@Override public Credentials getCredentials() throws IOException { GoogleCredentials credentials = GoogleCredentials.getApplicationDefault(); // Check if the current scopes permit JWT token use boolean hasJwtEnabledScope = false; for (String scope : getJwtEnabledScopes()) { if (getScopesToApply().contains(scope)) { hasJwtEnabledScope = true; break; } } // Use JWT tokens when using a service account with an appropriate scope. if (credentials instanceof ServiceAccountCredentials && hasJwtEnabledScope) { ServiceAccountCredentials serviceAccount = (ServiceAccountCredentials) credentials; return ServiceAccountJwtAccessCredentials.newBuilder() .setClientEmail(serviceAccount.getClientEmail()) .setClientId(serviceAccount.getClientId()) .setPrivateKey(serviceAccount.getPrivateKey()) .setPrivateKeyId(serviceAccount.getPrivateKeyId()) .build(); } if (credentials.createScopedRequired()) { credentials = credentials.createScoped(getScopesToApply()); } return credentials; }
@Override public Credentials getCredentials() throws IOException { GoogleCredentials credentials = GoogleCredentials.getApplicationDefault(); // Check if the current scopes permit JWT token use boolean hasJwtEnabledScope = false; for (String scope : getJwtEnabledScopes()) { if (getScopesToApply().contains(scope)) { hasJwtEnabledScope = true; break; } } // Use JWT tokens when using a service account with an appropriate scope. if (credentials instanceof ServiceAccountCredentials && hasJwtEnabledScope) { ServiceAccountCredentials serviceAccount = (ServiceAccountCredentials) credentials; return ServiceAccountJwtAccessCredentials.newBuilder() .setClientEmail(serviceAccount.getClientEmail()) .setClientId(serviceAccount.getClientId()) .setPrivateKey(serviceAccount.getPrivateKey()) .setPrivateKeyId(serviceAccount.getPrivateKeyId()) .build(); } if (credentials.createScopedRequired()) { credentials = credentials.createScoped(getScopesToApply()); } return credentials; }
@Test public void channelCustomCredentialScopes() throws IOException { ImmutableList<String> inputScopes = ImmutableList.<String>builder().add("https://www.googleapis.com/auth/fakeservice").build(); CredentialsProvider credentialsProvider = FakeStubSettings.defaultCredentialsProviderBuilder().setScopesToApply(inputScopes).build(); FakeStubSettings settings = FakeStubSettings.newBuilder().setCredentialsProvider(credentialsProvider).build(); TransportChannelProvider actualChannelProvider = settings.getTransportChannelProvider(); Truth.assertThat(actualChannelProvider).isInstanceOf(InstantiatingGrpcChannelProvider.class); InstantiatingGrpcChannelProvider actualInstChPr = (InstantiatingGrpcChannelProvider) actualChannelProvider; Truth.assertThat(actualInstChPr.getEndpoint()) .isEqualTo(FakeStubSettings.DEFAULT_SERVICE_ENDPOINT); CredentialsProvider actualCredentialsProvider = settings.getCredentialsProvider(); Truth.assertThat(actualCredentialsProvider).isInstanceOf(GoogleCredentialsProvider.class); GoogleCredentialsProvider googCredProv = (GoogleCredentialsProvider) actualCredentialsProvider; Truth.assertThat(googCredProv.getScopesToApply()).isEqualTo(inputScopes); // TODO(michaelbausor): create JSON with credentials and define GOOGLE_APPLICATION_CREDENTIALS // environment variable to allow travis build to access application default credentials // Truth.assertThat(connSettings.getCredentials()).isNotNull(); }