Skip to content

Commit

Permalink
Add oauth2.credentials system tests (#56)
Browse files Browse the repository at this point in the history
* Add script to generate user auth tokens.
* Add oauth2.credentials system tests
  • Loading branch information
Jon Wayne Parrott authored Oct 26, 2016
1 parent f7b9279 commit cf672c2
Show file tree
Hide file tree
Showing 5 changed files with 115 additions and 1 deletion.
2 changes: 1 addition & 1 deletion .travis.yml
Original file line number Diff line number Diff line change
Expand Up @@ -38,4 +38,4 @@ deploy:
repo: GoogleCloudPlatform/google-auth-library-python
env:
global:
secure: KjV9daSNZsM3/jth2d87MEu4irHtwNwUcdIUVglz3QrIX7fAcbFqHu/2Ux3yGC+iPJd5/i2jZWWz9F6iyuKdhyMySz2WaBsbySmCs1pREcRYWcK5GL49yPb3ZOZucprD/n0VIer0+eublQeBQRMxNdxfJEs6tgkHxTeiOJ3mHaeLa/nE1PXW9Ih6fgS5NT/7CE7SO0fw1th9ZdLdRyo3a9fphDWqiGlt0oRURRnoJ7qctLYAZ7uXDn3c6oXJ/dZsio6Hjx16dPNjn0dpkpCBFYN3D7wXD02Ysm/7u+SGl2FjqA76FmmnJsqJ5Nog1QV4v7YpJdTtpfXBOuXAov4Fz9xHVssX4dYZkW5JKsfVFFIilo1vQbO4mBjYw58/gJswJygD5smwO2GawAfm62mGpdx4mFv2lwZoqJbLg1qcuI/qc8DqPrc3Y1nVNu3oGdMcts5q2IeuZgI1yzdb/Qz0gtkkIDtPzoyBlAZE9hsylBI7SdoP7VpmP+vIW21yC3GpE3TajbVD8p53c70fV4YH0LSX6pFF6RBuSFLwarG+WYtPTEy2k3d0ATMdH0gBaf19FJ04RTwsbYZPqAy328Dl3RLioZffm8BHAeKzuVsocrIiiHjJM6PqtL4II0UfbiKahxLcI7t1cGTWVhUtqrnZKZwJrbLYGd08aBvioTne/Nk=
secure: s6GdhJklftl8w/9WoETwLtvtKL4ledPA/TuBuqCXQxSuYWaPuTdRVcvoejGkHJpp7i/7v2T/0etYl+5koyskKm5+QZZweaaL7MAyjPGp+hmIaIlWQRz6w481NOf3i9uSmoQycssT0mNmwScNIqo+igbA2y14mr/e9aBuOcxNNzNzFQp2vaRMEju6q7xZMjYdcudUWL48vq9CoNa3X2ZArpqjkApR/TfYlG7glOj43NxuVDN4z9wIyUjaMHBfPgEhjaOaRyEFgEYITRwX1qDoXqcZdTVIq4Cn0uCH+Mvrz6Y+oUJGTJqH1k7N/DhzbSN9lJnVYaQW/yuvGHiGAwbb6Tcxiq2UqqhA9MfbPpmstDECs46v9Z3BT252KvYEQY7Q1v9g2gFhHvFGWISUxs80rnnPhEYfa11JoLvj2t8cowkE4pvj4OH32Eoyvc5H07hW3F5xpuF7Jt7N09TNZkUrpmiRJEhfrVNgjsrWO77/q5h8mXGd+9vYmz++yzKu+63x8x1MpeigGCG73Dpu9Otm5eydOZfpJ39ZfZWUb7G2JahgHaGweM9dmnpJtzHQgijmHjjfAx9jgnQ8IQz9nkFmyMI8H7HouwalnrJtpSSbvMqOQ0kiZhMzdBKH5pD3tjLgSlgA0pKelBwlooY6jGlj4LrtbDAxa6cZyXiFoqWpT1w=
65 changes: 65 additions & 0 deletions scripts/obtain_user_auth.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,65 @@
# Copyright 2016 Google Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

"""This program obtains a set of user credentials.
These credentials are needed to run the system test for OAuth2 credentials.
It's expected that a developer will run this program manually once to obtain
a refresh token. It's highly recommended to use a Google account created
specifically created for testing.
"""

import json
import os

from oauth2client import client
from oauth2client import tools

HERE = os.path.dirname(__file__)
CLIENT_SECRETS_PATH = os.path.abspath(os.path.join(
HERE, '..', 'system_tests', 'data', 'client_secret.json'))
AUTHORIZED_USER_PATH = os.path.abspath(os.path.join(
HERE, '..', 'system_tests', 'data', 'authorized_user.json'))
SCOPES = ['email', 'profile']


class NullStorage(client.Storage):
"""Null storage implementation to prevent oauth2client from failing
on storage.put."""
def locked_put(self, credentials):
pass


def main():
flow = client.flow_from_clientsecrets(CLIENT_SECRETS_PATH, SCOPES)

print('Starting credentials flow...')
credentials = tools.run_flow(flow, NullStorage())

# Save the credentials in the same format as the Cloud SDK's authorized
# user file.
data = {
'type': 'authorized_user',
'client_id': flow.client_id,
'client_secret': flow.client_secret,
'refresh_token': credentials.refresh_token
}

with open(AUTHORIZED_USER_PATH, 'w') as fh:
json.dump(data, fh, indent=4)

print('Created {}.'.format(AUTHORIZED_USER_PATH))

if __name__ == '__main__':
main()
6 changes: 6 additions & 0 deletions system_tests/conftest.py
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,12 @@ def service_account_file():
yield os.path.join(DATA_DIR, 'service_account.json')


@pytest.fixture
def authorized_user_file():
"""The full path to a valid authorized user file."""
yield os.path.join(DATA_DIR, 'authorized_user.json')


@pytest.fixture
def request():
"""A transport.request object."""
Expand Down
Binary file modified system_tests/secrets.tar.enc
Binary file not shown.
43 changes: 43 additions & 0 deletions system_tests/test_oauth2_credentials.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@
# Copyright 2016 Google Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

import json

from google.auth import _helpers
import google.oauth2.credentials

GOOGLE_OAUTH2_TOKEN_ENDPOINT = 'https://accounts.google.com/o/oauth2/token'


def test_refresh(authorized_user_file, request, token_info):
with open(authorized_user_file, 'r') as fh:
info = json.load(fh)

credentials = google.oauth2.credentials.Credentials(
None, # No access token, must be refreshed.
refresh_token=info['refresh_token'],
token_uri=GOOGLE_OAUTH2_TOKEN_ENDPOINT,
client_id=info['client_id'],
client_secret=info['client_secret'])

credentials.refresh(request)

assert credentials.token

info = token_info(credentials.token)

info_scopes = _helpers.string_to_scopes(info['scope'])
assert set(info_scopes) == set([
'https://www.googleapis.com/auth/userinfo.email',
'https://www.googleapis.com/auth/userinfo.profile'])

0 comments on commit cf672c2

Please sign in to comment.