Skip to content

Commit a47a469

Browse files
bshafferbshaffer
authored
chore: disable universe domain check for MDS (#575)
1 parent 28aa3e9 commit a47a469

File tree

2 files changed

+33
-1
lines changed

2 files changed

+33
-1
lines changed

src/CredentialsWrapper.php

Lines changed: 20 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -42,6 +42,7 @@
4242
use Google\Auth\FetchAuthTokenInterface;
4343
use Google\Auth\GetQuotaProjectInterface;
4444
use Google\Auth\GetUniverseDomainInterface;
45+
use Google\Auth\Credentials\GCECredentials;
4546
use Google\Auth\HttpHandler\Guzzle6HttpHandler;
4647
use Google\Auth\HttpHandler\Guzzle7HttpHandler;
4748
use Google\Auth\HttpHandler\HttpHandlerFactory;
@@ -273,7 +274,7 @@ public function getAuthorizationHeaderCallback($audience = null)
273274
*/
274275
public function checkUniverseDomain()
275276
{
276-
if (false === $this->hasCheckedUniverse) {
277+
if (false === $this->hasCheckedUniverse && $this->shouldCheckUniverseDomain()) {
277278
$credentialsUniverse = $this->credentialsFetcher instanceof GetUniverseDomainInterface
278279
? $this->credentialsFetcher->getUniverseDomain()
279280
: GetUniverseDomainInterface::DEFAULT_UNIVERSE_DOMAIN;
@@ -288,6 +289,24 @@ public function checkUniverseDomain()
288289
}
289290
}
290291

292+
/**
293+
* Skip universe domain check for Metadata server (e.g. GCE) credentials.
294+
*
295+
* @return bool
296+
*/
297+
private function shouldCheckUniverseDomain(): bool
298+
{
299+
$fetcher = $this->credentialsFetcher instanceof FetchAuthTokenCache
300+
? $this->credentialsFetcher->getFetcher()
301+
: $this->credentialsFetcher;
302+
303+
if ($fetcher instanceof GCECredentials) {
304+
return false;
305+
}
306+
307+
return true;
308+
}
309+
291310
/**
292311
* @param array $scopes
293312
* @param callable $authHttpHandler

tests/Tests/Unit/CredentialsWrapperTest.php

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -303,6 +303,19 @@ public function provideCheckUniverseDomainPasses()
303303
];
304304
}
305305

306+
public function testCheckUniverseDomainOnGceCredentialsDoesNotCheck()
307+
{
308+
$fetcher = $this->prophesize(GCECredentials::class);
309+
$fetcher->getUniverseDomain()->shouldNotBeCalled();
310+
$credentialsWrapper = new CredentialsWrapper(
311+
$fetcher->reveal(),
312+
null,
313+
'some-random-universe-domain'
314+
);
315+
316+
$credentialsWrapper->checkUniverseDomain();
317+
}
318+
306319
/**
307320
* @dataProvider getBearerStringData
308321
*/

0 commit comments

Comments
 (0)