add new test cases to ServiceOptionsTest

whowes · whowes · commit 320d86cd7aea · 2026-06-05T23:56:10.000Z
diff --git a/sdk-platform-java/java-core/google-cloud-core/src/test/java/com/google/cloud/ServiceOptionsTest.java b/sdk-platform-java/java-core/google-cloud-core/src/test/java/com/google/cloud/ServiceOptionsTest.java
@@ -285,7 +285,7 @@ protected TestServiceOptions build() {
       }
     }
 
-    private TestServiceOptions(Builder builder) {
+    protected TestServiceOptions(Builder builder) {
       super(
           TestServiceFactory.class,
           TestServiceRpcFactory.class,
@@ -337,6 +337,25 @@ public int hashCode() {
     }
   }
 
+  private static class NonSsjwtServiceOptions extends TestServiceOptions {
+    private static class Builder extends TestServiceOptions.Builder {
+      @Override
+      protected NonSsjwtServiceOptions build() {
+        return new NonSsjwtServiceOptions(this);
+      }
+    }
+
+    private NonSsjwtServiceOptions(Builder builder) {
+      super(builder);
+    }
+
+    @Override
+    protected boolean useSelfSignedJwt() {
+      return false;
+    }
+  }
+
+
   @Test
   public void testBuilder() {
     assertSame(credentials, OPTIONS.getCredentials());
@@ -627,7 +646,29 @@ void testIsValidUniverseDomain_userUniverseDomainConfig_nonGDUCredentials() thro
             .setUniverseDomain("random.com")
             .setCredentials(credentialsNotInGDU)
             .build();
-    assertThat(options.hasValidUniverseDomain()).isTrue();
+  }
+
+  @Test
+  void testGetScopedCredentials_enablesSelfSignedJwtForServiceAccount() {
+    TestServiceOptions options =
+        TestServiceOptions.newBuilder()
+            .setProjectId("project-id")
+            .setCredentials(credentials)
+            .build();
+    com.google.auth.Credentials scoped = options.getScopedCredentials();
+    assertThat(scoped).isInstanceOf(ServiceAccountCredentials.class);
+  }
+
+  @Test
+  void testGetScopedCredentials_optsOutSelfSignedJwt() {
+    TestServiceOptions options =
+        new NonSsjwtServiceOptions.Builder()
+            .setProjectId("project-id")
+            .setCredentials(credentials)
+            .build();
+    com.google.auth.Credentials scoped = options.getScopedCredentials();
+    assertThat(scoped).isInstanceOf(ServiceAccountCredentials.class);
+    assertThat(((ServiceAccountCredentials) scoped).getUseJwtAccessWithScope()).isFalse();
   }
 
   private HttpResponse createHttpResponseWithHeader(final Multimap<String, String> headers)
