From 1c93c2e4af99c27c560dc587cb1a5bc7181e6e7b Mon Sep 17 00:00:00 2001 From: Ryan Kohler Date: Tue, 19 Apr 2022 12:22:53 -0700 Subject: [PATCH] Changes requested by @lsirac --- .../externalaccount/executablecredsource.go | 24 ++-------------- .../executablecredsource_test.go | 28 +++++++++---------- 2 files changed, 17 insertions(+), 35 deletions(-) diff --git a/google/internal/externalaccount/executablecredsource.go b/google/internal/externalaccount/executablecredsource.go index 79fb78f..2576dfd 100644 --- a/google/internal/externalaccount/executablecredsource.go +++ b/google/internal/externalaccount/executablecredsource.go @@ -56,7 +56,7 @@ func CreateExecutableCredential(ec ExecutableConfig, config *Config, ctx context return } -type subjectTokenResponse struct { +type executableResponse struct { Version *int `json:"version"` Success *bool `json:"success"` TokenType *string `json:"token_type"` @@ -68,7 +68,7 @@ type subjectTokenResponse struct { } func parseSubjectToken(response []byte) (string, error) { - var result subjectTokenResponse + var result executableResponse if err := json.Unmarshal(response, &result); err != nil { return "", errors.New("oauth2/google: Unable to parse response JSON.") } @@ -132,10 +132,6 @@ func parseSubjectToken(response []byte) (string, error) { } func (cs executableCredentialSource) subjectToken() (string, error) { - if token, ok := cs.getTokenFromInMemoryCaching(); ok { - return token, nil - } - if token, ok := cs.getTokenFromOutputFile(); ok { return token, nil } @@ -143,11 +139,6 @@ func (cs executableCredentialSource) subjectToken() (string, error) { return cs.getTokenFromExecutableCommand() } -func (cs executableCredentialSource) getTokenFromInMemoryCaching() (string, bool) { - // TODO - return "", false -} - func (cs executableCredentialSource) getTokenFromOutputFile() (string, bool) { // TODO return "", false @@ -176,11 +167,7 @@ func (cs executableCredentialSource) getNewEnvironmentVariables() map[string]str } } - if cs.isInteractive() { - result["GOOGLE_EXTERNAL_ACCOUNT_INTERACTIVE"] = "1" - } else { - result["GOOGLE_EXTERNAL_ACCOUNT_INTERACTIVE"] = "0" - } + result["GOOGLE_EXTERNAL_ACCOUNT_INTERACTIVE"] = "0" if cs.OutputFile != "" { result["GOOGLE_EXTERNAL_ACCOUNT_OUTPUT_FILE"] = cs.OutputFile @@ -189,11 +176,6 @@ func (cs executableCredentialSource) getNewEnvironmentVariables() map[string]str return result } -func (cs executableCredentialSource) isInteractive() bool { - // Currently, executableCredentialSource does not yet support interactive mode. - return false -} - func (cs executableCredentialSource) getTokenFromExecutableCommand() (string, error) { // For security reasons, we need our consumers to set this environment variable to allow executables to be run. if getenv("GOOGLE_EXTERNAL_ACCOUNT_ALLOW_EXECUTABLES") != "1" { diff --git a/google/internal/externalaccount/executablecredsource_test.go b/google/internal/externalaccount/executablecredsource_test.go index b682d81..6f9afde 100644 --- a/google/internal/externalaccount/executablecredsource_test.go +++ b/google/internal/externalaccount/executablecredsource_test.go @@ -67,7 +67,7 @@ func areSlicesEquivalent(a, b []string) bool { } OUTER: - for i, aa := range a { + for _, aa := range a { for _, bb := range b { if aa == bb { continue OUTER @@ -315,7 +315,7 @@ func TestRetrieveExecutableSubjectTokenMissingVersion(t *testing.T) { deadline, deadlineSet := now(), false runCommand = func(ctx context.Context, command string, env []string) ([]byte, error) { deadline, deadlineSet = ctx.Deadline() - return json.Marshal(subjectTokenResponse{ + return json.Marshal(executableResponse{ Success: Bool(true), }) } @@ -361,7 +361,7 @@ func TestRetrieveExecutableSubjectTokenMissingSuccess(t *testing.T) { deadline, deadlineSet := now(), false runCommand = func(ctx context.Context, command string, env []string) ([]byte, error) { deadline, deadlineSet = ctx.Deadline() - return json.Marshal(subjectTokenResponse{ + return json.Marshal(executableResponse{ Version: Int(1), }) } @@ -407,7 +407,7 @@ func TestRetrieveExecutableSubjectTokenUnsuccessfulResponseWithFields(t *testing deadline, deadlineSet := now(), false runCommand = func(ctx context.Context, command string, env []string) ([]byte, error) { deadline, deadlineSet = ctx.Deadline() - return json.Marshal(subjectTokenResponse{ + return json.Marshal(executableResponse{ Success: Bool(false), Version: Int(1), Code: String("404"), @@ -456,7 +456,7 @@ func TestRetrieveExecutableSubjectTokenUnsuccessfulResponseWithCode(t *testing.T deadline, deadlineSet := now(), false runCommand = func(ctx context.Context, command string, env []string) ([]byte, error) { deadline, deadlineSet = ctx.Deadline() - return json.Marshal(subjectTokenResponse{ + return json.Marshal(executableResponse{ Success: Bool(false), Version: Int(1), Code: String("404"), @@ -504,7 +504,7 @@ func TestRetrieveExecutableSubjectTokenUnsuccessfulResponseWithMessage(t *testin deadline, deadlineSet := now(), false runCommand = func(ctx context.Context, command string, env []string) ([]byte, error) { deadline, deadlineSet = ctx.Deadline() - return json.Marshal(subjectTokenResponse{ + return json.Marshal(executableResponse{ Success: Bool(false), Version: Int(1), Message: String("Token Not Found"), @@ -552,7 +552,7 @@ func TestRetrieveExecutableSubjectTokenUnsuccessfulResponseWithoutFields(t *test deadline, deadlineSet := now(), false runCommand = func(ctx context.Context, command string, env []string) ([]byte, error) { deadline, deadlineSet = ctx.Deadline() - return json.Marshal(subjectTokenResponse{ + return json.Marshal(executableResponse{ Success: Bool(false), Version: Int(1), }) @@ -599,7 +599,7 @@ func TestRetrieveExecutableSubjectTokenNewerVersion(t *testing.T) { deadline, deadlineSet := now(), false runCommand = func(ctx context.Context, command string, env []string) ([]byte, error) { deadline, deadlineSet = ctx.Deadline() - return json.Marshal(subjectTokenResponse{ + return json.Marshal(executableResponse{ Success: Bool(true), Version: Int(2), }) @@ -646,7 +646,7 @@ func TestRetrieveExecutableSubjectTokenExpired(t *testing.T) { deadline, deadlineSet := now(), false runCommand = func(ctx context.Context, command string, env []string) ([]byte, error) { deadline, deadlineSet = ctx.Deadline() - return json.Marshal(subjectTokenResponse{ + return json.Marshal(executableResponse{ Success: Bool(true), Version: Int(1), ExpirationTime: Int64(now().Unix() - 1), @@ -695,7 +695,7 @@ func TestRetrieveExecutableSubjectTokenJwt(t *testing.T) { deadline, deadlineSet := now(), false runCommand = func(ctx context.Context, command string, env []string) ([]byte, error) { deadline, deadlineSet = ctx.Deadline() - return json.Marshal(subjectTokenResponse{ + return json.Marshal(executableResponse{ Success: Bool(true), Version: Int(1), ExpirationTime: Int64(now().Unix() + 3600), @@ -746,7 +746,7 @@ func TestRetrieveExecutableSubjectTokenJwtMissingIdToken(t *testing.T) { deadline, deadlineSet := now(), false runCommand = func(ctx context.Context, command string, env []string) ([]byte, error) { deadline, deadlineSet = ctx.Deadline() - return json.Marshal(subjectTokenResponse{ + return json.Marshal(executableResponse{ Success: Bool(true), Version: Int(1), ExpirationTime: Int64(now().Unix() + 3600), @@ -795,7 +795,7 @@ func TestRetrieveExecutableSubjectTokenIdToken(t *testing.T) { deadline, deadlineSet := now(), false runCommand = func(ctx context.Context, command string, env []string) ([]byte, error) { deadline, deadlineSet = ctx.Deadline() - return json.Marshal(subjectTokenResponse{ + return json.Marshal(executableResponse{ Success: Bool(true), Version: Int(1), ExpirationTime: Int64(now().Unix() + 3600), @@ -846,7 +846,7 @@ func TestRetrieveExecutableSubjectTokenSaml(t *testing.T) { deadline, deadlineSet := now(), false runCommand = func(ctx context.Context, command string, env []string) ([]byte, error) { deadline, deadlineSet = ctx.Deadline() - return json.Marshal(subjectTokenResponse{ + return json.Marshal(executableResponse{ Success: Bool(true), Version: Int(1), ExpirationTime: Int64(now().Unix() + 3600), @@ -897,7 +897,7 @@ func TestRetrieveExecutableSubjectTokenSamlMissingResponse(t *testing.T) { deadline, deadlineSet := now(), false runCommand = func(ctx context.Context, command string, env []string) ([]byte, error) { deadline, deadlineSet = ctx.Deadline() - return json.Marshal(subjectTokenResponse{ + return json.Marshal(executableResponse{ Success: Bool(true), Version: Int(1), ExpirationTime: Int64(now().Unix() + 3600),