diff --git a/lib/googleauth/credentials.rb b/lib/googleauth/credentials.rb index 6ebe8ff..37bfb3e 100644 --- a/lib/googleauth/credentials.rb +++ b/lib/googleauth/credentials.rb @@ -38,8 +38,8 @@ module Google # This class is intended to be inherited by API-specific classes # which overrides the SCOPE constant. class Credentials - TOKEN_CREDENTIAL_URI = 'https://accounts.google.com/o/oauth2/token'.freeze - AUDIENCE = 'https://accounts.google.com/o/oauth2/token'.freeze + TOKEN_CREDENTIAL_URI = 'https://oauth2.googleapis.com/token'.freeze + AUDIENCE = 'https://oauth2.googleapis.com/token'.freeze SCOPE = [].freeze PATH_ENV_VARS = [].freeze JSON_ENV_VARS = [].freeze diff --git a/lib/googleauth/user_refresh.rb b/lib/googleauth/user_refresh.rb index f165428..bf5f3dc 100644 --- a/lib/googleauth/user_refresh.rb +++ b/lib/googleauth/user_refresh.rb @@ -46,9 +46,9 @@ module Google # # cf [Application Default Credentials](http://goo.gl/mkAHpZ) class UserRefreshCredentials < Signet::OAuth2::Client - TOKEN_CRED_URI = 'https://www.googleapis.com/oauth2/v4/token'.freeze + TOKEN_CRED_URI = 'https://oauth2.googleapis.com/token'.freeze AUTHORIZATION_URI = 'https://accounts.google.com/o/oauth2/auth'.freeze - REVOKE_TOKEN_URI = 'https://accounts.google.com/o/oauth2/revoke'.freeze + REVOKE_TOKEN_URI = 'https://oauth2.googleapis.com/revoke'.freeze extend CredentialsLoader # Create a UserRefreshCredentials. diff --git a/spec/googleauth/credentials_spec.rb b/spec/googleauth/credentials_spec.rb index 119d850..d1f518c 100644 --- a/spec/googleauth/credentials_spec.rb +++ b/spec/googleauth/credentials_spec.rb @@ -49,8 +49,8 @@ describe Google::Auth::Credentials, :private do allow(mocked_signet).to receive(:fetch_access_token!).and_return(true) allow(mocked_signet).to receive(:client_id) allow(Signet::OAuth2::Client).to receive(:new) do |options| - expect(options[:token_credential_uri]).to eq('https://accounts.google.com/o/oauth2/token') - expect(options[:audience]).to eq('https://accounts.google.com/o/oauth2/token') + expect(options[:token_credential_uri]).to eq('https://oauth2.googleapis.com/token') + expect(options[:audience]).to eq('https://oauth2.googleapis.com/token') expect(options[:scope]).to eq([]) expect(options[:issuer]).to eq(default_keyfile_hash['client_email']) expect(options[:signing_key]).to be_a_kind_of(OpenSSL::PKey::RSA) @@ -66,8 +66,8 @@ describe Google::Auth::Credentials, :private do allow(mocked_signet).to receive(:fetch_access_token!).and_return(true) allow(mocked_signet).to receive(:client_id) allow(Signet::OAuth2::Client).to receive(:new) do |options| - expect(options[:token_credential_uri]).to eq('https://accounts.google.com/o/oauth2/token') - expect(options[:audience]).to eq('https://accounts.google.com/o/oauth2/token') + expect(options[:token_credential_uri]).to eq('https://oauth2.googleapis.com/token') + expect(options[:audience]).to eq('https://oauth2.googleapis.com/token') expect(options[:scope]).to eq(['http://example.com/scope']) expect(options[:issuer]).to eq(default_keyfile_hash['client_email']) expect(options[:signing_key]).to be_a_kind_of(OpenSSL::PKey::RSA) @@ -98,8 +98,8 @@ describe Google::Auth::Credentials, :private do allow(mocked_signet).to receive(:fetch_access_token!).and_return(true) allow(mocked_signet).to receive(:client_id) allow(Signet::OAuth2::Client).to receive(:new) do |options| - expect(options[:token_credential_uri]).to eq('https://accounts.google.com/o/oauth2/token') - expect(options[:audience]).to eq('https://accounts.google.com/o/oauth2/token') + expect(options[:token_credential_uri]).to eq('https://oauth2.googleapis.com/token') + expect(options[:audience]).to eq('https://oauth2.googleapis.com/token') expect(options[:scope]).to eq(['http://example.com/scope']) expect(options[:issuer]).to eq(default_keyfile_hash['client_email']) expect(options[:signing_key]).to be_a_kind_of(OpenSSL::PKey::RSA) @@ -130,8 +130,8 @@ describe Google::Auth::Credentials, :private do allow(mocked_signet).to receive(:fetch_access_token!).and_return(true) allow(mocked_signet).to receive(:client_id) allow(Signet::OAuth2::Client).to receive(:new) do |options| - expect(options[:token_credential_uri]).to eq('https://accounts.google.com/o/oauth2/token') - expect(options[:audience]).to eq('https://accounts.google.com/o/oauth2/token') + expect(options[:token_credential_uri]).to eq('https://oauth2.googleapis.com/token') + expect(options[:audience]).to eq('https://oauth2.googleapis.com/token') expect(options[:scope]).to eq(['http://example.com/scope']) expect(options[:issuer]).to eq(default_keyfile_hash['client_email']) expect(options[:signing_key]).to be_a_kind_of(OpenSSL::PKey::RSA) @@ -161,8 +161,8 @@ describe Google::Auth::Credentials, :private do allow(mocked_signet).to receive(:fetch_access_token!).and_return(true) allow(mocked_signet).to receive(:client_id) allow(Signet::OAuth2::Client).to receive(:new) do |options| - expect(options[:token_credential_uri]).to eq('https://accounts.google.com/o/oauth2/token') - expect(options[:audience]).to eq('https://accounts.google.com/o/oauth2/token') + expect(options[:token_credential_uri]).to eq('https://oauth2.googleapis.com/token') + expect(options[:audience]).to eq('https://oauth2.googleapis.com/token') expect(options[:scope]).to eq(['http://example.com/scope']) expect(options[:issuer]).to eq(default_keyfile_hash['client_email']) expect(options[:signing_key]).to be_a_kind_of(OpenSSL::PKey::RSA) @@ -193,8 +193,8 @@ describe Google::Auth::Credentials, :private do allow(mocked_signet).to receive(:fetch_access_token!).and_return(true) allow(mocked_signet).to receive(:client_id) allow(Signet::OAuth2::Client).to receive(:new) do |options| - expect(options[:token_credential_uri]).to eq('https://accounts.google.com/o/oauth2/token') - expect(options[:audience]).to eq('https://accounts.google.com/o/oauth2/token') + expect(options[:token_credential_uri]).to eq('https://oauth2.googleapis.com/token') + expect(options[:audience]).to eq('https://oauth2.googleapis.com/token') expect(options[:scope]).to eq(['http://example.com/scope']) expect(options[:issuer]).to eq(default_keyfile_hash['client_email']) expect(options[:signing_key]).to be_a_kind_of(OpenSSL::PKey::RSA) @@ -231,8 +231,8 @@ describe Google::Auth::Credentials, :private do default_keyfile_hash end allow(Signet::OAuth2::Client).to receive(:new) do |options| - expect(options[:token_credential_uri]).to eq('https://accounts.google.com/o/oauth2/token') - expect(options[:audience]).to eq('https://accounts.google.com/o/oauth2/token') + expect(options[:token_credential_uri]).to eq('https://oauth2.googleapis.com/token') + expect(options[:audience]).to eq('https://oauth2.googleapis.com/token') expect(options[:scope]).to eq(['http://example.com/scope']) expect(options[:issuer]).to eq(default_keyfile_hash['client_email']) expect(options[:signing_key]).to be_a_kind_of(OpenSSL::PKey::RSA) diff --git a/spec/googleauth/signet_spec.rb b/spec/googleauth/signet_spec.rb index 608dfb0..2d00896 100644 --- a/spec/googleauth/signet_spec.rb +++ b/spec/googleauth/signet_spec.rb @@ -41,10 +41,10 @@ describe Signet::OAuth2::Client do before(:example) do @key = OpenSSL::PKey::RSA.new(2048) @client = Signet::OAuth2::Client.new( - token_credential_uri: 'https://accounts.google.com/o/oauth2/token', + token_credential_uri: 'https://oauth2.googleapis.com/token', scope: 'https://www.googleapis.com/auth/userinfo.profile', issuer: 'app@example.com', - audience: 'https://accounts.google.com/o/oauth2/token', + audience: 'https://oauth2.googleapis.com/token', signing_key: @key ) end @@ -60,7 +60,7 @@ describe Signet::OAuth2::Client do @key.public_key, true, algorithm: 'RS256') end - stub_request(:post, 'https://accounts.google.com/o/oauth2/token') + stub_request(:post, 'https://oauth2.googleapis.com/token') .with(body: hash_including( 'grant_type' => 'urn:ietf:params:oauth:grant-type:jwt-bearer' ), &blk) diff --git a/spec/googleauth/user_authorizer_spec.rb b/spec/googleauth/user_authorizer_spec.rb index 258dc30..2eabfbe 100644 --- a/spec/googleauth/user_authorizer_spec.rb +++ b/spec/googleauth/user_authorizer_spec.rb @@ -242,7 +242,7 @@ describe Google::Auth::UserAuthorizer do end before(:example) do - stub_request(:post, 'https://www.googleapis.com/oauth2/v4/token') + stub_request(:post, 'https://oauth2.googleapis.com/token') .to_return(body: token_json, status: 200, headers: { 'Content-Type' => 'application/json' }) @@ -270,7 +270,7 @@ describe Google::Auth::UserAuthorizer do context 'with invalid authorization code' do before(:example) do - stub_request(:post, 'https://www.googleapis.com/oauth2/v4/token') + stub_request(:post, 'https://oauth2.googleapis.com/token') .to_return(status: 400) end @@ -300,7 +300,7 @@ describe Google::Auth::UserAuthorizer do before(:example) do token_store.store('user1', token_json) stub_request( - :get, 'https://accounts.google.com/o/oauth2/revoke?token=refreshtoken' + :get, 'https://oauth2.googleapis.com/revoke?token=refreshtoken' ) .to_return(status: 200) end @@ -308,7 +308,7 @@ describe Google::Auth::UserAuthorizer do it 'should revoke the grant' do authorizer.revoke_authorization('user1') expect(a_request( - :get, 'https://accounts.google.com/o/oauth2/revoke?token=refreshtoken' + :get, 'https://oauth2.googleapis.com/revoke?token=refreshtoken' )) .to have_been_made end diff --git a/spec/googleauth/user_refresh_spec.rb b/spec/googleauth/user_refresh_spec.rb index e2316b1..ea410bd 100644 --- a/spec/googleauth/user_refresh_spec.rb +++ b/spec/googleauth/user_refresh_spec.rb @@ -68,7 +68,7 @@ describe Google::Auth::UserRefreshCredentials do body = MultiJson.dump('access_token' => access_token, 'token_type' => 'Bearer', 'expires_in' => 3600) - stub_request(:post, 'https://www.googleapis.com/oauth2/v4/token') + stub_request(:post, 'https://oauth2.googleapis.com/token') .with(body: hash_including('grant_type' => 'refresh_token')) .to_return(body: body, status: 200, @@ -246,7 +246,7 @@ describe Google::Auth::UserRefreshCredentials do describe 'when revoking a refresh token' do let(:stub) do - stub_request(:get, 'https://accounts.google.com/o/oauth2/revoke' \ + stub_request(:get, 'https://oauth2.googleapis.com/revoke' \ '?token=refreshtoken') .to_return(status: 200, headers: { 'Content-Type' => 'application/json' }) @@ -262,7 +262,7 @@ describe Google::Auth::UserRefreshCredentials do describe 'when revoking an access token' do let(:stub) do - stub_request(:get, 'https://accounts.google.com/o/oauth2/revoke' \ + stub_request(:get, 'https://oauth2.googleapis.com/revoke' \ '?token=accesstoken') .to_return(status: 200, headers: { 'Content-Type' => 'application/json' }) @@ -280,7 +280,7 @@ describe Google::Auth::UserRefreshCredentials do describe 'when revoking an invalid token' do let(:stub) do - stub_request(:get, 'https://accounts.google.com/o/oauth2/revoke' \ + stub_request(:get, 'https://oauth2.googleapis.com/revoke' \ '?token=refreshtoken') .to_return(status: 400, headers: { 'Content-Type' => 'application/json' }) diff --git a/spec/googleauth/web_user_authorizer_spec.rb b/spec/googleauth/web_user_authorizer_spec.rb index 4dd764b..b26cc66 100644 --- a/spec/googleauth/web_user_authorizer_spec.rb +++ b/spec/googleauth/web_user_authorizer_spec.rb @@ -107,7 +107,7 @@ describe Google::Auth::WebUserAuthorizer do end before(:example) do - stub_request(:post, 'https://www.googleapis.com/oauth2/v4/token') + stub_request(:post, 'https://oauth2.googleapis.com/token') .to_return(body: token_json, status: 200, headers: { 'Content-Type' => 'application/json' })