Fix socket leak in impersonated_credentials

impersonated_credentials.Credentials.sign_bytes() created a session that wasn't closed leaking a socket. This fixes the issue by always closing the requests session after a signing request is complete. Fixes #1122
googleapis · Aug 26, 2022 · ac64264 · ac64264
1 parent bb5c979
commit ac64264
Showing 1 changed file with 6 additions and 3 deletions.
diff --git a/google/auth/impersonated_credentials.py b/google/auth/impersonated_credentials.py
@@ -288,9 +288,12 @@ def sign_bytes(self, message):
 
         authed_session = AuthorizedSession(self._source_credentials)
 
-        response = authed_session.post(
-            url=iam_sign_endpoint, headers=headers, json=body
-        )
+        try:
+            response = authed_session.post(
+                url=iam_sign_endpoint, headers=headers, json=body
+            )
+        finally:
+            authed_session.close()
 
         if response.status_code != http_client.OK:
             raise exceptions.TransportError(