diff --git a/google/internal/externalaccount/sts_exchange.go b/google/internal/externalaccount/sts_exchange.go index e50975f..2e20682 100644 --- a/google/internal/externalaccount/sts_exchange.go +++ b/google/internal/externalaccount/sts_exchange.go @@ -22,7 +22,7 @@ func ExchangeToken(endpoint string, request *STSTokenExchangeRequest, authentica data.Set("subject_token", request.SubjectToken) data.Set("scope", strings.Join(request.Scope, " ")) - authentication.InjectAuthentication(&data, &headers) + authentication.InjectAuthentication(data, headers) req, err := http.NewRequest("POST", endpoint, strings.NewReader(data.Encode())) if err != nil { fmt.Errorf("oauth2/google: failed to properly build http request") diff --git a/google/internal/externalaccount/sts_exchange_test.go b/google/internal/externalaccount/sts_exchange_test.go index c5f0935..82ee59a 100644 --- a/google/internal/externalaccount/sts_exchange_test.go +++ b/google/internal/externalaccount/sts_exchange_test.go @@ -1,7 +1,7 @@ package externalaccount import ( - "github.com/google/go-cmp" + "github.com/google/go-cmp/cmp" "golang.org/x/oauth2" "io/ioutil" "net/http" @@ -25,14 +25,14 @@ var tokenRequest = STSTokenExchangeRequest{ Audience: "32555940559.apps.googleusercontent.com", //TODO: Make sure audience is correct in this test (might be mismatched) Scope: []string{"https://www.googleapis.com/auth/devstorage.full_control"}, RequestedTokenType: "urn:ietf:params:oauth:token-type:access_token", - SubjectToken: "eyJhbGciOiJSUzI1NiIsImtpIjJjNmZhNmY1OTUwYTdjZTQ2NWZjZjI0N2FhMGIwOTQ4MjhhYzk1MmMiLCJ0eXAiOiJKV1QifQ.eyJpc3MiOiJodHRwczovL2FjY291bnRzLmdvb2dsZS5jb20iLCJhenAiOiIzMjU1NTk0MDU1OS5hcHBzLmdvb2dsZXVzZXJjb250ZW50LmNvbSIsImF1IjMyNTU1OTQwNTU5LmFwcHMuZ29vZ2xldXNlcmNvbnRlbnQuY29tIiwic3ViIjoiMTEzMzE4NTQxMDA5MDU3Mzc4MzI4IiwiaGQiOiJnb29nbGUuY29tIiwiZW1haWwiOiJpdGh1cmllbEBnb29nbGUuY29tIiwiZW1haWxfdmVyaWZpZWQiOnRydWUsImF0X2hhc2giOiJyWUtBTjZwX21rS0U4U2ItN3ZGalBBIiwiaWF0IjoxNjAxNTk0NDY1LCJleHAiOjE2MDE1OTgwNjV9.mWOLjD6ghfgrFNcm_1h-wrpLlKFc2WSS13lu2L5t4549uYhX5DEbI7MmeUEwXSffrns1ljcdbJm4nXymXK3AH6ftRV17O3BnOsWngxKj5eKhzOMF308YNXjBKTDiu_crzjCpf_2ng03IIGbFsTvAUx4wvWhnFO-z4xl2tb13OMCxpkw52dO1ZcFhw0d_1iUj_q0UL9E15ADL4SOr-BVtXerWPhNVBplTw8gzL4HHmo2GGUA_ilQpJzD528BKLygemqy1taXZwOGJEAUYkcKm8DhA0NJWneUyqHN6qbs0wm_d_nZsiFx9CIDblt1dUkgfuPIsno-xrkkkwubcv1WlgA", + SubjectToken: "Sample.Subject.Token", SubjectTokenType: "urn:ietf:params:oauth:token-type:jwt", } -var requestbody = "audience=32555940559.apps.googleusercontent.com&grant_type=urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Atoken-exchange&requested_token_type=urn%3Aietf%3Aparams%3Aoauth%3Atoken-type%3Aaccess_token&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fdevstorage.full_control&subject_token=eyJhbGciOiJSUzI1NiIsImtpIjJjNmZhNmY1OTUwYTdjZTQ2NWZjZjI0N2FhMGIwOTQ4MjhhYzk1MmMiLCJ0eXAiOiJKV1QifQ.eyJpc3MiOiJodHRwczovL2FjY291bnRzLmdvb2dsZS5jb20iLCJhenAiOiIzMjU1NTk0MDU1OS5hcHBzLmdvb2dsZXVzZXJjb250ZW50LmNvbSIsImF1IjMyNTU1OTQwNTU5LmFwcHMuZ29vZ2xldXNlcmNvbnRlbnQuY29tIiwic3ViIjoiMTEzMzE4NTQxMDA5MDU3Mzc4MzI4IiwiaGQiOiJnb29nbGUuY29tIiwiZW1haWwiOiJpdGh1cmllbEBnb29nbGUuY29tIiwiZW1haWxfdmVyaWZpZWQiOnRydWUsImF0X2hhc2giOiJyWUtBTjZwX21rS0U4U2ItN3ZGalBBIiwiaWF0IjoxNjAxNTk0NDY1LCJleHAiOjE2MDE1OTgwNjV9.mWOLjD6ghfgrFNcm_1h-wrpLlKFc2WSS13lu2L5t4549uYhX5DEbI7MmeUEwXSffrns1ljcdbJm4nXymXK3AH6ftRV17O3BnOsWngxKj5eKhzOMF308YNXjBKTDiu_crzjCpf_2ng03IIGbFsTvAUx4wvWhnFO-z4xl2tb13OMCxpkw52dO1ZcFhw0d_1iUj_q0UL9E15ADL4SOr-BVtXerWPhNVBplTw8gzL4HHmo2GGUA_ilQpJzD528BKLygemqy1taXZwOGJEAUYkcKm8DhA0NJWneUyqHN6qbs0wm_d_nZsiFx9CIDblt1dUkgfuPIsno-xrkkkwubcv1WlgA&subject_token_type=urn%3Aietf%3Aparams%3Aoauth%3Atoken-type%3Ajwt" -var responseBody = `{"access_token":"ya29.a0AfH6SMCqKiKaHEpqs9sl6cocVlqG2dvP2g7eURqGNCfUyKZ6lYSHz531aioS3_0w_xdNDfj6A-Hzk6-0-M6olf3O-zfcGFd678lVuvplpclaK4XQ4ete6_9xSUFU08RefwE53rf2OW8FOQvjpQB-PmPhHZTzK99YYHNtjas","issued_token_type":"urn:ietf:params:oauth:token-type:access_token","token_type":"Bearer","expires_in":3600,"scope":"https://www.googleapis.com/auth/cloud-platform"}` +var requestbody = "audience=32555940559.apps.googleusercontent.com&grant_type=urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Atoken-exchange&requested_token_type=urn%3Aietf%3Aparams%3Aoauth%3Atoken-type%3Aaccess_token&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fdevstorage.full_control&subject_token=Sample.Subject.Token&subject_token_type=urn%3Aietf%3Aparams%3Aoauth%3Atoken-type%3Ajwt" +var responseBody = `{"access_token":"Sample.Access.Token","issued_token_type":"urn:ietf:params:oauth:token-type:access_token","token_type":"Bearer","expires_in":3600,"scope":"https://www.googleapis.com/auth/cloud-platform"}` var expectedToken = STSTokenExchangeResponse{ - AccessToken: "ya29.a0AfH6SMCqKiKaHEpqs9sl6cocVlqG2dvP2g7eURqGNCfUyKZ6lYSHz531aioS3_0w_xdNDfj6A-Hzk6-0-M6olf3O-zfcGFd678lVuvplpclaK4XQ4ete6_9xSUFU08RefwE53rf2OW8FOQvjpQB-PmPhHZTzK99YYHNtjas", + AccessToken: "Sample.Access.Token", IssuedTokenType: "urn:ietf:params:oauth:token-type:access_token", TokenType: "Bearer", ExpiresIn: 3600, @@ -51,7 +51,7 @@ func TestExchangeToken(t *testing.T) { t.Errorf("Unexpected autohrization header, %v is found.", headerAuth) } headerContentType := r.Header.Get("Content-Type") - if headerContentType != "application/x-www-form-urlencoded]" { + if headerContentType != "application/x-www-form-urlencoded" { t.Errorf("Unexpected Content-Type header, %v is found.", headerContentType) } body, err := ioutil.ReadAll(r.Body) @@ -73,7 +73,7 @@ func TestExchangeToken(t *testing.T) { t.Errorf("ExchangeToken failed with error: %s", err) } - if diff := cmp.Diff(resp, expectedToken); diff != "" { + if diff := cmp.Diff(expectedToken, *resp); diff != "" { t.Errorf("mismatched messages received by mock server (-want +got): \n%v", diff) }