Add public property google.auth.credentials.Signing.signer (#110)
diff --git a/google/auth/app_engine.py b/google/auth/app_engine.py
index 8b17e76..e6e84d2 100644
--- a/google/auth/app_engine.py
+++ b/google/auth/app_engine.py
@@ -123,6 +123,7 @@
super(Credentials, self).__init__()
self._scopes = scopes
self._service_account_id = service_account_id
+ self._signer = Signer()
@_helpers.copy_docstring(credentials.Credentials)
def refresh(self, request):
@@ -156,9 +157,14 @@
@_helpers.copy_docstring(credentials.Signing)
def sign_bytes(self, message):
- return Signer().sign(message)
+ return self._signer.sign(message)
@property
@_helpers.copy_docstring(credentials.Signing)
def signer_email(self):
return self.service_account_email
+
+ @property
+ @_helpers.copy_docstring(credentials.Signing)
+ def signer(self):
+ return self._signer
diff --git a/google/auth/credentials.py b/google/auth/credentials.py
index 360dc0e..2358b1d 100644
--- a/google/auth/credentials.py
+++ b/google/auth/credentials.py
@@ -236,3 +236,10 @@
# pylint: disable=missing-raises-doc
# (pylint doesn't recognize that this is abstract)
raise NotImplementedError('Signer email must be implemented.')
+
+ @abc.abstractproperty
+ def signer(self):
+ """google.auth.crypt.Signer: The signer used to sign bytes."""
+ # pylint: disable=missing-raises-doc
+ # (pylint doesn't recognize that this is abstract)
+ raise NotImplementedError('Signer must be implemented.')
diff --git a/google/auth/jwt.py b/google/auth/jwt.py
index dfaf2e6..418be6b 100644
--- a/google/auth/jwt.py
+++ b/google/auth/jwt.py
@@ -468,6 +468,11 @@
def signer_email(self):
return self._issuer
+ @property
+ @_helpers.copy_docstring(credentials.Signing)
+ def signer(self):
+ return self._signer
+
def before_request(self, request, method, url, headers):
"""Performs credential-specific before request logic.
diff --git a/google/oauth2/service_account.py b/google/oauth2/service_account.py
index 48b537d..b71b8ac 100644
--- a/google/oauth2/service_account.py
+++ b/google/oauth2/service_account.py
@@ -320,5 +320,10 @@
@property
@_helpers.copy_docstring(credentials.Signing)
+ def signer(self):
+ return self._signer
+
+ @property
+ @_helpers.copy_docstring(credentials.Signing)
def signer_email(self):
return self._service_account_email
diff --git a/tests/oauth2/test_service_account.py b/tests/oauth2/test_service_account.py
index e6ce631..f40ebf2 100644
--- a/tests/oauth2/test_service_account.py
+++ b/tests/oauth2/test_service_account.py
@@ -134,6 +134,9 @@
signature = self.credentials.sign_bytes(to_sign)
assert crypt.verify_signature(to_sign, signature, PUBLIC_CERT_BYTES)
+ def test_signer(self):
+ assert isinstance(self.credentials.signer, crypt.Signer)
+
def test_signer_email(self):
assert self.credentials.signer_email == self.SERVICE_ACCOUNT_EMAIL
diff --git a/tests/test_app_engine.py b/tests/test_app_engine.py
index dd410d9..af60bcf 100644
--- a/tests/test_app_engine.py
+++ b/tests/test_app_engine.py
@@ -139,6 +139,10 @@
assert signature == mock.sentinel.signature
app_identity_mock.sign_blob.assert_called_with(to_sign)
+ def test_signer(self, app_identity_mock):
+ credentials = app_engine.Credentials()
+ assert isinstance(credentials.signer, app_engine.Signer)
+
def test_signer_email(self, app_identity_mock):
credentials = app_engine.Credentials()
assert credentials.signer_email == credentials.service_account_email
diff --git a/tests/test_jwt.py b/tests/test_jwt.py
index 3959260..e4a9a0a 100644
--- a/tests/test_jwt.py
+++ b/tests/test_jwt.py
@@ -264,6 +264,9 @@
signature = self.credentials.sign_bytes(to_sign)
assert crypt.verify_signature(to_sign, signature, PUBLIC_CERT_BYTES)
+ def test_signer(self):
+ assert isinstance(self.credentials.signer, crypt.Signer)
+
def test_signer_email(self):
assert (self.credentials.signer_email ==
SERVICE_ACCOUNT_INFO['client_email'])