fix: missing expiration_time field isn't a problem for executables

Change-Id: Ib19e3d9dcd8a4c41afebf2a1fb97429617eef86b
GitHub-Last-Rev: 96eb234
GitHub-Pull-Request: #576
Reviewed-on: https://go-review.googlesource.com/c/oauth2/+/418434
Reviewed-by: Leo Siracusa <leosiracusa@google.com>
Run-TryBot: Cody Oss <codyoss@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Cody Oss <codyoss@google.com>

Author: ScruffyProdigy

google/internal/externalaccount/executablecredsource.go

@@ -178,7 +178,7 @@ type executableResponse struct {
 	Message        string `json:"message,omitempty"`
 }
 
-func parseSubjectTokenFromSource(response []byte, source string, now int64) (string, error) {
+func (cs executableCredentialSource) parseSubjectTokenFromSource(response []byte, source string, now int64) (string, error) {
 	var result executableResponse
 	if err := json.Unmarshal(response, &result); err != nil {
 		return "", jsonParsingError(source, string(response))
@@ -203,15 +203,15 @@ func parseSubjectTokenFromSource(response []byte, source string, now int64) (str
 		return "", unsupportedVersionError(source, result.Version)
 	}
 
-	if result.ExpirationTime == 0 {
+	if result.ExpirationTime == 0 && cs.OutputFile != "" {
 		return "", missingFieldError(source, "expiration_time")
 	}
 
 	if result.TokenType == "" {
 		return "", missingFieldError(source, "token_type")
 	}
 
-	if result.ExpirationTime < now {
+	if result.ExpirationTime != 0 && result.ExpirationTime < now {
 		return "", tokenExpiredError()
 	}
 
@@ -259,7 +259,7 @@ func (cs executableCredentialSource) getTokenFromOutputFile() (token string, err
 		return "", nil
 	}
 
-	token, err = parseSubjectTokenFromSource(data, outputFileSource, cs.env.now().Unix())
+	token, err = cs.parseSubjectTokenFromSource(data, outputFileSource, cs.env.now().Unix())
 	if err != nil {
 		if _, ok := err.(nonCacheableError); ok {
 			// If the cached token is expired we need a new token,
@@ -304,5 +304,5 @@ func (cs executableCredentialSource) getTokenFromExecutableCommand() (string, er
 	if err != nil {
 		return "", err
 	}
-	return parseSubjectTokenFromSource(output, executableSource, cs.env.now().Unix())
+	return cs.parseSubjectTokenFromSource(output, executableSource, cs.env.now().Unix())
 }

google/internal/externalaccount/executablecredsource_test.go

@@ -388,19 +388,6 @@ var failureTests = []struct {
 		expectedErr: missingFieldError(executableSource, "token_type"),
 	},
 
-	{
-		name: "Missing Expiration",
-		testEnvironment: testEnvironment{
-			envVars: executablesAllowed,
-			jsonResponse: &executableResponse{
-				Success:   Bool(true),
-				Version:   1,
-				TokenType: "urn:ietf:params:oauth:token-type:jwt",
-			},
-		},
-		expectedErr: missingFieldError(executableSource, "expiration_time"),
-	},
-
 	{
 		name: "Token Expired",
 		testEnvironment: testEnvironment{
@@ -564,6 +551,19 @@ var successTests = []struct {
 			},
 		},
 	},
+
+	{
+		name: "Missing Expiration",
+		testEnvironment: testEnvironment{
+			envVars: executablesAllowed,
+			jsonResponse: &executableResponse{
+				Success:   Bool(true),
+				Version:   1,
+				TokenType: "urn:ietf:params:oauth:token-type:jwt",
+				IdToken:   "tokentokentoken",
+			},
+		},
+	},
 }
 
 func TestRetrieveExecutableSubjectTokenSuccesses(t *testing.T) {