fix: (WIF) remove erroneous check for the subject token field name fo…

…r text credential source (#822) * fix: remove erroneous check for the subject token field name for text format in IdentityPoolCredentialSource * fix: case insensitive * fix: null check * fix: imports
googleapis · Jan 10, 2022 · 6d35c68 · 6d35c68
1 parent 0e54aee
commit 6d35c68
Show file tree

Hide file tree

Showing 2 changed files with 99 additions and 9 deletions.
diff --git a/oauth2_http/java/com/google/auth/oauth2/IdentityPoolCredentials.java b/oauth2_http/java/com/google/auth/oauth2/IdentityPoolCredentials.java
@@ -52,6 +52,7 @@
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.HashMap;
+import java.util.Locale;
 import java.util.Map;
 import javax.annotation.Nullable;
 
@@ -132,18 +133,21 @@ enum CredentialFormatType {
       Map<String, String> formatMap = (Map<String, String>) credentialSourceMap.get("format");
       if (formatMap != null && formatMap.containsKey("type")) {
         String type = formatMap.get("type");
-        if (!"text".equals(type) && !"json".equals(type)) {
-          throw new IllegalArgumentException(
-              String.format("Invalid credential source format type: %s.", type));
-        }
-        credentialFormatType =
-            type.equals("text") ? CredentialFormatType.TEXT : CredentialFormatType.JSON;
 
-        if (!formatMap.containsKey("subject_token_field_name")) {
+        if (type != null && "json".equals(type.toLowerCase(Locale.US))) {
+          // For JSON, the subject_token field name must be provided.
+          if (!formatMap.containsKey("subject_token_field_name")) {
+            throw new IllegalArgumentException(
+                "When specifying a JSON credential type, the subject_token_field_name must be set.");
+          }
+          credentialFormatType = CredentialFormatType.JSON;
+          subjectTokenFieldName = formatMap.get("subject_token_field_name");
+        } else if (type != null && "text".equals(type.toLowerCase(Locale.US))) {
+          credentialFormatType = CredentialFormatType.TEXT;
+        } else {
           throw new IllegalArgumentException(
-              "When specifying a JSON credential type, the subject_token_field_name must be set.");
+              String.format("Invalid credential source format type: %s.", type));
         }
-        subjectTokenFieldName = formatMap.get("subject_token_field_name");
       }
     }
 

diff --git a/oauth2_http/javatests/com/google/auth/oauth2/IdentityPoolCredentialsTest.java b/oauth2_http/javatests/com/google/auth/oauth2/IdentityPoolCredentialsTest.java
@@ -415,6 +415,92 @@ void refreshAccessToken_workforceWithServiceAccountImpersonation() throws IOExce
     assertEquals(expectedInternalOptions.toString(), query.get("options"));
   }
 
+  @Test
+  void identityPoolCredentialSource_validFormats() {
+    Map<String, Object> credentialSourceMapWithFileTextSource = new HashMap<>();
+    Map<String, Object> credentialSourceMapWithFileJsonTextSource = new HashMap<>();
+    Map<String, Object> credentialSourceMapWithUrlTextSource = new HashMap<>();
+    Map<String, Object> credentialSourceMapWithUrlJsonTextSource = new HashMap<>();
+
+    credentialSourceMapWithFileTextSource.put("file", "/path/to/file");
+    credentialSourceMapWithFileJsonTextSource.put("file", "/path/to/file");
+
+    credentialSourceMapWithUrlTextSource.put("url", "https://google.com");
+    credentialSourceMapWithUrlJsonTextSource.put("url", "https://google.com");
+    Map<String, String> headersMap = new HashMap<>();
+    headersMap.put("header1", "value1");
+    headersMap.put("header2", "value2");
+    credentialSourceMapWithUrlTextSource.put("headers", headersMap);
+    credentialSourceMapWithUrlJsonTextSource.put("headers", headersMap);
+
+    Map<String, String> textFormat = new HashMap<>();
+    textFormat.put("type", "text");
+
+    Map<String, String> jsonTextFormat = new HashMap<>();
+    jsonTextFormat.put("type", "json");
+    jsonTextFormat.put("subject_token_field_name", "access_token");
+
+    credentialSourceMapWithFileTextSource.put("format", textFormat);
+    credentialSourceMapWithFileJsonTextSource.put("format", jsonTextFormat);
+
+    credentialSourceMapWithUrlTextSource.put("format", textFormat);
+    credentialSourceMapWithUrlJsonTextSource.put("format", jsonTextFormat);
+
+    List<Map<String, Object>> sources =
+        Arrays.asList(
+            credentialSourceMapWithFileTextSource,
+            credentialSourceMapWithFileJsonTextSource,
+            credentialSourceMapWithUrlTextSource,
+            credentialSourceMapWithUrlJsonTextSource);
+    for (Map<String, Object> source : sources) {
+      // Should not throw.
+      new IdentityPoolCredentialSource(source);
+    }
+  }
+
+  @Test
+  void identityPoolCredentialSource_caseInsensitive() {
+    Map<String, Object> credentialSourceMapWithFileTextSource = new HashMap<>();
+    Map<String, Object> credentialSourceMapWithFileJsonTextSource = new HashMap<>();
+    Map<String, Object> credentialSourceMapWithUrlTextSource = new HashMap<>();
+    Map<String, Object> credentialSourceMapWithUrlJsonTextSource = new HashMap<>();
+
+    credentialSourceMapWithFileTextSource.put("file", "/path/to/file");
+    credentialSourceMapWithFileJsonTextSource.put("file", "/path/to/file");
+
+    credentialSourceMapWithUrlTextSource.put("url", "https://google.com");
+    credentialSourceMapWithUrlJsonTextSource.put("url", "https://google.com");
+    Map<String, String> headersMap = new HashMap<>();
+    headersMap.put("HeaDer1", "Value1");
+    headersMap.put("HeaDer2", "Value2");
+    credentialSourceMapWithUrlTextSource.put("headers", headersMap);
+    credentialSourceMapWithUrlJsonTextSource.put("headers", headersMap);
+
+    Map<String, String> textFormat = new HashMap<>();
+    textFormat.put("type", "TEXT");
+
+    Map<String, String> jsonTextFormat = new HashMap<>();
+    jsonTextFormat.put("type", "JSON");
+    jsonTextFormat.put("subject_token_field_name", "access_token");
+
+    credentialSourceMapWithFileTextSource.put("format", textFormat);
+    credentialSourceMapWithFileJsonTextSource.put("format", jsonTextFormat);
+
+    credentialSourceMapWithUrlTextSource.put("format", textFormat);
+    credentialSourceMapWithUrlJsonTextSource.put("format", jsonTextFormat);
+
+    List<Map<String, Object>> sources =
+        Arrays.asList(
+            credentialSourceMapWithFileTextSource,
+            credentialSourceMapWithFileJsonTextSource,
+            credentialSourceMapWithUrlTextSource,
+            credentialSourceMapWithUrlJsonTextSource);
+    for (Map<String, Object> source : sources) {
+      // Should not throw.
+      new IdentityPoolCredentialSource(source);
+    }
+  }
+
   @Test
   void identityPoolCredentialSource_invalidSourceType() {
     IllegalArgumentException exception =