#17328 (comment) .
Seeing a lot of JWT Grant issues in the System Tests. I suspect a key has expired or something similar.
__________________________ test_iam_signer[requests] ___________________________
http_request =
credentials =
def test_iam_signer(http_request, credentials):
credentials = credentials.with_scopes(
["https://www.googleapis.com/auth/iam"]
)
# Verify iamcredentials signer.
signer = iam.Signer(
http_request,
credentials,
credentials.service_account_email
)
> signed_blob = signer.sign("message")
system_tests_sync/test_service_account.py:61:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
../google/auth/iam.py:142: in sign
response = self._make_signing_request(message)
../google/auth/iam.py:115: in _make_signing_request
self._credentials.before_request(self._request, method, url, headers)
../google/auth/credentials.py:469: in before_request
self._blocking_refresh(request)
../google/auth/credentials.py:203: in _blocking_refresh
self.refresh(request)
../google/auth/credentials.py:482: in refresh
self._perform_refresh_token(request)
../google/oauth2/service_account.py:460: in _perform_refresh_token
access_token, expiry, _ = _client.jwt_grant(
../google/oauth2/_client.py:307: in jwt_grant
response_data = _token_endpoint_request(
../google/oauth2/_client.py:278: in _token_endpoint_request
_handle_error_response(response_data, retryable_error)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
response_data = {'error': 'invalid_grant', 'error_description': 'Invalid JWT Signature.'}
retryable_error = False
def _handle_error_response(response_data, retryable_error):
"""Translates an error response into an exception.
Args:
response_data (Mapping | str): The decoded response data.
retryable_error Optional[bool]: A boolean indicating if an error is retryable.
Defaults to False.
Raises:
google.auth.exceptions.RefreshError: The errors contained in response_data.
"""
retryable_error = retryable_error if retryable_error else False
if isinstance(response_data, str):
raise exceptions.RefreshError(response_data, retryable=retryable_error)
try:
error_details = "{}: {}".format(
response_data["error"], response_data.get("error_description")
)
# If no details could be extracted, use the response data.
except (KeyError, ValueError):
error_details = json.dumps(response_data)
> raise exceptions.RefreshError(
error_details, response_data, retryable=retryable_error
)
E google.auth.exceptions.RefreshError: ('invalid_grant: Invalid JWT Signature.', {'error': 'invalid_grant', 'error_description': 'Invalid JWT Signature.'})
Originally posted by @chalmerlowe in #17328 (comment)
Reactions are currently unavailable
#17328 (comment) .
Originally posted by @chalmerlowe in #17328 (comment)