Skip to content

Commit

Permalink
fix(auth): Migrated IAM sign endpoint to iamcredentials.googleapis.com (
Browse files Browse the repository at this point in the history 
#916)
  • Loading branch information
@hiranya911
hiranya911 authored Jun 24, 2020
1 parent 9b3a2ab commit 98b4788
Show file tree
Hide file tree
Showing 2 changed files with 11 additions and 11 deletions.
6 changes: 3 additions & 3 deletions src/auth/token-generator.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -151,13 +151,13 @@ export class IAMSigner implements CryptoSigner {
return this.getAccountId().then((serviceAccount) => {
const request: HttpRequestConfig = {
method: 'POST',
url: `https://iam.googleapis.com/v1/projects/-/serviceAccounts/${serviceAccount}:signBlob`,
data: {bytesToSign: buffer.toString('base64')},
url: `https://iamcredentials.googleapis.com/v1/projects/-/serviceAccounts/${serviceAccount}:signBlob`,
data: {payload: buffer.toString('base64')},
};
return this.httpClient.send(request);
}).then((response: any) => {
// Response from IAM is base64 encoded. Decode it into a buffer and return.
return Buffer.from(response.data.signature, 'base64');
return Buffer.from(response.data.signedBlob, 'base64');
}).catch((err) => {
if (err instanceof HttpError) {
const error = err.response.data;
Expand Down
16 changes: 8 additions & 8 deletions test/unit/auth/token-generator.spec.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -127,13 +127,13 @@ describe('CryptoSigner', () => {
});

describe('explicit service account ID', () => {
const response = {signature: Buffer.from('testsignature').toString('base64')};
const response = {signedBlob: Buffer.from('testsignature').toString('base64')};
const input = Buffer.from('input');
const signRequest = {
method: 'POST',
url: `https://iam.googleapis.com/v1/projects/-/serviceAccounts/test-service-account:signBlob`,
url: `https://iamcredentials.googleapis.com/v1/projects/-/serviceAccounts/test-service-account:signBlob`,
headers: {Authorization: `Bearer ${mockAccessToken}`},
data: {bytesToSign: input.toString('base64')},
data: {payload: input.toString('base64')},
};
let stub: sinon.SinonStub;

Expand All @@ -147,7 +147,7 @@ describe('CryptoSigner', () => {
const requestHandler = new AuthorizedHttpClient(mockApp);
const signer = new IAMSigner(requestHandler, 'test-service-account');
return signer.sign(input).then((signature) => {
expect(signature.toString('base64')).to.equal(response.signature);
expect(signature.toString('base64')).to.equal(response.signedBlob);
expect(stub).to.have.been.calledOnce.and.calledWith(signRequest);
});
});
Expand Down Expand Up @@ -179,17 +179,17 @@ describe('CryptoSigner', () => {

describe('auto discovered service account', () => {
const input = Buffer.from('input');
const response = {signature: Buffer.from('testsignature').toString('base64')};
const response = {signedBlob: Buffer.from('testsignature').toString('base64')};
const metadataRequest = {
method: 'GET',
url: `http://metadata/computeMetadata/v1/instance/service-accounts/default/email`,
headers: {'Metadata-Flavor': 'Google'},
};
const signRequest = {
method: 'POST',
url: `https://iam.googleapis.com/v1/projects/-/serviceAccounts/discovered-service-account:signBlob`,
url: `https://iamcredentials.googleapis.com/v1/projects/-/serviceAccounts/discovered-service-account:signBlob`,
headers: {Authorization: `Bearer ${mockAccessToken}`},
data: {bytesToSign: input.toString('base64')},
data: {payload: input.toString('base64')},
};
let stub: sinon.SinonStub;

Expand All @@ -204,7 +204,7 @@ describe('CryptoSigner', () => {
const requestHandler = new AuthorizedHttpClient(mockApp);
const signer = new IAMSigner(requestHandler);
return signer.sign(input).then((signature) => {
expect(signature.toString('base64')).to.equal(response.signature);
expect(signature.toString('base64')).to.equal(response.signedBlob);
expect(stub).to.have.been.calledTwice;
expect(stub.getCall(0).args[0]).to.deep.equal(metadataRequest);
expect(stub.getCall(1).args[0]).to.deep.equal(signRequest);
Expand Down

0 comments on commit 98b4788

Please sign in to comment.