Adding system tests to make sure token exchange works as expected.

- Updates CONTRIBUTING.md to explain how to set-up and run these tests. - Requires a version of httplib2 that has not been released on PyPI yet in order to work on Python 3. - Simply creates 3 different token types (JSON key for svc. acct., P12 key for svc. acct., JSON key for user acct.) and then authorizes an httplib2.Http object to hit the USERINFO API.
author: Danny Hermes <daniel.j.hermes@gmail.com> 2015-04-13 10:06:18 -0700
committer: Danny Hermes <daniel.j.hermes@gmail.com> 2015-04-13 10:06:18 -0700
commit: 659869f19aec766f2b0187ecc95e414331892872 (patch)
tree: d41b038594803c3d17956d7548cb9939e0296837 /scripts
parent: 0a6241c792f0c833f2f176292b0c7ea5623eabfd (diff)
download: oauth2client-659869f19aec766f2b0187ecc95e414331892872.tar.gz
3 files changed, 146 insertions, 0 deletions
diff --git a/scripts/local_test_setup.sample b/scripts/local_test_setup.sample
new file mode 100644
index 0000000..a7a3d10
--- /dev/null
+++ b/scripts/local_test_setup.sample
@@ -0,0 +1,5 @@
+export OAUTH2CLIENT_TEST_JSON_KEY_PATH="tests/data/gcloud/application_default_credentials.json"
+export OAUTH2CLIENT_TEST_P12_KEY_PATH="tests/data/privatekey.p12"
+export OAUTH2CLIENT_TEST_P12_KEY_EMAIL="project-foo@developer.gserviceaccount.com"
+export OAUTH2CLIENT_TEST_USER_KEY_PATH="tests/data/gcloud/application_default_credentials_authorized_user.json"
+export OAUTH2CLIENT_TEST_USER_KEY_EMAIL="foo@gmail.com"
diff --git a/scripts/run_system_tests.py b/scripts/run_system_tests.py
new file mode 100644
index 0000000..6b90509
--- /dev/null
+++ b/scripts/run_system_tests.py
@@ -0,0 +1,107 @@
+import json
+import os
+
+import httplib2
+from oauth2client import client
+from oauth2client import service_account
+
+
+JSON_KEY_PATH = os.getenv('OAUTH2CLIENT_TEST_JSON_KEY_PATH')
+P12_KEY_PATH = os.getenv('OAUTH2CLIENT_TEST_P12_KEY_PATH')
+P12_KEY_EMAIL = os.getenv('OAUTH2CLIENT_TEST_P12_KEY_EMAIL')
+USER_KEY_PATH = os.getenv('OAUTH2CLIENT_TEST_USER_KEY_PATH',
+                          client._get_well_known_file())
+USER_KEY_EMAIL = os.getenv('OAUTH2CLIENT_TEST_USER_KEY_EMAIL')
+
+SCOPE = ('https://www.googleapis.com/auth/plus.login',
+         'https://www.googleapis.com/auth/plus.me',
+         'https://www.googleapis.com/auth/userinfo.email',
+         'https://www.googleapis.com/auth/userinfo.profile')
+USER_INFO = 'https://www.googleapis.com/oauth2/v2/userinfo'
+
+
+def _require_environ():
+    if (JSON_KEY_PATH is None or P12_KEY_PATH is None or
+        P12_KEY_EMAIL is None or USER_KEY_PATH is None or
+        USER_KEY_EMAIL is None):
+        raise EnvironmentError('Expected environment variables to be set:',
+                               'OAUTH2CLIENT_TEST_JSON_KEY_PATH',
+                               'OAUTH2CLIENT_TEST_P12_KEY_PATH',
+                               'OAUTH2CLIENT_TEST_P12_KEY_EMAIL',
+                               'OAUTH2CLIENT_TEST_USER_KEY_PATH',
+                               'OAUTH2CLIENT_TEST_USER_KEY_EMAIL')
+
+    if not os.path.isfile(JSON_KEY_PATH):
+        raise EnvironmentError(JSON_KEY_PATH, 'is not a file')
+    if not os.path.isfile(P12_KEY_PATH):
+        raise EnvironmentError(P12_KEY_PATH, 'is not a file')
+    if not os.path.isfile(USER_KEY_PATH):
+        raise EnvironmentError(USER_KEY_PATH, 'is not a file')
+
+
+def _check_user_info(credentials, expected_email):
+    http = credentials.authorize(httplib2.Http())
+    response, content = http.request(USER_INFO)
+    if response.status != 200:
+        raise ValueError('Expected 200 response.')
+
+    content = content.decode('utf-8')
+    payload = json.loads(content)
+    if payload['email'] != expected_email:
+        raise ValueError('User info email does not match credentials.')
+
+
+def run_json():
+    with open(JSON_KEY_PATH, 'r') as file_object:
+        client_credentials = json.load(file_object)
+
+    credentials = service_account._ServiceAccountCredentials(
+        service_account_id=client_credentials['client_id'],
+        service_account_email=client_credentials['client_email'],
+        private_key_id=client_credentials['private_key_id'],
+        private_key_pkcs8_text=client_credentials['private_key'],
+        scopes=SCOPE,
+    )
+
+    _check_user_info(credentials, client_credentials['client_email'])
+
+
+def run_p12():
+    with open(P12_KEY_PATH, 'rb') as file_object:
+        private_key_contents = file_object.read()
+
+    credentials = client.SignedJwtAssertionCredentials(
+        service_account_name=P12_KEY_EMAIL,
+        private_key=private_key_contents,
+        scope=SCOPE,
+    )
+
+    _check_user_info(credentials, P12_KEY_EMAIL)
+
+
+def run_user_json():
+    with open(USER_KEY_PATH, 'r') as file_object:
+        client_credentials = json.load(file_object)
+
+    credentials = client.GoogleCredentials(
+        access_token=None,
+        client_id=client_credentials['client_id'],
+        client_secret=client_credentials['client_secret'],
+        refresh_token=client_credentials['refresh_token'],
+        token_expiry=None,
+        token_uri=client.GOOGLE_TOKEN_URI,
+        user_agent='Python client library',
+    )
+
+    _check_user_info(credentials, USER_KEY_EMAIL)
+
+
+def main():
+    _require_environ()
+    run_json()
+    run_p12()
+    run_user_json()
+
+
+if __name__ == '__main__':
+    main()
diff --git a/scripts/run_system_tests.sh b/scripts/run_system_tests.sh
new file mode 100755
index 0000000..c4b978f
--- /dev/null
+++ b/scripts/run_system_tests.sh
@@ -0,0 +1,34 @@
+#!/bin/bash
+
+# Copyright 2015 Google Inc. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+set -ev
+
+
+# If we're on Travis, we need to set up the environment.
+if [[ "${TRAVIS}" == "true" ]]; then
+  # If merging to master and not a pull request, run system test.
+  if [[ "${TRAVIS_BRANCH}" == "master" ]] && \
+         [[ "${TRAVIS_PULL_REQUEST}" == "false" ]]; then
+    echo "Running in Travis during merge, not setup correctly yet."
+    exit 1
+  else
+    echo "Running in Travis during non-merge to master, doing nothing."
+    exit
+  fi
+fi
+
+# Run the system tests for each tested package.
+python scripts/run_system_tests.py
author	Danny Hermes <daniel.j.hermes@gmail.com>	2015-04-13 10:06:18 -0700
committer	Danny Hermes <daniel.j.hermes@gmail.com>	2015-04-13 10:06:18 -0700
commit	659869f19aec766f2b0187ecc95e414331892872 (patch)
tree	d41b038594803c3d17956d7548cb9939e0296837 /scripts
parent	0a6241c792f0c833f2f176292b0c7ea5623eabfd (diff)
download	oauth2client-659869f19aec766f2b0187ecc95e414331892872.tar.gz