1 //
2 //
3 // Copyright 2015 gRPC authors.
4 //
5 // Licensed under the Apache License, Version 2.0 (the "License");
6 // you may not use this file except in compliance with the License.
7 // You may obtain a copy of the License at
8 //
9 // http://www.apache.org/licenses/LICENSE-2.0
10 //
11 // Unless required by applicable law or agreed to in writing, software
12 // distributed under the License is distributed on an "AS IS" BASIS,
13 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 // See the License for the specific language governing permissions and
15 // limitations under the License.
16 //
17 //
18
19 #include "src/core/lib/security/credentials/jwt/json_token.h"
20
21 #include <string.h>
22
23 #include <gtest/gtest.h>
24 #include <openssl/evp.h>
25
26 #include "absl/strings/escaping.h"
27
28 #include <grpc/grpc_security.h>
29 #include <grpc/slice.h>
30 #include <grpc/support/alloc.h>
31 #include <grpc/support/log.h>
32
33 #include "src/core/lib/gprpp/crash.h"
34 #include "src/core/lib/json/json.h"
35 #include "src/core/lib/json/json_reader.h"
36 #include "src/core/lib/security/credentials/oauth2/oauth2_credentials.h"
37 #include "src/core/lib/slice/slice_internal.h"
38 #include "test/core/util/test_config.h"
39
40 using grpc_core::Json;
41
42 // This JSON key was generated with the GCE console and revoked immediately.
43 // The identifiers have been changed as well.
44 // Maximum size for a string literal is 509 chars in C89, yay!
45 static const char test_json_key_str_part1[] =
46 "{ \"private_key\": \"-----BEGIN PRIVATE KEY-----"
47 "\\nMIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBAOEvJsnoHnyHkXcp\\n7mJE"
48 "qg"
49 "WGjiw71NfXByguekSKho65FxaGbsnSM9SMQAqVk7Q2rG+I0OpsT0LrWQtZ\\nyjSeg/"
50 "rWBQvS4hle4LfijkP3J5BG+"
51 "IXDMP8RfziNRQsenAXDNPkY4kJCvKux2xdD\\nOnVF6N7dL3nTYZg+"
52 "uQrNsMTz9UxVAgMBAAECgYEAzbLewe1xe9vy+2GoSsfib+28\\nDZgSE6Bu/"
53 "zuFoPrRc6qL9p2SsnV7txrunTyJkkOnPLND9ABAXybRTlcVKP/sGgza\\n/"
54 "8HpCqFYM9V8f34SBWfD4fRFT+n/"
55 "73cfRUtGXdXpseva2lh8RilIQfPhNZAncenU\\ngqXjDvpkypEusgXAykECQQD+";
56 static const char test_json_key_str_part2[] =
57 "53XxNVnxBHsYb+AYEfklR96yVi8HywjVHP34+OQZ\\nCslxoHQM8s+"
58 "dBnjfScLu22JqkPv04xyxmt0QAKm9+vTdAkEA4ib7YvEAn2jXzcCI\\nEkoy2L/"
59 "XydR1GCHoacdfdAwiL2npOdnbvi4ZmdYRPY1LSTO058tQHKVXV7NLeCa3\\nAARh2QJBAMKeDA"
60 "G"
61 "W303SQv2cZTdbeaLKJbB5drz3eo3j7dDKjrTD9JupixFbzcGw\\n8FZi5c8idxiwC36kbAL6Hz"
62 "A"
63 "ZoX+ofI0CQE6KCzPJTtYNqyShgKAZdJ8hwOcvCZtf\\n6z8RJm0+"
64 "6YBd38lfh5j8mZd7aHFf6I17j5AQY7oPEc47TjJj/"
65 "5nZ68ECQQDvYuI3\\nLyK5fS8g0SYbmPOL9TlcHDOqwG0mrX9qpg5DC2fniXNSrrZ64GTDKdzZ"
66 "Y"
67 "Ap6LI9W\\nIqv4vr6y38N79TTC\\n-----END PRIVATE KEY-----\\n\", ";
68 static const char test_json_key_str_part3[] =
69 "\"private_key_id\": \"e6b5137873db8d2ef81e06a47289e6434ec8a165\", "
70 "\"client_email\": "
71 "\"[email protected]."
72 "com\", \"client_id\": "
73 "\"777-abaslkan11hlb6nmim3bpspl31ud.apps.googleusercontent."
74 "com\", \"type\": \"service_account\" }";
75
76 // Test refresh token.
77 static const char test_refresh_token_str[] =
78 "{ \"client_id\": \"32555999999.apps.googleusercontent.com\","
79 " \"client_secret\": \"EmssLNjJy1332hD4KFsecret\","
80 " \"refresh_token\": \"1/Blahblasj424jladJDSGNf-u4Sua3HDA2ngjd42\","
81 " \"type\": \"authorized_user\"}";
82
83 static const char test_scope[] = "myperm1 myperm2";
84
85 static const char test_service_url[] = "https://foo.com/foo.v1";
86
test_json_key_str(const char * bad_part3)87 static char* test_json_key_str(const char* bad_part3) {
88 const char* part3 =
89 bad_part3 != nullptr ? bad_part3 : test_json_key_str_part3;
90 size_t result_len = strlen(test_json_key_str_part1) +
91 strlen(test_json_key_str_part2) + strlen(part3);
92 char* result = static_cast<char*>(gpr_malloc(result_len + 1));
93 char* current = result;
94 strcpy(result, test_json_key_str_part1);
95 current += strlen(test_json_key_str_part1);
96 strcpy(current, test_json_key_str_part2);
97 current += strlen(test_json_key_str_part2);
98 strcpy(current, part3);
99 return result;
100 }
101
TEST(JsonTokenTest,ParseJsonKeySuccess)102 TEST(JsonTokenTest, ParseJsonKeySuccess) {
103 char* json_string = test_json_key_str(nullptr);
104 grpc_auth_json_key json_key =
105 grpc_auth_json_key_create_from_string(json_string);
106 ASSERT_TRUE(grpc_auth_json_key_is_valid(&json_key));
107 ASSERT_TRUE(json_key.type != nullptr &&
108 strcmp(json_key.type, "service_account") == 0);
109 ASSERT_TRUE(json_key.private_key_id != nullptr &&
110 strcmp(json_key.private_key_id,
111 "e6b5137873db8d2ef81e06a47289e6434ec8a165") == 0);
112 ASSERT_TRUE(json_key.client_id != nullptr &&
113 strcmp(json_key.client_id,
114 "777-abaslkan11hlb6nmim3bpspl31ud.apps."
115 "googleusercontent.com") == 0);
116 ASSERT_TRUE(json_key.client_email != nullptr &&
117 strcmp(json_key.client_email,
118 "777-abaslkan11hlb6nmim3bpspl31ud@developer."
119 "gserviceaccount.com") == 0);
120 ASSERT_NE(json_key.private_key, nullptr);
121 gpr_free(json_string);
122 grpc_auth_json_key_destruct(&json_key);
123 }
124
TEST(JsonTokenTest,ParseJsonKeyFailureBadJson)125 TEST(JsonTokenTest, ParseJsonKeyFailureBadJson) {
126 const char non_closing_part3[] =
127 "\"private_key_id\": \"e6b5137873db8d2ef81e06a47289e6434ec8a165\", "
128 "\"client_email\": "
129 "\"[email protected]."
130 "com\", \"client_id\": "
131 "\"777-abaslkan11hlb6nmim3bpspl31ud.apps.googleusercontent."
132 "com\", \"type\": \"service_account\" ";
133 char* json_string = test_json_key_str(non_closing_part3);
134 grpc_auth_json_key json_key =
135 grpc_auth_json_key_create_from_string(json_string);
136 ASSERT_FALSE(grpc_auth_json_key_is_valid(&json_key));
137 gpr_free(json_string);
138 grpc_auth_json_key_destruct(&json_key);
139 }
140
TEST(JsonTokenTest,ParseJsonKeyFailureNoType)141 TEST(JsonTokenTest, ParseJsonKeyFailureNoType) {
142 const char no_type_part3[] =
143 "\"private_key_id\": \"e6b5137873db8d2ef81e06a47289e6434ec8a165\", "
144 "\"client_email\": "
145 "\"[email protected]."
146 "com\", \"client_id\": "
147 "\"777-abaslkan11hlb6nmim3bpspl31ud.apps.googleusercontent."
148 "com\" }";
149 char* json_string = test_json_key_str(no_type_part3);
150 grpc_auth_json_key json_key =
151 grpc_auth_json_key_create_from_string(json_string);
152 ASSERT_FALSE(grpc_auth_json_key_is_valid(&json_key));
153 gpr_free(json_string);
154 grpc_auth_json_key_destruct(&json_key);
155 }
156
TEST(JsonTokenTest,ParseJsonKeyFailureNoClientId)157 TEST(JsonTokenTest, ParseJsonKeyFailureNoClientId) {
158 const char no_client_id_part3[] =
159 "\"private_key_id\": \"e6b5137873db8d2ef81e06a47289e6434ec8a165\", "
160 "\"client_email\": "
161 "\"[email protected]."
162 "com\", "
163 "\"type\": \"service_account\" }";
164 char* json_string = test_json_key_str(no_client_id_part3);
165 grpc_auth_json_key json_key =
166 grpc_auth_json_key_create_from_string(json_string);
167 ASSERT_FALSE(grpc_auth_json_key_is_valid(&json_key));
168 gpr_free(json_string);
169 grpc_auth_json_key_destruct(&json_key);
170 }
171
TEST(JsonTokenTest,ParseJsonKeyFailureNoClientEmail)172 TEST(JsonTokenTest, ParseJsonKeyFailureNoClientEmail) {
173 const char no_client_email_part3[] =
174 "\"private_key_id\": \"e6b5137873db8d2ef81e06a47289e6434ec8a165\", "
175 "\"client_id\": "
176 "\"777-abaslkan11hlb6nmim3bpspl31ud.apps.googleusercontent."
177 "com\", \"type\": \"service_account\" }";
178 char* json_string = test_json_key_str(no_client_email_part3);
179 grpc_auth_json_key json_key =
180 grpc_auth_json_key_create_from_string(json_string);
181 ASSERT_FALSE(grpc_auth_json_key_is_valid(&json_key));
182 gpr_free(json_string);
183 grpc_auth_json_key_destruct(&json_key);
184 }
185
TEST(JsonTokenTest,ParseJsonKeyFailureNoPrivateKeyId)186 TEST(JsonTokenTest, ParseJsonKeyFailureNoPrivateKeyId) {
187 const char no_private_key_id_part3[] =
188 "\"client_email\": "
189 "\"[email protected]."
190 "com\", \"client_id\": "
191 "\"777-abaslkan11hlb6nmim3bpspl31ud.apps.googleusercontent."
192 "com\", \"type\": \"service_account\" }";
193 char* json_string = test_json_key_str(no_private_key_id_part3);
194 grpc_auth_json_key json_key =
195 grpc_auth_json_key_create_from_string(json_string);
196 ASSERT_FALSE(grpc_auth_json_key_is_valid(&json_key));
197 gpr_free(json_string);
198 grpc_auth_json_key_destruct(&json_key);
199 }
200
TEST(JsonTokenTest,ParseJsonKeyFailureNoPrivateKey)201 TEST(JsonTokenTest, ParseJsonKeyFailureNoPrivateKey) {
202 const char no_private_key_json_string[] =
203 "{ \"private_key_id\": \"e6b5137873db8d2ef81e06a47289e6434ec8a165\", "
204 "\"client_email\": "
205 "\"[email protected]."
206 "com\", \"client_id\": "
207 "\"777-abaslkan11hlb6nmim3bpspl31ud.apps.googleusercontent."
208 "com\", \"type\": \"service_account\" }";
209 grpc_auth_json_key json_key =
210 grpc_auth_json_key_create_from_string(no_private_key_json_string);
211 ASSERT_FALSE(grpc_auth_json_key_is_valid(&json_key));
212 grpc_auth_json_key_destruct(&json_key);
213 }
214
parse_json_part_from_jwt(const char * str,size_t len)215 static Json parse_json_part_from_jwt(const char* str, size_t len) {
216 grpc_core::ExecCtx exec_ctx;
217 std::string decoded;
218 absl::WebSafeBase64Unescape(absl::string_view(str, len), &decoded);
219 EXPECT_FALSE(decoded.empty());
220 auto json = grpc_core::JsonParse(decoded);
221 if (!json.ok()) {
222 gpr_log(GPR_ERROR, "JSON parse error: %s",
223 json.status().ToString().c_str());
224 return Json();
225 }
226 return std::move(*json);
227 }
228
check_jwt_header(const Json & header)229 static void check_jwt_header(const Json& header) {
230 Json::Object object = header.object();
231 Json value = object["alg"];
232 ASSERT_EQ(value.type(), Json::Type::kString);
233 ASSERT_STREQ(value.string().c_str(), "RS256");
234 value = object["typ"];
235 ASSERT_EQ(value.type(), Json::Type::kString);
236 ASSERT_STREQ(value.string().c_str(), "JWT");
237 value = object["kid"];
238 ASSERT_EQ(value.type(), Json::Type::kString);
239 ASSERT_STREQ(value.string().c_str(),
240 "e6b5137873db8d2ef81e06a47289e6434ec8a165");
241 }
242
check_jwt_claim(const Json & claim,const char * expected_audience,const char * expected_scope)243 static void check_jwt_claim(const Json& claim, const char* expected_audience,
244 const char* expected_scope) {
245 Json::Object object = claim.object();
246
247 Json value = object["iss"];
248 ASSERT_EQ(value.type(), Json::Type::kString);
249 ASSERT_EQ(value.string(),
250 "[email protected]");
251
252 if (expected_scope != nullptr) {
253 ASSERT_EQ(object.find("sub"), object.end());
254 value = object["scope"];
255 ASSERT_EQ(value.type(), Json::Type::kString);
256 ASSERT_EQ(value.string(), expected_scope);
257 } else {
258 // Claims without scope must have a sub.
259 ASSERT_EQ(object.find("scope"), object.end());
260 value = object["sub"];
261 ASSERT_EQ(value.type(), Json::Type::kString);
262 ASSERT_EQ(value.string(), object["iss"].string());
263 }
264
265 value = object["aud"];
266 ASSERT_EQ(value.type(), Json::Type::kString);
267 ASSERT_EQ(value.string(), expected_audience);
268
269 gpr_timespec expiration = gpr_time_0(GPR_CLOCK_REALTIME);
270 value = object["exp"];
271 ASSERT_EQ(value.type(), Json::Type::kNumber);
272 expiration.tv_sec = strtol(value.string().c_str(), nullptr, 10);
273
274 gpr_timespec issue_time = gpr_time_0(GPR_CLOCK_REALTIME);
275 value = object["iat"];
276 ASSERT_EQ(value.type(), Json::Type::kNumber);
277 issue_time.tv_sec = strtol(value.string().c_str(), nullptr, 10);
278
279 gpr_timespec parsed_lifetime = gpr_time_sub(expiration, issue_time);
280 ASSERT_EQ(parsed_lifetime.tv_sec, grpc_max_auth_token_lifetime().tv_sec);
281 }
282
283 #if OPENSSL_VERSION_NUMBER < 0x30000000L
check_jwt_signature(const char * b64_signature,RSA * rsa_key,const char * signed_data,size_t signed_data_size)284 static void check_jwt_signature(const char* b64_signature, RSA* rsa_key,
285 const char* signed_data,
286 size_t signed_data_size) {
287 grpc_core::ExecCtx exec_ctx;
288
289 EVP_MD_CTX* md_ctx = EVP_MD_CTX_create();
290 EVP_PKEY* key = EVP_PKEY_new();
291
292 std::string decoded;
293 absl::WebSafeBase64Unescape(b64_signature, &decoded);
294 ASSERT_EQ(decoded.size(), 128);
295
296 ASSERT_NE(md_ctx, nullptr);
297 ASSERT_NE(key, nullptr);
298 EVP_PKEY_set1_RSA(key, rsa_key);
299
300 ASSERT_EQ(EVP_DigestVerifyInit(md_ctx, nullptr, EVP_sha256(), nullptr, key),
301 1);
302 ASSERT_EQ(EVP_DigestVerifyUpdate(md_ctx, signed_data, signed_data_size), 1);
303 ASSERT_EQ(EVP_DigestVerifyFinal(
304 md_ctx, reinterpret_cast<const uint8_t*>(decoded.data()),
305 decoded.size()),
306 1);
307
308 if (key != nullptr) EVP_PKEY_free(key);
309 if (md_ctx != nullptr) EVP_MD_CTX_destroy(md_ctx);
310 }
311 #else
check_jwt_signature(const char * b64_signature,EVP_PKEY * key,const char * signed_data,size_t signed_data_size)312 static void check_jwt_signature(const char* b64_signature, EVP_PKEY* key,
313 const char* signed_data,
314 size_t signed_data_size) {
315 grpc_core::ExecCtx exec_ctx;
316 EVP_MD_CTX* md_ctx = EVP_MD_CTX_create();
317
318 std::string decoded;
319 absl::WebSafeBase64Unescape(b64_signature, &decoded);
320 ASSERT_EQ(decoded.size(), 128);
321
322 ASSERT_EQ(EVP_DigestVerifyInit(md_ctx, nullptr, EVP_sha256(), nullptr, key),
323 1);
324 ASSERT_EQ(EVP_DigestVerifyUpdate(md_ctx, signed_data, signed_data_size), 1);
325 ASSERT_EQ(EVP_DigestVerifyFinal(
326 md_ctx, reinterpret_cast<const unsigned char*>(decoded.data()),
327 decoded.size()),
328 1);
329
330 if (md_ctx != nullptr) EVP_MD_CTX_destroy(md_ctx);
331 }
332 #endif
333
service_account_creds_jwt_encode_and_sign(const grpc_auth_json_key * key)334 static char* service_account_creds_jwt_encode_and_sign(
335 const grpc_auth_json_key* key) {
336 return grpc_jwt_encode_and_sign(key, GRPC_JWT_OAUTH2_AUDIENCE,
337 grpc_max_auth_token_lifetime(), test_scope);
338 }
339
jwt_creds_jwt_encode_and_sign(const grpc_auth_json_key * key)340 static char* jwt_creds_jwt_encode_and_sign(const grpc_auth_json_key* key) {
341 return grpc_jwt_encode_and_sign(key, test_service_url,
342 grpc_max_auth_token_lifetime(), nullptr);
343 }
344
service_account_creds_check_jwt_claim(const Json & claim)345 static void service_account_creds_check_jwt_claim(const Json& claim) {
346 check_jwt_claim(claim, GRPC_JWT_OAUTH2_AUDIENCE, test_scope);
347 }
348
jwt_creds_check_jwt_claim(const Json & claim)349 static void jwt_creds_check_jwt_claim(const Json& claim) {
350 check_jwt_claim(claim, test_service_url, nullptr);
351 }
352
test_jwt_encode_and_sign(char * (* jwt_encode_and_sign_func)(const grpc_auth_json_key *),void (* check_jwt_claim_func)(const Json &))353 static void test_jwt_encode_and_sign(
354 char* (*jwt_encode_and_sign_func)(const grpc_auth_json_key*),
355 void (*check_jwt_claim_func)(const Json&)) {
356 char* json_string = test_json_key_str(nullptr);
357 grpc_auth_json_key json_key =
358 grpc_auth_json_key_create_from_string(json_string);
359 const char* b64_signature;
360 size_t offset = 0;
361 char* jwt = jwt_encode_and_sign_func(&json_key);
362 const char* dot = strchr(jwt, '.');
363 ASSERT_NE(dot, nullptr);
364 Json parsed_header =
365 parse_json_part_from_jwt(jwt, static_cast<size_t>(dot - jwt));
366 ASSERT_EQ(parsed_header.type(), Json::Type::kObject);
367 check_jwt_header(parsed_header);
368 offset = static_cast<size_t>(dot - jwt) + 1;
369
370 dot = strchr(jwt + offset, '.');
371 ASSERT_NE(dot, nullptr);
372 Json parsed_claim = parse_json_part_from_jwt(
373 jwt + offset, static_cast<size_t>(dot - (jwt + offset)));
374 ASSERT_EQ(parsed_claim.type(), Json::Type::kObject);
375 check_jwt_claim_func(parsed_claim);
376 offset = static_cast<size_t>(dot - jwt) + 1;
377
378 dot = strchr(jwt + offset, '.');
379 ASSERT_EQ(dot, nullptr); // no more part.
380 b64_signature = jwt + offset;
381 check_jwt_signature(b64_signature, json_key.private_key, jwt, offset - 1);
382
383 gpr_free(json_string);
384 grpc_auth_json_key_destruct(&json_key);
385 gpr_free(jwt);
386 }
387
TEST(JsonTokenTest,ServiceAccountCredsJwtEncodeAndSign)388 TEST(JsonTokenTest, ServiceAccountCredsJwtEncodeAndSign) {
389 test_jwt_encode_and_sign(service_account_creds_jwt_encode_and_sign,
390 service_account_creds_check_jwt_claim);
391 }
392
TEST(JsonTokenTest,JwtCredsJwtEncodeAndSign)393 TEST(JsonTokenTest, JwtCredsJwtEncodeAndSign) {
394 test_jwt_encode_and_sign(jwt_creds_jwt_encode_and_sign,
395 jwt_creds_check_jwt_claim);
396 }
397
TEST(JsonTokenTest,ParseRefreshTokenSuccess)398 TEST(JsonTokenTest, ParseRefreshTokenSuccess) {
399 grpc_auth_refresh_token refresh_token =
400 grpc_auth_refresh_token_create_from_string(test_refresh_token_str);
401 ASSERT_TRUE(grpc_auth_refresh_token_is_valid(&refresh_token));
402 ASSERT_TRUE(refresh_token.type != nullptr &&
403 (strcmp(refresh_token.type, "authorized_user") == 0));
404 ASSERT_TRUE(refresh_token.client_id != nullptr &&
405 (strcmp(refresh_token.client_id,
406 "32555999999.apps.googleusercontent.com") == 0));
407 ASSERT_TRUE(
408 refresh_token.client_secret != nullptr &&
409 (strcmp(refresh_token.client_secret, "EmssLNjJy1332hD4KFsecret") == 0));
410 ASSERT_TRUE(refresh_token.refresh_token != nullptr &&
411 (strcmp(refresh_token.refresh_token,
412 "1/Blahblasj424jladJDSGNf-u4Sua3HDA2ngjd42") == 0));
413 grpc_auth_refresh_token_destruct(&refresh_token);
414 }
415
TEST(JsonTokenTest,ParseRefreshTokenFailureNoType)416 TEST(JsonTokenTest, ParseRefreshTokenFailureNoType) {
417 const char refresh_token_str[] =
418 "{ \"client_id\": \"32555999999.apps.googleusercontent.com\","
419 " \"client_secret\": \"EmssLNjJy1332hD4KFsecret\","
420 " \"refresh_token\": \"1/Blahblasj424jladJDSGNf-u4Sua3HDA2ngjd42\"}";
421 grpc_auth_refresh_token refresh_token =
422 grpc_auth_refresh_token_create_from_string(refresh_token_str);
423 ASSERT_FALSE(grpc_auth_refresh_token_is_valid(&refresh_token));
424 }
425
TEST(JsonTokenTest,ParseRefreshTokenFailureNoClientId)426 TEST(JsonTokenTest, ParseRefreshTokenFailureNoClientId) {
427 const char refresh_token_str[] =
428 "{ \"client_secret\": \"EmssLNjJy1332hD4KFsecret\","
429 " \"refresh_token\": \"1/Blahblasj424jladJDSGNf-u4Sua3HDA2ngjd42\","
430 " \"type\": \"authorized_user\"}";
431 grpc_auth_refresh_token refresh_token =
432 grpc_auth_refresh_token_create_from_string(refresh_token_str);
433 ASSERT_FALSE(grpc_auth_refresh_token_is_valid(&refresh_token));
434 }
435
TEST(JsonTokenTest,ParseRefreshTokenFailureNoClientSecret)436 TEST(JsonTokenTest, ParseRefreshTokenFailureNoClientSecret) {
437 const char refresh_token_str[] =
438 "{ \"client_id\": \"32555999999.apps.googleusercontent.com\","
439 " \"refresh_token\": \"1/Blahblasj424jladJDSGNf-u4Sua3HDA2ngjd42\","
440 " \"type\": \"authorized_user\"}";
441 grpc_auth_refresh_token refresh_token =
442 grpc_auth_refresh_token_create_from_string(refresh_token_str);
443 ASSERT_FALSE(grpc_auth_refresh_token_is_valid(&refresh_token));
444 }
445
TEST(JsonTokenTest,ParseRefreshTokenFailureNoRefreshToken)446 TEST(JsonTokenTest, ParseRefreshTokenFailureNoRefreshToken) {
447 const char refresh_token_str[] =
448 "{ \"client_id\": \"32555999999.apps.googleusercontent.com\","
449 " \"client_secret\": \"EmssLNjJy1332hD4KFsecret\","
450 " \"type\": \"authorized_user\"}";
451 grpc_auth_refresh_token refresh_token =
452 grpc_auth_refresh_token_create_from_string(refresh_token_str);
453 ASSERT_FALSE(grpc_auth_refresh_token_is_valid(&refresh_token));
454 }
455
main(int argc,char ** argv)456 int main(int argc, char** argv) {
457 grpc::testing::TestEnvironment env(&argc, argv);
458 ::testing::InitGoogleTest(&argc, argv);
459 grpc::testing::TestGrpcScope grpc_scope;
460 return RUN_ALL_TESTS();
461 }
462