Expose Project ID from service account credentials (#187)

hiranya911 · Jon Wayne Parrott · commit 6a3f0ec79bf4 · 2017-08-10T09:11:02.000-07:00
diff --git a/google/oauth2/service_account.py b/google/oauth2/service_account.py
@@ -117,7 +117,7 @@ class Credentials(credentials.Signing,
     """
 
     def __init__(self, signer, service_account_email, token_uri, scopes=None,
-                 subject=None, additional_claims=None):
+                 subject=None, project_id=None, additional_claims=None):
         """
         Args:
             signer (google.auth.crypt.Signer): The signer used to sign JWTs.
@@ -127,6 +127,8 @@ def __init__(self, signer, service_account_email, token_uri, scopes=None,
             token_uri (str): The OAuth 2.0 Token URI.
             subject (str): For domain-wide delegation, the email address of the
                 user to for which to request delegated access.
+            project_id  (str): Project ID associated with the service account
+                credential.
             additional_claims (Mapping[str, str]): Any additional claims for
                 the JWT assertion used in the authorization grant.
 
@@ -141,6 +143,7 @@ def __init__(self, signer, service_account_email, token_uri, scopes=None,
         self._signer = signer
         self._service_account_email = service_account_email
         self._subject = subject
+        self._project_id = project_id
         self._token_uri = token_uri
 
         if additional_claims is not None:
@@ -167,7 +170,8 @@ def _from_signer_and_info(cls, signer, info, **kwargs):
         return cls(
             signer,
             service_account_email=info['client_email'],
-            token_uri=info['token_uri'], **kwargs)
+            token_uri=info['token_uri'],
+            project_id=info.get('project_id'), **kwargs)
 
     @classmethod
     def from_service_account_info(cls, info, **kwargs):
@@ -210,6 +214,11 @@ def service_account_email(self):
         """The service account email."""
         return self._service_account_email
 
+    @property
+    def project_id(self):
+        """Project ID associated with this credential."""
+        return self._project_id
+
     @property
     def requires_scopes(self):
         """Checks if the credentials requires scopes.
@@ -227,6 +236,7 @@ def with_scopes(self, scopes):
             scopes=scopes,
             token_uri=self._token_uri,
             subject=self._subject,
+            project_id=self._project_id,
             additional_claims=self._additional_claims.copy())
 
     def with_subject(self, subject):
@@ -245,6 +255,7 @@ def with_subject(self, subject):
             scopes=self._scopes,
             token_uri=self._token_uri,
             subject=subject,
+            project_id=self._project_id,
             additional_claims=self._additional_claims.copy())
 
     def with_claims(self, additional_claims):
@@ -268,6 +279,7 @@ def with_claims(self, additional_claims):
             scopes=self._scopes,
             token_uri=self._token_uri,
             subject=self._subject,
+            project_id=self._project_id,
             additional_claims=new_additional_claims)
 
     def _make_authorization_grant_assertion(self):
diff --git a/tests/oauth2/test_service_account.py b/tests/oauth2/test_service_account.py
@@ -74,6 +74,7 @@ def test_from_service_account_info_args(self):
             additional_claims=additional_claims)
 
         assert credentials.service_account_email == info['client_email']
+        assert credentials.project_id == info['project_id']
         assert credentials._signer.key_id == info['private_key_id']
         assert credentials._token_uri == info['token_uri']
         assert credentials._scopes == scopes
@@ -87,6 +88,7 @@ def test_from_service_account_file(self):
             SERVICE_ACCOUNT_JSON_FILE)
 
         assert credentials.service_account_email == info['client_email']
+        assert credentials.project_id == info['project_id']
         assert credentials._signer.key_id == info['private_key_id']
         assert credentials._token_uri == info['token_uri']
 
@@ -101,6 +103,7 @@ def test_from_service_account_file_args(self):
             scopes=scopes, additional_claims=additional_claims)
 
         assert credentials.service_account_email == info['client_email']
+        assert credentials.project_id == info['project_id']
         assert credentials._signer.key_id == info['private_key_id']
         assert credentials._token_uri == info['token_uri']
         assert credentials._scopes == scopes
