File: integration_test.go

package info (click to toggle)
golang-google-api 0.61.0-6
  • links: PTS, VCS
  • area: main
  • in suites: experimental, sid, trixie
  • size: 209,156 kB
  • sloc: sh: 183; makefile: 22; python: 4
file content (97 lines) | stat: -rw-r--r-- 2,754 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
 
// Copyright 2020 Google LLC.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.

package idtoken_test

import (
	"context"
	"net/http"
	"os"
	"strings"
	"testing"

	"golang.org/x/oauth2"
	"golang.org/x/oauth2/google"
	"google.golang.org/api/idtoken"
	"google.golang.org/api/option"
)

const (
	envCredentialFile = "GOOGLE_APPLICATION_CREDENTIALS"

	aud = "http://example.com"
)

func TestNewTokenSource(t *testing.T) {
	if testing.Short() {
		t.Skip("skipping integration test")
	}
	ts, err := idtoken.NewTokenSource(context.Background(), "http://example.com", option.WithCredentialsFile(os.Getenv(envCredentialFile)))
	if err != nil {
		t.Fatalf("unable to create TokenSource: %v", err)
	}
	tok, err := ts.Token()
	if err != nil {
		t.Fatalf("unable to retrieve Token: %v", err)
	}
	req := &http.Request{Header: make(http.Header)}
	tok.SetAuthHeader(req)
	if !strings.HasPrefix(req.Header.Get("Authorization"), "Bearer ") {
		t.Fatalf("token should sign requests with Bearer Authorization header")
	}
	validTok, err := idtoken.Validate(context.Background(), tok.AccessToken, aud)
	if err != nil {
		t.Fatalf("token validation failed: %v", err)
	}
	if validTok.Audience != aud {
		t.Fatalf("got %q, want %q", validTok.Audience, aud)
	}
}

func TestNewClient_WithCredentialFile(t *testing.T) {
	if testing.Short() {
		t.Skip("skipping integration test")
	}
	client, err := idtoken.NewClient(context.Background(), aud, option.WithCredentialsFile(os.Getenv(envCredentialFile)))
	if err != nil {
		t.Fatalf("unable to create Client: %v", err)
	}
	tok, err := client.Transport.(*oauth2.Transport).Source.Token()
	if err != nil {
		t.Fatalf("unable to retrieve Token: %v", err)
	}
	validTok, err := idtoken.Validate(context.Background(), tok.AccessToken, aud)
	if err != nil {
		t.Fatalf("token validation failed: %v", err)
	}
	if validTok.Audience != aud {
		t.Fatalf("got %q, want %q", validTok.Audience, aud)
	}
}

func TestNewClient_WithCredentialJSON(t *testing.T) {
	if testing.Short() {
		t.Skip("skipping integration test")
	}
	ctx := context.Background()
	creds, err := google.FindDefaultCredentials(ctx)
	if err != nil {
		t.Fatalf("unable to find default creds: %v", err)
	}
	client, err := idtoken.NewClient(ctx, aud, option.WithCredentialsJSON(creds.JSON))
	if err != nil {
		t.Fatalf("unable to create Client: %v", err)
	}
	tok, err := client.Transport.(*oauth2.Transport).Source.Token()
	if err != nil {
		t.Fatalf("unable to retrieve Token: %v", err)
	}
	validTok, err := idtoken.Validate(context.Background(), tok.AccessToken, aud)
	if err != nil {
		t.Fatalf("token validation failed: %v", err)
	}
	if validTok.Audience != aud {
		t.Fatalf("got %q, want %q", validTok.Audience, aud)
	}
}