ԋSSKrSSKrSSKJr SSKrSSKrSSKrSSKrSSK J r SSK J r SSK J r SSK J r SSK Jr SSKJr SSKJr SS KJr \R(R+\R(R-\5S S 5r\"\R(R+\S 5S 5r\R75rSSS5 \R(R+\S5r\R(R+\S5rSrSr \"\S 5r\RB"\5r"SSS5 \"\S 5r\RB"\5r#SSS5 \ RHRK\S5r&Sr'Sr(Sr)\RTS5r+\RTS5r,"SS5r-\RTS5r.\RTS5r/"SS\05r1g!,(df  GN=f!,(df  N=f!,(df  N=f)N)_helpers)crypt) exceptions)impersonated_credentials) transport) Credentials) credentials)service_accountdatazprivatekey.pemrbzservice_account.jsonz8impersonated_service_account_authorized_user_source.jsona?eyJhbGciOiJSUzI1NiIsImtpZCI6ImRmMzc1ODkwOGI3OTIyOTNhZDk3N2EwYjk5MWQ5OGE3N2Y0ZWVlY2QiLCJ0eXAiOiJKV1QifQ.eyJhdWQiOiJodHRwczovL2Zvby5iYXIiLCJhenAiOiIxMDIxMDE1NTA4MzQyMDA3MDg1NjgiLCJleHAiOjE1NjQ0NzUwNTEsImlhdCI6MTU2NDQ3MTQ1MSwiaXNzIjoiaHR0cHM6Ly9hY2NvdW50cy5nb29nbGUuY29tIiwic3ViIjoiMTAyMTAxNTUwODM0MjAwNzA4NTY4In0.redactedi?]1z https://example.com/oauth2/tokenz9gl-python/3.7 auth/1.1 auth-request-type/at cred-type/impz9gl-python/3.7 auth/1.1 auth-request-type/it cred-type/impc## [R"SSS9nS[R"5[R "SS9-04UlUv SSS5 g!,(df  g=f7f)Ngoogle.oauth2._client.jwt_grantTautospecz source tokensecondsmockpatchrutcnowdatetime timedelta return_valuegrants ]platform/gsutil/third_party/google-auth-library-python/tests/test_impersonated_credentials.pymock_donor_credentialsr FsS 5 E  OO  2 23 ? ?    F E EA)7A A) A&"A)c## [R"SSS9nS[R"5[R "SS9-04UlUv SSS5 g!,(df  g=f7f)NrTr1/fFAGRNJasdfz70BzhT3Zgrrrrs rmock_dwd_credentialsr$QsS 5 E % OO  2 23 ? ?    F E Er!c \rSrSrSrSrSrg) MockResponse\cXlX lgN json_data status_code)selfr+r,s r__init__MockResponse.__init__]s "&cUR$r))r+)r-s rjsonMockResponse.jsonas ~~r0r*N)__name__ __module__ __qualname____firstlineno__r.r2__static_attributes__r0rr&r&\s 'r0r&c## [R"SSS9nSSS.n[U[R5UlUv SSS5 g!,(df  g=f7f)N8google.auth.transport.requests.AuthorizedSession.requestTrr c2lnbmF0dXJl)keyId signedBlob)rrr& http_clientOKr auth_sessionr s rmock_authorizedsession_signrCesK BT  N;$0{~~$F !    sA)A  A AAc## [R"SSS9nS[0n[U[R 5UlUv SSS5 g!,(df  g=f7f)Nr;Trtoken)rr ID_TOKEN_DATAr&r?r@rrAs rmock_authorizedsession_idtokenrGosK BT  '$0{~~$F !    sA,A  A AAc\rSrSrSrSrS/r/rSr\ R"\ \\ 5r \R"SS9rSS R!\5-r\ \\S S 4S jrS rS rSrSrSrSrSrSrSr\R:S S S4SjrSr\ RBRESSS/5S5r#\ RBRESSS/5S5r$\ RBRESSS/5S5r%\ RBRESSS/5S5r&\ RBRESSS /5S!5r'S"r(S#r)S$r*S%r+S&r,S'r-S(r.S)r/S*r0S+r1S,r2S-r3S.r4\5Rl"S/S S09S15r7S2r8\ RBRESSS/5S35r9S4r:S5r;S6rS9r?S:r@S;rAS<rBS=rCS>rDS?rES@rFSArGSBrHg )CTestImpersonatedCredentialsyzservice-account@example.com,impersonated@project.iam.gserviceaccount.comz4https://www.googleapis.com/auth/devstorage.read_onlyiABCDE)rEz' $ 0 0 W W ?}} ; B B> R    ? >s  B B-c,[R"[5nSUS'[R"[ R 5n[RRU5 SSS5 WRS5(deg!,(df  N'=f)N invalid_url!service_account_impersonation_urlz$Cannot extract target principal from) rcrdr[rerfrrgrrrZrhrjs rJtest_from_impersonated_service_account_info_with_invalid_impersonation_urlfTestImpersonatedCredentials.test_from_impersonated_service_account_info_with_invalid_impersonation_urlso}}UV4A 01 ]]:== >' $ 0 0 W W ?}}DEEEE ? >s  B BcUR5nUR"5(aeSUlUR"5SSSS.:Xdeg)N /path/to/filezimpersonated credentialsrK)credential_sourcecredential_type principal)rW get_cred_info_cred_file_pathr]s rtest_get_cred_info.TestImpersonatedCredentials.test_get_cred_infosV++- ,,....&5 #((*!09G/    r0c[R"[S[SS9nUR US9nUR S:Xdeg)Nsome@email.comfoo.baruniverse_domainrN)r rSIGNER TOKEN_URIrWrr-rNr s r$test_universe_domain_matching_source@TestImpersonatedCredentials.test_universe_domain_matching_sourcesG,88 $i ++?Q+R **i777r0cxUR5nSUlUR"5nURS:Xdeg)Nru)rWrz _make_copy)r-r cred_copys rtest__make_copy_get_cred_info9TestImpersonatedCredentials.test__make_copy_get_cred_infos:++- &5 #**, ((O;;;r0cURURS9nUR(aeUR(deg)Nr)rWUSER_SOURCE_CREDENTIALSvalidexpiredr]s rtest_make_from_user_credentials;TestImpersonatedCredentials.test_make_from_user_credentialss@++#;;, $$$$""""r0cpUR5nUR(aeUR(degr))rWrrr]s rtest_default_state.TestImpersonatedCredentials.test_default_states.++- $$$$""""r0c[R"[UR[SS9nUR US9nUR R(deUR R(deg)NT)always_use_jwt_accessr) r rrSERVICE_ACCOUNT_EMAILrrW_source_credentials_always_use_jwt_access_jwt_credentialsrs r.test_make_from_service_account_self_signed_jwtJTestImpersonatedCredentials.test_make_from_service_account_self_signed_jwtsc,88 D.. QU ++?Q+R ..EEEE..????r0Tc[R"[RSS9nX&lU(a[ R "U5OUUlU=(d 0Ul[R"[RSS9nXGl Xgl U$)NFinstance) rcreate_autospecrResponsestatusrto_bytesr headersRequest side_effectr)r-r rrruse_data_bytesresponserequests r make_request(TestImpersonatedCredentials.make_requestsl'' (:(:UK 3A))$/t "=b&&y'8'85I)'r0cUR5nSUlSUl0nUR"[R "5SSU5 USS:XdeUSS:Xdeg)NrE authorizationz Bearer tokenx-goog-api-clientz cred-type/imp)rWrEexpirybefore_requestrMock)r-r rs rtest_token_usage_metrics4TestImpersonatedCredentials.test_token_usage_metricssf++- # ! ""499;dGD'>999*+>>>r0rFcHURSS9nSn[R"5RSS9[R "SS9-R S5S-nXES .nUR[R"U5[RUS 9n[R"S [S 9 UR"U5 SSS5 UR (deUR"(aeUR$R&S S[:Xdeg!,(df  N[=f)NrRrEr microsecondrrTZ accessToken expireTimer rr:google.auth.metrics.token_request_access_token_impersonaterrr)rWrrreplacerr isoformatrr2dumpsr?r@rr)ACCESS_TOKEN_REQUEST_METRICS_HEADER_VALUErefreshrr call_argskwargs)r-rr r rE expire_time response_bodyrs rtest_refresh_success0TestImpersonatedCredentials.test_refresh_successs ++T+:  OO  % %! % 4x7I7IRU7V V )C.3 ).I ##M*>>)$  ZZ HB     (      &&&&    $ $Y /0C D8 9  9  s +D D!cURSSS9nSS0nUR[R"U5[R US9n[ R"S[S9 UR"U5 SSS5 UR(deUR(aeURS:Xdeg!,(df  NG=f) Ntest@email.com)rSrR signedJwtexample_signed_jwtrrrr#) rWrr2rr?r@rrrrrrrE)r-rr$r rrs r!test_refresh_with_subject_success=TestImpersonatedCredentials.test_refresh_with_subject_success%s++4Dt+T $&:; ##M*>>)$  ZZ HB     (      &&&&  $====  s !B55 Cc [R"[S[SS9nUR SUS9nSn[ R "5RSS9[R"SS 9-RS 5S -nXVS .nUR[R"U5[RUS 9nUR "U5 UR"(deUR$(aeUR&Sn U SS:Xdeg)Nr~rrrRrNrErrrrrrrrurlz}https://iamcredentials.foo.bar/v1/projects/-/serviceAccounts/impersonated@project.iam.gserviceaccount.com:generateAccessToken)r rrrrWrrrrrrrr2rr?r@rrrr) r-rr rNr rErrrrequest_kwargss rtest_refresh_success_nonGdu7TestImpersonatedCredentials.test_refresh_success_nonGdu;s,88 $i ++.@,  OO  % %! % 4x7I7IRU7V V )C.3 ).I ##M*>>)$  G$    &&&& **1- 5 !O O  Or0cURSURS9nSn[R"5R SS9[ R "SS9-RS5S-nXES .nUR[R"U5[RUS 9nUR"U5 UR(deUR(aeUR S nUS UR:Xdeg) NrRrTrErrrrrrrrrr)rWIAM_ENDPOINT_OVERRIDErrrrrrrr2rr?r@rrrr) r-rr r rErrrrs r*test_refresh_success_iam_endpoint_overrideFTestImpersonatedCredentials.test_refresh_success_iam_endpoint_override[s++1K1K,  OO  % %! % 4x7I7IRU7V V )C.3 ).I ##M*>>)$  G$    &&&& **1-e$(B(BBBBr0 time_skewijcURSS9n[R"5[R-[R "US9-UR lSUR l[R"SSS9n[R"5RSS9[R "S S9-RS 5S -nS US .nUR[R"U5[ R"S9nUR$"U5 UR&(deUR((aeUS:aUR+5 OUR-5 SSS5 g!,(df  g=f)NrrTokenz1google.oauth2.service_account.Credentials.refreshTrrrrrrrErr r)rWrrREFRESH_THRESHOLDrrrrrErrrrrr2rr?r@rrrassert_not_calledassert_called_once)r-rr source_cred_refreshrrrs rtest_refresh_source_credentials;TestImpersonatedCredentials.test_refresh_source_credentialswsC++T+: OO (( )  3 4 ''. 18 ''- ZZ ?$ !))a)8$$S12ins#K-4;OM''ZZ .{~~(G    ($$ $$"** **1}#557#668-   s C E)) E7c<URSS9nSn[R"5[R"SS9-R S5nX4S.nUR [R"U5[RS9n[R"[R5nUR"U5 SSS5 WR!["R$5(deUR&(aeUR((deg!,(df  N[=f)NrrErrrrr)rWrrrrrrr2rr?r@rerfr RefreshErrorrrhr_REFRESH_ERRORrr)r-r r rErrrrls r*test_refresh_failure_malformed_expire_timeFTestImpersonatedCredentials.test_refresh_failure_malformed_expire_times++T+: (8+=+=c+JJUU  ).I ##M*;>>$ ]]:22 3w    (4}}5DDEEEE$$$$"""" 4 3s %D  DcURSS9nSSSSS.0nUR[R"U5[R S9n[ R"[R5nUR"U5 SSS5 WR[R5(deUR(aeUR(deg!,(df  N[=f)Nrerrorz#The caller does not have permissionPERMISSION_DENIED)codemessagerr)rWrr2rr? UNAUTHORIZEDrerfrrrrhrrrrr-r r rrrls r test_refresh_failure_unauthorzed>  '' (:(:UK*77 /GH ZZ C! z6677  &8  }}5666687   s$%D >C9D 9 D D  DcURSS9n0nUR[R"U5[R S9n[ R"[R5nUR"U5 SSS5 WR[R5(deUR(aeUR(deg!,(df  N[=f)Nrr)rWrr2rr? HTTPExceptionrerfrrrrhrrrrrs rtest_refresh_failure_http_error;TestImpersonatedCredentials.test_refresh_failure_http_errors++T+:  ##M*;3L3L$ ]]:22 3w    (4}}5DDEEEE$$$$"""" 4 3s (C CcT[R"[S[SS9nUR USS9n[ R "5RSS9RS5S -nS US .nUR[R"U5[RS 9n[R"[ R"5nUR$"U5 SSS5 WR'S 5(deUR((aeUR*(deg!,(df  NM=f)Nr~rrr)rNrSrrrrrErrzNDomain-wide delegation is not supported in universes other than googleapis.com)r rrrrWrrrrrr2rr?r@rerfrGoogleAuthErrorrrhrr)r-r rNr rrrrls r3test_refresh_failure_subject_with_nondefault_domainOTestImpersonatedCredentials.test_refresh_failure_subject_with_nondefault_domains-88 $i ++1;K,  (00Q0?JJ3ORUU (/{K ##M*;>>$ ]]:55 6'    (7}} $    $$$$""""7 6s ?D D'cHURSS9nUR(deg)Nr)rWrr]s r test_expired(TestImpersonatedCredentials.test_expired s$++T+: """"r0czUR5n[UR[R5(degr))rWr\signerrrr]s r test_signer'TestImpersonatedCredentials.test_signers0++- +,,.F.R.RSSSSr0cnURURS9nURUR:XdegN)rO)rWTARGET_PRINCIPAL signer_emailr]s rtest_signer_email-TestImpersonatedCredentials.test_signer_emails5++T=R=R+S ''4+@+@@@@r0cnURURS9nURUR:Xdegr)rWrservice_account_emailr]s rtest_service_account_email6TestImpersonatedCredentials.test_service_account_emails5++T=R=R+S 00D4I4IIIIr0cNURSS9nSnURUUUU5 g)Nrzyhttps://iamcredentials.googleapis.com/v1/projects/-/serviceAccounts/impersonated@project.iam.gserviceaccount.com:signBlob)rW_sign_bytes_helper)r-r rCr expected_urls rtest_sign_bytes+TestImpersonatedCredentials.test_sign_bytess7++T+: S    " '   r0c[R"[S[SS9nUR SUS9nSnUR UUUU5 g)Nr~rrrzrhttps://iamcredentials.foo.bar/v1/projects/-/serviceAccounts/impersonated@project.iam.gserviceaccount.com:signBlob)r rrrrWr)r-r rCrNr rs rtest_sign_bytes_nonGdu2TestImpersonatedCredentials.test_sign_bytes_nonGdu$s^-88 $i ++.@, L    " '   r0c Sn[R"5RSS9[R"SS9-R S5S-nXVS.n[ R"[RS S 9n[RUl [R"[R"U55Ul[ R"[R"S S 9n XlUR&"U 5 UR((deUR*(aeUR,"S 5n UR/[ R0S USS /S.SS0S9 U S:Xdeg)NrErrrrrrrFrs signed bytesPOSTc2lnbmVkIGJ5dGVz)payloadrQz Content-Typezapplication/json)r2rs signature)rrrrrrrrrrr?r@rrr2rr rrrrr sign_bytesassert_called_withANY) r-r r rCrrErtoken_response_bodyrr signatures rr.TestImpersonatedCredentials._sign_bytes_helper5s. OO  % %! % 4x7I7IRU7V V )C.3 /4O'' (:(:UK%.. ))$**5H*IJ &&y'8'85I'G$    &&&&**?; #66 HH   /bA#%78 7 L(((r0cURSS9n[R"SSS9nSSSS.0n[U[R 5nXBl[R"[R5nUR"S 5 SSS5 WRS 5(deSSS5 g!,(df  N0=f!,(df  g=f) Nrr;Trrr unauthorizedrrfooz 'code': 403) rWrrr&r?rrrerfrTransportErrorr&rh)r-r rBr mock_responserls rtest_sign_bytes_failure3TestImpersonatedCredentials.test_sign_bytes_failureZs++T+: ZZ FQU cnEFD({/G/GHM(5 %z889W&&v.:==// //  :9  $A B?1B. B?. B< 8B?? C z time.sleeprcURSS9n[R"SSS9nSSSS.0n[U[R 5nXSl[R"[R5nUR"S 5 SSS5 WRS 5(deSSS5 g!,(df  N0=f!,(df  g=f) Nrr;Trrrinternal_failurer.r/z#exhausted signBlob endpoint retries) rWrrr&r?INTERNAL_SERVER_ERRORrrerfrr0r&rh)r- mock_timer rBr r1rls r!test_sign_bytes_retryable_failure=TestImpersonatedCredentials.test_sign_bytes_retryable_failurehs++T+: ZZ FQU c6HIJD({/P/PQM(5 %z889W&&v.:==!FGG GG  :9  r4clUR5nUR"S5nURS:Xdeg)N project-foo)rWwith_quota_project_quota_project_id)r-r quota_project_credss rtest_with_quota_project3TestImpersonatedCredentials.test_with_quota_projectws5++- )<<]K"44 EEEr0cURSURS9nSnUR"S5n[R"5R SS9[ R"SS9-RS5S -nXFS .nUR[R"U5[RUS 9nURU5 UR(deUR (aeUR"S n U S UR:Xdeg)NrrEr<rrrrrrrrrr)rWrr=rrrrrrrr2rr?r@rrrr) r-rr r rEr?rrrrs r-test_with_quota_project_iam_endpoint_overrideITestImpersonatedCredentials.test_with_quota_project_iam_endpoint_override}s++1K1K, )<<]K OO  % %! % 4x7I7IRU7V V )C.3 ).I ##M*>>)$  ##G,"((((&.... **1-e$(B(BBBBr0cUR5n/UlURSLdeUR"SS/5nURSLdeURSS/:Xdeg)NT fake_scope1 fake_scope2F)rW_target_scopesrequires_scopes with_scopesr]s rtest_with_scopes,TestImpersonatedCredentials.test_with_scopessn++- %' "**d222!--}m.LM **e333))m]-KKKKr0c~UR5n/UlUR"S/S/S9nURS/:Xdeg)NrFrG)default_scopes)rWrHrJr]s r'test_with_scopes_provide_default_scopesCTestImpersonatedCredentials.test_with_scopes_provide_default_scopessI++- %' "!-- O]O ))m_<<>$  G$    &&&&+>>   !~~...("3"3"D"D_"UUUUr0c~URSS9nSUlSUlSn[R"X#S9n[ R "S[S9 [ R "SSS 9nS[0n[U[R5Ul URS5 UR[:XdeUR[RR[ 5:XdeUR"R$S S [:XdeSSS5 SSS5 g!,(df  N=f!,(df  g=f) NrrErRrz6google.auth.metrics.token_request_id_token_impersonaterrTrrr)rWrErrrrr%ID_TOKEN_REQUEST_METRICS_HEADER_VALUErFr&r?r@rrrrSrTrr)r-r r rr mock_postr s rtest_id_token_metrics1TestImpersonatedCredentials.test_id_token_metricss$++T+: # ! ++>>  ZZ D> GRV/)5dKNN)K &  &~~666(*;*;*L*L#+''..y9:MN<==      s% D.#B(D D. D+ 'D.. D<cnURSS9nURSS9nSnURUUUUU5 g)Nrzhttps://iamcredentials.googleapis.com/v1/projects/-/serviceAccounts/impersonated@project.iam.gserviceaccount.com:generateIdToken)rW_test_id_token_helper)r-r rGr target_credentialsrs rtest_id_token_from_credential9TestImpersonatedCredentials.test_id_token_from_credentialsP++T+: !22D2AZ  ""   " *   r0c[R"[S[SS9nUR SUS9nUR SUS9nSnUR UUUUU5 g)Nr~rrrzyhttps://iamcredentials.foo.bar/v1/projects/-/serviceAccounts/impersonated@project.iam.gserviceaccount.com:generateIdToken)r rrrrWr^)r-r rGrNr r_rs r$test_id_token_from_credential_nonGdu@TestImpersonatedCredentials.test_id_token_from_credential_nonGdus-88 $i ++.@, "22.@3 S  ""   " *   r0cSnSn[R"5RSS9[R"SS9-R S5S-nXhS .n UR [R"U 5[RS 9n UR"U 5 UR(deUR(ae[R"XS S 9n U R!US 9n U RU 5 UR"R$n U SU:XdeU R&[(:XdeU R*S LdeU R,ULdeg)NrErRrrrrrrrrT)r include_email)r_)rrrrrrrr2rr?r@rrrrrfrom_credentialsrargsrErF_include_email_target_credentials) r-r r_r rGrrErrrrrris rr^1TestImpersonatedCredentials._test_id_token_helper sA+ OO  % %! % 4x7I7IRU7V V )C.3 ).I ##M*;>>$  G$    &&&&+>>  ,,@R,S!-77<<Aw,&&&~~...&&$...++/AAAAr0cURSS9nSnSn[R"5RSS9[R "SS9-R S5S -nXFS .nUR[R"U5[RS 9nUR"U5 UR(deUR(ae[R "US S 9n U R#US9n U RU5 U R$[&:XdeU R([RR+[,5:XdeU R.S Ldeg)NrrErRrrrrrrrrT)rfr)rWrrrrrrrr2rr?r@rrrrrwith_target_audiencerErFrrSrTrjrUs r"test_id_token_with_target_audience>TestImpersonatedCredentials.test_id_token_with_target_audience0s>++T+: + OO  % %! % 4x7I7IRU7V V )C.3 ).I ##M*;>>$  G$    &&&&+>> t 000Q!~~...("3"3"D"D_"UUUU&&$...r0cSn[R"[R5n[R "U5 SSS5 WR S5(deg!,(df  N'=f)Nz4Provided Credential must be impersonated_credentials)rerfrrrrrh)r-r rGr rls rtest_id_token_invalid_cred6TestImpersonatedCredentials.test_id_token_invalid_credOsQ ]]:55 6' $ 7 7 D7}}VWWWW7 6s A A-c0URSS9nSnSn[R"5RSS9[R "SS9-R S5S -nXFS .nUR[R"U5[RS 9nUR"U5 UR(deUR(ae[R "X5S 9n U R#S 5n U RU5 U R$[&:Xdeg)NrrErRrrrrrrrrrT)rWrrrrrrrr2rr?r@rrrrrwith_include_emailrErFrUs r test_id_token_with_include_email>$  G$    &&&&+>>  ..t4!~~...r0c(URSS9nSnSn[R"5RSS9[R "SS9-R S5S -nXFS .nUR[R"U5[RS 9nUR"U5 UR(deUR(ae[R "X5S 9n U R#S 5n U RU5 U R$S :Xdeg)NrrErRrrrrrrrrrr<)rWrrrrrrrr2rr?r@rrrrrr=quota_project_idrUs r test_id_token_with_quota_project>$  G$    &&&&+>>  ..}=!((M999r0c LSnSnSUS.nUR[R"U5[RS9n[ R "XA00S9nXR:XdeURSS0[R"/[R"05S .5RS 5S 9 g) Nfoo@example.comcorrect_signed_jwtr)r=rrrrxrr%z[https://iamcredentials.googleapis.com/v1/projects/-/serviceAccounts/foo@example.com:signJwtr#)rQr%zutf-8)rmethodrbody) rr2rr?r@r_sign_jwt_requestassert_called_once_withencode)r-rxexpected_signed_jwtrr signed_jwts rtest_sign_jwt_request_success9TestImpersonatedCredentials.test_sign_jwt_request_successs% 2"%4GH ##M*;>>$ .??"b 000''m"BHIPP ( r0cSnURS[RS9n[R"[ R 5n[R"X!00S9nSSS5 WR[R5(deURRSS:XdeURRSS:Xdeg!,(df  Ns=f)Nr} error_messagerrrz*Unable to acquire impersonated credentialsr) rr? BAD_REQUESTrerfrrrrrhrvaluerir-rxrrl_s r test_sign_jwt_request_http_error 8 [[-e}=>>>* [[-e}= > > [[-e}=C>C6 [[[3+6#97#9J#*#.7*#"#6#TAJ  "#)J 0 ZZ 40 H1 HF  [[-e}=C>C:L=V:<   *%BN/>X/::: .8"7r0rI)2rcr http.clientclientr?r2osrre google.authrrrrr$google.auth.impersonated_credentialsr google.oauth2r r pathjoindirname__file__DATA_DIRopenfhreadPRIVATE_KEY_BYTESSERVICE_ACCOUNT_JSON_FILE8IMPERSONATED_SERVICE_ACCOUNT_AUTHORIZED_USER_SOURCE_FILErFrTloadSERVICE_ACCOUNT_INFOr[ RSASigner from_stringrrrrYfixturer r$r&rCrGobjectrIr9r0rrs ! "0!<%) 77<<12v > "'',,x!1 2D9R :GGLL3IJ;=77<< H<8  #T*b99R=+ BDIR?Cyy}<J  $ $%6 < . @*@& R 7&R 7m:9$+*JIs$(GG*G( G G%( G6