provide default scopes constructor

Author: ldetmer

google-cloud-spanner/src/main/java/com/google/cloud/spanner/connection/MutableCredentials.java

@@ -19,12 +19,14 @@
 import com.google.auth.Credentials;
 import com.google.auth.RequestMetadataCallback;
 import com.google.auth.oauth2.ServiceAccountCredentials;
+import com.google.cloud.spanner.SpannerOptions;
 import java.io.IOException;
 import java.net.URI;
-import java.util.Collections;
 import java.util.List;
 import java.util.Map;
+import java.util.Set;
 import java.util.concurrent.Executor;
+import javax.annotation.Nonnull;
 
 /**
  * A mutable {@link Credentials} implementation that delegates authentication behavior to a scoped
@@ -41,14 +43,17 @@
  */
 public class MutableCredentials extends Credentials {
   private volatile ServiceAccountCredentials delegate;
-  private final List<String> scopes;
+  private final Set<String> scopes;
 
-  public MutableCredentials(ServiceAccountCredentials credentials, List<String> scopes) {
-    if (scopes != null) {
-      this.scopes = new java.util.ArrayList<>(scopes);
-    } else {
-      this.scopes = Collections.emptyList();
+  public MutableCredentials(ServiceAccountCredentials credentials) {
+    this(credentials, SpannerOptions.getDefaultInstance().getScopes());
+  }
+
+  public MutableCredentials(ServiceAccountCredentials credentials, @Nonnull Set<String> scopes) {
+    if (scopes.isEmpty()) {
+      throw new IllegalArgumentException("Scopes must not be empty");
     }
+    this.scopes = new java.util.HashSet<>(scopes);
     delegate = (ServiceAccountCredentials) credentials.createScoped(this.scopes);
   }
 

google-cloud-spanner/src/test/java/com/google/cloud/spanner/connection/MutableCredentialsTest.java

@@ -31,10 +31,7 @@
 import com.google.auth.oauth2.ServiceAccountCredentials;
 import java.io.IOException;
 import java.net.URI;
-import java.util.Arrays;
-import java.util.Collections;
-import java.util.List;
-import java.util.Map;
+import java.util.*;
 import java.util.concurrent.Executor;
 import org.junit.Test;
 import org.junit.runner.RunWith;
@@ -46,7 +43,7 @@ public class MutableCredentialsTest {
   ServiceAccountCredentials initialScopedCredentials = mock(ServiceAccountCredentials.class);
   ServiceAccountCredentials updatedCredentials = mock(ServiceAccountCredentials.class);
   ServiceAccountCredentials updatedScopedCredentials = mock(ServiceAccountCredentials.class);
-  List<String> scopes = Arrays.asList("scope-a", "scope-b");
+  Set<String> scopes = new HashSet<>(Arrays.asList("scope-a", "scope-b"));
   Map<String, List<String>> initialMetadata =
       Collections.singletonMap("Authorization", Collections.singletonList("v1"));
   Map<String, List<String>> updatedMetadata =
@@ -108,14 +105,9 @@ public void testUpdateMutableCredentials() throws IOException {
     verify(updatedScopedCredentials, times(1)).refresh();
   }
 
-  @Test
-  public void testCreateMutableCredentialsNullScopes() throws IOException {
-    setupInitialCredentials();
-
-    MutableCredentials credentials = new MutableCredentials(initialCredentials, null);
-    URI testUri = URI.create("https://spanner.googleapis.com");
-
-    validateInitialDelegatedCredentialsAreSet(credentials, testUri);
+  @Test(expected = IllegalArgumentException.class)
+  public void testCreateMutableCredentialsEmptyScopes() {
+    new MutableCredentials(initialCredentials, Collections.emptySet());
   }
 
   private void validateInitialDelegatedCredentialsAreSet(

google-cloud-spanner/src/test/java/com/google/cloud/spanner/connection/it/ITMutableCredentialsTest.java

@@ -18,17 +18,17 @@
 
 import static org.junit.Assert.*;
 
+import com.google.api.gax.core.FixedCredentialsProvider;
 import com.google.auth.oauth2.GoogleCredentials;
 import com.google.auth.oauth2.ServiceAccountCredentials;
 import com.google.cloud.spanner.*;
-import com.google.cloud.spanner.admin.database.v1.DatabaseAdminClient;
+import com.google.cloud.spanner.admin.instance.v1.InstanceAdminClient;
 import com.google.cloud.spanner.connection.MutableCredentials;
-import com.google.spanner.admin.database.v1.Database;
-import com.google.spanner.admin.database.v1.InstanceName;
+import com.google.spanner.admin.instance.v1.ProjectName;
 import java.io.IOException;
 import java.io.InputStream;
-import java.util.Collections;
-import java.util.List;
+import java.nio.file.Files;
+import java.nio.file.Paths;
 import org.junit.Test;
 import org.junit.experimental.categories.Category;
 import org.junit.runner.RunWith;
@@ -44,29 +44,33 @@ public class ITMutableCredentialsTest {
 
   @Test
   public void testMutableCredentialsUpdateAuthorizationForRunningClient() throws IOException {
-
+    System.out.println("property" + System.getenv("GOOGLE_ACCOUNT_CREDENTIALS"));
     GoogleCredentials missingPermissionCredentials;
     try (InputStream stream =
-        ITMutableCredentialsTest.class.getResourceAsStream(MISSING_PERM_KEY)) {
+        Files.newInputStream(Paths.get(System.getenv("GOOGLE_ACCOUNT_CREDENTIALS")))) {
       missingPermissionCredentials = GoogleCredentials.fromStream(stream);
     }
     ServiceAccountCredentials invalidCredentials;
     try (InputStream stream = ITMutableCredentialsTest.class.getResourceAsStream(INVALID_KEY)) {
       invalidCredentials = ServiceAccountCredentials.fromStream(stream);
     }
-    List<String> scopes =
-        Collections.singletonList("https://www.googleapis.com/auth/cloud-platform");
-    // create MutableCredentials first with missing permissions
+
+    // create MutableCredentials first default account credentials
     MutableCredentials mutableCredentials =
-        new MutableCredentials((ServiceAccountCredentials) missingPermissionCredentials, scopes);
+        new MutableCredentials((ServiceAccountCredentials) missingPermissionCredentials);
 
-    SpannerOptions options = SpannerOptions.newBuilder().setCredentials(mutableCredentials).build();
+    SpannerOptions options =
+        SpannerOptions.newBuilder()
+            .setCredentials(FixedCredentialsProvider.create(mutableCredentials).getCredentials())
+            .build();
+    System.out.println("initial credentials " + options.getCredentials());
+    System.out.println("default projecct"  + options.getProjectId());
     try (Spanner spanner = options.getService();
-        DatabaseAdminClient databaseAdminClient = spanner.createDatabaseAdminClient()) {
+        InstanceAdminClient instanceAdminClient = spanner.createInstanceAdminClient()) {
       String project = "gcloud-devel";
       String instance = "java-client-integration-tests";
       try {
-        listDatabases(databaseAdminClient, project, instance);
+        listInstances(instanceAdminClient, options.getProjectId(), instance);
         fail("Expected PERMISSION_DENIED");
       } catch (Exception e) {
         // specifically validate the permission denied error message
@@ -78,7 +82,7 @@ public void testMutableCredentialsUpdateAuthorizationForRunningClient() throws I
       // update mutableCredentials now to use an invalid credential
       mutableCredentials.updateCredentials(invalidCredentials);
       try {
-        listDatabases(databaseAdminClient, project, instance);
+        listInstances(instanceAdminClient, options.getProjectId(), instance);
         fail("Expected UNAUTHENTICATED after switching to invalid credentials");
       } catch (Exception e) {
         assertTrue(e.getMessage().contains("UNAUTHENTICATED"));
@@ -87,15 +91,13 @@ public void testMutableCredentialsUpdateAuthorizationForRunningClient() throws I
     }
   }
 
-  private static void listDatabases(
-      DatabaseAdminClient databaseAdminClient, String projectId, String instanceId) {
-    DatabaseAdminClient.ListDatabasesPagedResponse response =
-        databaseAdminClient.listDatabases(InstanceName.of(projectId, instanceId));
+  private static void listInstances(
+      InstanceAdminClient instanceAdminClient, String projectId, String instanceId) {
+    InstanceAdminClient.ListInstancesPagedResponse response =
+        instanceAdminClient.listInstances(ProjectName.of(projectId));
 
-    for (DatabaseAdminClient.ListDatabasesPage page : response.iteratePages()) {
-      for (Database database : page.iterateAll()) {
-        // no-op
-      }
+    for (InstanceAdminClient.ListInstancesPage page : response.iteratePages()) {
+      // no-op
     }
   }
 }