Google Git
Sign in
android / platform / external / python / google-auth-library-python / dfad66128c6ee7513e5565d39bc7b002055dd0d5
commitdfad66128c6ee7513e5565d39bc7b002055dd0d5[log] [tgz]
authorbojeil-google <bojeil-google@users.noreply.github.com>Tue Jul 20 10:43:13 2021 -0700
committerGitHub <noreply@github.com>Tue Jul 20 10:43:13 2021 -0700
tree5de987d030d79bb69ca9d964ab0d11c3835a860e
parentdf9f2f9e9ad0797c4f708c9c8c6da382af7910f3 [diff]
fix: fallback to source creds expiration in downscoped tokens (#805)

For downscoping CAB flow, the STS endpoint may not return the expiration
field for certain source credentials. The generated downscoped token
should always have the same expiration time as the source credentials.
When no `expires_in` field is returned in the response, we can just get
the expiration time from the source credentials.

Co-authored-by: arithmetic1728 <58957152+arithmetic1728@users.noreply.github.com>
2 files changed
tree: 5de987d030d79bb69ca9d964ab0d11c3835a860e
  1. .github/
  2. .kokoro/
  3. docs/
  4. google/
  5. scripts/
  6. system_tests/
  7. testing/
  8. tests/
  9. tests_async/
  10. .coveragerc
  11. .flake8
  12. .gitignore
  13. .repo-metadata.json
  14. .trampolinerc
  15. CHANGELOG.md
  16. CODE_OF_CONDUCT.md
  17. CONTRIBUTING.rst
  18. CONTRIBUTORS.md
  19. LICENSE
  20. MANIFEST.in
  21. noxfile.py
  22. owlbot.py
  23. README.rst
  24. renovate.json
  25. SECURITY.md
  26. setup.cfg
  27. setup.py