Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: Add anonymous credentials json file #1576

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 12 additions & 0 deletions google/auth/_default.py
Original file line number Diff line number Diff line change
Expand Up @@ -30,13 +30,15 @@
_LOGGER = logging.getLogger(__name__)

# Valid types accepted for file-based credentials.
_ANONYMOUS_TYPE = "anonymous"
_AUTHORIZED_USER_TYPE = "authorized_user"
_SERVICE_ACCOUNT_TYPE = "service_account"
_EXTERNAL_ACCOUNT_TYPE = "external_account"
_EXTERNAL_ACCOUNT_AUTHORIZED_USER_TYPE = "external_account_authorized_user"
_IMPERSONATED_SERVICE_ACCOUNT_TYPE = "impersonated_service_account"
_GDCH_SERVICE_ACCOUNT_TYPE = "gdch_service_account"
_VALID_TYPES = (
_ANONYMOUS_TYPE,
_AUTHORIZED_USER_TYPE,
_SERVICE_ACCOUNT_TYPE,
_EXTERNAL_ACCOUNT_TYPE,
Expand Down Expand Up @@ -209,6 +211,8 @@ def _load_credentials_from_info(
)
elif credential_type == _GDCH_SERVICE_ACCOUNT_TYPE:
credentials, project_id = _get_gdch_service_account_credentials(filename, info)
elif credential_type == _ANONYMOUS_TYPE:
credentials, project_id = _get_anonymous_credentials()
else:
raise exceptions.DefaultCredentialsError(
"The file {file} does not have a valid type. "
Expand Down Expand Up @@ -428,6 +432,14 @@ def _get_external_account_authorized_user_credentials(
return credentials, None


def _get_anonymous_credentials():
from google.auth import credentials

credentials = credentials.AnonymousCredentials()

return credentials, None


def _get_authorized_user_credentials(filename, info, scopes=None):
from google.oauth2 import credentials

Expand Down
1 change: 1 addition & 0 deletions tests/data/anonymous.json
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
{"type": "anonymous"}
14 changes: 14 additions & 0 deletions tests/test__default.py
Original file line number Diff line number Diff line change
Expand Up @@ -140,6 +140,7 @@
"service_account_impersonation_url": SERVICE_ACCOUNT_IMPERSONATION_URL,
"workforce_pool_user_project": WORKFORCE_POOL_USER_PROJECT,
}
ANONYMOUS_DATA = {"type": "anonymous"}

IMPERSONATED_SERVICE_ACCOUNT_AUTHORIZED_USER_SOURCE_FILE = os.path.join(
DATA_DIR, "impersonated_service_account_authorized_user_source.json"
Expand All @@ -160,6 +161,7 @@
EXTERNAL_ACCOUNT_AUTHORIZED_USER_NON_GDU_FILE = os.path.join(
DATA_DIR, "external_account_authorized_user_non_gdu.json"
)
ANONYMOUS_FILE = os.path.join(DATA_DIR, "anonymous.json")

MOCK_CREDENTIALS = mock.Mock(spec=credentials.CredentialsWithQuotaProject)
MOCK_CREDENTIALS.with_quota_project.return_value = MOCK_CREDENTIALS
Expand Down Expand Up @@ -1362,3 +1364,15 @@ def test_quota_gce_credentials(unused_get, unused_ping):
quota_project_id=explicit_quota
)
assert credentials.quota_project_id == explicit_quota


def test_load_credentials_from_file_anonymous():
credentials, project_id = _default.load_credentials_from_file(ANONYMOUS_FILE)
assert isinstance(credentials, google.auth.credentials.Credentials)
assert project_id is None


def test_load_credentials_from_dict_anonymous():
credentials, project_id = _default.load_credentials_from_dict(ANONYMOUS_DATA)
assert isinstance(credentials, google.auth.credentials.Credentials)
assert project_id is None