Skip to content

Commit

Permalink
fix: enable self signed jwt for grpc (#190)
Browse files Browse the repository at this point in the history 
PiperOrigin-RevId: 386504689

Source-Link: googleapis/googleapis@762094a

Source-Link: googleapis/googleapis-gen@6bfc480
  • Loading branch information
@gcf-owl-bot
gcf-owl-bot[bot] authored Jul 24, 2021
1 parent 13f68df commit e2f6222
Show file tree
Hide file tree
Showing 14 changed files with 154 additions and 91 deletions.
4 changes: 4 additions & 0 deletions ...oogle-cloud-monitoring/google/cloud/monitoring_v3/services/alert_policy_service/client.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -377,6 +377,10 @@ def __init__(
client_cert_source_for_mtls=client_cert_source_func,
quota_project_id=client_options.quota_project_id,
client_info=client_info,
always_use_jwt_access=(
Transport == type(self).get_transport_class("grpc")
or Transport == type(self).get_transport_class("grpc_asyncio")
),
)

def list_alert_policies(
Expand Down
4 changes: 4 additions & 0 deletions packages/google-cloud-monitoring/google/cloud/monitoring_v3/services/group_service/client.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -352,6 +352,10 @@ def __init__(
client_cert_source_for_mtls=client_cert_source_func,
quota_project_id=client_options.quota_project_id,
client_info=client_info,
always_use_jwt_access=(
Transport == type(self).get_transport_class("grpc")
or Transport == type(self).get_transport_class("grpc_asyncio")
),
)

def list_groups(
Expand Down
4 changes: 4 additions & 0 deletions ...ages/google-cloud-monitoring/google/cloud/monitoring_v3/services/metric_service/client.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -379,6 +379,10 @@ def __init__(
client_cert_source_for_mtls=client_cert_source_func,
quota_project_id=client_options.quota_project_id,
client_info=client_info,
always_use_jwt_access=(
Transport == type(self).get_transport_class("grpc")
or Transport == type(self).get_transport_class("grpc_asyncio")
),
)

def list_monitored_resource_descriptors(
Expand Down
4 changes: 4 additions & 0 deletions ...oud-monitoring/google/cloud/monitoring_v3/services/notification_channel_service/client.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -374,6 +374,10 @@ def __init__(
client_cert_source_for_mtls=client_cert_source_func,
quota_project_id=client_options.quota_project_id,
client_info=client_info,
always_use_jwt_access=(
Transport == type(self).get_transport_class("grpc")
or Transport == type(self).get_transport_class("grpc_asyncio")
),
)

def list_notification_channel_descriptors(
Expand Down
4 changes: 4 additions & 0 deletions packages/google-cloud-monitoring/google/cloud/monitoring_v3/services/query_service/client.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -330,6 +330,10 @@ def __init__(
client_cert_source_for_mtls=client_cert_source_func,
quota_project_id=client_options.quota_project_id,
client_info=client_info,
always_use_jwt_access=(
Transport == type(self).get_transport_class("grpc")
or Transport == type(self).get_transport_class("grpc_asyncio")
),
)

def query_time_series(
Expand Down
4 changes: 4 additions & 0 deletions ...cloud-monitoring/google/cloud/monitoring_v3/services/service_monitoring_service/client.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -371,6 +371,10 @@ def __init__(
client_cert_source_for_mtls=client_cert_source_func,
quota_project_id=client_options.quota_project_id,
client_info=client_info,
always_use_jwt_access=(
Transport == type(self).get_transport_class("grpc")
or Transport == type(self).get_transport_class("grpc_asyncio")
),
)

def create_service(
Expand Down
4 changes: 4 additions & 0 deletions ...oogle-cloud-monitoring/google/cloud/monitoring_v3/services/uptime_check_service/client.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -357,6 +357,10 @@ def __init__(
client_cert_source_for_mtls=client_cert_source_func,
quota_project_id=client_options.quota_project_id,
client_info=client_info,
always_use_jwt_access=(
Transport == type(self).get_transport_class("grpc")
or Transport == type(self).get_transport_class("grpc_asyncio")
),
)

def list_uptime_check_configs(
Expand Down
31 changes: 18 additions & 13 deletions packages/google-cloud-monitoring/tests/unit/gapic/monitoring_v3/test_alert_policy_service.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -132,26 +132,14 @@ def test_alert_policy_service_client_from_service_account_info(client_class):
assert client.transport._host == "monitoring.googleapis.com:443"


@pytest.mark.parametrize(
"client_class", [AlertPolicyServiceClient, AlertPolicyServiceAsyncClient,]
)
def test_alert_policy_service_client_service_account_always_use_jwt(client_class):
with mock.patch.object(
service_account.Credentials, "with_always_use_jwt_access", create=True
) as use_jwt:
creds = service_account.Credentials(None, None, None)
client = client_class(credentials=creds)
use_jwt.assert_not_called()


@pytest.mark.parametrize(
"transport_class,transport_name",
[
(transports.AlertPolicyServiceGrpcTransport, "grpc"),
(transports.AlertPolicyServiceGrpcAsyncIOTransport, "grpc_asyncio"),
],
)
def test_alert_policy_service_client_service_account_always_use_jwt_true(
def test_alert_policy_service_client_service_account_always_use_jwt(
transport_class, transport_name
):
with mock.patch.object(
Expand All @@ -161,6 +149,13 @@ def test_alert_policy_service_client_service_account_always_use_jwt_true(
transport = transport_class(credentials=creds, always_use_jwt_access=True)
use_jwt.assert_called_once_with(True)

with mock.patch.object(
service_account.Credentials, "with_always_use_jwt_access", create=True
) as use_jwt:
creds = service_account.Credentials(None, None, None)
transport = transport_class(credentials=creds, always_use_jwt_access=False)
use_jwt.assert_not_called()


@pytest.mark.parametrize(
"client_class", [AlertPolicyServiceClient, AlertPolicyServiceAsyncClient,]
Expand Down Expand Up @@ -241,6 +236,7 @@ def test_alert_policy_service_client_client_options(
client_cert_source_for_mtls=None,
quota_project_id=None,
client_info=transports.base.DEFAULT_CLIENT_INFO,
always_use_jwt_access=True,
)

# Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is
Expand All @@ -257,6 +253,7 @@ def test_alert_policy_service_client_client_options(
client_cert_source_for_mtls=None,
quota_project_id=None,
client_info=transports.base.DEFAULT_CLIENT_INFO,
always_use_jwt_access=True,
)

# Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is
Expand All @@ -273,6 +270,7 @@ def test_alert_policy_service_client_client_options(
client_cert_source_for_mtls=None,
quota_project_id=None,
client_info=transports.base.DEFAULT_CLIENT_INFO,
always_use_jwt_access=True,
)

# Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has
Expand Down Expand Up @@ -301,6 +299,7 @@ def test_alert_policy_service_client_client_options(
client_cert_source_for_mtls=None,
quota_project_id="octopus",
client_info=transports.base.DEFAULT_CLIENT_INFO,
always_use_jwt_access=True,
)


Expand Down Expand Up @@ -377,6 +376,7 @@ def test_alert_policy_service_client_mtls_env_auto(
client_cert_source_for_mtls=expected_client_cert_source,
quota_project_id=None,
client_info=transports.base.DEFAULT_CLIENT_INFO,
always_use_jwt_access=True,
)

# Check the case ADC client cert is provided. Whether client cert is used depends on
Expand Down Expand Up @@ -410,6 +410,7 @@ def test_alert_policy_service_client_mtls_env_auto(
client_cert_source_for_mtls=expected_client_cert_source,
quota_project_id=None,
client_info=transports.base.DEFAULT_CLIENT_INFO,
always_use_jwt_access=True,
)

# Check the case client_cert_source and ADC client cert are not provided.
Expand All @@ -431,6 +432,7 @@ def test_alert_policy_service_client_mtls_env_auto(
client_cert_source_for_mtls=None,
quota_project_id=None,
client_info=transports.base.DEFAULT_CLIENT_INFO,
always_use_jwt_access=True,
)


Expand Down Expand Up @@ -461,6 +463,7 @@ def test_alert_policy_service_client_client_options_scopes(
client_cert_source_for_mtls=None,
quota_project_id=None,
client_info=transports.base.DEFAULT_CLIENT_INFO,
always_use_jwt_access=True,
)


Expand Down Expand Up @@ -491,6 +494,7 @@ def test_alert_policy_service_client_client_options_credentials_file(
client_cert_source_for_mtls=None,
quota_project_id=None,
client_info=transports.base.DEFAULT_CLIENT_INFO,
always_use_jwt_access=True,
)


Expand All @@ -510,6 +514,7 @@ def test_alert_policy_service_client_client_options_from_dict():
client_cert_source_for_mtls=None,
quota_project_id=None,
client_info=transports.base.DEFAULT_CLIENT_INFO,
always_use_jwt_access=True,
)


Expand Down
29 changes: 18 additions & 11 deletions packages/google-cloud-monitoring/tests/unit/gapic/monitoring_v3/test_group_service.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -118,24 +118,14 @@ def test_group_service_client_from_service_account_info(client_class):
assert client.transport._host == "monitoring.googleapis.com:443"


@pytest.mark.parametrize("client_class", [GroupServiceClient, GroupServiceAsyncClient,])
def test_group_service_client_service_account_always_use_jwt(client_class):
with mock.patch.object(
service_account.Credentials, "with_always_use_jwt_access", create=True
) as use_jwt:
creds = service_account.Credentials(None, None, None)
client = client_class(credentials=creds)
use_jwt.assert_not_called()


@pytest.mark.parametrize(
"transport_class,transport_name",
[
(transports.GroupServiceGrpcTransport, "grpc"),
(transports.GroupServiceGrpcAsyncIOTransport, "grpc_asyncio"),
],
)
def test_group_service_client_service_account_always_use_jwt_true(
def test_group_service_client_service_account_always_use_jwt(
transport_class, transport_name
):
with mock.patch.object(
Expand All @@ -145,6 +135,13 @@ def test_group_service_client_service_account_always_use_jwt_true(
transport = transport_class(credentials=creds, always_use_jwt_access=True)
use_jwt.assert_called_once_with(True)

with mock.patch.object(
service_account.Credentials, "with_always_use_jwt_access", create=True
) as use_jwt:
creds = service_account.Credentials(None, None, None)
transport = transport_class(credentials=creds, always_use_jwt_access=False)
use_jwt.assert_not_called()


@pytest.mark.parametrize("client_class", [GroupServiceClient, GroupServiceAsyncClient,])
def test_group_service_client_from_service_account_file(client_class):
Expand Down Expand Up @@ -221,6 +218,7 @@ def test_group_service_client_client_options(
client_cert_source_for_mtls=None,
quota_project_id=None,
client_info=transports.base.DEFAULT_CLIENT_INFO,
always_use_jwt_access=True,
)

# Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is
Expand All @@ -237,6 +235,7 @@ def test_group_service_client_client_options(
client_cert_source_for_mtls=None,
quota_project_id=None,
client_info=transports.base.DEFAULT_CLIENT_INFO,
always_use_jwt_access=True,
)

# Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is
Expand All @@ -253,6 +252,7 @@ def test_group_service_client_client_options(
client_cert_source_for_mtls=None,
quota_project_id=None,
client_info=transports.base.DEFAULT_CLIENT_INFO,
always_use_jwt_access=True,
)

# Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has
Expand Down Expand Up @@ -281,6 +281,7 @@ def test_group_service_client_client_options(
client_cert_source_for_mtls=None,
quota_project_id="octopus",
client_info=transports.base.DEFAULT_CLIENT_INFO,
always_use_jwt_access=True,
)


Expand Down Expand Up @@ -345,6 +346,7 @@ def test_group_service_client_mtls_env_auto(
client_cert_source_for_mtls=expected_client_cert_source,
quota_project_id=None,
client_info=transports.base.DEFAULT_CLIENT_INFO,
always_use_jwt_access=True,
)

# Check the case ADC client cert is provided. Whether client cert is used depends on
Expand Down Expand Up @@ -378,6 +380,7 @@ def test_group_service_client_mtls_env_auto(
client_cert_source_for_mtls=expected_client_cert_source,
quota_project_id=None,
client_info=transports.base.DEFAULT_CLIENT_INFO,
always_use_jwt_access=True,
)

# Check the case client_cert_source and ADC client cert are not provided.
Expand All @@ -399,6 +402,7 @@ def test_group_service_client_mtls_env_auto(
client_cert_source_for_mtls=None,
quota_project_id=None,
client_info=transports.base.DEFAULT_CLIENT_INFO,
always_use_jwt_access=True,
)


Expand Down Expand Up @@ -429,6 +433,7 @@ def test_group_service_client_client_options_scopes(
client_cert_source_for_mtls=None,
quota_project_id=None,
client_info=transports.base.DEFAULT_CLIENT_INFO,
always_use_jwt_access=True,
)


Expand Down Expand Up @@ -459,6 +464,7 @@ def test_group_service_client_client_options_credentials_file(
client_cert_source_for_mtls=None,
quota_project_id=None,
client_info=transports.base.DEFAULT_CLIENT_INFO,
always_use_jwt_access=True,
)


Expand All @@ -476,6 +482,7 @@ def test_group_service_client_client_options_from_dict():
client_cert_source_for_mtls=None,
quota_project_id=None,
client_info=transports.base.DEFAULT_CLIENT_INFO,
always_use_jwt_access=True,
)


Expand Down
Loading

0 comments on commit e2f6222

Please sign in to comment.