"SrSSKJr SSKJr SSKJr SSKJr SSKrSSKJr SSKJ r SS K J r SS K Jr SS KJr SS KJr SS KJr SSKJr SSKJs Jr SSKJr SSKJr SSKJr SSKJ r SSKJ!r! SSKJ"r" SSK#J$r$J%r% \$"\%"SSS55 SSK&J'r' SSK(J(r( Sr)\RTRWSS5r,"SS\RZ5r."SS \R^5r0g)!9Tests for various combinations of configured credentials.)absolute_import)print_function)division)unicode_literalsN) exceptions) http_wrapper)AccessDeniedException) CredTypes)DiscardMessagesQueue)CommandException) GcsJsonApi)MockLoggingHandler) SkipForS3) SkipForXML) ObjectToURI)SetBotoConfigForTest)SetEnvironmentForTest)unittest)add_move MovedModulemockz unittest.mock)r)datetimecr[RR[R"SS0SU-SS95$)Nstatusiz{"error": {"message": "%s"}}zhttp://www.google.com)infocontent request_url)apitools_exceptions HttpError FromResponser Response)messages 0platform/gsutil/gslib/tests/test_creds_config.py_Make403r%0s=  ' ' 4 4(C$BW$L(?A BCGSUtil test_impersonate_service_accountc^\rSrSrSrU4SjrSr\"S5\"S5\ R"S5S555r \"S5\"S5\ R"S5S 555r S r U=r$) TestCredsConfig;rc>[[U] 5 [5UlUR R UR5 g)N)superr*setUpr log_handlerlogger addHandler)self __class__s r$r.TestCredsConfig.setUp>s3 /4&()+DKK4++,r&c[/SQ5 [SUR[55 UR S5 SSS5 g![ agn[ U5nURSU5 UR[RU5 UR[RU5 SnANuSnAff=f!,(df  g=f)N) Credentialsgs_oauth2_refresh_tokenfoo)r7gs_service_client_idbar)r7gs_service_key_filebazr7gs_impersonate_service_accountNz2Succeeded with multiple types of configured creds.ztypes of configured credentials) rrr0r failr strassertInr OAUTH2_USER_ACCOUNTOAUTH2_SERVICE_ACCOUNT)r2emsgs r$testMultipleConfiguredCreds+TestCredsConfig.testMultipleConfiguredCredsCs  =4&:&<= FG  =!f 7= i33S9 i66<< =  s/B=0A  B:AB50B=5B::B== C Tests only uses gs credentials.Tests only run on JSON API.zgslib.third_party.iamcredentials_apitools.iamcredentials_v1_client.IamcredentialsV1.ProjectsServiceAccountsService.GenerateAccessTokenc[/SQ5 [S5Ul[SUR[ 55 UR S5 [S5Ul[SUR[ 55 UR S5 SSS5 g![a%nURS[U55 SnANtSnAff=f![a%nURS[U55 SnANeSnAff=f!,(df  g=f)Nr6r7r:Nr7r<N)r7r?r;z#The caller does not have permissionz-Succeeded when IAM Credentials threw an errorz%Service account impersonation failed.z5IAM Service Account Credentials API has not been usedz+IAM Service Account Credentials API has not) rr% side_effectrr0r r@r rBrA)r2$mock_iam_creds_generate_access_tokenrEs r$1testImpersonationBlockedByIamCredentialsApiErrorsATestCredsConfig.testImpersonationBlockedByIamCredentialsApiErrorsTs   8 9+6G4&:&<= AB J K+6M4&:&<= AB%  #G =s1vFFG#M CSVLLM'  sXC>0BC>!0C  C $C?C>C  C> C;C61C>6C;;C>> D cz[/SQ5 Sn[R"5RS5nX!RlX1Rl[SUR[55nURU[URR55 SSS5 g!,(df  g=f)NrLz#Mock token from IAM Credentials APIz%Y-%m-%dT23:59:59Z)rrnowstrftime return_value accessToken expireTimerr0r rBrA credentials access_token)r2rP fake_token expire_timeapis r$&testImpersonationSuccessfullyUsesToken6TestCredsConfig.testImpersonationSuccessfullyUsesTokenqs   9jLLN++,@AkFP77CEP77B tT[[*>*@ Ac mmJCOO$@$@ AB   s BB,, B:)r/)__name__ __module__ __qualname____firstlineno____doc__r.rGrrrpatchrQr^__static_attributes__ __classcell__)r3s@r$r*r*;sA- =" ./ +,::DEME-0 M0 ./ +,::DE CE-0 Cr&r*c\rSrSr\"S5S5r\R"\S5\"S5\ "S5S555r \R"\S5\"S5\ "S5S555r \R"\S5\"S5\ "S5S555r \R"\S5\"S5\ "S5S 555r S rg ) TestCredsConfigIntegrationrIcUR5n[/SQSS9 URS[U5/SSS9nUR SU5 SSS5 g!,(df  g=f) N)r6rMrNr>F)use_existing_configlsT)expected_status return_stderrzcredentials are invalid) CreateBucketr RunGsUtilsurirB)r2 bucket_uristderrs r$testExactlyOneInvalid0TestCredsConfigIntegration.testExactlyOneInvalidsk""$J  B"  # ~~tT*%56./,02f mm-v6 # # #s /A A#z/Test requires test_impersonate_service_account.rJc[SS[4/5 [05 URSS/SS9nUR SU5 SSS5 SSS5 g!,(df  N=f!,(df  g=f)Nr7r?rmgs://pubTrp#using service account impersonation)rSERVICE_ACCOUNTrrrrBr2rus r$*testImpersonationCredentialsFromBotoConfigETestCredsConfigIntegration.testImpersonationCredentialsFromBotoConfigsm  /O / 12 3  $z 2$G ;VD % 3 3 $ $ 3 3s" A'%AA' A$ A'' A5c[S/5 [S[05 URSS/SS9nUR SU5 SSS5 SSS5 g!,(df  N=f!,(df  g=f)Nr>)CLOUDSDK_AUTH_IMPERSONATE_SERVICE_ACCOUNTrmryTrzr{)rrr|rrrBr}s r$&testImpersonationCredentialsFromGCloudATestCredsConfigIntegration.testImpersonationCredentialsFromGCloudsu  &' ( 6 H Jz 2$G ;VD J ( ( J J ( (s"A&%AA& A# A&& A4c[S/5 [SS05 URS[SS/SS9nUR S [-U5 SSS5 SSS5 g!,(df  N=f!,(df  g=f) N)r7r?zfoo@google.comrzbar@google.comz-irmryTrz!API calls will be executed as [%s)rrrrr|rBr}s r$5testImpersonationCredentialsFromOptionOverridesOthersPTestCredsConfigIntegration.testImpersonationCredentialsFromOptionOverridesOtherss  23 4 68H I Kj I.2 4 9OK   K 4 4 K K 4 4s"A/2A A/ A, (A// A=c[SS[4/5 URSS/SS9nURS[-U5 SSS5 g!,(df  g=f)Nr7r?rmryTrzr)rr|rrrBr}s r$testImpersonationSuccess3TestCredsConfigIntegration.testImpersonationSuccesss\  /O / 12 3~~tZ0~Ef mm7/I 3 3 3s ,A  AN)r`rarbrcrrvr skipUnlessr|rr~rrrrfrr&r$riris& ./ 70 7 HJ ./ +,E-0JE HJ ./ +,E-0JE HJ ./ +,-0J HJ ./ +,-0Jr&ri)1rd __future__rrrrbotoapitools.base.pyrrr gslib.cloud_apir gslib.cred_typesr gslib.discard_messages_queuer gslib.exceptionr gslib.gcs_json_apir gslib.tests.mock_logging_handlerrgslib.tests.testcaseteststestcase)gslib.tests.testcase.integration_testcaserrgslib.tests.utilrrsrrrsixrr six.movesrrr%config get_valuer|GsUtilUnitTestCaser*GsUtilIntegrationTestCaserirr&r$rs@&%' >)1&=,)?''?@012%%VV_ 56C++''(JLHCh11HCV>!C!C>r&