diff options
author | Bu Sun Kim <8822365+busunkim96@users.noreply.github.com> | 2020-03-13 13:21:18 -0700 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-03-13 13:21:18 -0700 |
commit | 82e224b0854950a5607cd028edbcbcdc3e9e6505 (patch) | |
tree | 499f6348fa62cbe1476be16ab69a1ef62fb891f8 /tests/test_impersonated_credentials.py | |
parent | b2dd77fe4a538e1d165fc9d859c9a299f6832cda (diff) | |
download | google-auth-library-python-82e224b0854950a5607cd028edbcbcdc3e9e6505.tar.gz |
fix: only add IAM scope to credentials that can change scopes (#451)
Diffstat (limited to 'tests/test_impersonated_credentials.py')
-rw-r--r-- | tests/test_impersonated_credentials.py | 18 |
1 files changed, 16 insertions, 2 deletions
diff --git a/tests/test_impersonated_credentials.py b/tests/test_impersonated_credentials.py index 1cfcc7c..31075ca 100644 --- a/tests/test_impersonated_credentials.py +++ b/tests/test_impersonated_credentials.py @@ -26,6 +26,7 @@ from google.auth import exceptions from google.auth import impersonated_credentials from google.auth import transport from google.auth.impersonated_credentials import Credentials +from google.oauth2 import credentials from google.oauth2 import service_account DATA_DIR = os.path.join(os.path.dirname(__file__), "", "data") @@ -102,17 +103,30 @@ class TestImpersonatedCredentials(object): SOURCE_CREDENTIALS = service_account.Credentials( SIGNER, SERVICE_ACCOUNT_EMAIL, TOKEN_URI ) + USER_SOURCE_CREDENTIALS = credentials.Credentials(token="ABCDE") - def make_credentials(self, lifetime=LIFETIME, target_principal=TARGET_PRINCIPAL): + def make_credentials( + self, + source_credentials=SOURCE_CREDENTIALS, + lifetime=LIFETIME, + target_principal=TARGET_PRINCIPAL, + ): return Credentials( - source_credentials=self.SOURCE_CREDENTIALS, + source_credentials=source_credentials, target_principal=target_principal, target_scopes=self.TARGET_SCOPES, delegates=self.DELEGATES, lifetime=lifetime, ) + def test_make_from_user_credentials(self): + credentials = self.make_credentials( + source_credentials=self.USER_SOURCE_CREDENTIALS + ) + assert not credentials.valid + assert credentials.expired + def test_default_state(self): credentials = self.make_credentials() assert not credentials.valid |