chore: migrate google-auth-library-java to monorepo#12186
Open
chore: migrate google-auth-library-java to monorepo#12186
Conversation
…47.0 (#1510) Co-authored-by: Lawrence Qiu <lawrenceqiu@google.com>
…onfig to v1.11.2 (#1511)
) * add api key credential * add no op * formatting fix * added tests for ApiKeyCredentials * formatting fix * added java docs * formatting fix * added error checking * removed PreCondition dependency * fixed * import * updated authenticationType to API-Key * updated to use assertThrows + expanded java docs
…ts`. (#1456) Co-authored-by: Lawrence Qiu <lawrenceqiu@google.com>
Co-authored-by: release-please[bot] <55107282+release-please[bot]@users.noreply.github.com> Co-authored-by: Lawrence Qiu <lawrenceqiu@google.com>
Co-authored-by: release-please[bot] <55107282+release-please[bot]@users.noreply.github.com>
…uth2-http to v1.27.0 (#1514) Co-authored-by: Lawrence Qiu <lawrenceqiu@google.com>
…tations to v2.33.0 (#1518)
…-plugin to v3.10.1 (#1519)
…onfig to v1.11.3 (#1520)
context: b/339259830 and [go/send-auth-metrics-java](http://goto.google.com/send-auth-metrics-java) Changes include: - expose `Credentials` type via `getMetricsCredentialType()`. Override this method for UserCredentials, ServiceAccountCredentials, ImpersonatedCredentials, and ComputeEngineCredentials. This is used in both token request and token usage flows. - add metric headers for each of the in-scope token requests. Below are examples of each request flow with added metrics: - User credentials request (at/id): “gl-java/19.0.1 auth/1.24.3 cred-type/u” - SA credentials, VM credentials or Impersonated credentials requests (at/id): “gl-java/19.0.1 auth/1.24.3 auth-request-type/at cred-type/sa” - MDS ping (This is used in ADC during the credential detection): “gl-java/19.0.1 auth/1.24.3 auth-request-type/mds” - What is not tracked: ComputeEngineCredentials getUniverseDomain and getAccount does not send metrics header; TPC flows does not send metrics headers. Related pr: adding for cred_type for token usage requests googleapis/sdk-platform-java#3186
Co-authored-by: release-please[bot] <55107282+release-please[bot]@users.noreply.github.com>
Co-authored-by: release-please[bot] <55107282+release-please[bot]@users.noreply.github.com>
* Make some enum fields final See go/bugpattern/ImmutableEnumChecker * One more field
…e-plugin to v3.5.1 (#1529) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [org.apache.maven.plugins:maven-surefire-plugin](https://maven.apache.org/surefire/) | `3.5.0` -> `3.5.1` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/googleapis/google-auth-library-java). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOC45Ny4wIiwidXBkYXRlZEluVmVyIjoiMzguOTcuMCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOltdfQ==-->
…verse domain (#1528) for context: b/340602527 Changes in this pr: - Override `getUniverseDomain()` to grab source credentials’s universe domain (UD) by default. Always use source credentials UD, not explicit provided UD. (In current design, impersonated credentials may not have universe domain in the outer layer. relay on UD from source credential. This may change in future) - Fix `isDefaultUniverseDomain()` in `GoogleCredentials` to account for `getUniverseDomain()` overrides in child classes. - In refreshAccessToken(), use endpoint url pattern to account for TPC case. - note that I choose to bypass this refreshIfExpired step because it wrongly steps into code path meant only for OAuth2 token request (GDU flow). Filed #1534 to address this separately. But for GDU flow here, this refresh step is redundant because the SSJ will get re-generated at [initialize request](https://github.com/googleapis/google-auth-library-java/blob/a987ecd06fd25a0048cdb3da6d1df4d029d85d79/oauth2_http/java/com/google/auth/oauth2/ImpersonatedCredentials.java#L558). Also skip this step for SA GDU with SSJ flow. - Throw IllegalStateException if UD is explicitly set (with parent class setter) and not matching source credential's UD - Fix toBuilder() to invoke super, and fix related issue with createScoped. (see #1489, #1428); Also fix equals() to compare super first. Not in this pr: - idtoken and signBlob endpoint changes are out-of-scope for this pr, will raise separate pr for it. sa-to-sa impersonation is successfully E2E tested for TPC usage according to [go/prptst-testing-service-account-impersonation](http://goto.google.com/prptst-testing-service-account-impersonation). --------- Co-authored-by: Blake Li <blakeli@google.com>
…e-plugin to v3.5.1 (#1530) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [org.apache.maven.plugins:maven-failsafe-plugin](https://maven.apache.org/surefire/) | `3.5.0` -> `3.5.1` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/googleapis/google-auth-library-java). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOC45Ny4wIiwidXBkYXRlZEluVmVyIjoiMzguOTcuMCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOltdfQ==-->
…tations to v2.34.0 (#1543)
…uth2-http to v1.28.0 (#1523)
…-sdk to v2.0.31 (#1539) Co-authored-by: gcf-merge-on-green[bot] <60162190+gcf-merge-on-green[bot]@users.noreply.github.com>
…ugin to v3.21.0 (#1544)
Co-authored-by: release-please[bot] <55107282+release-please[bot]@users.noreply.github.com>
…uth2-http to v1.29.0 (#1549)
Co-authored-by: release-please[bot] <55107282+release-please[bot]@users.noreply.github.com>
Co-authored-by: release-please[bot] <55107282+release-please[bot]@users.noreply.github.com>
Co-authored-by: release-please[bot] <55107282+release-please[bot]@users.noreply.github.com>
#1882) * fix: Deserialization checks valid class types for HttpTransportFactory * chore: Add headers for newly added files * chore: Fix sonatype complaints * chore: Address PR comments
Co-authored-by: release-please[bot] <55107282+release-please[bot]@users.noreply.github.com>
Co-authored-by: release-please[bot] <55107282+release-please[bot]@users.noreply.github.com>
* chore: Remove Code Coverage requirements * chore: Remove redelcaration in child pom
* fix(oauth2): mask sensitive tokens in HTTP logs Disables automatic logging by google-http-java-client in StsRequestHandler and UrlIdentityPoolSubjectTokenSupplier to prevent leakage of access_token and subject_token. Explicit secure logging via LoggingUtils is introduced instead, which hashes sensitive keys. * chore: Remove Code Coverage requirements (#1871) * chore: Remove Code Coverage requirements * chore: Remove redelcaration in child pom * chore: Disable request logging for all credential types * chore: Restore removed logs * chore: Fix lint issues * chore: Add comments and accessToken sensitive token * chore: Fix lint issues * test: add Token masking tests for SA and Impersonated Credentials * chore: Add tests for masking sensitive tokens * chore: Remove secure logging messaging * chore: remove sensitive key mask redundant logic * chore: Add javadocs for the LoggingUtil methods * chore: Remove last reference to secure logging * fix: resolve NPE and ClassCastException preventing proper payload logging * chore: Fix failing test
) Bumps [ch.qos.logback:logback-core](https://github.com/qos-ch/logback) from 1.5.19 to 1.5.25. - [Release notes](https://github.com/qos-ch/logback/releases) - [Commits](qos-ch/logback@v_1.5.19...v_1.5.25) --- updated-dependencies: - dependency-name: ch.qos.logback:logback-core dependency-version: 1.5.25 dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Lawrence Qiu <lawrenceqiu@google.com>
* feat: Add getProjectId to ComputeEngineCredentials * chore: Fix lint issues * Add unit tests
* chore: Add additional warnings for sensitive tokens * chore: Fix lint issues * chore: Document the test rationale * chore: Move these file changes to a new PR
Contributor
|
Warning Gemini encountered an error creating the summary. You can try again by commenting |
chingor13
force-pushed
the
migrate-google-auth-library-java
branch
6 times, most recently
from
3186d4b to
f1dba89
Compare
chingor13
force-pushed
the
migrate-google-auth-library-java
branch
from
f1dba89 to
31c6a55
Compare
|
Here is the summary of changes. You are about to add 5 region tags.
This comment is generated by snippet-bot.
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.