fix: (WIF) remove erroneous check for the subject token field name for text credential source (googleapis#822)

lsirac · web-flow · commit 6d35c681cf39 · 2022-01-10T11:35:26.000-08:00
* fix: remove erroneous check for the subject token field name for text format in IdentityPoolCredentialSource

* fix: case insensitive

* fix: null check

* fix: imports
diff --git a/oauth2_http/java/com/google/auth/oauth2/IdentityPoolCredentials.java b/oauth2_http/java/com/google/auth/oauth2/IdentityPoolCredentials.java
@@ -52,6 +52,7 @@
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.HashMap;
+import java.util.Locale;
 import java.util.Map;
 import javax.annotation.Nullable;
 
@@ -132,18 +133,21 @@ enum CredentialFormatType {
       Map<String, String> formatMap = (Map<String, String>) credentialSourceMap.get("format");
       if (formatMap != null && formatMap.containsKey("type")) {
         String type = formatMap.get("type");
-        if (!"text".equals(type) && !"json".equals(type)) {
-          throw new IllegalArgumentException(
-              String.format("Invalid credential source format type: %s.", type));
-        }
-        credentialFormatType =
-            type.equals("text") ? CredentialFormatType.TEXT : CredentialFormatType.JSON;
 
-        if (!formatMap.containsKey("subject_token_field_name")) {
+        if (type != null && "json".equals(type.toLowerCase(Locale.US))) {
+          // For JSON, the subject_token field name must be provided.
+          if (!formatMap.containsKey("subject_token_field_name")) {
+            throw new IllegalArgumentException(
+                "When specifying a JSON credential type, the subject_token_field_name must be set.");
+          }
+          credentialFormatType = CredentialFormatType.JSON;
+          subjectTokenFieldName = formatMap.get("subject_token_field_name");
+        } else if (type != null && "text".equals(type.toLowerCase(Locale.US))) {
+          credentialFormatType = CredentialFormatType.TEXT;
+        } else {
           throw new IllegalArgumentException(
-              "When specifying a JSON credential type, the subject_token_field_name must be set.");
+              String.format("Invalid credential source format type: %s.", type));
         }
-        subjectTokenFieldName = formatMap.get("subject_token_field_name");
       }
     }
 
diff --git a/oauth2_http/javatests/com/google/auth/oauth2/IdentityPoolCredentialsTest.java b/oauth2_http/javatests/com/google/auth/oauth2/IdentityPoolCredentialsTest.java
@@ -415,6 +415,92 @@ void refreshAccessToken_workforceWithServiceAccountImpersonation() throws IOExce
     assertEquals(expectedInternalOptions.toString(), query.get("options"));
   }
 
+  @Test
+  void identityPoolCredentialSource_validFormats() {
+    Map<String, Object> credentialSourceMapWithFileTextSource = new HashMap<>();
+    Map<String, Object> credentialSourceMapWithFileJsonTextSource = new HashMap<>();
+    Map<String, Object> credentialSourceMapWithUrlTextSource = new HashMap<>();
+    Map<String, Object> credentialSourceMapWithUrlJsonTextSource = new HashMap<>();
+
+    credentialSourceMapWithFileTextSource.put("file", "/path/to/file");
+    credentialSourceMapWithFileJsonTextSource.put("file", "/path/to/file");
+
+    credentialSourceMapWithUrlTextSource.put("url", "https://google.com");
+    credentialSourceMapWithUrlJsonTextSource.put("url", "https://google.com");
+    Map<String, String> headersMap = new HashMap<>();
+    headersMap.put("header1", "value1");
+    headersMap.put("header2", "value2");
+    credentialSourceMapWithUrlTextSource.put("headers", headersMap);
+    credentialSourceMapWithUrlJsonTextSource.put("headers", headersMap);
+
+    Map<String, String> textFormat = new HashMap<>();
+    textFormat.put("type", "text");
+
+    Map<String, String> jsonTextFormat = new HashMap<>();
+    jsonTextFormat.put("type", "json");
+    jsonTextFormat.put("subject_token_field_name", "access_token");
+
+    credentialSourceMapWithFileTextSource.put("format", textFormat);
+    credentialSourceMapWithFileJsonTextSource.put("format", jsonTextFormat);
+
+    credentialSourceMapWithUrlTextSource.put("format", textFormat);
+    credentialSourceMapWithUrlJsonTextSource.put("format", jsonTextFormat);
+
+    List<Map<String, Object>> sources =
+        Arrays.asList(
+            credentialSourceMapWithFileTextSource,
+            credentialSourceMapWithFileJsonTextSource,
+            credentialSourceMapWithUrlTextSource,
+            credentialSourceMapWithUrlJsonTextSource);
+    for (Map<String, Object> source : sources) {
+      // Should not throw.
+      new IdentityPoolCredentialSource(source);
+    }
+  }
+
+  @Test
+  void identityPoolCredentialSource_caseInsensitive() {
+    Map<String, Object> credentialSourceMapWithFileTextSource = new HashMap<>();
+    Map<String, Object> credentialSourceMapWithFileJsonTextSource = new HashMap<>();
+    Map<String, Object> credentialSourceMapWithUrlTextSource = new HashMap<>();
+    Map<String, Object> credentialSourceMapWithUrlJsonTextSource = new HashMap<>();
+
+    credentialSourceMapWithFileTextSource.put("file", "/path/to/file");
+    credentialSourceMapWithFileJsonTextSource.put("file", "/path/to/file");
+
+    credentialSourceMapWithUrlTextSource.put("url", "https://google.com");
+    credentialSourceMapWithUrlJsonTextSource.put("url", "https://google.com");
+    Map<String, String> headersMap = new HashMap<>();
+    headersMap.put("HeaDer1", "Value1");
+    headersMap.put("HeaDer2", "Value2");
+    credentialSourceMapWithUrlTextSource.put("headers", headersMap);
+    credentialSourceMapWithUrlJsonTextSource.put("headers", headersMap);
+
+    Map<String, String> textFormat = new HashMap<>();
+    textFormat.put("type", "TEXT");
+
+    Map<String, String> jsonTextFormat = new HashMap<>();
+    jsonTextFormat.put("type", "JSON");
+    jsonTextFormat.put("subject_token_field_name", "access_token");
+
+    credentialSourceMapWithFileTextSource.put("format", textFormat);
+    credentialSourceMapWithFileJsonTextSource.put("format", jsonTextFormat);
+
+    credentialSourceMapWithUrlTextSource.put("format", textFormat);
+    credentialSourceMapWithUrlJsonTextSource.put("format", jsonTextFormat);
+
+    List<Map<String, Object>> sources =
+        Arrays.asList(
+            credentialSourceMapWithFileTextSource,
+            credentialSourceMapWithFileJsonTextSource,
+            credentialSourceMapWithUrlTextSource,
+            credentialSourceMapWithUrlJsonTextSource);
+    for (Map<String, Object> source : sources) {
+      // Should not throw.
+      new IdentityPoolCredentialSource(source);
+    }
+  }
+
   @Test
   void identityPoolCredentialSource_invalidSourceType() {
     IllegalArgumentException exception =
