Skip to content
This repository was archived by the owner on Oct 29, 2023. It is now read-only.

Commit 4cab54a

Browse files
gcf-owl-bot[bot]gcf-owl-bot[bot]
authored
fix: enable self signed jwt for grpc (#160)
PiperOrigin-RevId: 386504689 Source-Link: googleapis/googleapis@762094a Source-Link: https://github.com/googleapis/googleapis-gen/commit/6bfc480e1a161d5de121c2bcc3745885d33b265a
1 parent 280de92 commit 4cab54a

File tree

2 files changed

+22
-13
lines changed

2 files changed

+22
-13
lines changed

google/cloud/iot_v1/services/device_manager/client.py

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -366,6 +366,10 @@ def __init__(
366366
client_cert_source_for_mtls=client_cert_source_func,
367367
quota_project_id=client_options.quota_project_id,
368368
client_info=client_info,
369+
always_use_jwt_access=(
370+
Transport == type(self).get_transport_class("grpc")
371+
or Transport == type(self).get_transport_class("grpc_asyncio")
372+
),
369373
)
370374

371375
def create_device_registry(

tests/unit/gapic/iot_v1/test_device_manager.py

Lines changed: 18 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -127,26 +127,14 @@ def test_device_manager_client_from_service_account_info(client_class):
127127
assert client.transport._host == "cloudiot.googleapis.com:443"
128128

129129

130-
@pytest.mark.parametrize(
131-
"client_class", [DeviceManagerClient, DeviceManagerAsyncClient,]
132-
)
133-
def test_device_manager_client_service_account_always_use_jwt(client_class):
134-
with mock.patch.object(
135-
service_account.Credentials, "with_always_use_jwt_access", create=True
136-
) as use_jwt:
137-
creds = service_account.Credentials(None, None, None)
138-
client = client_class(credentials=creds)
139-
use_jwt.assert_not_called()
140-
141-
142130
@pytest.mark.parametrize(
143131
"transport_class,transport_name",
144132
[
145133
(transports.DeviceManagerGrpcTransport, "grpc"),
146134
(transports.DeviceManagerGrpcAsyncIOTransport, "grpc_asyncio"),
147135
],
148136
)
149-
def test_device_manager_client_service_account_always_use_jwt_true(
137+
def test_device_manager_client_service_account_always_use_jwt(
150138
transport_class, transport_name
151139
):
152140
with mock.patch.object(
@@ -156,6 +144,13 @@ def test_device_manager_client_service_account_always_use_jwt_true(
156144
transport = transport_class(credentials=creds, always_use_jwt_access=True)
157145
use_jwt.assert_called_once_with(True)
158146

147+
with mock.patch.object(
148+
service_account.Credentials, "with_always_use_jwt_access", create=True
149+
) as use_jwt:
150+
creds = service_account.Credentials(None, None, None)
151+
transport = transport_class(credentials=creds, always_use_jwt_access=False)
152+
use_jwt.assert_not_called()
153+
159154

160155
@pytest.mark.parametrize(
161156
"client_class", [DeviceManagerClient, DeviceManagerAsyncClient,]
@@ -236,6 +231,7 @@ def test_device_manager_client_client_options(
236231
client_cert_source_for_mtls=None,
237232
quota_project_id=None,
238233
client_info=transports.base.DEFAULT_CLIENT_INFO,
234+
always_use_jwt_access=True,
239235
)
240236

241237
# Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is
@@ -252,6 +248,7 @@ def test_device_manager_client_client_options(
252248
client_cert_source_for_mtls=None,
253249
quota_project_id=None,
254250
client_info=transports.base.DEFAULT_CLIENT_INFO,
251+
always_use_jwt_access=True,
255252
)
256253

257254
# Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT is
@@ -268,6 +265,7 @@ def test_device_manager_client_client_options(
268265
client_cert_source_for_mtls=None,
269266
quota_project_id=None,
270267
client_info=transports.base.DEFAULT_CLIENT_INFO,
268+
always_use_jwt_access=True,
271269
)
272270

273271
# Check the case api_endpoint is not provided and GOOGLE_API_USE_MTLS_ENDPOINT has
@@ -296,6 +294,7 @@ def test_device_manager_client_client_options(
296294
client_cert_source_for_mtls=None,
297295
quota_project_id="octopus",
298296
client_info=transports.base.DEFAULT_CLIENT_INFO,
297+
always_use_jwt_access=True,
299298
)
300299

301300

@@ -362,6 +361,7 @@ def test_device_manager_client_mtls_env_auto(
362361
client_cert_source_for_mtls=expected_client_cert_source,
363362
quota_project_id=None,
364363
client_info=transports.base.DEFAULT_CLIENT_INFO,
364+
always_use_jwt_access=True,
365365
)
366366

367367
# Check the case ADC client cert is provided. Whether client cert is used depends on
@@ -395,6 +395,7 @@ def test_device_manager_client_mtls_env_auto(
395395
client_cert_source_for_mtls=expected_client_cert_source,
396396
quota_project_id=None,
397397
client_info=transports.base.DEFAULT_CLIENT_INFO,
398+
always_use_jwt_access=True,
398399
)
399400

400401
# Check the case client_cert_source and ADC client cert are not provided.
@@ -416,6 +417,7 @@ def test_device_manager_client_mtls_env_auto(
416417
client_cert_source_for_mtls=None,
417418
quota_project_id=None,
418419
client_info=transports.base.DEFAULT_CLIENT_INFO,
420+
always_use_jwt_access=True,
419421
)
420422

421423

@@ -446,6 +448,7 @@ def test_device_manager_client_client_options_scopes(
446448
client_cert_source_for_mtls=None,
447449
quota_project_id=None,
448450
client_info=transports.base.DEFAULT_CLIENT_INFO,
451+
always_use_jwt_access=True,
449452
)
450453

451454

@@ -476,6 +479,7 @@ def test_device_manager_client_client_options_credentials_file(
476479
client_cert_source_for_mtls=None,
477480
quota_project_id=None,
478481
client_info=transports.base.DEFAULT_CLIENT_INFO,
482+
always_use_jwt_access=True,
479483
)
480484

481485

@@ -495,6 +499,7 @@ def test_device_manager_client_client_options_from_dict():
495499
client_cert_source_for_mtls=None,
496500
quota_project_id=None,
497501
client_info=transports.base.DEFAULT_CLIENT_INFO,
502+
always_use_jwt_access=True,
498503
)
499504

500505

0 commit comments

Comments
 (0)