From 08114d04f535b0caa985340bce208110434eaa89 Mon Sep 17 00:00:00 2001
From: Patrick Jones <ithuriel@google.com>
Date: Tue, 15 Dec 2020 08:53:28 -0800
Subject: [PATCH] google: minor tweaks

Change-Id: Ic0e6363b19bbfd40df6b7b15322abf43c9990688
---
 google/internal/externalaccount/basecredentials.go       | 9 ++++++---
 google/internal/externalaccount/basecredentials_test.go  | 2 +-
 google/internal/externalaccount/filecredsource_test.go   | 6 +++---
 .../externalaccount/testdata}/3pi_cred.json              | 0
 .../externalaccount/testdata}/3pi_cred.txt               | 0
 5 files changed, 10 insertions(+), 7 deletions(-)
 rename google/{testdata/externalaccount => internal/externalaccount/testdata}/3pi_cred.json (100%)
 rename google/{testdata/externalaccount => internal/externalaccount/testdata}/3pi_cred.txt (100%)

diff --git a/google/internal/externalaccount/basecredentials.go b/google/internal/externalaccount/basecredentials.go
index 2ef1dc3..0943b39 100644
--- a/google/internal/externalaccount/basecredentials.go
+++ b/google/internal/externalaccount/basecredentials.go
@@ -88,7 +88,11 @@ type tokenSource struct {
 func (ts tokenSource) Token() (*oauth2.Token, error) {
 	conf := ts.conf
 
-	subjectToken, err := conf.parse().retrieveSubjectToken(conf)
+	typedCredSource := conf.parse()
+	if typedCredSource == nil {
+		return nil, fmt.Errorf("google: unable to parse credential source")
+	}
+	subjectToken, err := typedCredSource.retrieveSubjectToken(conf)
 	if err != nil {
 		return nil, err
 	}
@@ -118,10 +122,9 @@ func (ts tokenSource) Token() (*oauth2.Token, error) {
 	}
 	if stsResp.ExpiresIn < 0 {
 		return nil, fmt.Errorf("google/oauth2: got invalid expiry from security token service")
-	} else if stsResp.ExpiresIn > 0 {
+	} else if stsResp.ExpiresIn >= 0 {
 		accessToken.Expiry = now().Add(time.Duration(stsResp.ExpiresIn) * time.Second)
 	}
-	// TODO: For reviewers- what should I do if ExpiresIn is equal to 0?  Would that correspond to a one-use token, or something else?
 
 	if stsResp.RefreshToken != "" {
 		accessToken.RefreshToken = stsResp.RefreshToken
diff --git a/google/internal/externalaccount/basecredentials_test.go b/google/internal/externalaccount/basecredentials_test.go
index 194b24a..7b4145a 100644
--- a/google/internal/externalaccount/basecredentials_test.go
+++ b/google/internal/externalaccount/basecredentials_test.go
@@ -75,7 +75,7 @@ func TestToken_Func(t *testing.T) {
 
 	tok, err := ourTS.Token()
 	if err != nil {
-		t.Errorf("Unexpected error: %e", err)
+		t.Fatalf("Unexpected error: %e", err)
 	}
 	if got, want := tok.AccessToken, correctAT; got != want {
 		t.Errorf("Unexpected access token: got %v, but wanted %v", got, want)
diff --git a/google/internal/externalaccount/filecredsource_test.go b/google/internal/externalaccount/filecredsource_test.go
index 4218d70..65a8484 100644
--- a/google/internal/externalaccount/filecredsource_test.go
+++ b/google/internal/externalaccount/filecredsource_test.go
@@ -23,14 +23,14 @@ type fsTest struct {
 var testFsUntyped = fsTest{
 	name: "UntypedFileSource",
 	cs: CredentialSource{
-		File: "../../testdata/externalaccount/3pi_cred.txt",
+		File: "./testdata/3pi_cred.txt",
 	},
 	want: "street123",
 }
 var testFsTypeText = fsTest{
 	name: "TextFileSource",
 	cs: CredentialSource{
-		File:   "../../testdata/externalaccount/3pi_cred.txt",
+		File:   "./testdata/3pi_cred.txt",
 		Format: format{Type: fileTypeText},
 	},
 	want: "street123",
@@ -38,7 +38,7 @@ var testFsTypeText = fsTest{
 var testFsTypeJSON = fsTest{
 	name: "JSONFileSource",
 	cs: CredentialSource{
-		File:   "../../testdata/externalaccount/3pi_cred.json",
+		File:   "./testdata/3pi_cred.json",
 		Format: format{Type: fileTypeJSON, SubjectTokenFieldName: "SubjToken"},
 	},
 	want: "321road",
diff --git a/google/testdata/externalaccount/3pi_cred.json b/google/internal/externalaccount/testdata/3pi_cred.json
similarity index 100%
rename from google/testdata/externalaccount/3pi_cred.json
rename to google/internal/externalaccount/testdata/3pi_cred.json
diff --git a/google/testdata/externalaccount/3pi_cred.txt b/google/internal/externalaccount/testdata/3pi_cred.txt
similarity index 100%
rename from google/testdata/externalaccount/3pi_cred.txt
rename to google/internal/externalaccount/testdata/3pi_cred.txt