Skip to content

Commit

Permalink
fix: allow unset/null privateKeyId for JwtCredentials (#336)
Browse files Browse the repository at this point in the history
* fix: add failing test for unset/null privateKeyId

* fix: relax preconditions to allow null privateKeyId

* chore: fix lint

* fix: remove invalid test
  • Loading branch information
chingor13 authored Aug 22, 2019
1 parent 19f38ad commit d28a6ed
Show file tree
Hide file tree
Showing 2 changed files with 36 additions and 18 deletions.
4 changes: 2 additions & 2 deletions oauth2_http/java/com/google/auth/oauth2/JwtCredentials.java
Original file line number Diff line number Diff line change
Expand Up @@ -86,7 +86,7 @@ public class JwtCredentials extends Credentials implements JwtProvider {

private JwtCredentials(Builder builder) {
this.privateKey = Preconditions.checkNotNull(builder.getPrivateKey());
this.privateKeyId = Preconditions.checkNotNull(builder.getPrivateKeyId());
this.privateKeyId = builder.getPrivateKeyId();
this.jwtClaims = Preconditions.checkNotNull(builder.getJwtClaims());
Preconditions.checkState(jwtClaims.isComplete(), JWT_INCOMPLETE_ERROR_MESSAGE);
this.lifeSpanSeconds = Preconditions.checkNotNull(builder.getLifeSpanSeconds());
Expand Down Expand Up @@ -220,7 +220,7 @@ public PrivateKey getPrivateKey() {
}

public Builder setPrivateKeyId(String privateKeyId) {
this.privateKeyId = Preconditions.checkNotNull(privateKeyId);
this.privateKeyId = privateKeyId;
return this;
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -114,22 +114,6 @@ public void builder_requiresPrivateKey() {
}
}

@Test
public void builder_requiresPrivateKeyId() {
try {
JwtClaims claims =
JwtClaims.newBuilder()
.setAudience("some-audience")
.setIssuer("some-issuer")
.setSubject("some-subject")
.build();
JwtCredentials.newBuilder().setJwtClaims(claims).setPrivateKey(getPrivateKey()).build();
fail("Should throw exception");
} catch (NullPointerException ex) {
// expected
}
}

@Test
public void builder_requiresClaims() {
try {
Expand Down Expand Up @@ -248,6 +232,40 @@ public void getRequestMetadata_withAdditionalClaims_hasJwtAccess() throws IOExce
Collections.singletonMap("foo", "bar"));
}

@Test
public void privateKeyIdNull() throws IOException {
JwtClaims claims =
JwtClaims.newBuilder()
.setAudience("some-audience")
.setIssuer("some-issuer")
.setSubject("some-subject")
.build();
JwtCredentials credentials =
JwtCredentials.newBuilder()
.setJwtClaims(claims)
.setPrivateKey(getPrivateKey())
.setPrivateKeyId(null)
.build();

Map<String, List<String>> metadata = credentials.getRequestMetadata();
verifyJwtAccess(metadata, "some-audience", "some-issuer", "some-subject", null);
}

@Test
public void privateKeyIdNotSpecified() throws IOException {
JwtClaims claims =
JwtClaims.newBuilder()
.setAudience("some-audience")
.setIssuer("some-issuer")
.setSubject("some-subject")
.build();
JwtCredentials credentials =
JwtCredentials.newBuilder().setJwtClaims(claims).setPrivateKey(getPrivateKey()).build();

Map<String, List<String>> metadata = credentials.getRequestMetadata();
verifyJwtAccess(metadata, "some-audience", "some-issuer", "some-subject", null);
}

private void verifyJwtAccess(
Map<String, List<String>> metadata,
String expectedAudience,
Expand Down

0 comments on commit d28a6ed

Please sign in to comment.