diff options
author | Bu Sun Kim <8822365+busunkim96@users.noreply.github.com> | 2021-02-11 12:53:26 -0700 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-02-11 11:53:26 -0800 |
commit | 9dc2d86c1cb26e0fb4a2afc9d9b005ade2db8fe7 (patch) | |
tree | 539da3ea2cbeff587271eb1cc6e2daadcf180878 /tests/test_impersonated_credentials.py | |
parent | c731424c7edd15c92fb4b62043ae8e19d8e692e9 (diff) | |
download | google-auth-library-python-9dc2d86c1cb26e0fb4a2afc9d9b005ade2db8fe7.tar.gz |
Revert "feat: workload identity federation support (#686)" (#691)
This reverts commit 5dcd2b1bdd9d21522636d959cffc49ee29dda88f.
Diffstat (limited to 'tests/test_impersonated_credentials.py')
-rw-r--r-- | tests/test_impersonated_credentials.py | 64 |
1 files changed, 0 insertions, 64 deletions
diff --git a/tests/test_impersonated_credentials.py b/tests/test_impersonated_credentials.py index 430c770..305f939 100644 --- a/tests/test_impersonated_credentials.py +++ b/tests/test_impersonated_credentials.py @@ -104,17 +104,12 @@ class TestImpersonatedCredentials(object): SIGNER, SERVICE_ACCOUNT_EMAIL, TOKEN_URI ) USER_SOURCE_CREDENTIALS = credentials.Credentials(token="ABCDE") - IAM_ENDPOINT_OVERRIDE = ( - "https://us-east1-iamcredentials.googleapis.com/v1/projects/-" - + "/serviceAccounts/{}:generateAccessToken".format(SERVICE_ACCOUNT_EMAIL) - ) def make_credentials( self, source_credentials=SOURCE_CREDENTIALS, lifetime=LIFETIME, target_principal=TARGET_PRINCIPAL, - iam_endpoint_override=None, ): return Credentials( @@ -123,7 +118,6 @@ class TestImpersonatedCredentials(object): target_scopes=self.TARGET_SCOPES, delegates=self.DELEGATES, lifetime=lifetime, - iam_endpoint_override=iam_endpoint_override, ) def test_make_from_user_credentials(self): @@ -178,34 +172,6 @@ class TestImpersonatedCredentials(object): assert credentials.valid assert not credentials.expired - @pytest.mark.parametrize("use_data_bytes", [True, False]) - def test_refresh_success_iam_endpoint_override( - self, use_data_bytes, mock_donor_credentials - ): - credentials = self.make_credentials( - lifetime=None, iam_endpoint_override=self.IAM_ENDPOINT_OVERRIDE - ) - token = "token" - - expire_time = ( - _helpers.utcnow().replace(microsecond=0) + datetime.timedelta(seconds=500) - ).isoformat("T") + "Z" - response_body = {"accessToken": token, "expireTime": expire_time} - - request = self.make_request( - data=json.dumps(response_body), - status=http_client.OK, - use_data_bytes=use_data_bytes, - ) - - credentials.refresh(request) - - assert credentials.valid - assert not credentials.expired - # Confirm override endpoint used. - request_kwargs = request.call_args.kwargs - assert request_kwargs["url"] == self.IAM_ENDPOINT_OVERRIDE - @pytest.mark.parametrize("time_skew", [100, -100]) def test_refresh_source_credentials(self, time_skew): credentials = self.make_credentials(lifetime=None) @@ -351,36 +317,6 @@ class TestImpersonatedCredentials(object): quota_project_creds = credentials.with_quota_project("project-foo") assert quota_project_creds._quota_project_id == "project-foo" - @pytest.mark.parametrize("use_data_bytes", [True, False]) - def test_with_quota_project_iam_endpoint_override( - self, use_data_bytes, mock_donor_credentials - ): - credentials = self.make_credentials( - lifetime=None, iam_endpoint_override=self.IAM_ENDPOINT_OVERRIDE - ) - token = "token" - # iam_endpoint_override should be copied to created credentials. - quota_project_creds = credentials.with_quota_project("project-foo") - - expire_time = ( - _helpers.utcnow().replace(microsecond=0) + datetime.timedelta(seconds=500) - ).isoformat("T") + "Z" - response_body = {"accessToken": token, "expireTime": expire_time} - - request = self.make_request( - data=json.dumps(response_body), - status=http_client.OK, - use_data_bytes=use_data_bytes, - ) - - quota_project_creds.refresh(request) - - assert quota_project_creds.valid - assert not quota_project_creds.expired - # Confirm override endpoint used. - request_kwargs = request.call_args.kwargs - assert request_kwargs["url"] == self.IAM_ENDPOINT_OVERRIDE - def test_id_token_success( self, mock_donor_credentials, mock_authorizedsession_idtoken ): |