Add public property google.auth.credentials.Signing.signer (#110)
diff --git a/google/auth/app_engine.py b/google/auth/app_engine.py index 8b17e76..e6e84d2 100644 --- a/google/auth/app_engine.py +++ b/google/auth/app_engine.py
@@ -123,6 +123,7 @@ super(Credentials, self).__init__() self._scopes = scopes self._service_account_id = service_account_id + self._signer = Signer() @_helpers.copy_docstring(credentials.Credentials) def refresh(self, request): @@ -156,9 +157,14 @@ @_helpers.copy_docstring(credentials.Signing) def sign_bytes(self, message): - return Signer().sign(message) + return self._signer.sign(message) @property @_helpers.copy_docstring(credentials.Signing) def signer_email(self): return self.service_account_email + + @property + @_helpers.copy_docstring(credentials.Signing) + def signer(self): + return self._signer
diff --git a/google/auth/credentials.py b/google/auth/credentials.py index 360dc0e..2358b1d 100644 --- a/google/auth/credentials.py +++ b/google/auth/credentials.py
@@ -236,3 +236,10 @@ # pylint: disable=missing-raises-doc # (pylint doesn't recognize that this is abstract) raise NotImplementedError('Signer email must be implemented.') + + @abc.abstractproperty + def signer(self): + """google.auth.crypt.Signer: The signer used to sign bytes.""" + # pylint: disable=missing-raises-doc + # (pylint doesn't recognize that this is abstract) + raise NotImplementedError('Signer must be implemented.')
diff --git a/google/auth/jwt.py b/google/auth/jwt.py index dfaf2e6..418be6b 100644 --- a/google/auth/jwt.py +++ b/google/auth/jwt.py
@@ -468,6 +468,11 @@ def signer_email(self): return self._issuer + @property + @_helpers.copy_docstring(credentials.Signing) + def signer(self): + return self._signer + def before_request(self, request, method, url, headers): """Performs credential-specific before request logic.
diff --git a/google/oauth2/service_account.py b/google/oauth2/service_account.py index 48b537d..b71b8ac 100644 --- a/google/oauth2/service_account.py +++ b/google/oauth2/service_account.py
@@ -320,5 +320,10 @@ @property @_helpers.copy_docstring(credentials.Signing) + def signer(self): + return self._signer + + @property + @_helpers.copy_docstring(credentials.Signing) def signer_email(self): return self._service_account_email
diff --git a/tests/oauth2/test_service_account.py b/tests/oauth2/test_service_account.py index e6ce631..f40ebf2 100644 --- a/tests/oauth2/test_service_account.py +++ b/tests/oauth2/test_service_account.py
@@ -134,6 +134,9 @@ signature = self.credentials.sign_bytes(to_sign) assert crypt.verify_signature(to_sign, signature, PUBLIC_CERT_BYTES) + def test_signer(self): + assert isinstance(self.credentials.signer, crypt.Signer) + def test_signer_email(self): assert self.credentials.signer_email == self.SERVICE_ACCOUNT_EMAIL
diff --git a/tests/test_app_engine.py b/tests/test_app_engine.py index dd410d9..af60bcf 100644 --- a/tests/test_app_engine.py +++ b/tests/test_app_engine.py
@@ -139,6 +139,10 @@ assert signature == mock.sentinel.signature app_identity_mock.sign_blob.assert_called_with(to_sign) + def test_signer(self, app_identity_mock): + credentials = app_engine.Credentials() + assert isinstance(credentials.signer, app_engine.Signer) + def test_signer_email(self, app_identity_mock): credentials = app_engine.Credentials() assert credentials.signer_email == credentials.service_account_email
diff --git a/tests/test_jwt.py b/tests/test_jwt.py index 3959260..e4a9a0a 100644 --- a/tests/test_jwt.py +++ b/tests/test_jwt.py
@@ -264,6 +264,9 @@ signature = self.credentials.sign_bytes(to_sign) assert crypt.verify_signature(to_sign, signature, PUBLIC_CERT_BYTES) + def test_signer(self): + assert isinstance(self.credentials.signer, crypt.Signer) + def test_signer_email(self): assert (self.credentials.signer_email == SERVICE_ACCOUNT_INFO['client_email'])