diff options
| author | arithmetic1728 <58957152+arithmetic1728@users.noreply.github.com> | 2021-11-01 13:10:17 -0700 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-11-01 13:10:17 -0700 |
| commit | ef3128474431b07d1d519209ea61622bc245ce91 (patch) | |
| tree | a4f1dc1948343cf3695d248e973aa2eecad3413c | |
| parent | bd0ccc5fe77d55f7a19f5278d6b60587c393ee3c (diff) | |
| download | google-auth-library-python-ef3128474431b07d1d519209ea61622bc245ce91.tar.gz | |
fix: fix error in sign_bytes (#905)
* fix: fix error in sign_bytes
* fix test
| -rw-r--r-- | .coveragerc | 1 | ||||
| -rw-r--r-- | google/auth/impersonated_credentials.py | 5 | ||||
| -rw-r--r-- | tests/test_impersonated_credentials.py | 13 |
3 files changed, 19 insertions, 0 deletions
diff --git a/.coveragerc b/.coveragerc index 494c03f..9ba3d3f 100644 --- a/.coveragerc +++ b/.coveragerc @@ -5,6 +5,7 @@ branch = True omit = */samples/* */conftest.py + */google-cloud-sdk/lib/* exclude_lines = # Re-enable the standard pragma pragma: NO COVER diff --git a/google/auth/impersonated_credentials.py b/google/auth/impersonated_credentials.py index b8a6c49..80d6fdf 100644 --- a/google/auth/impersonated_credentials.py +++ b/google/auth/impersonated_credentials.py @@ -290,6 +290,11 @@ class Credentials(credentials.CredentialsWithQuotaProject, credentials.Signing): url=iam_sign_endpoint, headers=headers, json=body ) + if response.status_code != http_client.OK: + raise exceptions.TransportError( + "Error calling sign_bytes: {}".format(response.json()) + ) + return base64.b64decode(response.json()["signedBlob"]) @property diff --git a/tests/test_impersonated_credentials.py b/tests/test_impersonated_credentials.py index bceaeba..bc404e3 100644 --- a/tests/test_impersonated_credentials.py +++ b/tests/test_impersonated_credentials.py @@ -345,6 +345,19 @@ class TestImpersonatedCredentials(object): signature = credentials.sign_bytes(b"signed bytes") assert signature == b"signature" + def test_sign_bytes_failure(self): + credentials = self.make_credentials(lifetime=None) + + with mock.patch( + "google.auth.transport.requests.AuthorizedSession.request", autospec=True + ) as auth_session: + data = {"error": {"code": 403, "message": "unauthorized"}} + auth_session.return_value = MockResponse(data, http_client.FORBIDDEN) + + with pytest.raises(exceptions.TransportError) as excinfo: + credentials.sign_bytes(b"foo") + assert excinfo.match("'code': 403") + def test_with_quota_project(self): credentials = self.make_credentials() |