From 815bda66f76da67dd93705568637271c2c64f82f Mon Sep 17 00:00:00 2001 From: David Pollack Date: Fri, 9 Aug 2024 15:15:50 +0200 Subject: [PATCH] Add anonymous credentials json file --- google/auth/_default.py | 12 ++++++++++++ tests/data/anonymous.json | 1 + tests/test__default.py | 14 ++++++++++++++ 3 files changed, 27 insertions(+) create mode 100644 tests/data/anonymous.json diff --git a/google/auth/_default.py b/google/auth/_default.py index 63009dfb8..d58d0c3aa 100644 --- a/google/auth/_default.py +++ b/google/auth/_default.py @@ -30,6 +30,7 @@ _LOGGER = logging.getLogger(__name__) # Valid types accepted for file-based credentials. +_ANONYMOUS_TYPE = "anonymous" _AUTHORIZED_USER_TYPE = "authorized_user" _SERVICE_ACCOUNT_TYPE = "service_account" _EXTERNAL_ACCOUNT_TYPE = "external_account" @@ -37,6 +38,7 @@ _IMPERSONATED_SERVICE_ACCOUNT_TYPE = "impersonated_service_account" _GDCH_SERVICE_ACCOUNT_TYPE = "gdch_service_account" _VALID_TYPES = ( + _ANONYMOUS_TYPE, _AUTHORIZED_USER_TYPE, _SERVICE_ACCOUNT_TYPE, _EXTERNAL_ACCOUNT_TYPE, @@ -209,6 +211,8 @@ def _load_credentials_from_info( ) elif credential_type == _GDCH_SERVICE_ACCOUNT_TYPE: credentials, project_id = _get_gdch_service_account_credentials(filename, info) + elif credential_type == _ANONYMOUS_TYPE: + credentials, project_id = _get_anonymous_credentials() else: raise exceptions.DefaultCredentialsError( "The file {file} does not have a valid type. " @@ -428,6 +432,14 @@ def _get_external_account_authorized_user_credentials( return credentials, None +def _get_anonymous_credentials(): + from google.auth import credentials + + credentials = credentials.AnonymousCredentials() + + return credentials, None + + def _get_authorized_user_credentials(filename, info, scopes=None): from google.oauth2 import credentials diff --git a/tests/data/anonymous.json b/tests/data/anonymous.json new file mode 100644 index 000000000..6db7887c3 --- /dev/null +++ b/tests/data/anonymous.json @@ -0,0 +1 @@ +{"type": "anonymous"} diff --git a/tests/test__default.py b/tests/test__default.py index cb9a7c130..ce4201317 100644 --- a/tests/test__default.py +++ b/tests/test__default.py @@ -140,6 +140,7 @@ "service_account_impersonation_url": SERVICE_ACCOUNT_IMPERSONATION_URL, "workforce_pool_user_project": WORKFORCE_POOL_USER_PROJECT, } +ANONYMOUS_DATA = {"type": "anonymous"} IMPERSONATED_SERVICE_ACCOUNT_AUTHORIZED_USER_SOURCE_FILE = os.path.join( DATA_DIR, "impersonated_service_account_authorized_user_source.json" @@ -160,6 +161,7 @@ EXTERNAL_ACCOUNT_AUTHORIZED_USER_NON_GDU_FILE = os.path.join( DATA_DIR, "external_account_authorized_user_non_gdu.json" ) +ANONYMOUS_FILE = os.path.join(DATA_DIR, "anonymous.json") MOCK_CREDENTIALS = mock.Mock(spec=credentials.CredentialsWithQuotaProject) MOCK_CREDENTIALS.with_quota_project.return_value = MOCK_CREDENTIALS @@ -1362,3 +1364,15 @@ def test_quota_gce_credentials(unused_get, unused_ping): quota_project_id=explicit_quota ) assert credentials.quota_project_id == explicit_quota + + +def test_load_credentials_from_file_anonymous(): + credentials, project_id = _default.load_credentials_from_file(ANONYMOUS_FILE) + assert isinstance(credentials, google.auth.credentials.Credentials) + assert project_id is None + + +def test_load_credentials_from_dict_anonymous(): + credentials, project_id = _default.load_credentials_from_dict(ANONYMOUS_DATA) + assert isinstance(credentials, google.auth.credentials.Credentials) + assert project_id is None