googleauth 0.7.1 → 0.8.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 105a3281fcd2fa4a6a90f122c62e3f852f9c116172edd83c9ac759a93ff8ba78
-  data.tar.gz: 40078f9fc7910a259496f600d84a50d97722e62cf5c125a9c74f1994a2620553
+  metadata.gz: 3e646bac53d9ec3282d73ffc1110581dbd52a36d89a5ad3e78d2d7b6cb998f6c
+  data.tar.gz: ed9f5ff32c8a8093dbfba02266c2f50544572dda9ed5e77e081ff6eabdcd2ac4
 SHA512:
-  metadata.gz: 8693833fa1fe3ae6a95e24e35131167ff0a8ecca9704038c93939d181360f9b75bb8d0987914daaf2cd804d7ae82b49e78df3a2d8084fc4dc8d0a620e2b7d21b
-  data.tar.gz: 8d1658ef226f85c084b317454bd24dda581eb439d89946fcbc1b3fa2f9393a086bb5b668cd2ba18d8eb8feb3323682101907651ce51aae3273de14c350d5f8f1
+  metadata.gz: b4bf425795f1274eee8197d50bf2d8ec433881eee828081ee8e4ec6b078357b6a1c1a72b177dd81e0fa91170f0aad69dc5c937e134b813215caec095630259bd
+  data.tar.gz: 216d5d6ae1dbc594247686eec49447a3a7a3dac7ccea3d5245ee6571ae446c1186bfd7ac41223f8d0f325abe5b444162a66248c4b2c8bc5e5d5cf5b3a4e5ff67

data/.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,36 @@
+---
+name: Bug report
+about: Create a report to help us improve
+
+---
+
+Thanks for stopping by to let us know something could be better!
+
+**PLEASE READ**: If you have a support contract with Google, please create an issue in the [support console](https://cloud.google.com/support/) instead of filing on GitHub. This will ensure a timely response.
+
+Please run down the following list and make sure you've tried the usual "quick fixes":
+
+  - Search the issues already opened: https://github.com/googleapis/google-auth-library-ruby/issues
+  - Search Stack Overflow: https://stackoverflow.com/questions/tagged/google-auth-library-ruby
+
+If you are still having issues, please be sure to include as much information as possible:
+
+#### Environment details
+
+  - OS:
+  - Ruby version:
+  - Gem name and version:
+
+#### Steps to reproduce
+
+  1. ...
+
+#### Code example
+
+```ruby
+# example
+```
+
+Making sure to follow these steps will guarantee the quickest resolution possible.
+
+Thanks!

data/.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,21 @@
+---
+name: Feature request
+about: Suggest an idea for this library
+
+---
+
+Thanks for stopping by to let us know something could be better!
+
+**PLEASE READ**: If you have a support contract with Google, please create an issue in the [support console](https://cloud.google.com/support/) instead of filing on GitHub. This will ensure a timely response.
+
+ **Is your feature request related to a problem? Please describe.**
+A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
+
+ **Describe the solution you'd like**
+A clear and concise description of what you want to happen.
+
+ **Describe alternatives you've considered**
+A clear and concise description of any alternative solutions or features you've considered.
+
+ **Additional context**
+Add any other context or screenshots about the feature request here.

data/.github/ISSUE_TEMPLATE/support_request.md

@@ -0,0 +1,7 @@
+---
+name: Support request
+about: If you have a support contract with Google, please create an issue in the Google Cloud Support console.
+
+---
+
+**PLEASE READ**: If you have a support contract with Google, please create an issue in the [support console](https://cloud.google.com/support/) instead of filing on GitHub. This will ensure a timely response.

data/.kokoro/build.sh

@@ -20,7 +20,7 @@ ruby --version
 # https://github.com/bundler/bundler/issues/6154
 export BUNDLE_GEMFILE=
 
-RUBY_VERSIONS=("2.3.7" "2.4.4" "2.5.1")
+RUBY_VERSIONS=("2.3.8" "2.4.5" "2.5.3")
 
 # Capture failures
 EXIT_STATUS=0 # everything passed

data/.rubocop.yml

@@ -11,6 +11,8 @@ Metrics/CyclomaticComplexity:
   Max: 8
 Metrics/MethodLength:
   Max: 20
+Metrics/ModuleLength:
+  Max: 150
 Metrics/ClassLength:
   Enabled: false
 Layout/IndentHeredoc:

data/CHANGELOG.md

@@ -1,3 +1,8 @@
+## 0.8.0 (2019/01/02)
+
+* Support connection options :default_connection and :connection_builder when creating credentials that need to refresh OAuth tokens. This lets clients provide connection objects with custom settings, such as proxies, needed for the client environment.
+* Removed an unnecessary warning about project IDs.
+
 ## 0.7.1 (2018/10/25)
 
 * Make load_gcloud_project_id module function.

data/lib/googleauth/application_default.rb

@@ -52,11 +52,21 @@ ERROR_MESSAGE
     # scope is ignored.
     #
     # @param scope [string|array|nil] the scope(s) to access
-    # @param options [hash] allows override of the connection being used
+    # @param options [Hash] Connection options. These may be used to configure
+    #     the `Faraday::Connection` used for outgoing HTTP requests. For
+    #     example, if a connection proxy must be used in the current network,
+    #     you may provide a connection with with the needed proxy options.
+    #     The following keys are recognized:
+    #     * `:default_connection` The connection object to use for token
+    #       refresh requests.
+    #     * `:connection_builder` A `Proc` that creates and returns a
+    #       connection to use for token refresh requests.
+    #     * `:connection` The connection to use to determine whether GCE
+    #       metadata credentials are available.
     def get_application_default(scope = nil, options = {})
-      creds = DefaultCredentials.from_env(scope) ||
-              DefaultCredentials.from_well_known_path(scope) ||
-              DefaultCredentials.from_system_default_path(scope)
+      creds = DefaultCredentials.from_env(scope, options) ||
+              DefaultCredentials.from_well_known_path(scope, options) ||
+              DefaultCredentials.from_system_default_path(scope, options)
       return creds unless creds.nil?
       unless GCECredentials.on_gce?(options)
         # Clear cache of the result of GCECredentials.on_gce?

data/lib/googleauth/compute_engine.rb

@@ -87,10 +87,9 @@ ERROR
       # fetched.
       def fetch_access_token(options = {})
         c = options[:connection] || Faraday.default_connection
-        c.headers = { 'Metadata-Flavor' => 'Google' }
-
         retry_with_error do
-          resp = c.get(COMPUTE_AUTH_TOKEN_URI)
+          headers = { 'Metadata-Flavor' => 'Google' }
+          resp = c.get(COMPUTE_AUTH_TOKEN_URI, nil, headers)
           case resp.status
           when 200
             Signet::OAuth2.parse_credentials(resp.body,

data/lib/googleauth/credentials.rb

@@ -66,14 +66,14 @@ module Google
         elsif keyfile.is_a? Hash
           hash = stringify_hash_keys keyfile
           hash['scope'] ||= scope
-          @client = init_client hash
+          @client = init_client hash, options
           @project_id ||= (hash['project_id'] || hash['project'])
         else
           verify_keyfile_exists! keyfile
           json = JSON.parse ::File.read(keyfile)
           json['scope'] ||= scope
           @project_id ||= (json['project_id'] || json['project'])
-          @client = init_client json
+          @client = init_client json, options
         end
         CredentialsLoader.warn_if_cloud_sdk_credentials @client.client_id
         @project_id ||= CredentialsLoader.load_gcloud_project_id
@@ -85,33 +85,32 @@ module Google
       # previously stated locations do not contain keyfile information,
       # this method defaults to use the application default.
       def self.default(options = {})
-        scope = options[:scope]
         # First try to find keyfile file from environment variables.
-        client = from_path_vars scope
+        client = from_path_vars options
 
         # Second try to find keyfile json from environment variables.
-        client ||= from_json_vars scope
+        client ||= from_json_vars options
 
         # Third try to find keyfile file from known file paths.
-        client ||= from_default_paths scope
+        client ||= from_default_paths options
 
         # Finally get instantiated client from Google::Auth
-        client ||= from_application_default scope
+        client ||= from_application_default options
         client
       end
 
-      def self.from_path_vars(scope)
+      def self.from_path_vars(options)
         self::PATH_ENV_VARS
           .map { |v| ENV[v] }
           .compact
           .select { |p| ::File.file? p }
           .each do |file|
-            return new file, scope: scope
+            return new file, options
           end
         nil
       end
 
-      def self.from_json_vars(scope)
+      def self.from_json_vars(options)
         json = lambda do |v|
           unless ENV[v].nil?
             begin
@@ -122,24 +121,24 @@ module Google
           end
         end
         self::JSON_ENV_VARS.map(&json).compact.each do |hash|
-          return new hash, scope: scope
+          return new hash, options
         end
         nil
       end
 
-      def self.from_default_paths(scope)
+      def self.from_default_paths(options)
         self::DEFAULT_PATHS
           .select { |p| ::File.file? p }
           .each do |file|
-            return new file, scope: scope
+            return new file, options
           end
         nil
       end
 
-      def self.from_application_default(scope)
-        scope ||= self::SCOPE
+      def self.from_application_default(options)
+        scope = options[:scope] || self::SCOPE
         client = Google::Auth.get_application_default scope
-        new client
+        new client, options
       end
       private_class_method :from_path_vars,
                            :from_json_vars,
@@ -161,9 +160,10 @@ module Google
       end
 
       # Initializes the Signet client.
-      def init_client(keyfile)
+      def init_client(keyfile, connection_options = {})
         client_opts = client_options keyfile
-        Signet::OAuth2::Client.new client_opts
+        Signet::OAuth2::Client.new(client_opts)
+                              .configure_connection(connection_options)
       end
 
       # returns a new Hash with string keys instead of symbol keys.

data/lib/googleauth/credentials_loader.rb

@@ -76,22 +76,35 @@ module Google
       # By default, it calls #new on the current class, but this behaviour can
       # be modified, allowing different instances to be created.
       def make_creds(*args)
-        new(*args)
+        creds = new(*args)
+        if creds.respond_to?(:configure_connection) && args.size == 1
+          creds = creds.configure_connection(args[0])
+        end
+        creds
       end
 
       # Creates an instance from the path specified in an environment
       # variable.
       #
       # @param scope [string|array|nil] the scope(s) to access
-      def from_env(scope = nil)
+      # @param options [Hash] Connection options. These may be used to configure
+      #     how OAuth tokens are retrieved, by providing a suitable
+      #     `Faraday::Connection`. For example, if a connection proxy must be
+      #     used in the current network, you may provide a connection with
+      #     with the needed proxy options.
+      #     The following keys are recognized:
+      #     * `:default_connection` The connection object to use.
+      #     * `:connection_builder` A `Proc` that returns a connection.
+      def from_env(scope = nil, options = {})
+        options = interpret_options scope, options
         if ENV.key?(ENV_VAR)
           path = ENV[ENV_VAR]
           raise "file #{path} does not exist" unless File.exist?(path)
           File.open(path) do |f|
-            return make_creds(json_key_io: f, scope: scope)
+            return make_creds(options.merge(json_key_io: f))
           end
         elsif service_account_env_vars? || authorized_user_env_vars?
-          return make_creds(scope: scope)
+          return make_creds(options)
         end
       rescue StandardError => e
         raise "#{NOT_FOUND_ERROR}: #{e}"
@@ -100,7 +113,16 @@ module Google
       # Creates an instance from a well known path.
       #
       # @param scope [string|array|nil] the scope(s) to access
-      def from_well_known_path(scope = nil)
+      # @param options [Hash] Connection options. These may be used to configure
+      #     how OAuth tokens are retrieved, by providing a suitable
+      #     `Faraday::Connection`. For example, if a connection proxy must be
+      #     used in the current network, you may provide a connection with
+      #     with the needed proxy options.
+      #     The following keys are recognized:
+      #     * `:default_connection` The connection object to use.
+      #     * `:connection_builder` A `Proc` that returns a connection.
+      def from_well_known_path(scope = nil, options = {})
+        options = interpret_options scope, options
         home_var = OS.windows? ? 'APPDATA' : 'HOME'
         base = WELL_KNOWN_PATH
         root = ENV[home_var].nil? ? '' : ENV[home_var]
@@ -108,7 +130,7 @@ module Google
         path = File.join(root, base)
         return nil unless File.exist?(path)
         File.open(path) do |f|
-          return make_creds(json_key_io: f, scope: scope)
+          return make_creds(options.merge(json_key_io: f))
         end
       rescue StandardError => e
         raise "#{WELL_KNOWN_ERROR}: #{e}"
@@ -117,7 +139,16 @@ module Google
       # Creates an instance from the system default path
       #
       # @param scope [string|array|nil] the scope(s) to access
-      def from_system_default_path(scope = nil)
+      # @param options [Hash] Connection options. These may be used to configure
+      #     how OAuth tokens are retrieved, by providing a suitable
+      #     `Faraday::Connection`. For example, if a connection proxy must be
+      #     used in the current network, you may provide a connection with
+      #     with the needed proxy options.
+      #     The following keys are recognized:
+      #     * `:default_connection` The connection object to use.
+      #     * `:connection_builder` A `Proc` that returns a connection.
+      def from_system_default_path(scope = nil, options = {})
+        options = interpret_options scope, options
         if OS.windows?
           return nil unless ENV['ProgramData']
           prefix = File.join(ENV['ProgramData'], 'Google/Auth')
@@ -127,7 +158,7 @@ module Google
         path = File.join(prefix, CREDENTIALS_FILE_NAME)
         return nil unless File.exist?(path)
         File.open(path) do |f|
-          return make_creds(json_key_io: f, scope: scope)
+          return make_creds(options.merge(json_key_io: f))
         end
       rescue StandardError => e
         raise "#{SYSTEM_DEFAULT_ERROR}: #{e}"
@@ -139,18 +170,31 @@ module Google
       end
       module_function :warn_if_cloud_sdk_credentials
 
+      # Finds project_id from gcloud CLI configuration
       def load_gcloud_project_id
         gcloud = GCLOUD_WINDOWS_COMMAND if OS.windows?
         gcloud = GCLOUD_POSIX_COMMAND unless OS.windows?
         config = MultiJson.load(`#{gcloud} #{GCLOUD_CONFIG_COMMAND}`)
         config['configuration']['properties']['core']['project']
       rescue
-        warn 'Unable to determine project id.'
+        nil
       end
       module_function :load_gcloud_project_id
 
       private
 
+      def interpret_options(scope, options)
+        if scope.is_a? Hash
+          options = scope
+          scope = nil
+        end
+        if scope && !options[:scope]
+          options.merge(scope: scope)
+        else
+          options
+        end
+      end
+
       def service_account_env_vars?
         ([PRIVATE_KEY_VAR, CLIENT_EMAIL_VAR] - ENV.keys).empty?
       end

data/lib/googleauth/default_credentials.rb

@@ -46,16 +46,16 @@ module Google
       # override CredentialsLoader#make_creds to use the class determined by
       # loading the json.
       def self.make_creds(options = {})
-        json_key_io, scope = options.values_at(:json_key_io, :scope)
+        json_key_io = options[:json_key_io]
         if json_key_io
           json_key, clz = determine_creds_class(json_key_io)
           warn_if_cloud_sdk_credentials json_key['client_id']
-          clz.make_creds(json_key_io: StringIO.new(MultiJson.dump(json_key)),
-                         scope: scope)
+          io = StringIO.new(MultiJson.dump(json_key))
+          clz.make_creds(options.merge(json_key_io: io))
         else
           warn_if_cloud_sdk_credentials ENV[CredentialsLoader::CLIENT_ID_VAR]
           clz = read_creds
-          clz.make_creds(scope: scope)
+          clz.make_creds(options)
         end
       end
 

data/lib/googleauth/service_account.rb

@@ -73,6 +73,7 @@ module Google
             issuer: client_email,
             signing_key: OpenSSL::PKey::RSA.new(private_key),
             project_id: project_id)
+          .configure_connection(options)
       end
 
       # Handles certain escape sequences that sometimes appear in input.

data/lib/googleauth/signet.rb

@@ -38,6 +38,12 @@ module Signet
     # This reopens Client to add #apply and #apply! methods which update a
     # hash with the fetched authentication token.
     class Client
+      def configure_connection(options)
+        @connection_info =
+          options[:connection_builder] || options[:default_connection]
+        self
+      end
+
       # Updates a_hash updated with the authentication token
       def apply!(a_hash, opts = {})
         # fetch the access token there is currently not one, or if the client
@@ -66,6 +72,10 @@ module Signet
 
       alias orig_fetch_access_token! fetch_access_token!
       def fetch_access_token!(options = {})
+        unless options[:connection]
+          connection = build_default_connection
+          options = options.merge(connection: connection) if connection
+        end
         info = orig_fetch_access_token!(options)
         notify_refresh_listeners
         info
@@ -78,6 +88,16 @@ module Signet
         end
       end
 
+      def build_default_connection
+        if !defined?(@connection_info)
+          nil
+        elsif @connection_info.respond_to? :call
+          @connection_info.call
+        else
+          @connection_info
+        end
+      end
+
       def retry_with_error(max_retry_count = 5)
         retry_count = 0
 

data/lib/googleauth/user_refresh.rb

@@ -72,6 +72,7 @@ module Google
             refresh_token: user_creds['refresh_token'],
             project_id:    user_creds['project_id'],
             scope: scope)
+          .configure_connection(options)
       end
 
       # Reads the client_id, client_secret and refresh_token fields from the

data/lib/googleauth/version.rb

@@ -31,6 +31,6 @@ module Google
   # Module Auth provides classes that provide Google-specific authorization
   # used to access Google APIs.
   module Auth
-    VERSION = '0.7.1'.freeze
+    VERSION = '0.8.0'.freeze
   end
 end

data/spec/googleauth/credentials_spec.rb

@@ -47,6 +47,7 @@ describe Google::Auth::Credentials, :private do
 
   it 'uses a default scope' do
     mocked_signet = double('Signet::OAuth2::Client')
+    allow(mocked_signet).to receive(:configure_connection).and_return(mocked_signet)
     allow(mocked_signet).to receive(:fetch_access_token!).and_return(true)
     allow(mocked_signet).to receive(:client_id)
     allow(Signet::OAuth2::Client).to receive(:new) do |options|
@@ -64,6 +65,7 @@ describe Google::Auth::Credentials, :private do
 
   it 'uses a custom scope' do
     mocked_signet = double('Signet::OAuth2::Client')
+    allow(mocked_signet).to receive(:configure_connection).and_return(mocked_signet)
     allow(mocked_signet).to receive(:fetch_access_token!).and_return(true)
     allow(mocked_signet).to receive(:client_id)
     allow(Signet::OAuth2::Client).to receive(:new) do |options|
@@ -96,6 +98,7 @@ describe Google::Auth::Credentials, :private do
     allow(::File).to receive(:file?).with(TEST_PATH_ENV_VAL) { false }
 
     mocked_signet = double('Signet::OAuth2::Client')
+    allow(mocked_signet).to receive(:configure_connection).and_return(mocked_signet)
     allow(mocked_signet).to receive(:fetch_access_token!).and_return(true)
     allow(mocked_signet).to receive(:client_id)
     allow(Signet::OAuth2::Client).to receive(:new) do |options|
@@ -129,6 +132,7 @@ describe Google::Auth::Credentials, :private do
     allow(::File).to receive(:read).with('/unknown/path/to/file.txt') { JSON.generate(default_keyfile_hash) }
 
     mocked_signet = double('Signet::OAuth2::Client')
+    allow(mocked_signet).to receive(:configure_connection).and_return(mocked_signet)
     allow(mocked_signet).to receive(:fetch_access_token!).and_return(true)
     allow(mocked_signet).to receive(:client_id)
     allow(Signet::OAuth2::Client).to receive(:new) do |options|
@@ -161,6 +165,7 @@ describe Google::Auth::Credentials, :private do
     allow(::ENV).to receive(:[]).with('JSON_ENV_TEST') { JSON.generate(default_keyfile_hash) }
 
     mocked_signet = double('Signet::OAuth2::Client')
+    allow(mocked_signet).to receive(:configure_connection).and_return(mocked_signet)
     allow(mocked_signet).to receive(:fetch_access_token!).and_return(true)
     allow(mocked_signet).to receive(:client_id)
     allow(Signet::OAuth2::Client).to receive(:new) do |options|
@@ -194,6 +199,7 @@ describe Google::Auth::Credentials, :private do
     allow(::File).to receive(:read).with('~/default/path/to/file.txt') { JSON.generate(default_keyfile_hash) }
 
     mocked_signet = double('Signet::OAuth2::Client')
+    allow(mocked_signet).to receive(:configure_connection).and_return(mocked_signet)
     allow(mocked_signet).to receive(:fetch_access_token!).and_return(true)
     allow(mocked_signet).to receive(:client_id)
     allow(Signet::OAuth2::Client).to receive(:new) do |options|
@@ -226,6 +232,7 @@ describe Google::Auth::Credentials, :private do
     allow(::File).to receive(:file?).with('~/default/path/to/file.txt') { false }
 
     mocked_signet = double('Signet::OAuth2::Client')
+    allow(mocked_signet).to receive(:configure_connection).and_return(mocked_signet)
     allow(mocked_signet).to receive(:fetch_access_token!).and_return(true)
     allow(mocked_signet).to receive(:client_id)
     allow(Google::Auth).to receive(:get_application_default) do |scope|
@@ -253,6 +260,7 @@ describe Google::Auth::Credentials, :private do
 
   it 'warns when cloud sdk credentials are used' do
     mocked_signet = double('Signet::OAuth2::Client')
+    allow(mocked_signet).to receive(:configure_connection).and_return(mocked_signet)
     allow(mocked_signet).to receive(:fetch_access_token!).and_return(true)
     allow(Signet::OAuth2::Client).to receive(:new) do |options|
       mocked_signet

data/spec/googleauth/get_application_default_spec.rb

@@ -100,6 +100,19 @@ describe '#get_application_default' do
       end
     end
 
+    it "propagates default_connection option" do
+      Dir.mktmpdir do |dir|
+        key_path = File.join(dir, 'my_cert_file')
+        FileUtils.mkdir_p(File.dirname(key_path))
+        File.write(key_path, cred_json_text)
+        ENV[@var_name] = key_path
+        connection = Faraday.new(headers: {"User-Agent" => "hello"})
+        opts = options.merge(default_connection: connection)
+        creds = Google::Auth.get_application_default(@scope, opts)
+        expect(creds.build_default_connection).to be connection
+      end
+    end
+
     it 'succeeds with default file without GOOGLE_APPLICATION_CREDENTIALS' do
       ENV.delete(@var_name) unless ENV[@var_name].nil?
       Dir.mktmpdir do |dir|

data/spec/googleauth/service_account_spec.rb

@@ -229,6 +229,14 @@ describe Google::Auth::ServiceAccountCredentials do
       ENV[CLIENT_EMAIL_VAR] = cred_json[:client_email]
       expect(@clz.from_env(@scope)).to_not be_nil
     end
+
+    it "propagates default_connection option" do
+      ENV[PRIVATE_KEY_VAR] = cred_json[:private_key]
+      ENV[CLIENT_EMAIL_VAR] = cred_json[:client_email]
+      connection = Faraday.new(headers: {"User-Agent" => "hello"})
+      creds = @clz.from_env(@scope, default_connection: connection)
+      expect(creds.build_default_connection).to be connection
+    end
   end
 
   describe '#from_well_known_path' do
@@ -274,6 +282,20 @@ describe Google::Auth::ServiceAccountCredentials do
         expect(credentials.project_id).to eq(cred_json[:project_id])
       end
     end
+
+    it "propagates default_connection option" do
+      Dir.mktmpdir do |dir|
+        key_path = File.join(dir, '.config', @known_path)
+        key_path = File.join(dir, WELL_KNOWN_PATH) if OS.windows?
+        FileUtils.mkdir_p(File.dirname(key_path))
+        File.write(key_path, cred_json_text)
+        ENV['HOME'] = dir
+        ENV['APPDATA'] = dir
+        connection = Faraday.new(headers: {"User-Agent" => "hello"})
+        creds = @clz.from_well_known_path(@scope, default_connection: connection)
+        expect(creds.build_default_connection).to be connection
+      end
+    end
   end
 
   describe '#from_system_default_path' do
@@ -305,6 +327,18 @@ describe Google::Auth::ServiceAccountCredentials do
         File.delete(@path)
       end
     end
+
+    it "propagates default_connection option" do
+      FakeFS do
+        ENV['ProgramData'] = '/etc'
+        FileUtils.mkdir_p(File.dirname(@path))
+        File.write(@path, cred_json_text)
+        connection = Faraday.new(headers: {"User-Agent" => "hello"})
+        creds = @clz.from_system_default_path(@scope, default_connection: connection)
+        expect(creds.build_default_connection).to be connection
+        File.delete(@path)
+      end
+    end
   end
 end
 

data/spec/googleauth/signet_spec.rb

@@ -60,14 +60,45 @@ describe Signet::OAuth2::Client do
                                    @key.public_key, true,
                                    algorithm: 'RS256')
     end
+    with_params = {body: hash_including(
+      "grant_type" => "urn:ietf:params:oauth:grant-type:jwt-bearer")}
+    if opts[:user_agent]
+      with_params[:headers] = {"User-Agent" => opts[:user_agent]}
+    end
     stub_request(:post, 'https://oauth2.googleapis.com/token')
-      .with(body: hash_including(
-        'grant_type' => 'urn:ietf:params:oauth:grant-type:jwt-bearer'
-      ), &blk)
+      .with(with_params, &blk)
       .to_return(body: body,
                  status: 200,
                  headers: { 'Content-Type' => 'application/json' })
   end
 
   it_behaves_like 'apply/apply! are OK'
+
+  describe "#configure_connection" do
+    it "honors default_connection" do
+      token = "1/abcdef1234567890"
+      stub = make_auth_stubs access_token: token, user_agent: "RubyRocks/1.0"
+      conn = Faraday.new headers: {"User-Agent" => "RubyRocks/1.0"}
+      @client.configure_connection(default_connection: conn)
+      md = { foo: "bar" }
+      @client.apply!(md)
+      want = { foo: "bar", authorization: "Bearer #{token}" }
+      expect(md).to eq(want)
+      expect(stub).to have_been_requested
+    end
+
+    it "honors connection_builder" do
+      token = "1/abcdef1234567890"
+      stub = make_auth_stubs access_token: token, user_agent: "RubyRocks/2.0"
+      connection_builder = proc do
+        Faraday.new headers: {"User-Agent" => "RubyRocks/2.0"}
+      end
+      @client.configure_connection(connection_builder: connection_builder)
+      md = { foo: "bar" }
+      @client.apply!(md)
+      want = { foo: "bar", authorization: "Bearer #{token}" }
+      expect(md).to eq(want)
+      expect(stub).to have_been_requested
+    end
+  end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: googleauth
 version: !ruby/object:Gem::Version
-  version: 0.7.1
+  version: 0.8.0
 platform: ruby
 authors:
 - Tim Emiola
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-10-26 00:00:00.000000000 Z
+date: 2019-01-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: faraday
@@ -115,6 +115,10 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/CONTRIBUTING.md"
+- ".github/ISSUE_TEMPLATE/bug_report.md"
+- ".github/ISSUE_TEMPLATE/feature_request.md"
+- ".github/ISSUE_TEMPLATE/support_request.md"
 - ".gitignore"
 - ".kokoro/build.bat"
 - ".kokoro/build.sh"
@@ -135,7 +139,6 @@ files:
 - ".travis.yml"
 - CHANGELOG.md
 - CODE_OF_CONDUCT.md
-- CONTRIBUTING.md
 - COPYING
 - Gemfile
 - README.md