|
63 | 63 | import java.io.InputStream; |
64 | 64 | import java.nio.charset.Charset; |
65 | 65 | import java.security.PrivateKey; |
66 | | -import java.text.DateFormat; |
67 | | -import java.text.SimpleDateFormat; |
| 66 | +import java.time.Instant; |
68 | 67 | import java.time.temporal.ChronoUnit; |
69 | 68 | import java.util.ArrayList; |
70 | 69 | import java.util.Arrays; |
71 | 70 | import java.util.Calendar; |
72 | 71 | import java.util.Date; |
73 | 72 | import java.util.List; |
74 | 73 | import java.util.Map; |
75 | | -import java.util.TimeZone; |
76 | 74 | import org.junit.jupiter.api.BeforeEach; |
77 | 75 | import org.junit.jupiter.api.Test; |
78 | 76 |
|
@@ -124,8 +122,6 @@ class ImpersonatedCredentialsTest extends BaseSerializationTest { |
124 | 122 | private static final int INVALID_LIFETIME = 43210; |
125 | 123 | private static final JsonFactory JSON_FACTORY = GsonFactory.getDefaultInstance(); |
126 | 124 |
|
127 | | - private static final String RFC3339 = "yyyy-MM-dd'T'HH:mm:ssX"; |
128 | | - |
129 | 125 | private static final String TEST_UNIVERSE_DOMAIN = "test.xyz"; |
130 | 126 | private static final String OLD_IMPERSONATION_URL = |
131 | 127 | "https://iamcredentials.googleapis.com/v1/projects/-/serviceAccounts/" |
@@ -655,58 +651,6 @@ void refreshAccessToken_delegates_success() throws IOException, IllegalStateExce |
655 | 651 | assertEquals(ACCESS_TOKEN, targetCredentials.refreshAccessToken().getTokenValue()); |
656 | 652 | } |
657 | 653 |
|
658 | | - @Test |
659 | | - void refreshAccessToken_GMT_dateParsedCorrectly() throws IOException, IllegalStateException { |
660 | | - Calendar c = Calendar.getInstance(); |
661 | | - c.add(Calendar.SECOND, VALID_LIFETIME); |
662 | | - |
663 | | - mockTransportFactory.getTransport().setTargetPrincipal(IMPERSONATED_CLIENT_EMAIL); |
664 | | - mockTransportFactory.getTransport().setAccessToken(ACCESS_TOKEN); |
665 | | - mockTransportFactory.getTransport().setExpireTime(getFormattedTime(c.getTime())); |
666 | | - mockTransportFactory.getTransport().addStatusCodeAndMessage(HttpStatusCodes.STATUS_CODE_OK, ""); |
667 | | - ImpersonatedCredentials targetCredentials = |
668 | | - ImpersonatedCredentials.create( |
669 | | - sourceCredentials, |
670 | | - IMPERSONATED_CLIENT_EMAIL, |
671 | | - null, |
672 | | - IMMUTABLE_SCOPES_LIST, |
673 | | - VALID_LIFETIME, |
674 | | - mockTransportFactory) |
675 | | - .createWithCustomCalendar( |
676 | | - // Set system timezone to GMT |
677 | | - Calendar.getInstance(TimeZone.getTimeZone("GMT"))); |
678 | | - |
679 | | - assertTrue( |
680 | | - c.getTime().toInstant().truncatedTo(ChronoUnit.SECONDS).toEpochMilli() |
681 | | - == targetCredentials.refreshAccessToken().getExpirationTimeMillis()); |
682 | | - } |
683 | | - |
684 | | - @Test |
685 | | - void refreshAccessToken_nonGMT_dateParsedCorrectly() throws IOException, IllegalStateException { |
686 | | - Calendar c = Calendar.getInstance(); |
687 | | - c.add(Calendar.SECOND, VALID_LIFETIME); |
688 | | - |
689 | | - mockTransportFactory.getTransport().setTargetPrincipal(IMPERSONATED_CLIENT_EMAIL); |
690 | | - mockTransportFactory.getTransport().setAccessToken(ACCESS_TOKEN); |
691 | | - mockTransportFactory.getTransport().setExpireTime(getFormattedTime(c.getTime())); |
692 | | - mockTransportFactory.getTransport().addStatusCodeAndMessage(HttpStatusCodes.STATUS_CODE_OK, ""); |
693 | | - ImpersonatedCredentials targetCredentials = |
694 | | - ImpersonatedCredentials.create( |
695 | | - sourceCredentials, |
696 | | - IMPERSONATED_CLIENT_EMAIL, |
697 | | - null, |
698 | | - IMMUTABLE_SCOPES_LIST, |
699 | | - VALID_LIFETIME, |
700 | | - mockTransportFactory) |
701 | | - .createWithCustomCalendar( |
702 | | - // Set system timezone to one different than GMT |
703 | | - Calendar.getInstance(TimeZone.getTimeZone("America/Los_Angeles"))); |
704 | | - |
705 | | - assertTrue( |
706 | | - c.getTime().toInstant().truncatedTo(ChronoUnit.SECONDS).toEpochMilli() |
707 | | - == targetCredentials.refreshAccessToken().getExpirationTimeMillis()); |
708 | | - } |
709 | | - |
710 | 654 | @Test |
711 | 655 | void refreshAccessToken_invalidDate() throws IllegalStateException { |
712 | 656 | String expectedMessage = "Error parsing expireTime: "; |
@@ -1360,67 +1304,8 @@ void refreshAccessToken_afterSerialization_success() throws IOException, ClassNo |
1360 | 1304 | assertEquals(ACCESS_TOKEN, token.getTokenValue()); |
1361 | 1305 | } |
1362 | 1306 |
|
1363 | | - @Test |
1364 | | - void refreshAccessToken_withCustomCalendar_success() throws IOException { |
1365 | | - // This test verifies behavioral parity between the new Instant-based logic and |
1366 | | - // the legacy Calendar-based logic. It ensures that if a user provides a custom |
1367 | | - // calendar with a specific timezone, that context is correctly respected |
1368 | | - // during parsing, even though the primary parsing engine has changed. |
1369 | | - MockIAMCredentialsServiceTransport transport = StatefulMockIAMTransportFactory.getTransport(); |
1370 | | - transport.setTargetPrincipal(IMPERSONATED_CLIENT_EMAIL); |
1371 | | - transport.setAccessToken(ACCESS_TOKEN); |
1372 | | - |
1373 | | - // Create a calendar in a specific timezone (PST/PDT) |
1374 | | - Calendar c = Calendar.getInstance(TimeZone.getTimeZone("America/Los_Angeles")); |
1375 | | - // Set to a fixed point in time: 1:00 PM local wall-clock time |
1376 | | - c.set(2026, Calendar.MARCH, 24, 13, 0, 0); |
1377 | | - c.set(Calendar.MILLISECOND, 0); |
1378 | | - Date expectedDate = c.getTime(); |
1379 | | - |
1380 | | - // The IAM API always returns Zulu (UTC) time strings. |
1381 | | - // 1:00 PM PDT (UTC-7) corresponds to 8:00 PM UTC. |
1382 | | - String expireTime = "2026-03-24T20:00:00Z"; |
1383 | | - transport.setExpireTime(expireTime); |
1384 | | - transport.addStatusCodeAndMessage(HttpStatusCodes.STATUS_CODE_OK, "", true); |
1385 | | - |
1386 | | - AccessToken sourceToken = |
1387 | | - new AccessToken("source-token", new Date(System.currentTimeMillis() + 3600000)); |
1388 | | - GoogleCredentials sourceCredentials = GoogleCredentials.create(sourceToken); |
1389 | | - |
1390 | | - ImpersonatedCredentials targetCredentials = |
1391 | | - ImpersonatedCredentials.create( |
1392 | | - sourceCredentials, |
1393 | | - IMPERSONATED_CLIENT_EMAIL, |
1394 | | - null, |
1395 | | - IMMUTABLE_SCOPES_LIST, |
1396 | | - VALID_LIFETIME, |
1397 | | - new StatefulMockIAMTransportFactory()) |
1398 | | - .createWithCustomCalendar(c); |
1399 | | - |
1400 | | - // This should work and correctly integrate the custom calendar's timezone configuration. |
1401 | | - AccessToken token = targetCredentials.refreshAccessToken(); |
1402 | | - assertNotNull(token); |
1403 | | - assertEquals(ACCESS_TOKEN, token.getTokenValue()); |
1404 | | - // Verify that the resulting point-in-time matches our original calendar configuration. |
1405 | | - assertEquals(expectedDate.getTime(), token.getExpirationTime().getTime()); |
1406 | | - } |
1407 | | - |
1408 | 1307 | public static String getDefaultExpireTime() { |
1409 | | - Calendar c = Calendar.getInstance(); |
1410 | | - c.add(Calendar.SECOND, VALID_LIFETIME); |
1411 | | - return getFormattedTime(c.getTime()); |
1412 | | - } |
1413 | | - |
1414 | | - /** |
1415 | | - * Given a {@link Date}, it will return a string of the date formatted like |
1416 | | - * <b>yyyy-MM-dd'T'HH:mm:ss'Z'</b> |
1417 | | - */ |
1418 | | - private static String getFormattedTime(final Date date) { |
1419 | | - // Set timezone to GMT since that's the TZ used in the response from the service impersonation |
1420 | | - // token exchange |
1421 | | - final DateFormat formatter = new SimpleDateFormat(RFC3339); |
1422 | | - formatter.setTimeZone(TimeZone.getTimeZone("GMT")); |
1423 | | - return formatter.format(date); |
| 1308 | + return Instant.now().plusSeconds(VALID_LIFETIME).truncatedTo(ChronoUnit.SECONDS).toString(); |
1424 | 1309 | } |
1425 | 1310 |
|
1426 | 1311 | private String generateErrorJson( |
|
0 commit comments