captor = ArgumentCaptor.forClass(String.class);
- verify(deliveryServiceCommands, times(1)).searchTasks(captor.capture());
+ verify(deliveryServiceCommands).getTaskTrackingInfo(captor.capture());
assertEquals(TEST_TRACKING_ID, captor.getValue());
}
}
diff --git a/src/main/java/com/google/fleetengine/auth/AuthTokenMinter.java b/src/main/java/com/google/fleetengine/auth/AuthTokenMinter.java
index b7713fa..e365681 100644
--- a/src/main/java/com/google/fleetengine/auth/AuthTokenMinter.java
+++ b/src/main/java/com/google/fleetengine/auth/AuthTokenMinter.java
@@ -91,6 +91,10 @@ public abstract class AuthTokenMinter implements FleetEngineTokenProvider {
@Nullable
public abstract Signer deliveryFleetReaderSigner();
+ /** Signer responsible for signing JWTs with a fleet reader key. */
+ @Nullable
+ public abstract Signer fleetReaderSigner();
+
/** Signer responsible for signing JWTs with that aren't tied to the standard role set. */
@Nullable
public abstract Signer customSigner();
@@ -345,6 +349,22 @@ public FleetEngineToken getDeliveryFleetReaderToken() throws SigningTokenExcepti
return tokenStateManager().signToken(deliveryFleetReaderSigner(), unsignedToken);
}
+ /**
+ * Returns a non expired Fleet Engine Token that was signed with the fleet reader signer.
+ *
+ * Tokens will have an expiration of at least {@link
+ * FleetEngineAuthTokenStateManager#EXPIRATION_WINDOW_DURATION}.
+ *
+ * @throws SigningTokenException if the fleet reader server signer was not set, or if there is an
+ * issue while signing the token.
+ * @return Fleet Engine token with the "Fleet Reader" role, guaranteed to be valid for {@link
+ * FleetEngineAuthTokenStateManager#EXPIRATION_WINDOW_DURATION} minutes.
+ */
+ public FleetEngineToken getFleetReaderToken() throws SigningTokenException {
+ FleetEngineToken unsignedToken = tokenFactory().createFleetReaderToken();
+ return tokenStateManager().signToken(fleetReaderSigner(), unsignedToken);
+ }
+
/**
* Returns a non expired Fleet Engine Token that was signed with the custom signer
* and authorized for use with entities matching the specified claim.
@@ -411,6 +431,9 @@ public abstract static class Builder {
/** Sets the signer responsible for signing delivery fleet JWTs. */
public abstract Builder setDeliveryFleetReaderSigner(Signer deliveryFleetReaderSigner);
+ /** Sets the signer responsible for signing fleet reader JWTs. */
+ public abstract Builder setFleetReaderSigner(Signer fleetReaderSigner);
+
/**
* Sets token factory that creates unsigned tokens.
*
diff --git a/src/main/java/com/google/fleetengine/auth/token/FleetEngineTokenType.java b/src/main/java/com/google/fleetengine/auth/token/FleetEngineTokenType.java
index 8f428fa..4183f25 100644
--- a/src/main/java/com/google/fleetengine/auth/token/FleetEngineTokenType.java
+++ b/src/main/java/com/google/fleetengine/auth/token/FleetEngineTokenType.java
@@ -64,6 +64,12 @@ public enum FleetEngineTokenType {
*/
DELIVERY_FLEET_READER,
+ /**
+ * Fleet reader tokens are usually service accounts associated with the Fleet Engine Fleet Reader
+ * User role on the Google Cloud project.
+ */
+ FLEET_READER,
+
/** Custom token type associated with any Fleet Engine Role on the Google Cloud project. */
CUSTOM,
}
diff --git a/src/main/java/com/google/fleetengine/auth/token/FleetReaderClaims.java b/src/main/java/com/google/fleetengine/auth/token/FleetReaderClaims.java
new file mode 100644
index 0000000..a556f99
--- /dev/null
+++ b/src/main/java/com/google/fleetengine/auth/token/FleetReaderClaims.java
@@ -0,0 +1,40 @@
+package com.google.fleetengine.auth.token;
+
+import com.google.common.collect.ImmutableMap;
+
+/**
+ * Special claim for fleet reader claims. Authorizes a token for use with all trips, tasks,
+ * vehicles, and delivery vehicles.
+ */
+public class FleetReaderClaims implements FleetEngineTokenClaims {
+
+ private static final String WILDCARD = "*";
+ private static final FleetReaderClaims SINGLETON = new FleetReaderClaims();
+ private final ImmutableMap map;
+
+ /** Creates a delivery fleet reader token claims object. */
+ public static FleetReaderClaims create() {
+ return SINGLETON;
+ }
+
+ private FleetReaderClaims() {
+ // Load all claims with a wild card.
+ map =
+ ImmutableMap.of(
+ TripClaims.CLAIM_TRIP_ID, WILDCARD,
+ TaskClaims.CLAIM_TASK_ID, WILDCARD,
+ TrackingClaims.CLAIM_TRACKING_ID, WILDCARD,
+ VehicleClaims.CLAIM_VEHICLE_ID, WILDCARD,
+ DeliveryVehicleClaims.CLAIM_DELIVERY_VEHICLE_ID, WILDCARD);
+ }
+
+ @Override
+ public ImmutableMap toMap() {
+ return map;
+ }
+
+ @Override
+ public boolean isWildcard() {
+ return true;
+ }
+}
diff --git a/src/main/java/com/google/fleetengine/auth/token/factory/FleetEngineTokenFactory.java b/src/main/java/com/google/fleetengine/auth/token/factory/FleetEngineTokenFactory.java
index 8e01d3d..08a9110 100644
--- a/src/main/java/com/google/fleetengine/auth/token/factory/FleetEngineTokenFactory.java
+++ b/src/main/java/com/google/fleetengine/auth/token/factory/FleetEngineTokenFactory.java
@@ -22,6 +22,7 @@
import com.google.fleetengine.auth.token.FleetEngineToken;
import com.google.fleetengine.auth.token.FleetEngineTokenClaims;
import com.google.fleetengine.auth.token.FleetEngineTokenType;
+import com.google.fleetengine.auth.token.FleetReaderClaims;
import com.google.fleetengine.auth.token.ServerTokenClaims;
import com.google.fleetengine.auth.token.TaskClaims;
import com.google.fleetengine.auth.token.TrackingClaims;
@@ -133,6 +134,12 @@ public FleetEngineToken createDeliveryFleetReaderToken() {
FleetEngineTokenType.DELIVERY_FLEET_READER, DeliveryFleetReaderClaims.create());
}
+ /** {@inheritDoc} */
+ @Override
+ public FleetEngineToken createFleetReaderToken() {
+ return createToken(FleetEngineTokenType.FLEET_READER, FleetReaderClaims.create());
+ }
+
/** {@inheritDoc} */
@Override
public FleetEngineToken createCustomToken(FleetEngineTokenClaims claims) {
diff --git a/src/main/java/com/google/fleetengine/auth/token/factory/TokenFactory.java b/src/main/java/com/google/fleetengine/auth/token/factory/TokenFactory.java
index df38c06..cd5e49a 100644
--- a/src/main/java/com/google/fleetengine/auth/token/factory/TokenFactory.java
+++ b/src/main/java/com/google/fleetengine/auth/token/factory/TokenFactory.java
@@ -89,6 +89,12 @@ FleetEngineToken createTrustedDeliveryDriverToken(
*/
FleetEngineToken createDeliveryFleetReaderToken();
+ /**
+ * Creates tokens for the {@link
+ * com.google.fleetengine.auth.token.FleetEngineTokenType#FLEET_READER} role.
+ */
+ FleetEngineToken createFleetReaderToken();
+
/**
* Creates tokens for tokens of type {@link
* com.google.fleetengine.auth.token.FleetEngineTokenType#CUSTOM} and can be associated to any
diff --git a/src/test/java/com/google/fleetengine/auth/AuthTokenMinterTest.java b/src/test/java/com/google/fleetengine/auth/AuthTokenMinterTest.java
index d72a446..419daf6 100644
--- a/src/test/java/com/google/fleetengine/auth/AuthTokenMinterTest.java
+++ b/src/test/java/com/google/fleetengine/auth/AuthTokenMinterTest.java
@@ -54,6 +54,7 @@ public class AuthTokenMinterTest {
private Signer untrustedDeliveryDriverSigner;
private Signer trustedDeliveryDriverSigner;
private Signer deliveryFleetReaderSigner;
+ private Signer fleetReaderSigner;
private Signer customSigner;
private FleetEngineAuthTokenStateManager authStateManager;
private AuthTokenMinter.Builder defaultFleetEngineAuthBuilder;
@@ -70,6 +71,7 @@ public void setup() {
this.untrustedDeliveryDriverSigner = mock(Signer.class);
this.trustedDeliveryDriverSigner = mock(Signer.class);
this.deliveryFleetReaderSigner = mock(Signer.class);
+ this.fleetReaderSigner = mock(Signer.class);
this.customSigner = mock(Signer.class);
this.authStateManager = mock(FleetEngineAuthTokenStateManager.class);
this.tokenFactory = mock(TokenFactory.class);
@@ -250,6 +252,18 @@ public void getDeliveryServerToken_whenDeliveryServerSignerSet_signsWithSetDeliv
.signToken(eq(deliveryFleetReaderSigner), eq(fleetEngineToken));
}
+ @Test
+ public void getFleetReaderToken_whenFleetReaderSignerSet_signsWithSetFleetReaderSigner()
+ throws SigningTokenException {
+ AuthTokenMinter baseFleetEngineAuth =
+ defaultFleetEngineAuthBuilder.setFleetReaderSigner(fleetReaderSigner).build();
+ when(tokenFactory.createFleetReaderToken()).thenReturn(fleetEngineToken);
+
+ FleetEngineToken unused = baseFleetEngineAuth.getFleetReaderToken();
+
+ verify(authStateManager, times(1)).signToken(eq(fleetReaderSigner), eq(fleetEngineToken));
+ }
+
@Test
public void getCustomToken_whenCustomSignerSet_signsWithSetCustomSigner()
throws SigningTokenException {
diff --git a/version.properties b/version.properties
index 23bd66f..80d6c60 100644
--- a/version.properties
+++ b/version.properties
@@ -15,5 +15,5 @@
################################################################################
# Used by conventional commits in github. Do not touch.
-libVersion=1.11.0
+libVersion=1.12.0
pFad - Phonifier reborn
Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.
Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.
Alternative Proxies:
Alternative Proxy
pFad Proxy
pFad v3 Proxy
pFad v4 Proxy