test(auth): Assert IOException on invalid or malformed private keys#13486
test(auth): Assert IOException on invalid or malformed private keys#13486westarle wants to merge 1 commit into
Conversation
This commit adds edge-case parsing tests in OAuth2UtilsTest.java to verify that providing an invalid private key or a structurally malformed PEM string safely triggers an IOException (e.g., 'Invalid PKCS#8 data.') rather than causing unexpected crashes. This brings the Java library's test suite into alignment with the expected auth specification. Other Google Cloud client libraries like Go, Node.js, and Python natively assert that invalid cryptographic key formats are gracefully caught and surfaced as validation errors.
There was a problem hiding this comment.
Code Review
This pull request adds unit tests to OAuth2UtilsTest to verify that OAuth2Utils.privateKeyFromPkcs8 correctly throws an exception when handled with invalid or malformed keys. The review feedback suggests a minor improvement to import java.io.IOException and use IOException.class directly in the assertions rather than using the fully qualified class name, which will make the test code cleaner and more idiomatic.
| String invalidKey = "-----BEGIN PRIVATE KEY-----\n" + | ||
| "INVALID_KEY_DATA\n" + | ||
| "-----END PRIVATE KEY-----\n"; | ||
| assertThrows(java.io.IOException.class, () -> OAuth2Utils.privateKeyFromPkcs8(invalidKey)); |
There was a problem hiding this comment.
Avoid using the fully qualified class name java.io.IOException.class. It is cleaner and more idiomatic to import java.io.IOException and use IOException.class directly.
| assertThrows(java.io.IOException.class, () -> OAuth2Utils.privateKeyFromPkcs8(invalidKey)); | |
| assertThrows(IOException.class, () -> OAuth2Utils.privateKeyFromPkcs8(invalidKey)); |
| @Test | ||
| void testPrivateKeyFromPkcs8_malformedPem() { | ||
| String malformedKey = "just some random string"; | ||
| assertThrows(java.io.IOException.class, () -> OAuth2Utils.privateKeyFromPkcs8(malformedKey)); |
There was a problem hiding this comment.
Avoid using the fully qualified class name java.io.IOException.class. It is cleaner and more idiomatic to import java.io.IOException and use IOException.class directly.
| assertThrows(java.io.IOException.class, () -> OAuth2Utils.privateKeyFromPkcs8(malformedKey)); | |
| assertThrows(IOException.class, () -> OAuth2Utils.privateKeyFromPkcs8(malformedKey)); |
This commit adds edge-case parsing tests in OAuth2UtilsTest.java to verify that providing an invalid private key or a structurally malformed PEM string safely triggers an IOException (e.g., 'Invalid PKCS#8 data.') rather than causing unexpected crashes.
This brings the Java library's test suite into alignment with the expected auth specification. Other Google Cloud client libraries like Go, Node.js, and Python natively assert that invalid cryptographic key formats are gracefully caught and surfaced as validation errors.