;SSKrSSKrSSKrSSKrSSKrSSKJr SSKJr SSKJ r SSK J r Sr Sr SrS rS rS R#\5r\\-rS rS S/rSrSrSrSrSr/SQr/SQr/SQr/SQr"SS\5r g)N) exceptions) pluggable)DEFAULT_UNIVERSE_DOMAIN)WORKFORCE_AUDIENCEusernamepasswordzdXNlcm5hbWU6cGFzc3dvcmQ=z1service-1234@service-name.iam.gserviceaccount.comz.https://us-east1-iamcredentials.googleapis.comz5/v1/projects/-/serviceAccounts/{}:generateAccessTokenQUOTA_PROJECT_IDscope1scope2 access_tokenz#https://sts.googleapis.com/v1/tokenz(https://sts.googleapis.com/v1/introspect$urn:ietf:params:oauth:token-type:jwtzi//iam.googleapis.com/projects/123456/locations/global/workloadIdentityPools/POOL_ID/providers/PROVIDER_ID) https://sts.googleapis.comz$https://us-east-1.sts.googleapis.comz$https://US-EAST-1.sts.googleapis.comz$https://sts.us-east-1.googleapis.comz$https://sts.US-WEST-1.googleapis.comz$https://us-east-1-sts.googleapis.comz$https://US-WEST-1-sts.googleapis.comz/https://us-west-1-sts.googleapis.com/path?queryz&https://sts-us-east-1.p.googleapis.com)%https://iamcredentials.googleapis.comzsts.googleapis.comhttps://zhttp://sts.googleapis.comzhttps://st.s.googleapis.comz$https://us-eas -1.sts.googleapis.comz#https:/us-east-1.sts.googleapis.comz%https://US-WE/ST-1-sts.googleapis.comz$https://sts-us-east-1.googleapis.comz$https://sts-US-WEST-1.googleapis.comz(testhttps://us-east-1.sts.googleapis.comz,https://us-east-1.sts.googleapis.comevil.comz.https://us-east-1.us-east-1.sts.googleapis.comz$https://us-ea.s.t.sts.googleapis.comz"https://sts.googleapis.comevil.comz%hhttps://us-east-1.sts.googleapis.comz!https://us- -1.sts.googleapis.comzhttps://-sts.googleapis.comz-https://us-east-1.sts.googleapis.com.evil.comzhttps://sts.pgoogleapis.comhttps://p.googleapis.comzhttps://sts.p.comzhttp://sts.p.googleapis.comz https://xyz-sts.p.googleapis.comz$https://sts-xyz.123.p.googleapis.comz!https://sts-xyz.p1.googleapis.comzhttps://sts-xyz.p.foo.comz$https://sts-xyz.p.foo.googleapis.com) rz/https://us-east-1.iamcredentials.googleapis.comz/https://US-EAST-1.iamcredentials.googleapis.comz/https://iamcredentials.us-east-1.googleapis.comz/https://iamcredentials.US-WEST-1.googleapis.comz/https://us-east-1-iamcredentials.googleapis.comz/https://US-WEST-1-iamcredentials.googleapis.comz:https://us-west-1-iamcredentials.googleapis.com/path?queryz1https://iamcredentials-us-east-1.p.googleapis.com)rziamcredentials.googleapis.comrz$http://iamcredentials.googleapis.comz&https://iamcre.dentials.googleapis.comz/https://us-eas -1.iamcredentials.googleapis.comz.https:/us-east-1.iamcredentials.googleapis.comz0https://US-WE/ST-1-iamcredentials.googleapis.comz/https://iamcredentials-us-east-1.googleapis.comz/https://iamcredentials-US-WEST-1.googleapis.comz3testhttps://us-east-1.iamcredentials.googleapis.comz7https://us-east-1.iamcredentials.googleapis.comevil.comz9https://us-east-1.us-east-1.iamcredentials.googleapis.comz/https://us-ea.s.t.iamcredentials.googleapis.comz-https://iamcredentials.googleapis.comevil.comz0hhttps://us-east-1.iamcredentials.googleapis.comz,https://us- -1.iamcredentials.googleapis.comz&https://-iamcredentials.googleapis.comz8https://us-east-1.iamcredentials.googleapis.com.evil.comz&https://iamcredentials.pgoogleapis.comrzhttps://iamcredentials.p.comz&http://iamcredentials.p.googleapis.comz+https://xyz-iamcredentials.p.googleapis.comz/https://iamcredentials-xyz.123.p.googleapis.comz,https://iamcredentials-xyz.p1.googleapis.comz$https://iamcredentials-xyz.p.foo.comz/https://iamcredentials-xyz.p.foo.googleapis.comc\rSrSrSrSr\SS\S.rS\0rSrS S S \S S .r S S S \S.r S S S\S S .r S S S\S.r Sr S S S\ S S.rS S S\ S.rS SSSS.rSr\\\\\SSSSSSSSS4 Sj5rSr\R4R7\R:SSS9S5r\R4R7\R:SSS9S5r\R4R7\R:SSS9S 5r \R4R7\R:SSS9S!5r!S"r"S#r#S$r$S%r%S&r&S'r'S(r(S)r)\R4RU\+RXS*S+05S,5r-\R4RU\+RXS*S+05S-5r.\R4RU\+RXS*S+05S.5r/\R4RU\+RXS*S+05S/5r0\R4RU\+RXS+S+S0.5S15r1\R4RU\+RXS*S205S35r2\R4RU\+RXS*S+05S45r3\R4RU\+RXS*S+05S55r4\R4RU\+RXS*S+05S65r5\R4RU\+RXS*S+05S75r6\R4RU\+RXS*S+05S85r7\R4RU\+RXS*S+05S95r8\R4RU\+RXS*S+05S:5r9\R4RU\+RXS*S+05S;5r:\R4RU\+RXS*S+05S<5r;\R4RU\+RXS*S+05S=5r<\R4RU\+RXS*S+05S>5r=\R4RU\+RXS*S+05S?5r>\R4RU\+RXS*S+05S@5r?\R4RU\+RXS*S+05SA5r@\R4RU\+RXS*S+05SB5rA\R4RU\+RXS*S+05SC5rB\R4RU\+RXS*S+05SD5rC\R4RU\+RXS*S+05SE5rD\R4RU\+RXS*S+05SF5rE\R4RU\+RXS*S+05SG5rF\R4RU\+RXS*S+05SH5rG\R4RU\+RXS*S+05SI5rH\R4RU\+RXS*S+05SJ5rI\R4RU\+RXS*S205SK5rJ\R4RU\+RXS*S+05SL5rK\R4RU\+RXS*S+05SM5rL\R4RU\+RXS*S+05SN5rM\R4RU\+RXS*S+05SO5rNSPrOg)QTestCredentialsz4/fake/external/excutable --arg1=value1 --arg2=value2fake_output_file0u)commandtimeout_millisinteractive_timeout_millis output_file executable FAKE_ID_TOKENT)urn:ietf:params:oauth:token-type:id_tokenc( versionsuccess token_typeid_tokenexpiration_timer"r#r$r%r FAKE_SAML_RESPONSEz&urn:ietf:params:oauth:token-type:saml2)r"r#r$ saml_responser&)r"r#r$r)F401z(Permission denied. Caller not authorized)r"r#codemessagezhttp://fakeurl.comNcB[R"UUUUU U UUUUU U U S9 $)N) audiencesubject_token_type token_urltoken_info_url!service_account_impersonation_urlcredential_source client_id client_secretquota_project_idscopesdefault_scopesworkforce_pool_user_project interactive)r Credentials)clsr.r/r0r1r4r5r6r7r8r2r3r9r:s Nplatform/gsutil/third_party/google-auth-library-python/tests/test_pluggable.pymake_pluggableTestCredentials.make_pluggables>"$$1).O/'-)(C#  c [R"[[[[ UR SS9n[USS5 [U[R5(deUR(deURS:Xdeg)NT)r.r/r0r1r3r:_tokeninfo_usernamemock_external_account_id) rr;AUDIENCESUBJECT_TOKEN_TYPE TOKEN_URLTOKEN_INFO_URLCREDENTIAL_SOURCEsetattr isinstancer:external_account_idself credentialss r=#test_from_constructor_and_injection3TestCredentials.test_from_constructor_and_injectionsw++1)"44    24NO+y'<'<====&&&&..2LLLLr@__init__ return_valuec[RR[[[ [ [SS0[[[URS. 5n[U[R5(deUR[[[ [ [SS0[[UR[S[S9 g)Ntoken_lifetime_seconds r.r/r0r1r2service_account_impersonationr4r5r6r3 r.r/r0r1r2%service_account_impersonation_optionsr4r5r3r6r9universe_domain)rr; from_inforDrErFrG!SERVICE_ACCOUNT_IMPERSONATION_URL CLIENT_ID CLIENT_SECRETr rHrJassert_called_once_withrrM mock_initrNs r=test_from_info_full_options+TestCredentials.test_from_info_full_optionss++55$&8&"05V2JD1Q&!.$4%)%;%;   +y'<'<====))1).O3KT2R'"44-(,3 * r@c"[RR[[[ UR S.5n[U[R5(deUR[[[ SS0SSUR SS[S9 g)Nr.r/r0r3rY) rr;r\rDrErFrHrJr`rras r=$test_from_info_required_options_only4TestCredentials.test_from_info_required_options_onlys++55$&8&%)%;%;   +y'<'<====))1.224"44!(,3 * r@c[[[[[SS0[ [ [URS. nURS5nUR[R"U55 [RR[!U55n[#U[R5(deUR%[[[[[SS0[ [ UR[S[&S9 g)NrUrVrW config.jsonrY)rDrErFrGr]r^r_r rHjoinwritejsondumpsrr; from_filestrrJr`rrMrbtmpdirinfo config_filerNs r=test_from_file_full_options+TestCredentials.test_from_file_full_options1s!"4",1R.F-M"* 0!%!7!7  kk-0 $**T*+++55c+6FG +y'<'<====))1).O3KT2R'"44-(,3 * r@c[[[URS.nUR S5nUR [ R"U55 [RR[U55n[U[R5(deUR[[[SS0SSURSS[S9 g)NrfrjrY)rDrErFrHrkrlrmrnrr;rorprJr`rrqs r=$test_from_file_required_options_only4TestCredentials.test_from_file_required_options_onlyTs!"4"!%!7!7   kk-0 $**T*+++55c+6FG +y'<'<====))1.224"44!(,3 * r@cSS0n[R"[5nURUS9 SSS5 WR S5(deg!,(df  N'=f)N unsupportedvaluer3Missing credential_sourcepytestraises ValueErrorr>match)rMr3excinfos r= test_constructor_invalid_options0TestCredentials.test_constructor_invalid_optionsqsS*G4 ]]: &'   2C  D'}}9::::' &s A Ac[R"[5nURSS9 SSS5 WR S5(deg!,(df  N'=f)Nznon-dictr}r~r)rMrs r=*test_constructor_invalid_credential_source:TestCredentials.test_constructor_invalid_credential_sourceysG ]]: &'   *  ='}}9::::' &s A  Ac URURR5S9nURS[[ [ [UR[S.:Xdeg)Nr}external_account)typer.r/r0r1r3r[) r>rHcopyrsrDrErFrGrrLs r= test_info_with_credential_source0TestCredentials.test_info_with_credential_sourcesc))"4499;* & "4",!%!7!76$    r@c~URURR5S9nUR[:Xdeg)Nr})r>rHrr1rGrLs r=test_token_info_url#TestCredentials.test_token_info_urls?))"4499;* ))^;;;r@c[HCnURURR5US-S9nURUS-:XaMCe g)Nz /introspectr3r1)VALID_TOKEN_URLSr>rHrr1rMurlrNs r=test_token_info_url_custom*TestCredentials.test_token_info_url_customsV#C--"&"8"8"="="? #m 3.K --}1DD DD $r@czURURR5SS9nUR(aeg)Nr)r>rHrr1rLs r=test_token_info_url_negative,TestCredentials.test_token_info_url_negatives?))"4499;D* -----r@c[HCnURURR5US-S9nURUS-:XaMCe g)Nz/token)r3r0)rr>rHr _token_urlrs r=test_token_url_custom%TestCredentials.test_token_url_customsT#C--"&"8"8"="="?>.K ))cHn= == $r@c[HKnURURR5U[-S9nUR U[-:XaMKe g)N)r3r2)(VALID_SERVICE_ACCOUNT_IMPERSONATION_URLSr>rHr'SERVICE_ACCOUNT_IMPERSONATION_URL_ROUTE"_service_account_impersonation_urlrs r=-test_service_account_impersonation_url_custom=TestCredentials.test_service_account_impersonation_url_customs_;C--"&"8"8"="="?AA.KAA== rDretrieve_subject_tokenosremove) rMrr/ACTUAL_CREDENTIAL_SOURCE_EXECUTABLE_OUTPUT_FILE#ACTUAL_CREDENTIAL_SOURCE_EXECUTABLEACTUAL_CREDENTIAL_SOURCEtestDatadatarrN subject_tokens r=(test_retrieve_subject_token_successfully8TestCredentials.test_retrieve_subject_token_successfullysP:@++ ; 7!*0J/ + %12U#V **EE&/%F $ d d $ : : ,/ $ d d# $ : : =**@@&/%F $ _ _ $ : : '/ $ _ _# $ : : 8**T%M%MNUU&G $ [ [ $ : : #/ $ [ [# $ : : 4K+ ZOO%D? $((>2K@  '88DHHX$61 #11!XXj(;6:hh?R6S&> $ > 2 !, B B4 H $(@@@@ IIE F)& s:'I3!A-J3 J  J c \[R"S[R"/[R "UR 5RS5SS9S9 URURS9nURS5nX R:XdeSSS5 g!,(df  g=f)NrrrrrRr}) rrrrrmrnrrr>rHrr)rMrNrs r= test_retrieve_subject_token_saml0TestCredentials.test_retrieve_subject_token_saml s ZZ #44zz$"J"JKRR   --@V@V-WK'>>tDM $>$>> >>    s rrrrrrMrrrrrrrNrs r=1test_retrieve_subject_token_saml_interactive_modeATestCredentials.test_retrieve_subject_token_saml_interactive_modes;A++ ; 7!*0J/ + %12U#V A3 G; IIKK[ H ZZ #44"K --+": .K (>>tDM $>$>> >> IIE F  H G   s"C:AC" C" C0c [R"S[R"/[R "UR 5RS5SS9S9 URURS9n[R"[R5nURS5nSSS5 WRS5(deSSS5 g!,(df  N0=f!,(df  g=f)NrrrrrRr}hExecutable returned unsuccessful response: code: 401, message: Permission denied. Caller not authorized.)rrrrrmrnEXECUTABLE_FAILED_RESPONSErr>rHrrr RefreshErrorrrrMrNr_s r="test_retrieve_subject_token_failed2TestCredentials.test_retrieve_subject_token_failed<s ZZ #44zz$"A"ABII'R --@V@V-WKz667766t<8=={   87  s$>C"C' C" C C"" C0)r#GOOGLE_EXTERNAL_ACCOUNT_INTERACTIVEcnURS5nSSUS.nSU0n[USSS9n[R"URU5 SSS5 [ R "S [R"/S S 9S 9 UR[US S9n[R"[R5nURS5nSSS5 WR!S5(de["R$"U5 SSS5 g!,(df  N=f!,(df  NV=f!,(df  g=f)Nrrrrrrutf-8)encodingrrrrRTrr)rkrrmrrrrrrr>rrrrrrrrr) rMrrrrrrrNrrs r=3test_retrieve_subject_token_failed_interactive_modeCTestCredentials.test_retrieve_subject_token_failed_interactive_modeOs';A++ ; 7!*0J/ + %12U#V  ;S7  IId55{ C ZZ #44"K --+": .K z667766t<8=={  IIE F!    87  s/"D9:D&3D6D& D D# D&& D40c [R"S[R"/[R "UR 5RS5SS9S9 URURS9n[R"[5nURS5nSSS5 WRS5(deSSS5 g!,(df  N0=f!,(df  g=f)NrrrrrRr})Executables need to be explicitly allowed)rrrrrmrnrrr>rHrrrrrrs r=&test_retrieve_subject_token_not_allowd6TestCredentials.test_retrieve_subject_token_not_allowdws ZZ #44zzEE&/   --@V@V-WKz*g66t<+==!MNN NN   +*   s$4C C C C C C&c SSSURSS.n[R"S[R"/[ R "U5RS5SS 9S 9 URURS 9n[R"[R5nURS5nSSS5 WRS 5(deSSS5 g!,(df  N0=f!,(df  g=f) NTrr r!rrrrrRr}(Executable returned unsupported version.rrrrrrmrnrr>rHrrrrrr)rM-EXECUTABLE_SUCCESSFUL_OIDC_RESPONSE_VERSION_2rNrrs r=+test_retrieve_subject_token_invalid_version;TestCredentials.test_retrieve_subject_token_invalid_versionsE22) 9 5ZZ #44zz"OPWW   --@V@V-WKz667766t<8==!LMM MM   87   $>C*C/ C* C' #C** C8c SSSURSS.n[R"S[R"/[ R "U5RS5SS9S 9 URURS 9n[R"[R5nURS5nSSS5 WRS 5(deSSS5 g!,(df  N0=f!,(df  g=f) NrTrrr!rrrrRr}z0The token returned by the executable is expired.r)rM+EXECUTABLE_SUCCESSFUL_OIDC_RESPONSE_EXPIREDrNrrs r=)test_retrieve_subject_token_expired_token9TestCredentials.test_retrieve_subject_token_expired_tokensE22 7 3ZZ #44zz"MNUU   --@V@V-WKz667766t<8==!TUU UU   87   rcVURS5nSSUS.nSU0n[US5n[R"URU5 SSS5 UR US9nUR S5nXpR:Xde[R"U5 g!,(df  NV=f)Nrrrrrrrrr}) rkrrmrrr>rrrrrs r=&test_retrieve_subject_token_file_cache6TestCredentials.test_retrieve_subject_token_file_caches:@++ ; 7!#J/ + %12U#V A3 G; IIdGG UH))rr)rMrrrNrs r=)test_retrieve_subject_token_no_file_cache9TestCredentials.test_retrieve_subject_token_no_file_caches!#/ +%12U#V ZZ #44zzEE&/   --":.K(>>tDM $>$>> >>!    s 2B B*cURS5nSSUS.nSU0nSSURSS .n[US 5n[R"XV5 SSS5 UR US 9n[ R"[5nURS5n SSS5 WRS 5(de[R"U5 g!,(df  N=f!,(df  NN=f) NrrrrrTrr r#r$r%r&rr}5The executable response is missing the version field.) rkrrrmrr>rrrrrrr) rMrrrrrACTUAL_EXECUTABLE_RESPONSErrNrrs r=9test_retrieve_subject_token_file_cache_value_error_reportITestCredentials.test_retrieve_subject_token_file_cache_value_error_reports:@++ ; 7!#J/ + %12U#V E22) & " A3 G; II0 >H))rrr) rMrrrrrr rrNrs r=:test_retrieve_subject_token_file_cache_refresh_error_retryJTestCredentials.test_retrieve_subject_token_file_cache_refresh_error_retry s:@++ ; 7!#J/ + %12U#V E22) & "A3 G; II0 >HZZ #44zzEE&/   --":.K(>>tDM $>$>> >>!  $ AB+H G   sD/2D D D c SSSURSS.n[R"S[R"/[ R "U5RS5SS 9S 9 URURS 9n[R"[R5nURS5nSSS5 WRS 5(deSSS5 g!,(df  N0=f!,(df  g=f) NrTunsupported_token_typer r!rrrrrRr}z+Executable returned unsupported token type.rrM#EXECUTABLE_SUCCESSFUL_OIDC_RESPONSErNrrs r=2test_retrieve_subject_token_unsupported_token_typeBTestCredentials.test_retrieve_subject_token_unsupported_token_type5s222) / +ZZ #44zz"EFMMgV --@V@V-WKz667766t<8==!OPP PP  87  rc SSURSS.n[R"S[R"/[ R "U5RS5SS9S 9 URURS 9n[R"[5nURS5nSSS5 WRS 5(deSSS5 g!,(df  N0=f!,(df  g=f) NTrr r rrrrrRr}r rrrrrrmrnrr>rHrrrrrrs r=+test_retrieve_subject_token_missing_version;TestCredentials.test_retrieve_subject_token_missing_versionNsE22) / +ZZ #44zz"EFMMgV --@V@V-WKz*g66t<+==H   +*  $4CC$ C C C C-c SSURSS.n[R"S[R"/[ R "U5RS5SS9S 9 URURS 9n[R"[5nURS5nSSS5 WRS 5(deSSS5 g!,(df  N0=f!,(df  g=f) Nrrr )r"r$r%r&rrrrrRr}5The executable response is missing the success field.rrs r=+test_retrieve_subject_token_missing_success;TestCredentials.test_retrieve_subject_token_missing_successhsE22) / +ZZ #44zz"EFMMgV --@V@V-WKz*g66t<+==H   +*  rc SSS.n[R"S[R"/[R "U5R S5SS9S9 URURS 9n[R"[5nURS5nSSS5 WRS 5(deSSS5 g!,(df  N0=f!,(df  g=f) NrFr"r#rrrrrRr}z;Error code and message fields are required in the response.)rrrrrmrnrr>rHrrrrrrs r=6test_retrieve_subject_token_missing_error_code_messageFTestCredentials.test_retrieve_subject_token_missing_error_code_messages:;.N+ ZZ #44zz"EFMMgV --@V@V-WKz*g66t<+==N   +*  s$4CC C C C C!c dSSSURS.nSSSS.0n[R"S [R"/[ R "U5RS 5S S 9S 9 URUS9nURS5nX@R:XdeSSS5 g!,(df  g=f)NrTrr'rrrrrrrrrRr}) rrrrrrmrnrr>r)rMrrHrNrs r=^test_retrieve_subject_token_without_expiration_time_should_pass_when_output_file_not_specifiednTestCredentials.test_retrieve_subject_token_without_expiration_time_should_pass_when_output_file_not_specifieds E22 / + i5I ZZ #44zz"EFMMgV --@Q-RK'>>tDM $>$>> >>   s %2B!! B/c SSURSS.n[R"S[R"/[ R "U5RS5SS9S 9 URURS 9n[R"[5nURS5nSSS5 WRS 5(deSSS5 g!,(df  N0=f!,(df  g=f) NrTr )r"r#r%r&rrrrrRr}z8The executable response is missing the token_type field.rrs r=.test_retrieve_subject_token_missing_token_type>TestCredentials.test_retrieve_subject_token_missing_token_types22) / +ZZ #44zz"EFMMgV --@V@V-WKz*g66t<+==K   +*  rc[R"[5nSSURS.0nUR US9nSSS5 WR S5(deg!,(df  N'=f)Nrr)rrr}z;Missing command field. Executable command must be provided.)rrr(CREDENTIAL_SOURCE_EXECUTABLE_OUTPUT_FILEr>rrMrrHrs r=&test_credential_source_missing_command6TestCredentials.test_credential_source_missing_commandsp ]]: &'&+#'#P#P!  ##6G#HA'}} J    ' &s !A A+cSSUR00nURUSS9n[R"[5nUR S5nSSS5 WR S5(deg!,(df  N'=f)NrrTr3r:zVAn output_file must be specified in the credential configuration for interactive mode.)$CREDENTIAL_SOURCE_EXECUTABLE_COMMANDr>rrrrr)rMrHrNrrs r=6test_credential_source_missing_output_interactive_modeFTestCredentials.test_credential_source_missing_output_interactive_modes 9d&O&OP ))/T* ]]: &'2248A'}} e    ' &s A.. A<cSURURS.0nURUS9nUR[R :Xdeg)Nrrrr})r2r,r>,_credential_source_executable_timeout_millisr!EXECUTABLE_TIMEOUT_MILLIS_DEFAULT)rMrHrNs r=Etest_credential_source_timeout_missing_will_use_default_timeout_valueUTestCredentials.test_credential_source_timeout_missing_will_use_default_timeout_values_ DD#LL  ))rr-s r=$test_credential_source_timeout_small4TestCredentials.test_credential_source_timeout_smallsq ]]: &'#HH&.#'#P#P! ##6G#HA'}}JKKKK' & ,A(( A6c[R"[5nSURSURS.0nUR US9nSSS5 WR S5(deg!,(df  N'=f)Nrirr}r<r=r-s r=$test_credential_source_timeout_large4TestCredentials.test_credential_source_timeout_largesq ]]: &'#HH&0#'#P#P! ##6G#HA'}}JKKKK' &r@c[R"[5nSURSURS.0nUR US9nSSS5 WR S5(deg!,(df  N'=f)Nri/urr}>Interactive timeout must be between 30 seconds and 30 minutes.r=r-s r=0test_credential_source_interactive_timeout_small@TestCredentials.test_credential_source_interactive_timeout_smallsy ]]: &'#HH2;#'#P#P! ##6G#HA'}} M    ' &r@c[R"[5nSURSURS.0nUR US9nSSS5 WR S5(deg!,(df  N'=f)NriAwrr}rEr=r-s r=0test_credential_source_interactive_timeout_large@TestCredentials.test_credential_source_interactive_timeout_large&sy ]]: &'#HH2=#'#P#P! ##6G#HA'}} M    ' &r@c [R"S[R"/SSS9S9 UR UR S9n[ R"[R5nURS5nSSS5 WRS5(deSSS5 g!,(df  N0=f!,(df  g=f)NrrrrRr}:Executable exited with non-zero return code 1. Error: None) rrrrr>rHrrrrrrrs r=+test_retrieve_subject_token_executable_fail;TestCredentials.test_retrieve_subject_token_executable_fail6s ZZ #44 --@V@V-WKz667766t<8==M   87  s#>B5(B$: B5$ B2 .B55 CcURURSS9n[R"[5nUR S5nSSS5 WR S5(deg!,(df  N'=f)NTr1z4Interactive mode is only enabled for workforce pool.)r>rHrrrrrrs r=?test_retrieve_subject_token_non_workforce_fail_interactive_modeOTestCredentials.test_retrieve_subject_token_non_workforce_fail_interactive_modeGsh))"44$* ]]: &'2248A'}}TUUUU' & A(( A6cURURS.nSU0nURUSS9n[R"[ 5nUR S5nSSS5 WRS5(deg!,(df  N'=f)Nr6rTr1z;Interactive mode cannot run without an interactive timeout.)r2r,r>rrrrr)rMCREDENTIAL_SOURCE_EXECUTABLErHrNrrs r=Jtest_retrieve_subject_token_fail_on_validation_missing_interactive_timeoutZTestCredentials.test_retrieve_subject_token_fail_on_validation_missing_interactive_timeoutQs @@HH( $*+GH))/T* ]]: &'2248A'}} J    ' &s A;; B c [R"S[R"/SSS9S9 UR [ UR SS9n[R"[R5nURS5nSSS5 WRS5(deSSS5 g!,(df  N0=f!,(df  g=f)NrrrrRTrrL) rrrrr>rrHrrrrrrrs r=rHrrrrevokerrs r=)test_revoke_failed_executable_not_allowed9TestCredentials.test_revoke_failed_executable_not_allowedysh))"44$* ]]: &'""4(A'}}IJJJJ' &rRc XS[SS.S[RSS.0[SS.S S 0[RS S.S S0[S S.SSS .[RSS.S.nUR5GHn[R "S[ R"/[R"URS55RS5URSS5S9S9 UR[[URURSS5S9n[ R""URS55nUR%S5nSSS5 WR'URS55(deSSS5 GM g!,(df  ND=f!,(df  GM:=f)NFz.Revoke is only enabled under interactive mode.)r: expectErrTypeexpectErrPatternrz!Auth revoke failed on executable.)rr_r`r )responser_r`r"rrrr"z)Revoke failed with unsuccessful response.)non_interactive_modeexecutable_failed#response_validation_missing_version#response_validation_invalid_version#response_validation_missing_success6response_validation_failed_with_success_field_is_falserrarrrrrRr:Trr_r`)rrrrrrrrrmrnrrr>rr]rHrrr[r)rMrrrNrrs r=test_revoke_failed"TestCredentials.test_revoke_faileds %!+$U%  !+!8!8$H" !+$\4 'N!+!8!8$O4 'N!+$\4 )*e}}TXX.@%ABBBB%& >=s%AF8F /F F F F) c :SSS.n[R"S[R"/[R "U5R S5SS9S9 UR[URSS 9nURS5nSSS5 g!,(df  g=f) NrTr"rrrrrRr) rrrrrmrnrr>rrHr[)rMACTUAL_RESPONSErNrs r=test_revoke_successfully(TestCredentials.test_revoke_successfullys&'D9 ZZ #44zz/299'B --+"&"8"8 .K ""4(A   s 1B  Bch[R"SS5 URURS9n[R "[ R5nURS5nSSS5 WRS5(deSSS5 g!,(df  N0=f!,(df  g=f)Nsys.version_inforr}0Pluggable auth is only supported for python 3.7+) rrr>rHrrrrrrrs r=$test_retrieve_subject_token_python_24TestCredentials.test_retrieve_subject_token_python_2s ZZ*F 3--@V@V-WKz667766t<8==!TUU UU 4 3874 3s#>B#B( B# B B## B1ct[R"SS5 UR[URSS9n[ R "[R5nURS5nSSS5 WRS5(deSSS5 g!,(df  N0=f!,(df  g=f)NrorpTrrr) rrr>rrHrrrrr[rrs r="test_revoke_subject_token_python_22TestCredentials.test_revoke_subject_token_python_2s ZZ*F 3--+"&"8"8 .K z6677&&t,8==!TUU UU4 3874 3s$AB)B. B) B& "B)) B7)P__name__ __module__ __qualname____firstlineno__r2r,rTrHrrrrrrrrrCREDENTIAL_URL classmethodrDrErFrGr>rOrrobjectrr;rcrgrurxrrrrrrrrdictrenvironrrrrrrrrrrr rrrrr#r&r)r.r3r9r>rBrFrIrMrPrUrXr\rhrlrsrv__static_attributes__rxr@r=rrse>)0B,7&,? $ &'CD+A)% 40A) GC<)% /+<) B> 1>.% +'>. >:= " *N-%*.$(  @ M ZZy,,jtL M B ZZy,,jtL M 6 ZZy,,jtL  M  D ZZy,,jtL M 8;;  <E.>  ZZ__RZZ"Ms!STLGULG\ ZZ__RZZ"Ms!ST?U?" ZZ__RZZ"Ms!STGUG> ZZ__RZZ"Ms!STU$ ZZ__ 9<36 GGB ZZ__RZZ"Ms!STOUO$ ZZ__RZZ"Ms!STNUN4 ZZ__RZZ"Ms!STVUV4 ZZ__RZZ"Ms!STCUC( ZZ__RZZ"Ms!ST?U?2 ZZ__RZZ"Ms!STCUC8 ZZ__RZZ"Ms!ST&CU&CP ZZ__RZZ"Ms!STQUQ0 ZZ__RZZ"Ms!STU2 ZZ__RZZ"Ms!STU2 ZZ__RZZ"Ms!STU( ZZ__RZZ"Ms!ST?U?6 ZZ__RZZ"Ms!STU2 ZZ__RZZ"Ms!ST  U   ZZ__RZZ"Ms!ST  U   ZZ__RZZ"Ms!ST  U   ZZ__RZZ"Ms!ST LU L ZZ__RZZ"Ms!ST LU L ZZ__RZZ"Ms!ST  U   ZZ__RZZ"Ms!ST  U   ZZ__RZZ"Ms!STU  ZZ__RZZ"Ms!STVUV ZZ__RZZ"Ms!ST U $ ZZ__RZZ"Ms!STU( ZZ__RZZ"Ms!STKUK ZZ__RZZ"Ms!ST4CU4Cl ZZ__RZZ"Ms!ST)U)" ZZ__RZZ"Ms!STVUV ZZ__RZZ"Ms!ST VU Vr@r)!rmrrrr google.authrrgoogle.auth.credentialsrtests.test__defaultrr^r_BASIC_AUTH_ENCODINGSERVICE_ACCOUNT_EMAIL&SERVICE_ACCOUNT_IMPERSONATION_URL_BASEformatrr]r SCOPESSUBJECT_TOKEN_FIELD_NAMErFrGrErDrINVALID_TOKEN_URLSr*INVALID_SERVICE_ACCOUNT_IMPERSONATION_URLSrrrxr@r=rs  "!;2   0K4'+b*h*h+'+-TT"& H ) 1 ;; v < ,(.*@\Vf\Vr@