diff options
| author |  Julien Boeuf <jboeuf@google.com> | 2015-08-25 21:51:07 -0700 |
|---|---|---|
| committer | Julien Boeuf <jboeuf@google.com> | 2015-08-25 21:51:07 -0700 |
| commit | 510a920c753213df46587decb2ec87d2d1101e5d (patch) | |
| tree | 9a5edb6b9b7ff20f9d9db9102a691af62527587b /test | |
| parent | c17fecd224fa2da3d2b0fc27c1236431fc1bf193 (diff) | |
Credentials cleanup:
- Removing service_accounts credentials. These credentials just have
drawbacks compared to service_account_jwt_access credentials, notably
in terms for security.
- Renaming Google specific credentials with a Google prefix for C and
C++. This should be done as well for wrapped languages.
Diffstat (limited to 'test')
| -rw-r--r-- | test/core/end2end/tests/request_response_with_payload_and_call_creds.c | 8 | ||||
| -rw-r--r-- | test/core/security/credentials_test.c | 185 | ||||
| -rw-r--r-- | test/core/security/fetch_oauth2.c | 47 | ||||
| -rw-r--r-- | test/cpp/client/credentials_test.cc | 4 | ||||
| -rw-r--r-- | test/cpp/end2end/end2end_test.cc | 8 | ||||
| -rw-r--r-- | test/cpp/interop/client_helper.cc | 20 |
6 files changed, 57 insertions, 215 deletions
diff --git a/test/core/end2end/tests/request_response_with_payload_and_call_creds.c b/test/core/end2end/tests/request_response_with_payload_and_call_creds.c index 48dd0aa2ce..75c5bba5bd 100644 --- a/test/core/end2end/tests/request_response_with_payload_and_call_creds.c +++ b/test/core/end2end/tests/request_response_with_payload_and_call_creds.c @@ -190,7 +190,7 @@ static void request_response_with_payload_and_call_creds( c = grpc_channel_create_call(f.client, NULL, GRPC_PROPAGATE_DEFAULTS, f.cq, "/foo", "foo.test.google.fr", deadline, NULL); GPR_ASSERT(c); - creds = grpc_iam_credentials_create(iam_token, iam_selector, NULL); + creds = grpc_google_iam_credentials_create(iam_token, iam_selector, NULL); GPR_ASSERT(creds != NULL); GPR_ASSERT(grpc_call_set_credentials(c, creds) == GRPC_CALL_OK); switch (mode) { @@ -198,8 +198,8 @@ static void request_response_with_payload_and_call_creds( break; case OVERRIDE: grpc_credentials_release(creds); - creds = grpc_iam_credentials_create(overridden_iam_token, - overridden_iam_selector, NULL); + creds = grpc_google_iam_credentials_create(overridden_iam_token, + overridden_iam_selector, NULL); GPR_ASSERT(creds != NULL); GPR_ASSERT(grpc_call_set_credentials(c, creds) == GRPC_CALL_OK); break; @@ -421,7 +421,7 @@ static void test_request_with_server_rejecting_client_creds( "/foo", "foo.test.google.fr", deadline, NULL); GPR_ASSERT(c); - creds = grpc_iam_credentials_create(iam_token, iam_selector, NULL); + creds = grpc_google_iam_credentials_create(iam_token, iam_selector, NULL); GPR_ASSERT(creds != NULL); GPR_ASSERT(grpc_call_set_credentials(c, creds) == GRPC_CALL_OK); grpc_credentials_release(creds); diff --git a/test/core/security/credentials_test.c b/test/core/security/credentials_test.c index 880fc5da1e..97ebaa0570 100644 --- a/test/core/security/credentials_test.c +++ b/test/core/security/credentials_test.c @@ -50,8 +50,8 @@ #include <openssl/rsa.h> -static const char test_iam_authorization_token[] = "blahblahblhahb"; -static const char test_iam_authority_selector[] = "respectmyauthoritah"; +static const char test_google_iam_authorization_token[] = "blahblahblhahb"; +static const char test_google_iam_authority_selector[] = "respectmyauthoritah"; static const char test_oauth2_bearer_token[] = "Bearer blaaslkdjfaslkdfasdsfasf"; static const char test_root_cert[] = "I am the root!"; @@ -315,25 +315,29 @@ static void check_metadata(expected_md *expected, grpc_credentials_md *md_elems, } } -static void check_iam_metadata(void *user_data, grpc_credentials_md *md_elems, - size_t num_md, grpc_credentials_status status) { +static void check_google_iam_metadata(void *user_data, + grpc_credentials_md *md_elems, + size_t num_md, + grpc_credentials_status status) { grpc_credentials *c = (grpc_credentials *)user_data; - expected_md emd[] = { - {GRPC_IAM_AUTHORIZATION_TOKEN_METADATA_KEY, test_iam_authorization_token}, - {GRPC_IAM_AUTHORITY_SELECTOR_METADATA_KEY, test_iam_authority_selector}}; + expected_md emd[] = {{GRPC_IAM_AUTHORIZATION_TOKEN_METADATA_KEY, + test_google_iam_authorization_token}, + {GRPC_IAM_AUTHORITY_SELECTOR_METADATA_KEY, + test_google_iam_authority_selector}}; GPR_ASSERT(status == GRPC_CREDENTIALS_OK); GPR_ASSERT(num_md == 2); check_metadata(emd, md_elems, num_md); grpc_credentials_unref(c); } -static void test_iam_creds(void) { - grpc_credentials *creds = grpc_iam_credentials_create( - test_iam_authorization_token, test_iam_authority_selector, NULL); +static void test_google_iam_creds(void) { + grpc_credentials *creds = grpc_google_iam_credentials_create( + test_google_iam_authorization_token, test_google_iam_authority_selector, + NULL); GPR_ASSERT(grpc_credentials_has_request_metadata(creds)); GPR_ASSERT(grpc_credentials_has_request_metadata_only(creds)); grpc_credentials_get_request_metadata(creds, NULL, test_service_url, - check_iam_metadata, creds); + check_google_iam_metadata, creds); } static void check_access_token_metadata(void *user_data, @@ -406,21 +410,23 @@ void test_ssl_fake_transport_security_composite_creds_failure(void) { grpc_credentials_unref(fake_transport_security_creds); } -static void check_ssl_oauth2_iam_composite_metadata( +static void check_ssl_oauth2_google_iam_composite_metadata( void *user_data, grpc_credentials_md *md_elems, size_t num_md, grpc_credentials_status status) { grpc_credentials *c = (grpc_credentials *)user_data; expected_md emd[] = { {GRPC_AUTHORIZATION_METADATA_KEY, test_oauth2_bearer_token}, - {GRPC_IAM_AUTHORIZATION_TOKEN_METADATA_KEY, test_iam_authorization_token}, - {GRPC_IAM_AUTHORITY_SELECTOR_METADATA_KEY, test_iam_authority_selector}}; + {GRPC_IAM_AUTHORIZATION_TOKEN_METADATA_KEY, + test_google_iam_authorization_token}, + {GRPC_IAM_AUTHORITY_SELECTOR_METADATA_KEY, + test_google_iam_authority_selector}}; GPR_ASSERT(status == GRPC_CREDENTIALS_OK); GPR_ASSERT(num_md == 3); check_metadata(emd, md_elems, num_md); grpc_credentials_unref(c); } -static void test_ssl_oauth2_iam_composite_creds(void) { +static void test_ssl_oauth2_google_iam_composite_creds(void) { grpc_credentials *ssl_creds = grpc_ssl_credentials_create(test_root_cert, NULL, NULL); const grpc_credentials_array *creds_array; @@ -428,14 +434,15 @@ static void test_ssl_oauth2_iam_composite_creds(void) { "Authorization", test_oauth2_bearer_token, 0); grpc_credentials *aux_creds = grpc_composite_credentials_create(ssl_creds, oauth2_creds, NULL); - grpc_credentials *iam_creds = grpc_iam_credentials_create( - test_iam_authorization_token, test_iam_authority_selector, NULL); + grpc_credentials *google_iam_creds = grpc_google_iam_credentials_create( + test_google_iam_authorization_token, test_google_iam_authority_selector, + NULL); grpc_credentials *composite_creds = - grpc_composite_credentials_create(aux_creds, iam_creds, NULL); + grpc_composite_credentials_create(aux_creds, google_iam_creds, NULL); grpc_credentials_unref(ssl_creds); grpc_credentials_unref(oauth2_creds); grpc_credentials_unref(aux_creds); - grpc_credentials_unref(iam_creds); + grpc_credentials_unref(google_iam_creds); GPR_ASSERT(strcmp(composite_creds->type, GRPC_CREDENTIALS_TYPE_COMPOSITE) == 0); GPR_ASSERT(grpc_credentials_has_request_metadata(composite_creds)); @@ -448,9 +455,9 @@ static void test_ssl_oauth2_iam_composite_creds(void) { GRPC_CREDENTIALS_TYPE_OAUTH2) == 0); GPR_ASSERT(strcmp(creds_array->creds_array[2]->type, GRPC_CREDENTIALS_TYPE_IAM) == 0); - grpc_credentials_get_request_metadata(composite_creds, NULL, test_service_url, - check_ssl_oauth2_iam_composite_metadata, - composite_creds); + grpc_credentials_get_request_metadata( + composite_creds, NULL, test_service_url, + check_ssl_oauth2_google_iam_composite_metadata, composite_creds); } static void on_oauth2_creds_get_metadata_success( @@ -524,7 +531,7 @@ static int httpcli_get_should_not_be_called( static void test_compute_engine_creds_success(void) { grpc_credentials *compute_engine_creds = - grpc_compute_engine_credentials_create(NULL); + grpc_google_compute_engine_credentials_create(NULL); GPR_ASSERT(grpc_credentials_has_request_metadata(compute_engine_creds)); GPR_ASSERT(grpc_credentials_has_request_metadata_only(compute_engine_creds)); @@ -548,7 +555,7 @@ static void test_compute_engine_creds_success(void) { static void test_compute_engine_creds_failure(void) { grpc_credentials *compute_engine_creds = - grpc_compute_engine_credentials_create(NULL); + grpc_google_compute_engine_credentials_create(NULL); grpc_httpcli_set_override(compute_engine_httpcli_get_failure_override, httpcli_post_should_not_be_called); GPR_ASSERT(grpc_credentials_has_request_metadata(compute_engine_creds)); @@ -605,7 +612,8 @@ static int refresh_token_httpcli_post_failure( static void test_refresh_token_creds_success(void) { grpc_credentials *refresh_token_creds = - grpc_refresh_token_credentials_create(test_refresh_token_str, NULL); + grpc_google_refresh_token_credentials_create(test_refresh_token_str, + NULL); GPR_ASSERT(grpc_credentials_has_request_metadata(refresh_token_creds)); GPR_ASSERT(grpc_credentials_has_request_metadata_only(refresh_token_creds)); @@ -629,7 +637,8 @@ static void test_refresh_token_creds_success(void) { static void test_refresh_token_creds_failure(void) { grpc_credentials *refresh_token_creds = - grpc_refresh_token_credentials_create(test_refresh_token_str, NULL); + grpc_google_refresh_token_credentials_create(test_refresh_token_str, + NULL); grpc_httpcli_set_override(httpcli_get_should_not_be_called, refresh_token_httpcli_post_failure); GPR_ASSERT(grpc_credentials_has_request_metadata(refresh_token_creds)); @@ -686,119 +695,6 @@ static char *encode_and_sign_jwt_should_not_be_called( GPR_ASSERT("grpc_jwt_encode_and_sign should not be called" == NULL); } -static void validate_service_account_http_request( - const grpc_httpcli_request *request, const char *body, size_t body_size) { - /* The content of the assertion is tested extensively in json_token_test. */ - char *expected_body = NULL; - GPR_ASSERT(body != NULL); - GPR_ASSERT(body_size != 0); - gpr_asprintf(&expected_body, "%s%s", GRPC_SERVICE_ACCOUNT_POST_BODY_PREFIX, - test_signed_jwt); - GPR_ASSERT(strlen(expected_body) == body_size); - GPR_ASSERT(memcmp(expected_body, body, body_size) == 0); - gpr_free(expected_body); - GPR_ASSERT(request->handshaker == &grpc_httpcli_ssl); - GPR_ASSERT(strcmp(request->host, GRPC_GOOGLE_OAUTH2_SERVICE_HOST) == 0); - GPR_ASSERT(strcmp(request->path, GRPC_GOOGLE_OAUTH2_SERVICE_TOKEN_PATH) == 0); - GPR_ASSERT(request->hdr_count == 1); - GPR_ASSERT(strcmp(request->hdrs[0].key, "Content-Type") == 0); - GPR_ASSERT( - strcmp(request->hdrs[0].value, "application/x-www-form-urlencoded") == 0); -} - -static int service_account_httpcli_post_success( - const grpc_httpcli_request *request, const char *body, size_t body_size, - gpr_timespec deadline, grpc_httpcli_response_cb on_response, - void *user_data) { - grpc_httpcli_response response = - http_response(200, valid_oauth2_json_response); - validate_service_account_http_request(request, body, body_size); - on_response(user_data, &response); - return 1; -} - -static int service_account_httpcli_post_failure( - const grpc_httpcli_request *request, const char *body, size_t body_size, - gpr_timespec deadline, grpc_httpcli_response_cb on_response, - void *user_data) { - grpc_httpcli_response response = http_response(403, "Not Authorized."); - validate_service_account_http_request(request, body, body_size); - on_response(user_data, &response); - return 1; -} - -static void test_service_account_creds_success(void) { - char *json_key_string = test_json_key_str(); - grpc_credentials *service_account_creds = - grpc_service_account_credentials_create(json_key_string, test_scope, - grpc_max_auth_token_lifetime, NULL); - GPR_ASSERT(grpc_credentials_has_request_metadata(service_account_creds)); - GPR_ASSERT(grpc_credentials_has_request_metadata_only(service_account_creds)); - - /* First request: http get should be called. */ - grpc_jwt_encode_and_sign_set_override(encode_and_sign_jwt_success); - grpc_httpcli_set_override(httpcli_get_should_not_be_called, - service_account_httpcli_post_success); - grpc_credentials_get_request_metadata( - service_account_creds, NULL, test_service_url, - on_oauth2_creds_get_metadata_success, (void *)test_user_data); - - /* Second request: the cached token should be served directly. */ - grpc_jwt_encode_and_sign_set_override( - encode_and_sign_jwt_should_not_be_called); - grpc_httpcli_set_override(httpcli_get_should_not_be_called, - httpcli_post_should_not_be_called); - grpc_credentials_get_request_metadata( - service_account_creds, NULL, test_service_url, - on_oauth2_creds_get_metadata_success, (void *)test_user_data); - - gpr_free(json_key_string); - grpc_credentials_unref(service_account_creds); - grpc_jwt_encode_and_sign_set_override(NULL); - grpc_httpcli_set_override(NULL, NULL); -} - -static void test_service_account_creds_http_failure(void) { - char *json_key_string = test_json_key_str(); - grpc_credentials *service_account_creds = - grpc_service_account_credentials_create( - json_key_string, test_scope, grpc_max_auth_token_lifetime, NULL); - GPR_ASSERT(grpc_credentials_has_request_metadata(service_account_creds)); - GPR_ASSERT(grpc_credentials_has_request_metadata_only(service_account_creds)); - - grpc_jwt_encode_and_sign_set_override(encode_and_sign_jwt_success); - grpc_httpcli_set_override(httpcli_get_should_not_be_called, - service_account_httpcli_post_failure); - grpc_credentials_get_request_metadata( - service_account_creds, NULL, test_service_url, - on_oauth2_creds_get_metadata_failure, (void *)test_user_data); - - gpr_free(json_key_string); - grpc_credentials_unref(service_account_creds); - grpc_httpcli_set_override(NULL, NULL); -} - -static void test_service_account_creds_signing_failure(void) { - char *json_key_string = test_json_key_str(); - grpc_credentials *service_account_creds = - grpc_service_account_credentials_create( - json_key_string, test_scope, grpc_max_auth_token_lifetime, NULL); - GPR_ASSERT(grpc_credentials_has_request_metadata(service_account_creds)); - GPR_ASSERT(grpc_credentials_has_request_metadata_only(service_account_creds)); - - grpc_jwt_encode_and_sign_set_override(encode_and_sign_jwt_failure); - grpc_httpcli_set_override(httpcli_get_should_not_be_called, - httpcli_post_should_not_be_called); - grpc_credentials_get_request_metadata( - service_account_creds, NULL, test_service_url, - on_oauth2_creds_get_metadata_failure, (void *)test_user_data); - - gpr_free(json_key_string); - grpc_credentials_unref(service_account_creds); - grpc_httpcli_set_override(NULL, NULL); - grpc_jwt_encode_and_sign_set_override(NULL); -} - static void on_jwt_creds_get_metadata_success(void *user_data, grpc_credentials_md *md_elems, size_t num_md, @@ -922,14 +818,14 @@ static void test_google_default_creds_auth_key(void) { } static void test_google_default_creds_access_token(void) { - grpc_refresh_token_credentials *refresh; + grpc_google_refresh_token_credentials *refresh; grpc_credentials *creds; grpc_flush_cached_google_default_credentials(); set_google_default_creds_env_var_with_file_contents( "refresh_token_google_default_creds", test_refresh_token_str); creds = grpc_google_default_credentials_create(); GPR_ASSERT(creds != NULL); - refresh = (grpc_refresh_token_credentials *)composite_inner_creds( + refresh = (grpc_google_refresh_token_credentials *)composite_inner_creds( creds, GRPC_CREDENTIALS_TYPE_OAUTH2); GPR_ASSERT(strcmp(refresh->refresh_token.client_id, "32555999999.apps.googleusercontent.com") == 0); @@ -952,17 +848,14 @@ int main(int argc, char **argv) { test_oauth2_token_fetcher_creds_parsing_missing_token(); test_oauth2_token_fetcher_creds_parsing_missing_token_type(); test_oauth2_token_fetcher_creds_parsing_missing_token_lifetime(); - test_iam_creds(); + test_google_iam_creds(); test_access_token_creds(); test_ssl_oauth2_composite_creds(); - test_ssl_oauth2_iam_composite_creds(); + test_ssl_oauth2_google_iam_composite_creds(); test_compute_engine_creds_success(); test_compute_engine_creds_failure(); test_refresh_token_creds_success(); test_refresh_token_creds_failure(); - test_service_account_creds_success(); - test_service_account_creds_http_failure(); - test_service_account_creds_signing_failure(); test_jwt_creds_success(); test_jwt_creds_signing_failure(); test_google_default_creds_auth_key(); diff --git a/test/core/security/fetch_oauth2.c b/test/core/security/fetch_oauth2.c index 7354a9f8f7..764d8da9b6 100644 --- a/test/core/security/fetch_oauth2.c +++ b/test/core/security/fetch_oauth2.c @@ -46,19 +46,6 @@ #include "src/core/support/file.h" #include "test/core/security/oauth2_utils.h" -static grpc_credentials *create_service_account_creds( - const char *json_key_file_path, const char *scope) { - int success; - gpr_slice json_key = gpr_load_file(json_key_file_path, 1, &success); - if (!success) { - gpr_log(GPR_ERROR, "Could not read file %s.", json_key_file_path); - exit(1); - } - return grpc_service_account_credentials_create( - (const char *)GPR_SLICE_START_PTR(json_key), scope, - grpc_max_auth_token_lifetime, NULL); -} - static grpc_credentials *create_refresh_token_creds( const char *json_refresh_token_file_path) { int success; @@ -68,7 +55,7 @@ static grpc_credentials *create_refresh_token_creds( gpr_log(GPR_ERROR, "Could not read file %s.", json_refresh_token_file_path); exit(1); } - return grpc_refresh_token_credentials_create( + return grpc_google_refresh_token_credentials_create( (const char *)GPR_SLICE_START_PTR(refresh_token), NULL); } @@ -80,18 +67,9 @@ int main(int argc, char **argv) { int use_gce = 0; char *scope = NULL; gpr_cmdline *cl = gpr_cmdline_create("fetch_oauth2"); - gpr_cmdline_add_string(cl, "json_key", - "File path of the json key. Mutually exclusive with " - "--json_refresh_token.", - &json_key_file_path); gpr_cmdline_add_string(cl, "json_refresh_token", - "File path of the json refresh token. Mutually " - "exclusive with --json_key.", + "File path of the json refresh token.", &json_refresh_token_file_path); - gpr_cmdline_add_string(cl, "scope", - "Space delimited permissions. Only used for " - "--json_key, ignored otherwise.", - &scope); gpr_cmdline_add_flag( cl, "gce", "Get a token from the GCE metadata server (only works in GCE).", @@ -112,7 +90,7 @@ int main(int argc, char **argv) { "Ignoring json key and scope to get a token from the GCE " "metadata server."); } - creds = grpc_compute_engine_credentials_create(NULL); + creds = grpc_google_compute_engine_credentials_create(NULL); if (creds == NULL) { gpr_log(GPR_ERROR, "Could not create gce credentials."); exit(1); @@ -127,23 +105,8 @@ int main(int argc, char **argv) { exit(1); } } else { - if (json_key_file_path == NULL) { - gpr_log(GPR_ERROR, "Missing --json_key option."); - exit(1); - } - if (scope == NULL) { - gpr_log(GPR_ERROR, "Missing --scope option."); - exit(1); - } - - creds = create_service_account_creds(json_key_file_path, scope); - if (creds == NULL) { - gpr_log(GPR_ERROR, - "Could not create service account creds. %s does probably not " - "contain a valid json key.", - json_key_file_path); - exit(1); - } + gpr_log(GPR_ERROR, "Missing --gce or --json_refresh_token option."); + exit(1); } GPR_ASSERT(creds != NULL); diff --git a/test/cpp/client/credentials_test.cc b/test/cpp/client/credentials_test.cc index 6fb24d71e5..18fcffe7cd 100644 --- a/test/cpp/client/credentials_test.cc +++ b/test/cpp/client/credentials_test.cc @@ -45,8 +45,8 @@ class CredentialsTest : public ::testing::Test { protected: }; -TEST_F(CredentialsTest, InvalidServiceAccountCreds) { - std::shared_ptr<Credentials> bad1 = ServiceAccountCredentials("", "", 1); +TEST_F(CredentialsTest, InvalidGoogleRefreshToken) { + std::shared_ptr<Credentials> bad1 = GoogleRefreshTokenCredentials(""); EXPECT_EQ(static_cast<Credentials*>(nullptr), bad1.get()); } diff --git a/test/cpp/end2end/end2end_test.cc b/test/cpp/end2end/end2end_test.cc index 2728dce07e..b6f156a24a 100644 --- a/test/cpp/end2end/end2end_test.cc +++ b/test/cpp/end2end/end2end_test.cc @@ -561,7 +561,7 @@ TEST_F(End2endTest, DiffPackageServices) { // rpc and stream should fail on bad credentials. TEST_F(End2endTest, BadCredentials) { - std::shared_ptr<Credentials> bad_creds = ServiceAccountCredentials("", "", 1); + std::shared_ptr<Credentials> bad_creds = GoogleRefreshTokenCredentials(""); EXPECT_EQ(static_cast<Credentials*>(nullptr), bad_creds.get()); std::shared_ptr<Channel> channel = CreateChannel(server_address_.str(), bad_creds, ChannelArguments()); @@ -741,7 +741,7 @@ TEST_F(End2endTest, SetPerCallCredentials) { EchoResponse response; ClientContext context; std::shared_ptr<Credentials> creds = - IAMCredentials("fake_token", "fake_selector"); + GoogleIAMCredentials("fake_token", "fake_selector"); context.set_credentials(creds); request.set_message("Hello"); request.mutable_param()->set_echo_metadata(true); @@ -778,10 +778,10 @@ TEST_F(End2endTest, OverridePerCallCredentials) { EchoResponse response; ClientContext context; std::shared_ptr<Credentials> creds1 = - IAMCredentials("fake_token1", "fake_selector1"); + GoogleIAMCredentials("fake_token1", "fake_selector1"); context.set_credentials(creds1); std::shared_ptr<Credentials> creds2 = - IAMCredentials("fake_token2", "fake_selector2"); + GoogleIAMCredentials("fake_token2", "fake_selector2"); context.set_credentials(creds2); request.set_message("Hello"); request.mutable_param()->set_echo_metadata(true); diff --git a/test/cpp/interop/client_helper.cc b/test/cpp/interop/client_helper.cc index abc14aeb98..7093463fa8 100644 --- a/test/cpp/interop/client_helper.cc +++ b/test/cpp/interop/client_helper.cc @@ -64,16 +64,6 @@ DECLARE_string(oauth_scope); namespace grpc { namespace testing { -namespace { -std::shared_ptr<Credentials> CreateServiceAccountCredentials() { - GPR_ASSERT(FLAGS_enable_ssl); - grpc::string json_key = GetServiceAccountJsonKey(); - std::chrono::seconds token_lifetime = std::chrono::hours(1); - return ServiceAccountCredentials(json_key, FLAGS_oauth_scope, - token_lifetime.count()); -} -} // namespace - grpc::string GetServiceAccountJsonKey() { static grpc::string json_key; if (json_key.empty()) { @@ -86,7 +76,7 @@ grpc::string GetServiceAccountJsonKey() { } grpc::string GetOauth2AccessToken() { - std::shared_ptr<Credentials> creds = CreateServiceAccountCredentials(); + std::shared_ptr<Credentials> creds = GoogleComputeEngineCredentials(); SecureCredentials* secure_creds = dynamic_cast<SecureCredentials*>(creds.get()); GPR_ASSERT(secure_creds != nullptr); @@ -107,14 +97,10 @@ std::shared_ptr<Channel> CreateChannelForTestCase( snprintf(host_port, host_port_buf_size, "%s:%d", FLAGS_server_host.c_str(), FLAGS_server_port); - if (test_case == "service_account_creds") { - std::shared_ptr<Credentials> creds = CreateServiceAccountCredentials(); - return CreateTestChannel(host_port, FLAGS_server_host_override, - FLAGS_enable_ssl, FLAGS_use_prod_roots, creds); - } else if (test_case == "compute_engine_creds") { + if (test_case == "compute_engine_creds") { std::shared_ptr<Credentials> creds; GPR_ASSERT(FLAGS_enable_ssl); - creds = ComputeEngineCredentials(); + creds = GoogleComputeEngineCredentials(); return CreateTestChannel(host_port, FLAGS_server_host_override, FLAGS_enable_ssl, FLAGS_use_prod_roots, creds); } else if (test_case == "jwt_token_creds") { |