use enums to hold possible Transport + BindingEnforcement types

googleapis · Dec 13, 2024 · c96df22 · c96df22
1 parent 4d0440b
commit c96df22
Show file tree

Hide file tree

Showing 2 changed files with 46 additions and 49 deletions.
diff --git a/oauth2_http/java/com/google/auth/oauth2/ComputeEngineCredentials.java b/oauth2_http/java/com/google/auth/oauth2/ComputeEngineCredentials.java
@@ -50,7 +50,6 @@
 import com.google.common.annotations.VisibleForTesting;
 import com.google.common.base.Joiner;
 import com.google.common.base.MoreObjects.ToStringHelper;
-import com.google.common.base.Strings;
 import com.google.common.collect.ImmutableList;
 import com.google.common.collect.ImmutableSet;
 import com.google.errorprone.annotations.CanIgnoreReturnValue;
@@ -110,6 +109,16 @@ public class ComputeEngineCredentials extends GoogleCredentials
   static final int MAX_COMPUTE_PING_TRIES = 3;
   static final int COMPUTE_PING_CONNECTION_TIMEOUT_MS = 500;
 
+  public enum Transport {
+    ALTS,
+    MTLS
+  }
+
+  public enum BindingEnforcement {
+    ON,
+    IAMPOLICY
+  }
+
   private static final String METADATA_FLAVOR = "Metadata-Flavor";
   private static final String GOOGLE = "Google";
   private static final String WINDOWS = "windows";
@@ -123,8 +132,8 @@ public class ComputeEngineCredentials extends GoogleCredentials
 
   private final Collection<String> scopes;
 
-  private final String transport;
-  private final String bindingEnforcement;
+  private final Transport transport;
+  private final BindingEnforcement bindingEnforcement;
 
   private transient HttpTransportFactory transportFactory;
   private transient String serviceAccountEmail;
@@ -209,11 +218,15 @@ String createTokenUrlWithScopes() {
     if (!scopes.isEmpty()) {
       tokenUrl.set("scopes", Joiner.on(',').join(scopes));
     }
-    if (!Strings.isNullOrEmpty(transport)) {
-      tokenUrl.set("transport", transport);
+    if (transport == Transport.MTLS) {
+      tokenUrl.set("transport", "mtls");
+    } else if (transport == Transport.ALTS) {
+      tokenUrl.set("transport", "alts");
     }
-    if (!Strings.isNullOrEmpty(bindingEnforcement)) {
-      tokenUrl.set("binding-enforcement", bindingEnforcement);
+    if (bindingEnforcement == BindingEnforcement.ON) {
+      tokenUrl.set("binding-enforcement", "on");
+    } else if (bindingEnforcement == BindingEnforcement.IAMPOLICY) {
+      tokenUrl.set("binding-enforcement", "iam-policy");
     }
     return tokenUrl.toString();
   }
@@ -658,8 +671,8 @@ public static class Builder extends GoogleCredentials.Builder {
     private Collection<String> scopes;
     private Collection<String> defaultScopes;
 
-    private String transport;
-    private String bindingEnforcement;
+    private Transport transport;
+    private BindingEnforcement bindingEnforcement;
 
     protected Builder() {
       setRefreshMargin(COMPUTE_REFRESH_MARGIN);
@@ -703,13 +716,13 @@ public Builder setQuotaProjectId(String quotaProjectId) {
     }
 
     @CanIgnoreReturnValue
-    public Builder setTransport(String transport) {
+    public Builder setTransport(Transport transport) {
       this.transport = transport;
       return this;
     }
 
     @CanIgnoreReturnValue
-    public Builder setBindingEnforcement(String bindingEnforcement) {
+    public Builder setBindingEnforcement(BindingEnforcement bindingEnforcement) {
       this.bindingEnforcement = bindingEnforcement;
       return this;
     }
@@ -726,11 +739,11 @@ public Collection<String> getDefaultScopes() {
       return defaultScopes;
     }
 
-    public String getTransport() {
+    public Transport getTransport() {
       return transport;
     }
 
-    public String getBindingEnforcement() {
+    public BindingEnforcement getBindingEnforcement() {
       return bindingEnforcement;
     }
 

diff --git a/oauth2_http/javatests/com/google/auth/oauth2/ComputeEngineCredentialsTest.java b/oauth2_http/javatests/com/google/auth/oauth2/ComputeEngineCredentialsTest.java
@@ -190,58 +190,36 @@ public void buildTokenUrlWithScopes_defaultScopes() {
     assertEquals("bar", scopes.toArray()[1]);
   }
 
-  @Test
-  public void buildTokenUrl_emptyTransport() {
-    ComputeEngineCredentials credentials =
-        ComputeEngineCredentials.newBuilder()
-            .setTransport("")
-            .setBindingEnforcement("abc")
-            .build();
-    String softBoundTokenUrl = credentials.createTokenUrlWithScopes();
-
-    assertEquals(TOKEN_URL +  "?binding-enforcement=abc", softBoundTokenUrl);
-  }
-
   @Test
   public void buildTokenUrl_nullTransport() {
     ComputeEngineCredentials credentials =
         ComputeEngineCredentials.newBuilder()
             .setTransport(null)
-            .setBindingEnforcement("abc")
-            .build();
-    String softBoundTokenUrl = credentials.createTokenUrlWithScopes();
-
-    assertEquals(TOKEN_URL +  "?binding-enforcement=abc", softBoundTokenUrl);
-  }
-
-  @Test
-  public void buildTokenUrl_emptyBindingEnforcement() {
-    ComputeEngineCredentials credentials =
-        ComputeEngineCredentials.newBuilder()
-            .setTransport("abc")
-            .setBindingEnforcement("")
+            .setBindingEnforcement(ComputeEngineCredentials.BindingEnforcement.ON)
             .build();
     String softBoundTokenUrl = credentials.createTokenUrlWithScopes();
 
-    assertEquals(TOKEN_URL +  "?transport=abc", softBoundTokenUrl);
+    assertEquals(TOKEN_URL + "?binding-enforcement=on", softBoundTokenUrl);
   }
 
   @Test
   public void buildTokenUrl_nullBindingEnforcement() {
     ComputeEngineCredentials credentials =
         ComputeEngineCredentials.newBuilder()
-            .setTransport("abc")
+            .setTransport(ComputeEngineCredentials.Transport.MTLS)
             .setBindingEnforcement(null)
             .build();
     String softBoundTokenUrl = credentials.createTokenUrlWithScopes();
 
-    assertEquals(TOKEN_URL +  "?transport=abc", softBoundTokenUrl);
+    assertEquals(TOKEN_URL + "?transport=mtls", softBoundTokenUrl);
   }
 
   @Test
   public void buildTokenUrlSoftMtlsBound_mtls_transport() {
     ComputeEngineCredentials credentials =
-        ComputeEngineCredentials.newBuilder().setTransport("mtls").build();
+        ComputeEngineCredentials.newBuilder()
+            .setTransport(ComputeEngineCredentials.Transport.MTLS)
+            .build();
     String softBoundTokenUrl = credentials.createTokenUrlWithScopes();
 
     assertEquals(TOKEN_URL + "?transport=mtls", softBoundTokenUrl);
@@ -250,7 +228,9 @@ public void buildTokenUrlSoftMtlsBound_mtls_transport() {
   @Test
   public void buildTokenUrlSoftMtlsBound_iam_enforcement() {
     ComputeEngineCredentials credentials =
-        ComputeEngineCredentials.newBuilder().setBindingEnforcement("iam-policy").build();
+        ComputeEngineCredentials.newBuilder()
+            .setBindingEnforcement(ComputeEngineCredentials.BindingEnforcement.IAMPOLICY)
+            .build();
     String softBoundTokenUrl = credentials.createTokenUrlWithScopes();
 
     assertEquals(TOKEN_URL + "?binding-enforcement=iam-policy", softBoundTokenUrl);
@@ -260,8 +240,8 @@ public void buildTokenUrlSoftMtlsBound_iam_enforcement() {
   public void buildTokenUrlSoftMtlsBound_mtls_transport_iam_enforcement() {
     ComputeEngineCredentials credentials =
         ComputeEngineCredentials.newBuilder()
-            .setTransport("mtls")
-            .setBindingEnforcement("iam-policy")
+            .setTransport(ComputeEngineCredentials.Transport.MTLS)
+            .setBindingEnforcement(ComputeEngineCredentials.BindingEnforcement.IAMPOLICY)
             .build();
     String softBoundTokenUrl = credentials.createTokenUrlWithScopes();
 
@@ -271,7 +251,9 @@ public void buildTokenUrlSoftMtlsBound_mtls_transport_iam_enforcement() {
   @Test
   public void buildTokenUrlHardMtlsBound_always_enforced() {
     ComputeEngineCredentials credentials =
-        ComputeEngineCredentials.newBuilder().setBindingEnforcement("on").build();
+        ComputeEngineCredentials.newBuilder()
+            .setBindingEnforcement(ComputeEngineCredentials.BindingEnforcement.ON)
+            .build();
     String softBoundTokenUrl = credentials.createTokenUrlWithScopes();
 
     assertEquals(TOKEN_URL + "?binding-enforcement=on", softBoundTokenUrl);
@@ -281,8 +263,8 @@ public void buildTokenUrlHardMtlsBound_always_enforced() {
   public void buildTokenUrlHardMtlsBound_mtls_transport_always_enforced() {
     ComputeEngineCredentials credentials =
         ComputeEngineCredentials.newBuilder()
-            .setTransport("mtls")
-            .setBindingEnforcement("on")
+            .setTransport(ComputeEngineCredentials.Transport.MTLS)
+            .setBindingEnforcement(ComputeEngineCredentials.BindingEnforcement.ON)
             .build();
     String softBoundTokenUrl = credentials.createTokenUrlWithScopes();
 
@@ -292,7 +274,9 @@ public void buildTokenUrlHardMtlsBound_mtls_transport_always_enforced() {
   @Test
   public void buildTokenUrlHardDirectPathBound_alts_transport() {
     ComputeEngineCredentials credentials =
-        ComputeEngineCredentials.newBuilder().setTransport("alts").build();
+        ComputeEngineCredentials.newBuilder()
+            .setTransport(ComputeEngineCredentials.Transport.ALTS)
+            .build();
     String softBoundTokenUrl = credentials.createTokenUrlWithScopes();
 
     assertEquals(TOKEN_URL + "?transport=alts", softBoundTokenUrl);