    <Compile Include="OAuth2InterceptorFactory.cs" />
+    <Compile Include="OAuth2Interceptors.cs" />
  </ItemGroup>
  <Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" />
  <ItemGroup>
--- a/src/csharp/Grpc.Auth/OAuth2InterceptorFactory.cs
+++ b/src/csharp/Grpc.Auth/OAuth2InterceptorFactory.cs
@ -47,17 +47,31 @@ using Grpc.Core.Utils;

 namespace Grpc.Auth
 {
-    public static class OAuth2InterceptorFactory
+    public static class OAuth2Interceptors
    {
        /// <summary>
-        /// Creates OAuth2 interceptor.
+        /// Creates OAuth2 interceptor that will obtain access token from GoogleCredentials.
        /// </summary>
-        public static MetadataInterceptorDelegate Create(GoogleCredential googleCredential)
+        public static MetadataInterceptorDelegate FromCredential(GoogleCredential googleCredential)
        {
            var interceptor = new OAuth2Interceptor(googleCredential.InternalCredential, SystemClock.Default);
            return new MetadataInterceptorDelegate(interceptor.InterceptHeaders);
        }

+        /// <summary>
+        /// Creates OAuth2 interceptor that will use given OAuth2 token.
+        /// </summary>
+        /// <param name="oauth2Token"></param>
+        /// <returns></returns>
+        public static MetadataInterceptorDelegate FromAccessToken(string oauth2Token)
+        {
+            Preconditions.CheckNotNull(oauth2Token);
+            return new MetadataInterceptorDelegate((metadata) =>
+            {
+                metadata.Add(OAuth2Interceptor.CreateBearerTokenHeader(oauth2Token));
+            });
+        }
+
        /// <summary>
        /// Injects OAuth2 authorization header into initial metadata (= request headers).
        /// </summary>
@ -97,8 +111,15 @@ namespace Grpc.Auth
            public void InterceptHeaders(Metadata metadata)
            {
                var accessToken = GetAccessToken(CancellationToken.None);
-                metadata.Add(new Metadata.Entry(AuthorizationHeader, Schema + " " + accessToken));
+                metadata.Add(CreateBearerTokenHeader(accessToken));
+            }
+
+            public static Metadata.Entry CreateBearerTokenHeader(string accessToken)
+            {
+                return new Metadata.Entry(AuthorizationHeader, Schema + " " + accessToken);
            }
        }
+
+
    }
 }
--- a/src/csharp/Grpc.IntegrationTesting/InteropClient.cs
+++ b/src/csharp/Grpc.IntegrationTesting/InteropClient.cs
@ -127,7 +127,7 @@ namespace Grpc.IntegrationTesting
                    {
                        credential = credential.CreateScoped(new[] { AuthScope });
                    }
-                    client.HeaderInterceptor = OAuth2InterceptorFactory.Create(credential);
+                    client.HeaderInterceptor = OAuth2Interceptors.FromCredential(credential);
                }

                RunTestCase(options.testCase, client);
@ -368,11 +368,7 @@ namespace Grpc.IntegrationTesting
            Assert.IsTrue(credential.RequestAccessTokenAsync(CancellationToken.None).Result);
            string oauth2Token = credential.Token.AccessToken;

-            // Intercept calls with an OAuth2 token obtained out-of-band.
-            client.HeaderInterceptor = new MetadataInterceptorDelegate((metadata) =>
-            {
-                metadata.Add(new Metadata.Entry("Authorization", "Bearer " + oauth2Token));
-            });
+            client.HeaderInterceptor = OAuth2Interceptors.FromAccessToken(oauth2Token);

            var request = SimpleRequest.CreateBuilder()
                .SetFillUsername(true)
@ -393,13 +389,16 @@ namespace Grpc.IntegrationTesting
            var credential = GoogleCredential.GetApplicationDefault().CreateScoped(new[] { AuthScope });
            Assert.IsTrue(credential.RequestAccessTokenAsync(CancellationToken.None).Result);
            string oauth2Token = credential.Token.AccessToken;
+            var headerInterceptor = OAuth2Interceptors.FromAccessToken(oauth2Token);

            var request = SimpleRequest.CreateBuilder()
                .SetFillUsername(true)
                .SetFillOauthScope(true)
                .Build();

-            var response = client.UnaryCall(request, headers: new Metadata { new Metadata.Entry("Authorization", "Bearer " + oauth2Token) });
+            var headers = new Metadata();
+            headerInterceptor(headers);
+            var response = client.UnaryCall(request, headers: headers);

            Assert.AreEqual(AuthScopeResponse, response.OauthScope);
            Assert.AreEqual(ServiceAccountUser, response.Username);