googleauth 0.16.2 → 1.1.0

data/.toys/kokoro/publish-docs.rb

@@ -1,67 +0,0 @@
-# Copyright 2021 Google LLC
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-require "json"
-
-include "kokoro-tools"
-include :exec, e: true
-include :fileutils
-
-flag :credentials, "--credentials=PATH"
-flag :bucket, "--bucket=NAME"
-flag :dry_run, default: ["true", "docs"].include?(::ENV["RELEASE_DRY_RUN"].to_s)
-
-def run
-  ::Dir.chdir package_directory
-  load_env
-  build_docs
-  write_metadata
-  if dry_run
-    puts "DRY RUN: Skipping doc uploading for #{package_name}"
-  else
-    upload_docs
-  end
-end
-
-def build_docs
-  rm_rf "doc"
-  exec ["toys", "yardoc"]
-end
-
-def write_metadata
-  allowed_fields = [
-    "name", "version", "language", "distribution-name",
-    "product-page", "github-repository", "issue-tracker"
-  ]
-  metadata = ::JSON.parse ::File.read ".repo-metadata.json"
-  metadata.transform_keys! { |k| k.tr "_", "-" }
-  metadata.keep_if { |k, _v| allowed_fields.include? k }
-  metadata["version"] = package_version
-  metadata["name"] = metadata["distribution-name"]
-  args = metadata.transform_keys { |k| "--#{k}" }.to_a.flatten
-  cmd = ["python3", "-m", "docuploader", "create-metadata"] + args
-  exec cmd, chdir: "doc"
-end
-
-def upload_docs
-  creds = credentials || "#{::ENV['KOKORO_KEYSTORE_DIR']}/73713_docuploader_service_account"
-  buck = bucket || ::ENV["STAGING_BUCKET"] || "docs-staging"
-  cmd = [
-    "python3", "-m", "docuploader", "upload", ".",
-    "--credentials=#{creds}",
-    "--staging-bucket=#{buck}",
-    "--metadata-file=./docs.metadata"
-  ]
-  exec cmd, chdir: "doc"
-end

data/.toys/kokoro/publish-gem.rb

@@ -1,53 +0,0 @@
-# Copyright 2021 Google LLC
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-include "kokoro-tools"
-include :exec, e: true
-include :fileutils
-include :gems
-
-flag :rubygems_token, "--rubygems-token=TOKEN"
-flag :dry_run, default: ["true", "gem"].include?(::ENV["RELEASE_DRY_RUN"].to_s)
-
-def run
-  gem "gems", "~> 1.2"
-  require "gems"
-  ::Dir.chdir package_directory
-  load_env
-  configure_gems
-  gem_path = build_gem
-  if dry_run
-    puts "DRY RUN: Skipping Rubygems push of #{gem_path}"
-  else
-    push_gem gem_path
-  end
-end
-
-def configure_gems
-  token = rubygems_token || ::ENV["RUBYGEMS_API_TOKEN"]
-  ::Gems.configure { |config| config.key = token } if token
-end
-
-def build_gem
-  gem_path = "pkg/#{package_name}-#{package_version}.gem"
-  rm_rf gem_path
-  exec ["toys", "build"]
-  gem_path
-end
-
-def push_gem gem_path
-  response = ::Gems.push ::File.new gem_path
-  puts response
-  raise "Gem push didn't report success" unless response.include? "Successfully registered gem:"
-end

data/.toys/linkinator.rb

@@ -1,43 +0,0 @@
-# Copyright 2021 Google LLC
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-desc "Run Link checks"
-
-flag :install, desc: "Install linkinator instead of running checks"
-
-include :exec, e: true
-include :terminal
-
-def run
-  ::Dir.chdir context_directory
-  if install
-    Kernel.exec "npm install linkinator"
-  else
-    exec_tool ["yardoc"]
-    check_links
-  end
-end
-
-def check_links
-  result = exec ["npx", "linkinator", "./doc"], out: :capture
-  puts result.captured_out
-  checked_links = result.captured_out.split "\n"
-  checked_links.select! { |link| link =~ /^\[(\d+)\]/ && ::Regexp.last_match[1] != "200" }
-  unless checked_links.empty?
-    checked_links.each do |link|
-      puts link, :yellow
-    end
-    exit 1
-  end
-end

data/.trampolinerc

@@ -1,48 +0,0 @@
-# Copyright 2021 Google LLC
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# Add required env vars here.
-required_envvars+=(
-)
-
-# Add env vars which are passed down into the container here.
-pass_down_envvars+=(
-    "AUTORELEASE_PR" "RELEASE_DRY_RUN"
-)
-
-# Prevent unintentional override on the default image.
-if [[ "${TRAMPOLINE_IMAGE_UPLOAD:-false}" == "true" ]] && [[ -z "${TRAMPOLINE_IMAGE:-}" ]]; then
-    echo "Please set TRAMPOLINE_IMAGE if you want to upload the Docker image."
-    exit 1
-fi
-
-# Define the default value if it makes sense.
-if [[ -z "${TRAMPOLINE_IMAGE_UPLOAD:-}" ]]; then
-    TRAMPOLINE_IMAGE_UPLOAD=""
-fi
-
-if [[ -z "${TRAMPOLINE_IMAGE:-}" ]]; then
-    TRAMPOLINE_IMAGE=""
-fi
-
-if [[ -z "${TRAMPOLINE_DOCKERFILE:-}" ]]; then
-    TRAMPOLINE_DOCKERFILE=""
-fi
-
-if [[ -z "${TRAMPOLINE_BUILD_FILE:-}" ]]; then
-    TRAMPOLINE_BUILD_FILE=""
-fi
-
-# Secret Manager secrets.
-source ${PROJECT_ROOT}/.kokoro/populate-secrets.sh

data/Gemfile

@@ -1,25 +0,0 @@
-source "https://rubygems.org"
-
-# Specify your gem's dependencies in googleauth.gemspec
-gemspec
-
-group :development do
-  gem "bundler", ">= 1.9"
-  gem "coveralls", "~> 0.7"
-  gem "fakefs", "~> 0.6"
-  gem "fakeredis", "~> 0.5"
-  gem "google-style", "~> 1.25.1"
-  gem "logging", "~> 2.0"
-  gem "minitest", "~> 5.14"
-  gem "minitest-focus", "~> 1.1"
-  gem "rack-test", "~> 0.6"
-  gem "rake", "~> 13.0"
-  gem "redis", "~> 3.2"
-  gem "rspec", "~> 3.0"
-  gem "simplecov", "~> 0.9"
-  gem "sinatra"
-  gem "webmock", "~> 3.8"
-end
-
-gem "faraday", ">= 0.17.3", "< 2.0"
-gem "gems", "~> 1.2"

data/googleauth.gemspec

@@ -1,39 +0,0 @@
-# -*- ruby -*-
-# encoding: utf-8
-
-$LOAD_PATH.push File.expand_path("lib", __dir__)
-require "googleauth/version"
-
-Gem::Specification.new do |gem|
-  gem.name          = "googleauth"
-  gem.version       = Google::Auth::VERSION
-  gem.authors       = ["Tim Emiola"]
-  gem.email         = "temiola@google.com"
-  gem.homepage      = "https://github.com/googleapis/google-auth-library-ruby"
-  gem.summary       = "Google Auth Library for Ruby"
-  gem.license       = "Apache-2.0"
-  gem.description   = <<-DESCRIPTION
-   Allows simple authorization for accessing Google APIs.
-   Provide support for Application Default Credentials, as described at
-   https://developers.google.com/accounts/docs/application-default-credentials
-  DESCRIPTION
-
-  gem.files         = `git ls-files`.split "\n"
-  gem.test_files    = `git ls-files -- spec/*`.split "\n"
-  gem.executables   = `git ls-files -- bin/*.rb`.split("\n").map do |f|
-    File.basename f
-  end
-  gem.require_paths = ["lib"]
-
-  gem.platform      = Gem::Platform::RUBY
-  gem.required_ruby_version = ">= 2.5"
-
-  gem.add_dependency "faraday", ">= 0.17.3", "< 2.0"
-  gem.add_dependency "jwt", ">= 1.4", "< 3.0"
-  gem.add_dependency "memoist", "~> 0.16"
-  gem.add_dependency "multi_json", "~> 1.11"
-  gem.add_dependency "os", ">= 0.9", "< 2.0"
-  gem.add_dependency "signet", "~> 0.14"
-
-  gem.add_development_dependency "yard", "~> 0.9"
-end

data/integration/helper.rb

@@ -1,31 +0,0 @@
-# Copyright 2020 Google LLC
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions are
-# met:
-#
-#     * Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-#     * Redistributions in binary form must reproduce the above
-# copyright notice, this list of conditions and the following disclaimer
-# in the documentation and/or other materials provided with the
-# distribution.
-#     * Neither the name of Google Inc. nor the names of its
-# contributors may be used to endorse or promote products derived from
-# this software without specific prior written permission.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-require "minitest/autorun"
-require "minitest/focus"
-require "googleauth"

data/integration/id_tokens/key_source_test.rb

@@ -1,74 +0,0 @@
-# Copyright 2020 Google LLC
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions are
-# met:
-#
-#     * Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-#     * Redistributions in binary form must reproduce the above
-# copyright notice, this list of conditions and the following disclaimer
-# in the documentation and/or other materials provided with the
-# distribution.
-#     * Neither the name of Google Inc. nor the names of its
-# contributors may be used to endorse or promote products derived from
-# this software without specific prior written permission.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-require "helper"
-
-describe Google::Auth::IDTokens do
-  describe "key source" do
-    let(:legacy_oidc_key_source) {
-      Google::Auth::IDTokens::X509CertHttpKeySource.new "https://www.googleapis.com/oauth2/v1/certs"
-    }
-    let(:oidc_key_source) { Google::Auth::IDTokens.oidc_key_source }
-    let(:iap_key_source) { Google::Auth::IDTokens.iap_key_source }
-
-    it "Gets real keys from the OAuth2 V1 cert URL" do
-      keys = legacy_oidc_key_source.refresh_keys
-      refute_empty keys
-      keys.each do |key|
-        assert_kind_of OpenSSL::PKey::RSA, key.key
-        refute key.key.private?
-        assert_equal "RS256", key.algorithm
-      end
-    end
-
-    it "Gets real keys from the OAuth2 V3 cert URL" do
-      keys = oidc_key_source.refresh_keys
-      refute_empty keys
-      keys.each do |key|
-        assert_kind_of OpenSSL::PKey::RSA, key.key
-        refute key.key.private?
-        assert_equal "RS256", key.algorithm
-      end
-    end
-
-    it "Gets the same keys from the OAuth2 V1 and V3 cert URLs" do
-      keys_v1 = legacy_oidc_key_source.refresh_keys.map(&:key).map(&:export).sort
-      keys_v3 = oidc_key_source.refresh_keys.map(&:key).map(&:export).sort
-      assert_equal keys_v1, keys_v3
-    end
-
-    it "Gets real keys from the IAP public key URL" do
-      keys = iap_key_source.refresh_keys
-      refute_empty keys
-      keys.each do |key|
-        assert_kind_of OpenSSL::PKey::EC, key.key
-        assert_equal "ES256", key.algorithm
-      end
-    end
-  end
-end

data/spec/googleauth/apply_auth_examples.rb

@@ -1,171 +0,0 @@
-# Copyright 2015, Google Inc.
-# All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions are
-# met:
-#
-#     * Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-#     * Redistributions in binary form must reproduce the above
-# copyright notice, this list of conditions and the following disclaimer
-# in the documentation and/or other materials provided with the
-# distribution.
-#     * Neither the name of Google Inc. nor the names of its
-# contributors may be used to endorse or promote products derived from
-# this software without specific prior written permission.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-spec_dir = File.expand_path File.join(File.dirname(__FILE__))
-$LOAD_PATH.unshift spec_dir
-$LOAD_PATH.uniq!
-
-require "faraday"
-require "spec_helper"
-
-shared_examples "apply/apply! are OK" do
-  let(:auth_key) { :authorization }
-
-  # tests that use these examples need to define
-  #
-  # @client which should be an auth client
-  #
-  # @make_auth_stubs, which should stub out the expected http behaviour of the
-  # auth client
-  describe "#fetch_access_token" do
-    let(:token) { "1/abcdef1234567890" }
-    let :access_stub do
-      make_auth_stubs access_token: token
-    end
-    let :id_stub do
-      make_auth_stubs id_token: token
-    end
-
-    it "should set access_token to the fetched value" do
-      access_stub
-      @client.fetch_access_token!
-      expect(@client.access_token).to eq(token)
-      expect(access_stub).to have_been_requested
-    end
-
-    it "should set id_token to the fetched value" do
-      skip unless @id_client
-      id_stub
-      @id_client.fetch_access_token!
-      expect(@id_client.id_token).to eq(token)
-      expect(id_stub).to have_been_requested
-    end
-
-    it "should notify refresh listeners after updating" do
-      access_stub
-      expect do |b|
-        @client.on_refresh(&b)
-        @client.fetch_access_token!
-      end.to yield_with_args(have_attributes(
-                               access_token: "1/abcdef1234567890"
-                             ))
-      expect(access_stub).to have_been_requested
-    end
-  end
-
-  describe "#apply!" do
-    it "should update the target hash with fetched access token" do
-      token = "1/abcdef1234567890"
-      stub = make_auth_stubs access_token: token
-
-      md = { foo: "bar" }
-      @client.apply! md
-      want = { :foo => "bar", auth_key => "Bearer #{token}" }
-      expect(md).to eq(want)
-      expect(stub).to have_been_requested
-    end
-
-    it "should update the target hash with fetched ID token" do
-      skip unless @id_client
-      token = "1/abcdef1234567890"
-      stub = make_auth_stubs id_token: token
-
-      md = { foo: "bar" }
-      @id_client.apply! md
-      want = { :foo => "bar", auth_key => "Bearer #{token}" }
-      expect(md).to eq(want)
-      expect(stub).to have_been_requested
-    end
-  end
-
-  describe "updater_proc" do
-    it "should provide a proc that updates a hash with the access token" do
-      token = "1/abcdef1234567890"
-      stub = make_auth_stubs access_token: token
-      md = { foo: "bar" }
-      the_proc = @client.updater_proc
-      got = the_proc.call md
-      want = { :foo => "bar", auth_key => "Bearer #{token}" }
-      expect(got).to eq(want)
-      expect(stub).to have_been_requested
-    end
-  end
-
-  describe "#apply" do
-    it "should not update the original hash with the access token" do
-      token = "1/abcdef1234567890"
-      stub = make_auth_stubs access_token: token
-
-      md = { foo: "bar" }
-      @client.apply md
-      want = { foo: "bar" }
-      expect(md).to eq(want)
-      expect(stub).to have_been_requested
-    end
-
-    it "should add the token to the returned hash" do
-      token = "1/abcdef1234567890"
-      stub = make_auth_stubs access_token: token
-
-      md = { foo: "bar" }
-      got = @client.apply md
-      want = { :foo => "bar", auth_key => "Bearer #{token}" }
-      expect(got).to eq(want)
-      expect(stub).to have_been_requested
-    end
-
-    it "should not fetch a new token if the current is not expired" do
-      token = "1/abcdef1234567890"
-      stub = make_auth_stubs access_token: token
-
-      n = 5 # arbitrary
-      n.times do |_t|
-        md = { foo: "bar" }
-        got = @client.apply md
-        want = { :foo => "bar", auth_key => "Bearer #{token}" }
-        expect(got).to eq(want)
-      end
-      expect(stub).to have_been_requested
-    end
-
-    it "should fetch a new token if the current one is expired" do
-      token1 = "1/abcdef1234567890"
-      token2 = "2/abcdef1234567891"
-
-      [token1, token2].each do |t|
-        make_auth_stubs access_token: t
-        md = { foo: "bar" }
-        got = @client.apply md
-        want = { :foo => "bar", auth_key => "Bearer #{t}" }
-        expect(got).to eq(want)
-        @client.expires_at -= 3601 # default is to expire in 1hr
-      end
-    end
-  end
-end