googleauth 0.4.0 → 0.4.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 85200987eca465d01dd0eab971906ba8ee145ca4
-  data.tar.gz: 78773e93e52dabae41d49e86c602e3352ca96b6c
+  metadata.gz: e62231971bac1c91acd998f3c70095834c4f4b6c
+  data.tar.gz: dc687953a02e4c2eca85dbf044bcab4be46e69fd
 SHA512:
-  metadata.gz: 9e06dde72a93f223edccfc50824ed9e6b1c46843ba0f4afc0aed0882670637161377503ced93b660b602fa053e9e1c2d243e0f313f0f843086352fd2ca0acc45
-  data.tar.gz: 30e4767d112096c8916f78a28bc4d48574c21239bd3dcc052a702fd4ab65b490f85189c2313ea7a416d771ce15c3f5449935d89788077a3df66cd595ff77756b
+  metadata.gz: e18ff4154e5f66978e93156551804699cd3a62d4ae920893a94178ad276495130bbb0711b1e6284ab35eef04191f306c0c457aeedfad3b68e0612529daaf3b86
+  data.tar.gz: 4835734c63b673c62fcfbea1ee6407f2ffb1a7cc3c05d5bffecfbe8293e186b9f8a7d594d1722097d552b205e64fa3d4ff6e566ceadc8035c9e7a0c5c8c9bb59

data/.rubocop_todo.yml

@@ -1,5 +1,5 @@
 # This configuration was generated by `rubocop --auto-gen-config`
-# on 2015-03-06 19:51:00 -0800 using RuboCop version 0.28.0.
+# on 2015-04-23 11:18:24 -0700 using RuboCop version 0.30.0.
 # The point is for the user to remove these configuration records
 # one by one as the offenses are removed from the code base.
 # Note that changes in the inspected code, or installation of new
@@ -9,7 +9,7 @@
 Metrics/AbcSize:
   Max: 24
 
-# Offense count: 3
+# Offense count: 6
 # Configuration parameters: CountComments.
 Metrics/MethodLength:
-  Max: 11
+  Max: 13

data/CHANGELOG.md

@@ -1,3 +1,10 @@
+## 0.4.1 (25/04/2015)
+
+### Changes
+
+* Improves handling of --no-scopes GCE authorization ([@tbetbetbe][])
+* Refactoring and cleanup ([@joneslee85][])
+
 ## 0.4.0 (25/03/2015)
 
 ### Changes
@@ -12,3 +19,4 @@
 * changes the scope parameter's position in various constructors. ([@tbetbetbe][])
 
 [@tbetbetbe]: https://github.com/tbetbetbe
+[@joneslee85]: https://github.com/joneslee85

data/googleauth.gemspec

@@ -26,16 +26,16 @@ Gem::Specification.new do |s|
   s.platform      = Gem::Platform::RUBY
 
   s.add_dependency 'faraday', '~> 0.9'
-  s.add_dependency 'logging', '~> 1.8'
+  s.add_dependency 'logging', '~> 2.0'
   s.add_dependency 'jwt', '~> 1.4'
-  s.add_dependency 'memoist', '~> 0.11'
+  s.add_dependency 'memoist', '~> 0.12'
   s.add_dependency 'multi_json', '1.11'
   s.add_dependency 'signet', '~> 0.6'
 
-  s.add_development_dependency 'bundler', '~> 1.7'
+  s.add_development_dependency 'bundler', '~> 1.9'
   s.add_development_dependency 'simplecov', '~> 0.9'
   s.add_development_dependency 'coveralls', '~> 0.7'
   s.add_development_dependency 'rake', '~> 10.0'
-  s.add_development_dependency 'rubocop', '~> 0.29'
+  s.add_development_dependency 'rubocop', '~> 0.30'
   s.add_development_dependency 'rspec', '~> 3.0'
 end

data/lib/googleauth.rb

@@ -62,9 +62,14 @@ END
         json_key = MultiJson.load(json_key_io.read)
         fail "the json is missing the #{key} field" unless json_key.key?('type')
         type = json_key['type']
-        return json_key, ServiceAccountCredentials if type == 'service_account'
-        return [json_key, UserRefreshCredentials] if type == 'authorized_user'
-        fail "credentials type '#{type}' is not supported"
+        case type
+        when 'service_account'
+          [json_key, ServiceAccountCredentials]
+        when 'authorized_user'
+          [json_key, UserRefreshCredentials]
+        else
+          fail "credentials type '#{type}' is not supported"
+        end
       end
     end
 
@@ -82,9 +87,8 @@ END
     # @param scope [string|array|nil] the scope(s) to access
     # @param options [hash] allows override of the connection being used
     def get_application_default(scope = nil, options = {})
-      creds = DefaultCredentials.from_env(scope)
-      return creds unless creds.nil?
-      creds = DefaultCredentials.from_well_known_path(scope)
+      creds = DefaultCredentials.from_env(scope) ||
+              DefaultCredentials.from_well_known_path(scope)
       return creds unless creds.nil?
       fail NOT_FOUND_ERROR unless GCECredentials.on_gce?(options)
       GCECredentials.new

data/lib/googleauth/compute_engine.rb

@@ -35,13 +35,24 @@ module Google
   # Module Auth provides classes that provide Google-specific authorization
   # used to access Google APIs.
   module Auth
+    NO_METADATA_SERVER_ERROR = <<END
+Error code 404 trying to get security access token
+from Compute Engine metadata for the default service account. This
+may be because the virtual machine instance does not have permission
+scopes specified.
+END
+    UNEXPECTED_ERROR_SUFFIX = <<END
+trying to get security access token from Compute Engine metadata for
+the default service account
+END
+
     # Extends Signet::OAuth2::Client so that the auth token is obtained from
     # the GCE metadata server.
     class GCECredentials < Signet::OAuth2::Client
       # The IP Address is used in the URIs to speed up failures on non-GCE
       # systems.
       COMPUTE_AUTH_TOKEN_URI = 'http://169.254.169.254/computeMetadata/v1/'\
-                               'instance/service-accounts/default/token'
+      'instance/service-accounts/default/token'
       COMPUTE_CHECK_URI = 'http://169.254.169.254'
 
       class << self
@@ -78,8 +89,16 @@ module Google
         c = options[:connection] || Faraday.default_connection
         c.headers = { 'Metadata-Flavor' => 'Google' }
         resp = c.get(COMPUTE_AUTH_TOKEN_URI)
-        Signet::OAuth2.parse_credentials(resp.body,
-                                         resp.headers['content-type'])
+        case resp.status
+        when 200
+          Signet::OAuth2.parse_credentials(resp.body,
+                                           resp.headers['content-type'])
+        when 404
+          fail(Signet::AuthorizationError, NO_METADATA_SERVER_ERROR)
+        else
+          msg = "Unexpected error code #{resp.status}" + UNEXPECTED_ERROR_SUFFIX
+          fail(Signet::AuthorizationError, msg)
+        end
       end
     end
   end

data/lib/googleauth/version.rb

@@ -31,6 +31,6 @@ module Google
   # Module Auth provides classes that provide Google-specific authorization
   # used to access Google APIs.
   module Auth
-    VERSION = '0.4.0'
+    VERSION = '0.4.1'
   end
 end

data/spec/googleauth/compute_engine_spec.rb

@@ -60,6 +60,42 @@ describe Google::Auth::GCECredentials do
 
   it_behaves_like 'apply/apply! are OK'
 
+  context 'metadata is unavailable' do
+    describe '#fetch_access_token' do
+      it 'should fail if the metadata request returns a 404' do
+        stubs = Faraday::Adapter::Test::Stubs.new do |stub|
+          stub.get(MD_URI) do |_env|
+            [404,
+             { 'Metadata-Flavor' => 'Google' },
+             '']
+          end
+        end
+        c = Faraday.new do |b|
+          b.adapter(:test, stubs)
+        end
+        blk = proc { @client.fetch_access_token!(connection: c) }
+        expect(&blk).to raise_error Signet::AuthorizationError
+        stubs.verify_stubbed_calls
+      end
+
+      it 'should fail if the metadata request returns an unexpected code' do
+        stubs = Faraday::Adapter::Test::Stubs.new do |stub|
+          stub.get(MD_URI) do |_env|
+            [503,
+             { 'Metadata-Flavor' => 'Google' },
+             '']
+          end
+        end
+        c = Faraday.new do |b|
+          b.adapter(:test, stubs)
+        end
+        blk = proc { @client.fetch_access_token!(connection: c) }
+        expect(&blk).to raise_error Signet::AuthorizationError
+        stubs.verify_stubbed_calls
+      end
+    end
+  end
+
   describe '#on_gce?' do
     it 'should be true when Metadata-Flavor is Google' do
       stubs = Faraday::Adapter::Test::Stubs.new do |stub|

data/spec/googleauth/signet_spec.rb

@@ -45,8 +45,7 @@ describe Signet::OAuth2::Client do
       scope: 'https://www.googleapis.com/auth/userinfo.profile',
       issuer: 'app@example.com',
       audience: 'https://accounts.google.com/o/oauth2/token',
-      signing_key: @key
-      )
+      signing_key: @key)
   end
 
   def make_auth_stubs(opts)

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: googleauth
 version: !ruby/object:Gem::Version
-  version: 0.4.0
+  version: 0.4.1
 platform: ruby
 authors:
 - Tim Emiola
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-03-26 00:00:00.000000000 Z
+date: 2015-04-23 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: faraday
@@ -30,14 +30,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.8'
+        version: '2.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.8'
+        version: '2.0'
 - !ruby/object:Gem::Dependency
   name: jwt
   requirement: !ruby/object:Gem::Requirement
@@ -58,14 +58,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.11'
+        version: '0.12'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.11'
+        version: '0.12'
 - !ruby/object:Gem::Dependency
   name: multi_json
   requirement: !ruby/object:Gem::Requirement
@@ -100,14 +100,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.7'
+        version: '1.9'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.7'
+        version: '1.9'
 - !ruby/object:Gem::Dependency
   name: simplecov
   requirement: !ruby/object:Gem::Requirement
@@ -156,14 +156,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.29'
+        version: '0.30'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.29'
+        version: '0.30'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement