fix: Service account credentials properly apply ID tokens

2020-06-16 13:35:39 -07:00 · 2020-06-16 13:35:39 -07:00 · a3f3b994ab
parent 9bcac01574
commit a3f3b994ab
2 changed files with 13 additions and 1 deletions
--- a/lib/googleauth/service_account.rb
+++ b/lib/googleauth/service_account.rb
@ -104,7 +104,7 @@ module Google
      # authenticate instead.
      def apply! a_hash, opts = {}
        # Use the base implementation if scopes are set
-        unless scope.nil?
+        unless scope.nil? && target_audience.nil?
          super
          return
        end
--- a/spec/googleauth/apply_auth_examples.rb
+++ b/spec/googleauth/apply_auth_examples.rb
@ -90,6 +90,18 @@ shared_examples "apply/apply! are OK" do
      expect(md).to eq(want)
      expect(stub).to have_been_requested
    end
+
+    it "should update the target hash with fetched ID token" do
+      skip unless @id_client
+      token = "1/abcdef1234567890"
+      stub = make_auth_stubs id_token: token
+
+      md = { foo: "bar" }
+      @id_client.apply! md
+      want = { :foo => "bar", auth_key => "Bearer #{token}" }
+      expect(md).to eq(want)
+      expect(stub).to have_been_requested
+    end
  end

  describe "updater_proc" do