func (s *credentialsSuite) TestNewCredentials(c *gc.C) {
values := map[string]string{
google.OSEnvClientID: "abc",
google.OSEnvClientEmail: "*****@*****.**",
google.OSEnvPrivateKey: "<some-key>",
}
creds, err := google.NewCredentials(values)
c.Assert(err, jc.ErrorIsNil)
jsonKey := creds.JSONKey
creds.JSONKey = nil
c.Check(creds, jc.DeepEquals, &google.Credentials{
ClientID: "abc",
ClientEmail: "*****@*****.**",
PrivateKey: []byte("<some-key>"),
})
data := make(map[string]string)
err = json.Unmarshal(jsonKey, &data)
c.Assert(err, jc.ErrorIsNil)
c.Check(data, jc.DeepEquals, map[string]string{
"type": "service_account",
"client_id": "abc",
"client_email": "*****@*****.**",
"private_key": "<some-key>",
})
}
func (s *credentialsSuite) TestNewCredentialsUnrecognized(c *gc.C) {
values := map[string]string{
"spam": "eggs",
}
_, err := google.NewCredentials(values)
c.Check(err, jc.Satisfies, errors.IsNotSupported)
}
func createCredsFile(c *gc.C, path string) string {
if path == "" {
dir := c.MkDir()
path = filepath.Join(dir, "creds.json")
}
creds, err := google.NewCredentials(sampleCredentialAttributes)
c.Assert(err, jc.ErrorIsNil)
err = ioutil.WriteFile(path, creds.JSONKey, 0644)
c.Assert(err, jc.ErrorIsNil)
return path
}
func (s *credentialsSuite) TestCredentialsValues(c *gc.C) {
original := map[string]string{
google.OSEnvClientID: "abc",
google.OSEnvClientEmail: "*****@*****.**",
google.OSEnvPrivateKey: "<some-key>",
}
creds, err := google.NewCredentials(original)
c.Assert(err, jc.ErrorIsNil)
values := creds.Values()
c.Check(values, jc.DeepEquals, original)
}
func (s *credentialsSuite) TestNewCredentialsValidates(c *gc.C) {
values := map[string]string{
google.OSEnvClientEmail: "*****@*****.**",
google.OSEnvPrivateKey: "<some-key>",
google.OSEnvProjectID: "yup",
}
_, err := google.NewCredentials(values)
// This error comes from Credentials.Validate so by implication
// if we're getting this error, validation is being performed.
c.Check(err, gc.ErrorMatches, `invalid config value \(\) for "GCE_CLIENT_ID": missing ClientID`)
c.Assert(err, jc.Satisfies, google.IsInvalidConfigValueError)
}
// parseCredentials extracts the OAuth2 info from the config from the
// individual fields (falling back on the JSON file).
func parseCredentials(cfg *config.Config) (*google.Credentials, error) {
attrs := cfg.UnknownAttrs()
values := make(map[string]string)
for _, field := range configAuthFields {
if existing, ok := attrs[field].(string); ok && existing != "" {
for key, candidate := range osEnvFields {
if field == candidate {
values[key] = existing
break
}
}
}
}
return google.NewCredentials(values)
}
// parseCredentials extracts the OAuth2 info from the config from the
// individual fields (falling back on the JSON file).
func parseCredentials(cfg *config.Config) (*google.Credentials, error) {
attrs := cfg.UnknownAttrs()
// Try the auth fields first.
values := make(map[string]string)
for _, field := range configAuthFields {
if existing, ok := attrs[field].(string); ok && existing != "" {
for key, candidate := range osEnvFields {
if field == candidate {
values[key] = existing
break
}
}
}
}
if len(values) > 0 {
creds, err := google.NewCredentials(values)
if err != nil {
return nil, errors.Trace(err)
}
return creds, nil
}
// Fall back to the auth file.
filename, ok := attrs[cfgAuthFile].(string)
if !ok || filename == "" {
// The missing credentials will be caught later.
return nil, nil
}
authFile, err := os.Open(filename)
if err != nil {
return nil, errors.Trace(err)
}
defer authFile.Close()
creds, err := google.ParseJSONKey(authFile)
if err != nil {
return nil, errors.Trace(err)
}
return creds, nil
}
func (s *credentialsSuite) TestNewCredentialsEmpty(c *gc.C) {
creds, err := google.NewCredentials(nil)
c.Assert(err, jc.ErrorIsNil)
c.Check(creds, jc.DeepEquals, &google.Credentials{})
}