Addressing review comments.

Author: dhermes

oauth2client/_pure_python_crypt.py

@@ -94,15 +94,15 @@ def verify(self, message, signature):
 
     @classmethod
     def from_string(cls, key_pem, is_x509_cert):
-        """Construct a Verified instance from a string.
+        """Construct an RsaVerifier instance from a string.
 
         Args:
             key_pem: string, public key in PEM format.
             is_x509_cert: bool, True if key_pem is an X509 cert, otherwise it
                           is expected to be an RSA key in PEM format.
 
         Returns:
-            Verifier instance.
+            RsaVerifier instance.
 
         Raises:
             ValueError: if the key_pem can't be parsed. In either case, error
@@ -150,18 +150,19 @@ def sign(self, message):
 
     @classmethod
     def from_string(cls, key, password='notasecret'):
-        """Construct a Signer instance from a string.
+        """Construct an RsaSigner instance from a string.
 
         Args:
             key: string, private key in PEM format.
             password: string, password for private key file. Unused for PEM
                       files.
 
         Returns:
-            Signer instance.
+            RsaSigner instance.
 
         Raises:
-            NotImplementedError if the key isn't in PEM format.
+            ValueError if the key cannot be parsed as PKCS#1 or PKCS#8 in
+            PEM format.
         """
         key = _from_bytes(key)  # pem expects str in Py3
         marker_id, key_bytes = pem.readPemBlocksFromFile(

oauth2client/service_account.py

@@ -134,10 +134,6 @@ class ServiceAccountCredentials(AssertionCredentials):
                             will be ``foo.apps.googleusercontent.com``.
         user_agent: string, (Optional) User agent to use when sending
                     request.
-        _token_uri: string, (Optional) The URI to use when requesting an
-                    access token.
-        _revoke_uri: string, (Optional) The URI to use when revoking an
-                     access token.
         kwargs: dict, Extra key-value pairs (both strings) to send in the
                 payload body when making an assertion.
 
@@ -167,13 +163,10 @@ def __init__(self,
                  private_key_id=None,
                  service_account_id=None,
                  user_agent=None,
-                 _token_uri=GOOGLE_TOKEN_URI,
-                 _revoke_uri=GOOGLE_REVOKE_URI,
                  **kwargs):
 
         super(ServiceAccountCredentials, self).__init__(
-            None, user_agent=user_agent, token_uri=_token_uri,
-            revoke_uri=_revoke_uri)
+            None, user_agent=user_agent)
 
         self._service_account_email = service_account_email
         self._private_key_pkcs8_pem = private_key_pkcs8_pem
@@ -325,12 +318,12 @@ def from_json(cls, json_str):
             private_key_id=data['_private_key_id'],
             service_account_id=data['_service_account_id'],
             user_agent=data['_user_agent'],
-            _token_uri=data['token_uri'],
-            _revoke_uri=data['revoke_uri'],
             **data['_kwargs']
         )
         credentials.invalid = data['invalid']
         credentials.access_token = data['access_token']
+        credentials.token_uri = data['token_uri']
+        credentials.revoke_uri = data['revoke_uri']
         token_expiry = data.get('token_expiry', None)
         if token_expiry is not None:
             credentials.token_expiry = datetime.datetime.strptime(