fix:refactor compute and cloudshell credentials to pass quota project to base class

Author: sai-sunder-s

oauth2_http/java/com/google/auth/oauth2/CloudShellCredentials.java

@@ -66,8 +66,9 @@ public static CloudShellCredentials create(int authPort) {
  return CloudShellCredentials.newBuilder().setAuthPort(authPort).build();
  }
 
- private CloudShellCredentials(int authPort) {
- this.authPort = authPort;
+ private CloudShellCredentials(Builder builder) {
+ super(builder);
+ this.authPort = builder.getAuthPort();
  }
 
  protected int getAuthPort() {
@@ -141,7 +142,7 @@ public int getAuthPort() {
  }
 
  public CloudShellCredentials build() {
- return new CloudShellCredentials(authPort);
+ return new CloudShellCredentials(this);
  }
  }
 }

oauth2_http/java/com/google/auth/oauth2/ComputeEngineCredentials.java

@@ -120,28 +120,23 @@ public class ComputeEngineCredentials extends GoogleCredentials
  private transient String serviceAccountEmail;
 
  /**
- * Constructor with overridden transport.
+ * Constructor with builder
  *
- * @param transportFactory HTTP transport factory, creates the transport used to get access
- * tokens.
- * @param scopes scope strings for the APIs to be called. May be null or an empty collection.
- * @param defaultScopes default scope strings for the APIs to be called. May be null or an empty
- * collection. Default scopes are ignored if scopes are provided.
+ * @param builder builder to use for constructing the credential
  */
- private ComputeEngineCredentials(
- HttpTransportFactory transportFactory,
- Collection<String> scopes,
- Collection<String> defaultScopes) {
- super(/* accessToken= */ null, COMPUTE_REFRESH_MARGIN, COMPUTE_EXPIRATION_MARGIN);
+ private ComputeEngineCredentials(Builder builder) {
+ super(builder);
 
  this.transportFactory =
  firstNonNull(
- transportFactory,
+ builder.getHttpTransportFactory(),
  getFromServiceLoader(HttpTransportFactory.class, OAuth2Utils.HTTP_TRANSPORT_FACTORY));
  this.transportFactoryClassName = this.transportFactory.getClass().getName();
+
+ Collection<String> scopes = builder.getScopes();
  // Use defaultScopes only when scopes don't exist.
  if (scopes == null || scopes.isEmpty()) {
- scopes = defaultScopes;
+ scopes = builder.getDefaultScopes();
  }
  if (scopes == null) {
  this.scopes = ImmutableSet.<String>of();
@@ -155,14 +150,14 @@ private ComputeEngineCredentials(
  /** Clones the compute engine account with the specified scopes. */
  @Override
  public GoogleCredentials createScoped(Collection<String> newScopes) {
- return new ComputeEngineCredentials(this.transportFactory, newScopes, null);
+ return toBuilder().setScopes(newScopes).build();
  }
 
  /** Clones the compute engine account with the specified scopes. */
  @Override
  public GoogleCredentials createScoped(
  Collection<String> newScopes, Collection<String> newDefaultScopes) {
- return new ComputeEngineCredentials(this.transportFactory, newScopes, newDefaultScopes);
+ return toBuilder().setScopes(newScopes).setDefaultScopes(newDefaultScopes).build();
  }
 
  /**
@@ -171,7 +166,7 @@ public GoogleCredentials createScoped(
  * @return new ComputeEngineCredentials
  */
  public static ComputeEngineCredentials create() {
- return new ComputeEngineCredentials(null, null, null);
+ return newBuilder().build();
  }
 
  public final Collection<String> getScopes() {
@@ -541,10 +536,16 @@ private String getDefaultServiceAccount() throws IOException {
  public static class Builder extends GoogleCredentials.Builder {
  private HttpTransportFactory transportFactory;
  private Collection<String> scopes;
+ private Collection<String> defaultScopes;
 
- protected Builder() {}
+ protected Builder() {
+ // Override the default refresh and expiration margin set by OAuth2Credentials.Builder
+ this.refreshMargin = COMPUTE_REFRESH_MARGIN;
+ this.expirationMargin = COMPUTE_EXPIRATION_MARGIN;
+ }
 
  protected Builder(ComputeEngineCredentials credentials) {
+ this();
  this.transportFactory = credentials.transportFactory;
  this.scopes = credentials.scopes;
  }
@@ -559,6 +560,11 @@ public Builder setScopes(Collection<String> scopes) {
  return this;
  }
 
+ public Builder setDefaultScopes(Collection<String> defaultScopes) {
+ this.defaultScopes = defaultScopes;
+ return this;
+ }
+
  public HttpTransportFactory getHttpTransportFactory() {
  return transportFactory;
  }
@@ -567,8 +573,12 @@ public Collection<String> getScopes() {
  return scopes;
  }
 
+ public Collection<String> getDefaultScopes() {
+ return defaultScopes;
+ }
+
  public ComputeEngineCredentials build() {
- return new ComputeEngineCredentials(transportFactory, scopes, null);
+ return new ComputeEngineCredentials(this);
  }
  }
 }

oauth2_http/java/com/google/auth/oauth2/OAuth2Credentials.java

@@ -637,8 +637,8 @@ public void run() {
  public static class Builder {
 
  private AccessToken accessToken;
- private Duration refreshMargin = DEFAULT_REFRESH_MARGIN;
- private Duration expirationMargin = DEFAULT_EXPIRATION_MARGIN;
+ protected Duration refreshMargin = DEFAULT_REFRESH_MARGIN;
+ protected Duration expirationMargin = DEFAULT_EXPIRATION_MARGIN;
 
  protected Builder() {}
 

oauth2_http/javatests/com/google/auth/oauth2/DefaultCredentialsProviderTest.java

@@ -470,6 +470,34 @@ public void getDefaultCredentials_quota_project() throws IOException {
  testUserProvidesToken(testProvider, USER_CLIENT_ID, USER_CLIENT_SECRET, REFRESH_TOKEN);
  }
 
+ @Test
+ public void getDefaultCredentials_compute_quotaProject() throws IOException {
+ MockMetadataServerTransportFactory transportFactory = new MockMetadataServerTransportFactory();
+ transportFactory.transport.setAccessToken(ACCESS_TOKEN);
+ TestDefaultCredentialsProvider testProvider = new TestDefaultCredentialsProvider();
+ testProvider.setEnv(
+ DefaultCredentialsProvider.QUOTA_PROJECT_ENV_VAR, QUOTA_PROJECT_FROM_ENVIRONMENT);
+
+ GoogleCredentials defaultCredentials = testProvider.getDefaultCredentials(transportFactory);
+
+ assertTrue(defaultCredentials instanceof ComputeEngineCredentials);
+ assertEquals(QUOTA_PROJECT_FROM_ENVIRONMENT, defaultCredentials.getQuotaProjectId());
+ }
+
+ @Test
+ public void getDefaultCredentials_cloudshell_quotaProject() throws IOException {
+ MockHttpTransportFactory transportFactory = new MockHttpTransportFactory();
+ TestDefaultCredentialsProvider testProvider = new TestDefaultCredentialsProvider();
+ testProvider.setEnv(DefaultCredentialsProvider.CLOUD_SHELL_ENV_VAR, "4");
+ testProvider.setEnv(
+ DefaultCredentialsProvider.QUOTA_PROJECT_ENV_VAR, QUOTA_PROJECT_FROM_ENVIRONMENT);
+
+ GoogleCredentials defaultCredentials = testProvider.getDefaultCredentials(transportFactory);
+
+ assertTrue(defaultCredentials instanceof CloudShellCredentials);
+ assertEquals(QUOTA_PROJECT_FROM_ENVIRONMENT, defaultCredentials.getQuotaProjectId());
+ }
+
  @Test
  public void getDefaultCredentials_envNoGceCheck_noGceRequest() throws IOException {
  MockRequestCountingTransportFactory transportFactory =