Skip to content

Commit ee98666

Browse files
lqiu96renovate-bot
lqiu96
and
renovate-bot
authored
chore: Add test for non-2xx responses from idTokenWithAudience calls (#1656)
* chore: Add test for non-2xx responses from idTokenWithAudience calls * chore: Update comments in test * chore(deps): update dependency com.google.auth:google-auth-library-oauth2-http to v1.32.0 (#1657) * chore: Update test name * chore: Remove universe domain --------- Co-authored-by: Mend Renovate <[email protected]>
1 parent e409b02 commit ee98666

File tree

2 files changed

+64
-0
lines changed

2 files changed

+64
-0
lines changed

oauth2_http/javatests/com/google/auth/oauth2/ServiceAccountCredentialsTest.java

Lines changed: 48 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -38,6 +38,7 @@
3838
import static org.junit.Assert.assertNotNull;
3939
import static org.junit.Assert.assertNull;
4040
import static org.junit.Assert.assertSame;
41+
import static org.junit.Assert.assertThrows;
4142
import static org.junit.Assert.assertTrue;
4243
import static org.junit.Assert.fail;
4344

@@ -975,6 +976,53 @@ public void idTokenWithAudience_iamFlow_targetAudienceDoesNotMatchAudClaim() thr
975976
tokenCredential.getIdToken().getJsonWebSignature().getPayload().getAudience());
976977
}
977978

979+
@Test
980+
public void idTokenWithAudience_oauthEndpoint_non2XXStatusCode() throws IOException {
981+
MockTokenServerTransportFactory transportFactory = new MockTokenServerTransportFactory();
982+
transportFactory.transport.setError(new IOException("404 Not Found"));
983+
ServiceAccountCredentials credentials =
984+
createDefaultBuilder().setScopes(SCOPES).setHttpTransportFactory(transportFactory).build();
985+
986+
String targetAudience = "audience";
987+
IdTokenCredentials tokenCredential =
988+
IdTokenCredentials.newBuilder()
989+
.setIdTokenProvider(credentials)
990+
.setTargetAudience(targetAudience)
991+
.build();
992+
993+
// Ensure that a non 2xx status code returns an exception and doesn't continue execution
994+
assertThrows(IOException.class, tokenCredential::refresh);
995+
}
996+
997+
@Test
998+
public void idTokenWithAudience_iamEndpoint_non2XXStatusCode() throws IOException {
999+
String universeDomain = "test.com";
1000+
MockIAMCredentialsServiceTransportFactory transportFactory =
1001+
new MockIAMCredentialsServiceTransportFactory(universeDomain);
1002+
transportFactory.getTransport().setTargetPrincipal(CLIENT_EMAIL);
1003+
transportFactory.getTransport().setIdToken(DEFAULT_ID_TOKEN);
1004+
transportFactory
1005+
.getTransport()
1006+
.addStatusCodeAndMessage(HttpStatusCodes.STATUS_CODE_NOT_FOUND, "Not Found");
1007+
ServiceAccountCredentials credentials =
1008+
createDefaultBuilder()
1009+
.setScopes(SCOPES)
1010+
.setHttpTransportFactory(transportFactory)
1011+
.setUniverseDomain(universeDomain)
1012+
.build();
1013+
1014+
String targetAudience = "audience";
1015+
IdTokenCredentials tokenCredential =
1016+
IdTokenCredentials.newBuilder()
1017+
.setIdTokenProvider(credentials)
1018+
.setTargetAudience(targetAudience)
1019+
.build();
1020+
1021+
// Ensure that a non 2xx status code returns an exception and doesn't continue execution
1022+
// Non 2xx status codes will be returned as HttpResponseException
1023+
assertThrows(IOException.class, tokenCredential::refresh);
1024+
}
1025+
9781026
@Test
9791027
public void getScopes_nullReturnsEmpty() throws IOException {
9801028
ServiceAccountCredentials credentials = createDefaultBuilder().build();

oauth2_http/javatests/com/google/auth/oauth2/UserCredentialsTest.java

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -37,6 +37,7 @@
3737
import static org.junit.Assert.assertNotNull;
3838
import static org.junit.Assert.assertNull;
3939
import static org.junit.Assert.assertSame;
40+
import static org.junit.Assert.assertThrows;
4041
import static org.junit.Assert.assertTrue;
4142
import static org.junit.Assert.fail;
4243

@@ -813,6 +814,21 @@ public void IdTokenCredentials_NoRetry_RetryableStatus_throws() throws IOExcepti
813814
}
814815
}
815816

817+
@Test
818+
public void idTokenWithAudience_non2xxError() throws IOException {
819+
MockTokenServerTransportFactory transportFactory = new MockTokenServerTransportFactory();
820+
transportFactory.transport.setError(new IOException("404 Not Found"));
821+
String refreshToken = MockTokenServerTransport.REFRESH_TOKEN_WITH_USER_SCOPE;
822+
InputStream userStream = writeUserStream(CLIENT_ID, CLIENT_SECRET, refreshToken, QUOTA_PROJECT);
823+
824+
UserCredentials credentials = UserCredentials.fromStream(userStream, transportFactory);
825+
826+
IdTokenCredentials tokenCredential =
827+
IdTokenCredentials.newBuilder().setIdTokenProvider(credentials).build();
828+
829+
assertThrows(GoogleAuthException.class, tokenCredential::refresh);
830+
}
831+
816832
@Test
817833
public void refreshAccessToken_4xx_5xx_NonRetryableFails() throws IOException {
818834
MockTokenServerTransportFactory transportFactory = new MockTokenServerTransportFactory();

0 commit comments

Comments
 (0)