Merge pull request #17 from tbetbetbe/ruby-auth-make-scopes-optional

Ruby auth make scopes optional
This commit is contained in:
Tim Emiola 2015-03-23 16:32:51 -07:00
commit 3a516305f1
10 changed files with 93 additions and 31 deletions

8
CHANGELOG.md Normal file
View File

@ -0,0 +1,8 @@
## 0.3.0 (23/03/2015)
### Changes
* makes the scope parameter's optional in all APIs. ([@tbetbetbe][])
* changes the scope parameter's position in various constructors. ([@tbetbetbe][])
[@tbetbetbe]: https://github.com/tbetbetbe

View File

@ -19,14 +19,55 @@ Follow either of the two links above to access the appropriate CLA and
instructions for how to sign and return it. Once we receive it, we'll be able to instructions for how to sign and return it. Once we receive it, we'll be able to
accept your pull requests. accept your pull requests.
## Contributing A Patch ## Issue reporting
1. Submit an issue describing your proposed change to the repo in question. * Check that the issue has not already been reported.
1. The repo owner will respond to your issue promptly. * Check that the issue has not already been fixed in the latest code
1. If your proposed change is accepted, and you haven't already done so, sign a (a.k.a. `master`).
Contributor License Agreement (see details above). * Be clear, concise and precise in your description of the problem.
1. Fork the desired repo, develop and test your code changes. * Open an issue with a descriptive title and a summary in grammatically correct,
1. Ensure that your code is clear and comprehensible. complete sentences.
1. Ensure that your code has an appropriate set of unit tests which all pass. * Include any relevant code to the issue summary.
1. Submit a pull request.
## Pull requests
* Read [how to properly contribute to open source projects on Github][2].
* Fork the project.
* Use a topic/feature branch to easily amend a pull request later, if necessary.
* Write [good commit messages][3].
* Use the same coding conventions as the rest of the project.
* Commit and push until you are happy with your contribution.
* Make sure to add tests for it. This is important so I don't break it
in a future version unintentionally.
* Add an entry to the [Changelog](CHANGELOG.md) accordingly. See [changelog entry format](#changelog-entry-format).
* Please try not to mess with the Rakefile, version, or history. If you want to
have your own version, or is otherwise necessary, that is fine, but please
isolate to its own commit so I can cherry-pick around it.
* Make sure the test suite is passing and the code you wrote doesn't produce
RuboCop offenses.
* [Squash related commits together][5].
* Open a [pull request][4] that relates to *only* one subject with a clear title
and description in grammatically correct, complete sentences.
### Changelog entry format
Here are a few examples:
```
* makes the scope parameter's optional in all APIs. (@tbetbetbe[])
* [#14](https://github.com/google/google-auth-library-ruby/issues/14): ADC Support for JWT Service Tokens. ([@tbetbetbe][])
```
* Mark it up in [Markdown syntax][6].
* The entry line should start with `* ` (an asterisk and a space).
* If the change has a related GitHub issue (e.g. a bug fix for a reported issue), put a link to the issue as `[#123](https://github.com/google/google-auth-library-ruby/issues/11): `.
* Describe the brief of the change. The sentence should end with a punctuation.
* At the end of the entry, add an implicit link to your GitHub user page as `([@username][])`.
* If this is your first contribution to google-auth-library-ruby project, add a link definition for the implicit link to the bottom of the changelog as `[@username]: https://github.com/username`.
[1]: https://github.com/google/google-auth-ruby-library/issues
[2]: http://gun.io/blog/how-to-github-fork-branch-and-pull-request
[3]: http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html
[4]: https://help.github.com/articles/using-pull-requests
[5]: http://gitready.com/advanced/2009/02/10/squashing-commits-with-rebase.html
[6]: http://daringfireball.net/projects/markdown/syntax

View File

@ -52,9 +52,9 @@ END
# override CredentialsLoader#make_creds to use the class determined by # override CredentialsLoader#make_creds to use the class determined by
# loading the json. # loading the json.
def self.make_creds(scope, json_key_io) def self.make_creds(json_key_io, scope = nil)
json_key, clz = determine_creds_class(json_key_io) json_key, clz = determine_creds_class(json_key_io)
clz.new(scope, StringIO.new(MultiJson.dump(json_key))) clz.new(StringIO.new(MultiJson.dump(json_key)), scope)
end end
# Reads the input json and determines which creds class to use. # Reads the input json and determines which creds class to use.
@ -75,12 +75,13 @@ END
# Google APIs. Application Default Credentials are described in detail # Google APIs. Application Default Credentials are described in detail
# at http://goo.gl/IUuyuX. # at http://goo.gl/IUuyuX.
# #
# If supplied, scope is used to create the credentials instance, when it # If supplied, scope is used to create the credentials instance, when it can
# can applied. E.g, on compute engine, the scope is ignored. # be applied. E.g, on google compute engine and for user credentials the
# scope is ignored.
# #
# @param scope [string|array] the scope(s) to access # @param scope [string|array|nil] the scope(s) to access
# @param options [hash] allows override of the connection being used # @param options [hash] allows override of the connection being used
def get_application_default(scope, options = {}) def get_application_default(scope = nil, options = {})
creds = DefaultCredentials.from_env(scope) creds = DefaultCredentials.from_env(scope)
return creds unless creds.nil? return creds unless creds.nil?
creds = DefaultCredentials.from_well_known_path(scope) creds = DefaultCredentials.from_well_known_path(scope)

View File

@ -61,13 +61,13 @@ module Google
# Creates an instance from the path specified in an environment # Creates an instance from the path specified in an environment
# variable. # variable.
# #
# @param scope [string|array] the scope(s) to access # @param scope [string|array|nil] the scope(s) to access
def from_env(scope) def from_env(scope = nil)
return nil unless ENV.key?(ENV_VAR) return nil unless ENV.key?(ENV_VAR)
path = ENV[ENV_VAR] path = ENV[ENV_VAR]
fail 'file #{path} does not exist' unless File.exist?(path) fail 'file #{path} does not exist' unless File.exist?(path)
File.open(path) do |f| File.open(path) do |f|
return make_creds(scope, f) return make_creds(f, scope)
end end
rescue StandardError => e rescue StandardError => e
raise "#{NOT_FOUND_ERROR}: #{e}" raise "#{NOT_FOUND_ERROR}: #{e}"
@ -75,15 +75,15 @@ module Google
# Creates an instance from a well known path. # Creates an instance from a well known path.
# #
# @param scope [string|array] the scope(s) to access # @param scope [string|array|nil] the scope(s) to access
def from_well_known_path(scope) def from_well_known_path(scope = nil)
home_var, base = windows? ? 'APPDATA' : 'HOME', WELL_KNOWN_PATH home_var, base = windows? ? 'APPDATA' : 'HOME', WELL_KNOWN_PATH
root = ENV[home_var].nil? ? '' : ENV[home_var] root = ENV[home_var].nil? ? '' : ENV[home_var]
base = File.join('.config', base) unless windows? base = File.join('.config', base) unless windows?
path = File.join(root, base) path = File.join(root, base)
return nil unless File.exist?(path) return nil unless File.exist?(path)
File.open(path) do |f| File.open(path) do |f|
return make_creds(scope, f) return make_creds(f, scope)
end end
rescue StandardError => e rescue StandardError => e
raise "#{WELL_KNOWN_ERROR}: #{e}" raise "#{WELL_KNOWN_ERROR}: #{e}"

View File

@ -57,9 +57,9 @@ module Google
# Initializes a ServiceAccountCredentials. # Initializes a ServiceAccountCredentials.
# #
# @param scope [string|array] the scope(s) to access
# @param json_key_io [IO] an IO from which the JSON key can be read # @param json_key_io [IO] an IO from which the JSON key can be read
def initialize(scope, json_key_io) # @param scope [string|array|nil] the scope(s) to access
def initialize(json_key_io, scope = nil)
private_key, client_email = self.class.read_json_key(json_key_io) private_key, client_email = self.class.read_json_key(json_key_io)
super(token_credential_uri: TOKEN_CRED_URI, super(token_credential_uri: TOKEN_CRED_URI,
audience: TOKEN_CRED_URI, audience: TOKEN_CRED_URI,

View File

@ -61,9 +61,9 @@ module Google
# Initializes a UserRefreshCredentials. # Initializes a UserRefreshCredentials.
# #
# @param scope [string|array] the scope(s) to access
# @param json_key_io [IO] an IO from which the JSON key can be read # @param json_key_io [IO] an IO from which the JSON key can be read
def initialize(scope, json_key_io) # @param scope [string|array|nil] the scope(s) to access
def initialize(json_key_io, scope = nil)
user_creds = self.class.read_json_key(json_key_io) user_creds = self.class.read_json_key(json_key_io)
super(token_credential_uri: TOKEN_CRED_URI, super(token_credential_uri: TOKEN_CRED_URI,
client_id: user_creds['client_id'], client_id: user_creds['client_id'],

View File

@ -31,6 +31,6 @@ module Google
# Module Auth provides classes that provide Google-specific authorization # Module Auth provides classes that provide Google-specific authorization
# used to access Google APIs. # used to access Google APIs.
module Auth module Auth
VERSION = '0.2.0' VERSION = '0.3.0'
end end
end end

View File

@ -104,6 +104,18 @@ describe '#get_application_default' do
end end
end end
it 'succeeds with default file without a scope' do
ENV.delete(@var_name) unless ENV[@var_name].nil?
Dir.mktmpdir do |dir|
key_path = File.join(dir, '.config',
CredentialsLoader::WELL_KNOWN_PATH)
FileUtils.mkdir_p(File.dirname(key_path))
File.write(key_path, cred_json_text)
ENV['HOME'] = dir
expect(Google::Auth.get_application_default).to_not be_nil
end
end
it 'succeeds without default file or env if on compute engine' do it 'succeeds without default file or env if on compute engine' do
stubs = Faraday::Adapter::Test::Stubs.new do |stub| stubs = Faraday::Adapter::Test::Stubs.new do |stub|
stub.get('/') do |_env| stub.get('/') do |_env|

View File

@ -47,8 +47,8 @@ describe Google::Auth::ServiceAccountCredentials do
before(:example) do before(:example) do
@key = OpenSSL::PKey::RSA.new(2048) @key = OpenSSL::PKey::RSA.new(2048)
@client = ServiceAccountCredentials.new( @client = ServiceAccountCredentials.new(
'https://www.googleapis.com/auth/userinfo.profile', StringIO.new(cred_json_text),
StringIO.new(cred_json_text)) 'https://www.googleapis.com/auth/userinfo.profile')
end end
def make_auth_stubs(opts = {}) def make_auth_stubs(opts = {})

View File

@ -47,8 +47,8 @@ describe Google::Auth::UserRefreshCredentials do
before(:example) do before(:example) do
@key = OpenSSL::PKey::RSA.new(2048) @key = OpenSSL::PKey::RSA.new(2048)
@client = UserRefreshCredentials.new( @client = UserRefreshCredentials.new(
'https://www.googleapis.com/auth/userinfo.profile', StringIO.new(cred_json_text),
StringIO.new(cred_json_text)) 'https://www.googleapis.com/auth/userinfo.profile')
end end
def make_auth_stubs(opts = {}) def make_auth_stubs(opts = {})