static void test_service_account_creds_success(void) { char *json_key_string = test_json_key_str(); grpc_credentials *service_account_creds = grpc_service_account_credentials_create(json_key_string, test_scope, grpc_max_auth_token_lifetime); GPR_ASSERT(grpc_credentials_has_request_metadata(service_account_creds)); GPR_ASSERT(grpc_credentials_has_request_metadata_only(service_account_creds)); /* First request: http get should be called. */ grpc_jwt_encode_and_sign_set_override(encode_and_sign_jwt_success); grpc_httpcli_set_override(httpcli_get_should_not_be_called, service_account_httpcli_post_success); grpc_credentials_get_request_metadata( service_account_creds, NULL, test_service_url, on_oauth2_creds_get_metadata_success, (void *)test_user_data); /* Second request: the cached token should be served directly. */ grpc_jwt_encode_and_sign_set_override( encode_and_sign_jwt_should_not_be_called); grpc_httpcli_set_override(httpcli_get_should_not_be_called, httpcli_post_should_not_be_called); grpc_credentials_get_request_metadata( service_account_creds, NULL, test_service_url, on_oauth2_creds_get_metadata_success, (void *)test_user_data); gpr_free(json_key_string); grpc_credentials_unref(service_account_creds); grpc_jwt_encode_and_sign_set_override(NULL); grpc_httpcli_set_override(NULL, NULL); }
static void test_jwt_verifier_bad_format(void) { grpc_jwt_verifier *verifier = grpc_jwt_verifier_create(NULL, 0); grpc_httpcli_set_override(httpcli_get_should_not_be_called, httpcli_post_should_not_be_called); grpc_jwt_verifier_verify(verifier, NULL, "bad jwt", expected_audience, on_verification_bad_format, (void *)expected_user_data); grpc_jwt_verifier_destroy(verifier); grpc_httpcli_set_override(NULL, NULL); }
static void test_refresh_token_creds_failure(void) { grpc_credentials *refresh_token_creds = grpc_refresh_token_credentials_create(test_refresh_token_str); grpc_httpcli_set_override(httpcli_get_should_not_be_called, refresh_token_httpcli_post_failure); GPR_ASSERT(grpc_credentials_has_request_metadata(refresh_token_creds)); GPR_ASSERT(grpc_credentials_has_request_metadata_only(refresh_token_creds)); grpc_credentials_get_request_metadata( refresh_token_creds, NULL, test_service_url, on_oauth2_creds_get_metadata_failure, (void *)test_user_data); grpc_credentials_unref(refresh_token_creds); grpc_httpcli_set_override(NULL, NULL); }
static void test_compute_engine_creds_failure(void) { grpc_credentials *compute_engine_creds = grpc_compute_engine_credentials_create(); grpc_httpcli_set_override(compute_engine_httpcli_get_failure_override, httpcli_post_should_not_be_called); GPR_ASSERT(grpc_credentials_has_request_metadata(compute_engine_creds)); GPR_ASSERT(grpc_credentials_has_request_metadata_only(compute_engine_creds)); grpc_credentials_get_request_metadata( compute_engine_creds, NULL, test_service_url, on_oauth2_creds_get_metadata_failure, (void *)test_user_data); grpc_credentials_unref(compute_engine_creds); grpc_httpcli_set_override(NULL, NULL); }
static void test_service_account_creds_http_failure(void) { char *json_key_string = test_json_key_str(); grpc_credentials *service_account_creds = grpc_service_account_credentials_create(json_key_string, test_scope, grpc_max_auth_token_lifetime); GPR_ASSERT(grpc_credentials_has_request_metadata(service_account_creds)); GPR_ASSERT(grpc_credentials_has_request_metadata_only(service_account_creds)); grpc_jwt_encode_and_sign_set_override(encode_and_sign_jwt_success); grpc_httpcli_set_override(httpcli_get_should_not_be_called, service_account_httpcli_post_failure); grpc_credentials_get_request_metadata( service_account_creds, NULL, test_service_url, on_oauth2_creds_get_metadata_failure, (void *)test_user_data); gpr_free(json_key_string); grpc_credentials_unref(service_account_creds); grpc_httpcli_set_override(NULL, NULL); }
static void test_jwt_verifier_url_issuer_success(void) { grpc_jwt_verifier *verifier = grpc_jwt_verifier_create(NULL, 0); char *jwt = NULL; char *key_str = json_key_str(json_key_str_part3_for_url_issuer); grpc_auth_json_key key = grpc_auth_json_key_create_from_string(key_str); gpr_free(key_str); GPR_ASSERT(grpc_auth_json_key_is_valid(&key)); grpc_httpcli_set_override(httpcli_get_openid_config, httpcli_post_should_not_be_called); jwt = grpc_jwt_encode_and_sign(&key, expected_audience, expected_lifetime, NULL); grpc_auth_json_key_destruct(&key); GPR_ASSERT(jwt != NULL); grpc_jwt_verifier_verify(verifier, NULL, jwt, expected_audience, on_verification_success, (void *)expected_user_data); gpr_free(jwt); grpc_jwt_verifier_destroy(verifier); grpc_httpcli_set_override(NULL, NULL); }
static void test_jwt_verifier_custom_email_issuer_success(void) { grpc_exec_ctx exec_ctx = GRPC_EXEC_CTX_INIT; grpc_jwt_verifier *verifier = grpc_jwt_verifier_create(&custom_mapping, 1); char *jwt = NULL; char *key_str = json_key_str(json_key_str_part3_for_custom_email_issuer); grpc_auth_json_key key = grpc_auth_json_key_create_from_string(key_str); gpr_free(key_str); GPR_ASSERT(grpc_auth_json_key_is_valid(&key)); grpc_httpcli_set_override(httpcli_get_custom_keys_for_email, httpcli_post_should_not_be_called); jwt = grpc_jwt_encode_and_sign(&key, expected_audience, expected_lifetime, NULL); grpc_auth_json_key_destruct(&key); GPR_ASSERT(jwt != NULL); grpc_jwt_verifier_verify(&exec_ctx, verifier, NULL, jwt, expected_audience, on_verification_success, (void *)expected_user_data); gpr_free(jwt); grpc_jwt_verifier_destroy(verifier); grpc_httpcli_set_override(NULL, NULL); grpc_exec_ctx_finish(&exec_ctx); }
static void test_refresh_token_creds_success(void) { grpc_credentials *refresh_token_creds = grpc_refresh_token_credentials_create(test_refresh_token_str); GPR_ASSERT(grpc_credentials_has_request_metadata(refresh_token_creds)); GPR_ASSERT(grpc_credentials_has_request_metadata_only(refresh_token_creds)); /* First request: http get should be called. */ grpc_httpcli_set_override(httpcli_get_should_not_be_called, refresh_token_httpcli_post_success); grpc_credentials_get_request_metadata( refresh_token_creds, NULL, test_service_url, on_oauth2_creds_get_metadata_success, (void *)test_user_data); /* Second request: the cached token should be served directly. */ grpc_httpcli_set_override(httpcli_get_should_not_be_called, httpcli_post_should_not_be_called); grpc_credentials_get_request_metadata( refresh_token_creds, NULL, test_service_url, on_oauth2_creds_get_metadata_success, (void *)test_user_data); grpc_credentials_unref(refresh_token_creds); grpc_httpcli_set_override(NULL, NULL); }
static int httpcli_get_openid_config(const grpc_httpcli_request *request, gpr_timespec deadline, grpc_httpcli_response_cb on_response, void *user_data) { grpc_httpcli_response response = http_response(200, gpr_strdup(good_openid_config)); GPR_ASSERT(request->use_ssl); GPR_ASSERT(strcmp(request->host, "accounts.google.com") == 0); GPR_ASSERT(strcmp(request->path, GRPC_OPENID_CONFIG_URL_SUFFIX) == 0); grpc_httpcli_set_override(httpcli_get_jwk_set, httpcli_post_should_not_be_called); on_response(user_data, &response); gpr_free(response.body); return 1; }