googleapis
diff --git a/‎[refs]‎
Lines changed: 1 addition & 1 deletion b/‎[refs]‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎branches/logging-alpha/gcloud-java-bigquery/src/main/java/com/google/gcloud/bigquery/Job.java‎
Lines changed: 9 additions & 6 deletions b/‎branches/logging-alpha/gcloud-java-bigquery/src/main/java/com/google/gcloud/bigquery/Job.java‎
Lines changed: 9 additions & 6 deletions
diff --git a/‎branches/logging-alpha/gcloud-java-bigquery/src/test/java/com/google/gcloud/bigquery/JobTest.java‎
Lines changed: 1 addition & 1 deletion b/‎branches/logging-alpha/gcloud-java-bigquery/src/test/java/com/google/gcloud/bigquery/JobTest.java‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎branches/logging-alpha/gcloud-java-core/src/main/java/com/google/gcloud/AuthCredentials.java‎
Lines changed: 94 additions & 10 deletions b/‎branches/logging-alpha/gcloud-java-core/src/main/java/com/google/gcloud/AuthCredentials.java‎
Lines changed: 94 additions & 10 deletions
diff --git a/‎branches/logging-alpha/gcloud-java-core/src/main/java/com/google/gcloud/ServiceAccountSigner.java‎
Lines changed: 67 additions & 0 deletions b/‎branches/logging-alpha/gcloud-java-core/src/main/java/com/google/gcloud/ServiceAccountSigner.java‎
Lines changed: 67 additions & 0 deletions
@@ -12,7 +12,7 @@ refs/heads/compute-alpha: 969cba2627f1d53d352cc4a5ffe0879dacf65e6c
 refs/heads/dns-alpha: 2f90e7e338349287ace33375896907af0f032ca1
 refs/heads/dns-alpha-batch: 17442b07867021b85d0452f5f3eda29a3413288f
 refs/heads/gcs-nio: 283aeaf15efdcf3621eb6859f05e55ad7764375d
-refs/heads/logging-alpha: b29df666b81d8d3045d95c4a8633002fe0136d2e
+refs/heads/logging-alpha: 804d44785aa5ff1c3d6654dbb57a56f8ee81b2af
 refs/tags/v0.1.0: a615317f7424ed58621b1f65d5c4d8cbbe8a6ed8
 refs/tags/v0.1.1: 7a7f6985fe465e9dd6a075af55493f42b4933be0
 refs/tags/v0.1.2: 3eb3fe866ba22487686048f45d927b8c8638ea3f
 
@@ -128,19 +128,22 @@ public boolean exists() {
 
   /**
    * Checks if this job has completed its execution, either failing or succeeding. If the job does
-   * not exist this method returns {@code true}. You can wait for job completion with:
+   * not exist this method returns {@code false}. To correctly wait for job's completion check that
+   * the job exists first, using {@link #exists()}:
    * <pre> {@code
-   * while(!job.isDone()) {
-   *   Thread.sleep(1000L);
+   * if (job.exists()) {
+   *   while(!job.isDone()) {
+   *     Thread.sleep(1000L);
+   *   }
    * }}</pre>
    *
-   * @return {@code true} if this job is in {@link JobStatus.State#DONE} state or if it does not
-   *     exist, {@code false} if the state is not {@link JobStatus.State#DONE}
+   * @return {@code true} if this job is in {@link JobStatus.State#DONE} state, {@code false} if the
+   *     state is not {@link JobStatus.State#DONE} or the job does not exist
    * @throws BigQueryException upon failure
    */
   public boolean isDone() {
     Job job = bigquery.getJob(jobId(), BigQuery.JobOption.fields(BigQuery.JobField.STATUS));
-    return job == null || job.status().state() == JobStatus.State.DONE;
+    return job != null && job.status().state() == JobStatus.State.DONE;
   }
 
   /**
 
@@ -172,7 +172,7 @@ public void testIsDone_NotExists() throws Exception {
     expect(bigquery.getJob(JOB_INFO.jobId(), expectedOptions)).andReturn(null);
     replay(bigquery);
     initializeJob();
-    assertTrue(job.isDone());
+    assertFalse(job.isDone());
   }
 
   @Test
 
@@ -25,8 +25,13 @@
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.Serializable;
+import java.lang.reflect.InvocationTargetException;
 import java.lang.reflect.Method;
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
 import java.security.PrivateKey;
+import java.security.Signature;
+import java.security.SignatureException;
 import java.util.Collection;
 import java.util.Objects;
 
@@ -35,16 +40,26 @@
  */
 public abstract class AuthCredentials implements Restorable<AuthCredentials> {
 
-  private static class AppEngineAuthCredentials extends AuthCredentials {
+  /**
+   * Represents built-in credentials when running in Google App Engine.
+   */
+  public static class AppEngineAuthCredentials extends AuthCredentials
+      implements ServiceAccountSigner {
 
     private static final AuthCredentials INSTANCE = new AppEngineAuthCredentials();
     private static final AppEngineAuthCredentialsState STATE = new AppEngineAuthCredentialsState();
 
-    private static class AppEngineCredentials extends GoogleCredentials {
+    private AppEngineCredentials credentials;
+
+    private static class AppEngineCredentials extends GoogleCredentials
+        implements ServiceAccountSigner {
 
       private final Object appIdentityService;
+      private final String account;
       private final Method getAccessToken;
       private final Method getAccessTokenResult;
+      private final Method signForApp;
+      private final Method getSignature;
       private final Collection<String> scopes;
 
       AppEngineCredentials() {
@@ -59,6 +74,12 @@ private static class AppEngineCredentials extends GoogleCredentials {
               "com.google.appengine.api.appidentity.AppIdentityService$GetAccessTokenResult");
           this.getAccessTokenResult = serviceClass.getMethod("getAccessToken", Iterable.class);
           this.getAccessToken = tokenResultClass.getMethod("getAccessToken");
+          this.account = (String) serviceClass.getMethod("getServiceAccountName")
+              .invoke(appIdentityService);
+          this.signForApp = serviceClass.getMethod("signForApp", byte[].class);
+          Class<?> signingResultClass = Class.forName(
+              "com.google.appengine.api.appidentity.AppIdentityService$SigningResult");
+          this.getSignature = signingResultClass.getMethod("getSignature");
           this.scopes = null;
         } catch (Exception e) {
           throw new RuntimeException("Could not create AppEngineCredentials.", e);
@@ -69,11 +90,14 @@ private static class AppEngineCredentials extends GoogleCredentials {
         this.appIdentityService = unscoped.appIdentityService;
         this.getAccessToken = unscoped.getAccessToken;
         this.getAccessTokenResult = unscoped.getAccessTokenResult;
+        this.account = unscoped.account;
+        this.signForApp = unscoped.signForApp;
+        this.getSignature = unscoped.getSignature;
         this.scopes = scopes;
       }
 
       /**
-       * Refresh the access token by getting it from the App Identity service
+       * Refresh the access token by getting it from the App Identity service.
        */
       @Override
       public AccessToken refreshAccessToken() throws IOException {
@@ -98,6 +122,21 @@ public boolean createScopedRequired() {
       public GoogleCredentials createScoped(Collection<String> scopes) {
         return new AppEngineCredentials(scopes, this);
       }
+
+      @Override
+      public String account() {
+        return account;
+      }
+
+      @Override
+      public byte[] sign(byte[] toSign) {
+        try {
+          Object signingResult = signForApp.invoke(appIdentityService, (Object) toSign);
+          return (byte[]) getSignature.invoke(signingResult);
+        } catch (IllegalAccessException | IllegalArgumentException | InvocationTargetException ex) {
+          throw new SigningException("Failed to sign the provided bytes", ex);
+        }
+      }
     }
 
     private static class AppEngineAuthCredentialsState
@@ -122,14 +161,27 @@ public boolean equals(Object obj) {
     }
 
     @Override
-    public GoogleCredentials credentials() {
-      return new AppEngineCredentials();
+    public AppEngineCredentials credentials() {
+      if (credentials == null) {
+        credentials = new AppEngineCredentials();
+      }
+      return credentials;
     }
 
     @Override
     public RestorableState<AuthCredentials> capture() {
       return STATE;
     }
+
+    @Override
+    public String account() {
+      return credentials().account();
+    }
+
+    @Override
+    public byte[] sign(byte[] toSign) {
+      return credentials().sign(toSign);
+    }
   }
 
   /**
@@ -138,8 +190,10 @@ public RestorableState<AuthCredentials> capture() {
    * @see <a href="https://cloud.google.com/docs/authentication#user_accounts_and_service_accounts">
    *     User accounts and service accounts</a>
    */
-  public static class ServiceAccountAuthCredentials extends AuthCredentials {
+  public static class ServiceAccountAuthCredentials extends AuthCredentials
+      implements ServiceAccountSigner {
 
+    private final ServiceAccountCredentials credentials;
     private final String account;
     private final PrivateKey privateKey;
 
@@ -178,23 +232,44 @@ public boolean equals(Object obj) {
     }
 
     ServiceAccountAuthCredentials(String account, PrivateKey privateKey) {
-      this.account = checkNotNull(account);
-      this.privateKey = checkNotNull(privateKey);
+      this(new ServiceAccountCredentials(null, account, privateKey, null, null));
+    }
+
+    ServiceAccountAuthCredentials(ServiceAccountCredentials credentials) {
+      this.credentials = checkNotNull(credentials);
+      this.account = checkNotNull(credentials.getClientEmail());
+      this.privateKey = checkNotNull(credentials.getPrivateKey());
     }
 
     @Override
     public ServiceAccountCredentials credentials() {
-      return new ServiceAccountCredentials(null, account, privateKey, null, null);
+      return credentials;
     }
 
+    @Override
     public String account() {
       return account;
     }
 
+    /**
+     * Returns the private key associated with the service account credentials.
+     */
     public PrivateKey privateKey() {
       return privateKey;
     }
 
+    @Override
+    public byte[] sign(byte[] toSign) {
+      try {
+        Signature signer = Signature.getInstance("SHA256withRSA");
+        signer.initSign(privateKey());
+        signer.update(toSign);
+        return signer.sign();
+      } catch (NoSuchAlgorithmException | InvalidKeyException | SignatureException ex) {
+        throw new SigningException("Failed to sign the provided bytes", ex);
+      }
+    }
+
     @Override
     public RestorableState<AuthCredentials> capture() {
       return new ServiceAccountAuthCredentialsState(account, privateKey);
@@ -242,6 +317,10 @@ public boolean equals(Object obj) {
       }
     }
 
+    ApplicationDefaultAuthCredentials(GoogleCredentials credentials) {
+      googleCredentials = credentials;
+    }
+
     ApplicationDefaultAuthCredentials() throws IOException {
       googleCredentials = GoogleCredentials.getApplicationDefault();
     }
@@ -320,7 +399,12 @@ public static AuthCredentials createForAppEngine() {
    * @throws IOException if the credentials cannot be created in the current environment
    */
   public static AuthCredentials createApplicationDefaults() throws IOException {
-    return new ApplicationDefaultAuthCredentials();
+    GoogleCredentials credentials = GoogleCredentials.getApplicationDefault();
+    if (credentials instanceof ServiceAccountCredentials) {
+      ServiceAccountCredentials serviceAccountCredentials = (ServiceAccountCredentials) credentials;
+      return new ServiceAccountAuthCredentials(serviceAccountCredentials);
+    }
+    return new ApplicationDefaultAuthCredentials(credentials);
   }
 
   /**
 
@@ -0,0 +1,67 @@
+/*
+ * Copyright 2016 Google Inc. All Rights Reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.gcloud;
+
+import java.util.Objects;
+
+/**
+ * Interface for a service account signer. A signer for a service account is capable of signing
+ * bytes using the private key associated with its service account.
+ */
+public interface ServiceAccountSigner {
+
+  class SigningException extends RuntimeException {
+
+    private static final long serialVersionUID = 8962780757822799255L;
+
+    SigningException(String message, Exception cause) {
+      super(message, cause);
+    }
+
+    @Override
+    public boolean equals(Object obj) {
+      if (obj == this) {
+        return true;
+      }
+      if (!(obj instanceof SigningException)) {
+        return false;
+      }
+      SigningException other = (SigningException) obj;
+      return Objects.equals(getCause(), other.getCause())
+          && Objects.equals(getMessage(), other.getMessage());
+    }
+
+    @Override
+    public int hashCode() {
+      return Objects.hash(getMessage(), getCause());
+    }
+  }
+
+  /**
+   * Returns the service account associated with the signer.
+   */
+  String account();
+
+  /**
+   * Signs the provided bytes using the private key associated with the service account.
+   *
+   * @param toSign bytes to sign
+   * @return signed bytes
+   * @throws SigningException if the attempt to sign the provided bytes failed
+   */
+  byte[] sign(byte[] toSign);
+}
Original file line number	Diff line number	Diff line change
`@@ -172,7 +172,7 @@ public void testIsDone_NotExists() throws Exception {`
`172`	`172`	`expect(bigquery.getJob(JOB_INFO.jobId(), expectedOptions)).andReturn(null);`
`173`	`173`	`replay(bigquery);`
`174`	`174`	`initializeJob();`
`175`		`- assertTrue(job.isDone());`
	`175`	`+ assertFalse(job.isDone());`
`176`	`176`	`}`
`177`	`177`
`178`	`178`	`@Test`