From b177ec7f6007bc55319705420109303ac91c4c10 Mon Sep 17 00:00:00 2001 From: Mend Renovate Date: Tue, 14 Feb 2023 23:16:20 +0000 Subject: [PATCH 01/61] chore(deps): update dependency com.google.cloud:google-iam-admin to v3.5.0 (#1118) Co-authored-by: Timur Sadykov --- samples/snippets/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/samples/snippets/pom.xml b/samples/snippets/pom.xml index 09f07fcda..332870f84 100644 --- a/samples/snippets/pom.xml +++ b/samples/snippets/pom.xml @@ -50,7 +50,7 @@ com.google.cloud google-iam-admin - 3.1.0 + 3.5.0 From cbd7e8c744455c629185516f3319e513bf7715a0 Mon Sep 17 00:00:00 2001 From: Mend Renovate Date: Tue, 14 Feb 2023 23:19:07 +0000 Subject: [PATCH 02/61] chore(deps): update dependency com.google.cloud:libraries-bom to v26.8.0 (#1121) Co-authored-by: Timur Sadykov --- samples/snippets/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/samples/snippets/pom.xml b/samples/snippets/pom.xml index 332870f84..db1da8a40 100644 --- a/samples/snippets/pom.xml +++ b/samples/snippets/pom.xml @@ -30,7 +30,7 @@ com.google.cloud libraries-bom - 26.1.5 + 26.8.0 pom import From 7d7375fd4e1aa10c3efc4ce367f25b0e23d0d29f Mon Sep 17 00:00:00 2001 From: Mend Renovate Date: Wed, 15 Feb 2023 03:10:05 +0000 Subject: [PATCH 03/61] chore(deps): update dependency org.mockito:mockito-core to v4.11.0 (#1120) Co-authored-by: Timur Sadykov --- oauth2_http/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/oauth2_http/pom.xml b/oauth2_http/pom.xml index ba7aa81e5..e1f14194c 100644 --- a/oauth2_http/pom.xml +++ b/oauth2_http/pom.xml @@ -219,7 +219,7 @@ org.mockito mockito-core - 4.9.0 + 4.11.0 test From ebf2b6b1f22bb07bea3814427590c89fe227644c Mon Sep 17 00:00:00 2001 From: "release-please[bot]" <55107282+release-please[bot]@users.noreply.github.com> Date: Wed, 15 Feb 2023 03:14:22 +0000 Subject: [PATCH 04/61] chore(main): release 1.16.0 (#1139) :robot: I have created a release *beep* *boop* --- ## [1.16.0](https://togithub.com/googleapis/google-auth-library-java/compare/v1.15.0...v1.16.0) (2023-02-15) ### Features * Add PKCE to 3LO exchange. ([#1146](https://togithub.com/googleapis/google-auth-library-java/issues/1146)) ([5bf606b](https://togithub.com/googleapis/google-auth-library-java/commit/5bf606bb8f6d863b44e87587eebf51eaeea4a0ae)) ### Bug Fixes * Create and reuse self signed jwt creds for better performance ([#1154](https://togithub.com/googleapis/google-auth-library-java/issues/1154)) ([eaaa8e8](https://togithub.com/googleapis/google-auth-library-java/commit/eaaa8e89cf69d1e0d581443121f315854d52c75f)) * Java doc for DefaultPKCEProvider.java ([#1148](https://togithub.com/googleapis/google-auth-library-java/issues/1148)) ([154c127](https://togithub.com/googleapis/google-auth-library-java/commit/154c1279b3ec96cc34a3225e5e78800ccdda927c)) * Removed url pattern validation for google urls in external account credential configurations ([#1150](https://togithub.com/googleapis/google-auth-library-java/issues/1150)) ([35495b1](https://togithub.com/googleapis/google-auth-library-java/commit/35495b1207ffe11712ee996d3e305449752fb87c)) ### Documentation * Clarified Maven artifact for HTTP-based clients ([#1136](https://togithub.com/googleapis/google-auth-library-java/issues/1136)) ([b49fc13](https://togithub.com/googleapis/google-auth-library-java/commit/b49fc13b10d0e326c7296e2aad7a50ea03e774f5)) --- This PR was generated with [Release Please](https://togithub.com/googleapis/release-please). See [documentation](https://togithub.com/googleapis/release-please#release-please). --- CHANGELOG.md | 19 +++++++++++++++++++ appengine/pom.xml | 2 +- bom/pom.xml | 2 +- credentials/pom.xml | 2 +- oauth2_http/pom.xml | 2 +- pom.xml | 2 +- versions.txt | 12 ++++++------ 7 files changed, 30 insertions(+), 11 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 61f02473c..5ef1e7d4d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,24 @@ # Changelog +## [1.16.0](https://github.com/googleapis/google-auth-library-java/compare/v1.15.0...v1.16.0) (2023-02-15) + + +### Features + +* Add PKCE to 3LO exchange. ([#1146](https://github.com/googleapis/google-auth-library-java/issues/1146)) ([5bf606b](https://github.com/googleapis/google-auth-library-java/commit/5bf606bb8f6d863b44e87587eebf51eaeea4a0ae)) + + +### Bug Fixes + +* Create and reuse self signed jwt creds for better performance ([#1154](https://github.com/googleapis/google-auth-library-java/issues/1154)) ([eaaa8e8](https://github.com/googleapis/google-auth-library-java/commit/eaaa8e89cf69d1e0d581443121f315854d52c75f)) +* Java doc for DefaultPKCEProvider.java ([#1148](https://github.com/googleapis/google-auth-library-java/issues/1148)) ([154c127](https://github.com/googleapis/google-auth-library-java/commit/154c1279b3ec96cc34a3225e5e78800ccdda927c)) +* Removed url pattern validation for google urls in external account credential configurations ([#1150](https://github.com/googleapis/google-auth-library-java/issues/1150)) ([35495b1](https://github.com/googleapis/google-auth-library-java/commit/35495b1207ffe11712ee996d3e305449752fb87c)) + + +### Documentation + +* Clarified Maven artifact for HTTP-based clients ([#1136](https://github.com/googleapis/google-auth-library-java/issues/1136)) ([b49fc13](https://github.com/googleapis/google-auth-library-java/commit/b49fc13b10d0e326c7296e2aad7a50ea03e774f5)) + ## [1.15.0](https://github.com/googleapis/google-auth-library-java/compare/v1.14.0...v1.15.0) (2023-01-25) diff --git a/appengine/pom.xml b/appengine/pom.xml index edb4f479f..ead41136a 100644 --- a/appengine/pom.xml +++ b/appengine/pom.xml @@ -5,7 +5,7 @@ com.google.auth google-auth-library-parent - 1.15.1-SNAPSHOT + 1.16.0 ../pom.xml diff --git a/bom/pom.xml b/bom/pom.xml index f0b28564e..2efc12a30 100644 --- a/bom/pom.xml +++ b/bom/pom.xml @@ -3,7 +3,7 @@ 4.0.0 com.google.auth google-auth-library-bom - 1.15.1-SNAPSHOT + 1.16.0 pom Google Auth Library for Java BOM diff --git a/credentials/pom.xml b/credentials/pom.xml index 2cfc4ebcf..e4547d6a6 100644 --- a/credentials/pom.xml +++ b/credentials/pom.xml @@ -4,7 +4,7 @@ com.google.auth google-auth-library-parent - 1.15.1-SNAPSHOT + 1.16.0 ../pom.xml diff --git a/oauth2_http/pom.xml b/oauth2_http/pom.xml index e1f14194c..576309e7d 100644 --- a/oauth2_http/pom.xml +++ b/oauth2_http/pom.xml @@ -7,7 +7,7 @@ com.google.auth google-auth-library-parent - 1.15.1-SNAPSHOT + 1.16.0 ../pom.xml diff --git a/pom.xml b/pom.xml index 056c5ca9c..43f05d384 100644 --- a/pom.xml +++ b/pom.xml @@ -5,7 +5,7 @@ 4.0.0 com.google.auth google-auth-library-parent - 1.15.1-SNAPSHOT + 1.16.0 pom Google Auth Library for Java Client libraries providing authentication and diff --git a/versions.txt b/versions.txt index 1ee93fcd4..d1e798829 100644 --- a/versions.txt +++ b/versions.txt @@ -1,9 +1,9 @@ # Format: # module:released-version:current-version -google-auth-library:1.15.0:1.15.1-SNAPSHOT -google-auth-library-bom:1.15.0:1.15.1-SNAPSHOT -google-auth-library-parent:1.15.0:1.15.1-SNAPSHOT -google-auth-library-appengine:1.15.0:1.15.1-SNAPSHOT -google-auth-library-credentials:1.15.0:1.15.1-SNAPSHOT -google-auth-library-oauth2-http:1.15.0:1.15.1-SNAPSHOT +google-auth-library:1.16.0:1.16.0 +google-auth-library-bom:1.16.0:1.16.0 +google-auth-library-parent:1.16.0:1.16.0 +google-auth-library-appengine:1.16.0:1.16.0 +google-auth-library-credentials:1.16.0:1.16.0 +google-auth-library-oauth2-http:1.16.0:1.16.0 From 46720b0cf06b12cee538990d29f1738e0b99893e Mon Sep 17 00:00:00 2001 From: "release-please[bot]" <55107282+release-please[bot]@users.noreply.github.com> Date: Wed, 15 Feb 2023 03:18:16 +0000 Subject: [PATCH 05/61] chore(main): release 1.16.1-SNAPSHOT (#1157) :robot: I have created a release *beep* *boop* --- ### Updating meta-information for bleeding-edge SNAPSHOT release. --- This PR was generated with [Release Please](https://togithub.com/googleapis/release-please). See [documentation](https://togithub.com/googleapis/release-please#release-please). --- appengine/pom.xml | 2 +- bom/pom.xml | 2 +- credentials/pom.xml | 2 +- oauth2_http/pom.xml | 2 +- pom.xml | 2 +- versions.txt | 12 ++++++------ 6 files changed, 11 insertions(+), 11 deletions(-) diff --git a/appengine/pom.xml b/appengine/pom.xml index ead41136a..68276ba95 100644 --- a/appengine/pom.xml +++ b/appengine/pom.xml @@ -5,7 +5,7 @@ com.google.auth google-auth-library-parent - 1.16.0 + 1.16.1-SNAPSHOT ../pom.xml diff --git a/bom/pom.xml b/bom/pom.xml index 2efc12a30..31e9e4609 100644 --- a/bom/pom.xml +++ b/bom/pom.xml @@ -3,7 +3,7 @@ 4.0.0 com.google.auth google-auth-library-bom - 1.16.0 + 1.16.1-SNAPSHOT pom Google Auth Library for Java BOM diff --git a/credentials/pom.xml b/credentials/pom.xml index e4547d6a6..3015a2300 100644 --- a/credentials/pom.xml +++ b/credentials/pom.xml @@ -4,7 +4,7 @@ com.google.auth google-auth-library-parent - 1.16.0 + 1.16.1-SNAPSHOT ../pom.xml diff --git a/oauth2_http/pom.xml b/oauth2_http/pom.xml index 576309e7d..1bc056bbc 100644 --- a/oauth2_http/pom.xml +++ b/oauth2_http/pom.xml @@ -7,7 +7,7 @@ com.google.auth google-auth-library-parent - 1.16.0 + 1.16.1-SNAPSHOT ../pom.xml diff --git a/pom.xml b/pom.xml index 43f05d384..ba2e00312 100644 --- a/pom.xml +++ b/pom.xml @@ -5,7 +5,7 @@ 4.0.0 com.google.auth google-auth-library-parent - 1.16.0 + 1.16.1-SNAPSHOT pom Google Auth Library for Java Client libraries providing authentication and diff --git a/versions.txt b/versions.txt index d1e798829..63cb9c98e 100644 --- a/versions.txt +++ b/versions.txt @@ -1,9 +1,9 @@ # Format: # module:released-version:current-version -google-auth-library:1.16.0:1.16.0 -google-auth-library-bom:1.16.0:1.16.0 -google-auth-library-parent:1.16.0:1.16.0 -google-auth-library-appengine:1.16.0:1.16.0 -google-auth-library-credentials:1.16.0:1.16.0 -google-auth-library-oauth2-http:1.16.0:1.16.0 +google-auth-library:1.16.0:1.16.1-SNAPSHOT +google-auth-library-bom:1.16.0:1.16.1-SNAPSHOT +google-auth-library-parent:1.16.0:1.16.1-SNAPSHOT +google-auth-library-appengine:1.16.0:1.16.1-SNAPSHOT +google-auth-library-credentials:1.16.0:1.16.1-SNAPSHOT +google-auth-library-oauth2-http:1.16.0:1.16.1-SNAPSHOT From 82bf871125b8473677a499c979ab9a843972c930 Mon Sep 17 00:00:00 2001 From: Josh Mahonin Date: Thu, 16 Feb 2023 16:20:40 -0500 Subject: [PATCH 06/61] fix: Make supporting classes of AwsCredentials serializable (#1113) * fix: Make supporting classes of AwsCredentials serializable * Add unit test for ExternalAccountCredentials test. Discovered ServiceAccountImpersonationOptions needed be serializable as well. * Fix linting * Add serialization tests for subclasses of ExternalAccountCredentials Note that PluggableAuthCredentials uses a non-serializable ExecutableHandler. It's not clear that this can/should be a serializable credential source. * Add serialVersionUID fields to classes implementing ExternalAccountCredentials --- .../google/auth/oauth2/AwsCredentials.java | 2 ++ .../oauth2/ExternalAccountCredentials.java | 11 ++++-- .../auth/oauth2/IdentityPoolCredentials.java | 4 +++ .../auth/oauth2/ImpersonatedCredentials.java | 6 ++++ .../oauth2/SystemEnvironmentProvider.java | 5 ++- .../auth/oauth2/AwsCredentialsTest.java | 31 +++++++++++++++- .../ExternalAccountCredentialsTest.java | 35 ++++++++++++++++++- .../auth/oauth2/GoogleCredentialsTest.java | 20 +++++++---- .../oauth2/IdentityPoolCredentialsTest.java | 26 +++++++++++--- .../oauth2/PluggableAuthCredentialsTest.java | 23 +++++++++--- 10 files changed, 142 insertions(+), 21 deletions(-) diff --git a/oauth2_http/java/com/google/auth/oauth2/AwsCredentials.java b/oauth2_http/java/com/google/auth/oauth2/AwsCredentials.java index fe4143041..c76cb9c63 100644 --- a/oauth2_http/java/com/google/auth/oauth2/AwsCredentials.java +++ b/oauth2_http/java/com/google/auth/oauth2/AwsCredentials.java @@ -73,6 +73,7 @@ public class AwsCredentials extends ExternalAccountCredentials { static final String AWS_IMDSV2_SESSION_TOKEN_HEADER = "x-aws-ec2-metadata-token"; static final String AWS_IMDSV2_SESSION_TOKEN_TTL_HEADER = "x-aws-ec2-metadata-token-ttl-seconds"; static final String AWS_IMDSV2_SESSION_TOKEN_TTL = "300"; + private static final long serialVersionUID = -3670131891574618105L; /** * The AWS credential source. Stores data required to retrieve the AWS credential from the AWS @@ -81,6 +82,7 @@ public class AwsCredentials extends ExternalAccountCredentials { static class AwsCredentialSource extends CredentialSource { private static final String IMDSV2_SESSION_TOKEN_URL_FIELD_NAME = "imdsv2_session_token_url"; + private static final long serialVersionUID = -4180558200808134436L; private final String regionUrl; private final String url; diff --git a/oauth2_http/java/com/google/auth/oauth2/ExternalAccountCredentials.java b/oauth2_http/java/com/google/auth/oauth2/ExternalAccountCredentials.java index 0140d0881..096f66b29 100644 --- a/oauth2_http/java/com/google/auth/oauth2/ExternalAccountCredentials.java +++ b/oauth2_http/java/com/google/auth/oauth2/ExternalAccountCredentials.java @@ -43,6 +43,7 @@ import com.google.common.base.MoreObjects; import java.io.IOException; import java.io.InputStream; +import java.io.Serializable; import java.math.BigDecimal; import java.net.URI; import java.nio.charset.StandardCharsets; @@ -65,8 +66,12 @@ */ public abstract class ExternalAccountCredentials extends GoogleCredentials { + private static final long serialVersionUID = 8049126194174465023L; + /** Base credential source class. Dictates the retrieval method of the external credential. */ - abstract static class CredentialSource { + abstract static class CredentialSource implements Serializable { + + private static final long serialVersionUID = 8204657811562399944L; CredentialSource(Map credentialSourceMap) { checkNotNull(credentialSourceMap); @@ -636,7 +641,9 @@ private static boolean isValidUrl(String url) { * } * */ - static final class ServiceAccountImpersonationOptions { + static final class ServiceAccountImpersonationOptions implements Serializable { + + private static final long serialVersionUID = 4250771921886280953L; private static final int DEFAULT_TOKEN_LIFETIME_SECONDS = 3600; private static final int MAXIMUM_TOKEN_LIFETIME_SECONDS = 43200; private static final int MINIMUM_TOKEN_LIFETIME_SECONDS = 600; diff --git a/oauth2_http/java/com/google/auth/oauth2/IdentityPoolCredentials.java b/oauth2_http/java/com/google/auth/oauth2/IdentityPoolCredentials.java index 200d56fbb..91b837e45 100644 --- a/oauth2_http/java/com/google/auth/oauth2/IdentityPoolCredentials.java +++ b/oauth2_http/java/com/google/auth/oauth2/IdentityPoolCredentials.java @@ -63,12 +63,16 @@ */ public class IdentityPoolCredentials extends ExternalAccountCredentials { + private static final long serialVersionUID = 2471046175477275881L; + /** * The IdentityPool credential source. Dictates the retrieval method of the external credential, * which can either be through a metadata server or a local file. */ static class IdentityPoolCredentialSource extends ExternalAccountCredentials.CredentialSource { + private static final long serialVersionUID = -745855247050085694L; + enum IdentityPoolCredentialSourceType { FILE, URL diff --git a/oauth2_http/java/com/google/auth/oauth2/ImpersonatedCredentials.java b/oauth2_http/java/com/google/auth/oauth2/ImpersonatedCredentials.java index 4eb899579..f9b90b01b 100644 --- a/oauth2_http/java/com/google/auth/oauth2/ImpersonatedCredentials.java +++ b/oauth2_http/java/com/google/auth/oauth2/ImpersonatedCredentials.java @@ -50,6 +50,7 @@ import com.google.common.base.MoreObjects; import com.google.common.collect.ImmutableMap; import java.io.IOException; +import java.io.ObjectInputStream; import java.text.DateFormat; import java.text.ParseException; import java.text.SimpleDateFormat; @@ -700,4 +701,9 @@ public ImpersonatedCredentials build() { return new ImpersonatedCredentials(this); } } + + private void readObject(ObjectInputStream input) throws IOException, ClassNotFoundException { + input.defaultReadObject(); + transportFactory = newInstance(transportFactoryClassName); + } } diff --git a/oauth2_http/java/com/google/auth/oauth2/SystemEnvironmentProvider.java b/oauth2_http/java/com/google/auth/oauth2/SystemEnvironmentProvider.java index d207fed8b..a29707721 100644 --- a/oauth2_http/java/com/google/auth/oauth2/SystemEnvironmentProvider.java +++ b/oauth2_http/java/com/google/auth/oauth2/SystemEnvironmentProvider.java @@ -1,8 +1,11 @@ package com.google.auth.oauth2; +import java.io.Serializable; + /** Represents the default system environment provider. */ -class SystemEnvironmentProvider implements EnvironmentProvider { +class SystemEnvironmentProvider implements EnvironmentProvider, Serializable { static final SystemEnvironmentProvider INSTANCE = new SystemEnvironmentProvider(); + private static final long serialVersionUID = -4698164985883575244L; private SystemEnvironmentProvider() {} diff --git a/oauth2_http/javatests/com/google/auth/oauth2/AwsCredentialsTest.java b/oauth2_http/javatests/com/google/auth/oauth2/AwsCredentialsTest.java index 839d5361f..098738b4d 100644 --- a/oauth2_http/javatests/com/google/auth/oauth2/AwsCredentialsTest.java +++ b/oauth2_http/javatests/com/google/auth/oauth2/AwsCredentialsTest.java @@ -42,6 +42,7 @@ import com.google.api.client.json.GenericJson; import com.google.api.client.json.JsonParser; import com.google.api.client.testing.http.MockLowLevelHttpRequest; +import com.google.api.client.util.Clock; import com.google.auth.TestUtils; import com.google.auth.oauth2.AwsCredentials.AwsCredentialSource; import com.google.auth.oauth2.ExternalAccountCredentialsTest.MockExternalAccountCredentialsTransportFactory; @@ -62,7 +63,7 @@ /** Tests for {@link AwsCredentials}. */ @RunWith(JUnit4.class) -public class AwsCredentialsTest { +public class AwsCredentialsTest extends BaseSerializationTest { private static final String STS_URL = "https://sts.googleapis.com"; private static final String AWS_CREDENTIALS_URL = "https://169.254.169.254"; @@ -1025,6 +1026,34 @@ public void builder() { assertEquals(credentials.getEnvironmentProvider(), SystemEnvironmentProvider.getInstance()); } + @Test + public void serialize() throws IOException, ClassNotFoundException { + List scopes = Arrays.asList("scope1", "scope2"); + + AwsCredentials testCredentials = + (AwsCredentials) + AwsCredentials.newBuilder() + .setHttpTransportFactory(OAuth2Utils.HTTP_TRANSPORT_FACTORY) + .setAudience("audience") + .setSubjectTokenType("subjectTokenType") + .setTokenUrl(STS_URL) + .setTokenInfoUrl("tokenInfoUrl") + .setCredentialSource(AWS_CREDENTIAL_SOURCE) + .setTokenInfoUrl("tokenInfoUrl") + .setServiceAccountImpersonationUrl(SERVICE_ACCOUNT_IMPERSONATION_URL) + .setQuotaProjectId("quotaProjectId") + .setClientId("clientId") + .setClientSecret("clientSecret") + .setScopes(scopes) + .build(); + + AwsCredentials deserializedCredentials = serializeAndDeserialize(testCredentials); + assertEquals(testCredentials, deserializedCredentials); + assertEquals(testCredentials.hashCode(), deserializedCredentials.hashCode()); + assertEquals(testCredentials.toString(), deserializedCredentials.toString()); + assertSame(deserializedCredentials.clock, Clock.SYSTEM); + } + private static void ValidateRequest( MockLowLevelHttpRequest request, String expectedUrl, Map expectedHeaders) { assertEquals(expectedUrl, request.getUrl()); diff --git a/oauth2_http/javatests/com/google/auth/oauth2/ExternalAccountCredentialsTest.java b/oauth2_http/javatests/com/google/auth/oauth2/ExternalAccountCredentialsTest.java index 2350af89d..a12faa104 100644 --- a/oauth2_http/javatests/com/google/auth/oauth2/ExternalAccountCredentialsTest.java +++ b/oauth2_http/javatests/com/google/auth/oauth2/ExternalAccountCredentialsTest.java @@ -35,11 +35,13 @@ import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertNotNull; import static org.junit.Assert.assertNull; +import static org.junit.Assert.assertSame; import static org.junit.Assert.assertTrue; import static org.junit.Assert.fail; import com.google.api.client.http.HttpTransport; import com.google.api.client.json.GenericJson; +import com.google.api.client.util.Clock; import com.google.auth.TestUtils; import com.google.auth.http.HttpTransportFactory; import com.google.auth.oauth2.ExternalAccountCredentialsTest.TestExternalAccountCredentials.TestCredentialSource; @@ -62,7 +64,7 @@ /** Tests for {@link ExternalAccountCredentials}. */ @RunWith(JUnit4.class) -public class ExternalAccountCredentialsTest { +public class ExternalAccountCredentialsTest extends BaseSerializationTest { private static final String STS_URL = "https://sts.googleapis.com"; @@ -954,6 +956,37 @@ public void getRequestMetadata_withQuotaProjectId() throws IOException { assertEquals("quotaProjectId", requestMetadata.get("x-goog-user-project").get(0)); } + @Test + public void serialize() throws IOException, ClassNotFoundException { + Map impersonationOpts = + new HashMap() { + { + put("token_lifetime_seconds", 1000); + } + }; + + TestExternalAccountCredentials testCredentials = + (TestExternalAccountCredentials) + TestExternalAccountCredentials.newBuilder() + .setHttpTransportFactory(transportFactory) + .setAudience("audience") + .setSubjectTokenType("subjectTokenType") + .setTokenUrl(STS_URL) + .setCredentialSource(new TestCredentialSource(FILE_CREDENTIAL_SOURCE_MAP)) + .setServiceAccountImpersonationOptions(impersonationOpts) + .build(); + + TestExternalAccountCredentials deserializedCredentials = + serializeAndDeserialize(testCredentials); + assertEquals(testCredentials, deserializedCredentials); + assertEquals(testCredentials.hashCode(), deserializedCredentials.hashCode()); + assertEquals(testCredentials.toString(), deserializedCredentials.toString()); + assertEquals( + testCredentials.getServiceAccountImpersonationOptions().getLifetime(), + deserializedCredentials.getServiceAccountImpersonationOptions().getLifetime()); + assertSame(deserializedCredentials.clock, Clock.SYSTEM); + } + @Test public void validateTokenUrl_validUrls() { List validUrls = diff --git a/oauth2_http/javatests/com/google/auth/oauth2/GoogleCredentialsTest.java b/oauth2_http/javatests/com/google/auth/oauth2/GoogleCredentialsTest.java index 295fdc663..415260760 100644 --- a/oauth2_http/javatests/com/google/auth/oauth2/GoogleCredentialsTest.java +++ b/oauth2_http/javatests/com/google/auth/oauth2/GoogleCredentialsTest.java @@ -31,15 +31,11 @@ package com.google.auth.oauth2; -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertFalse; -import static org.junit.Assert.assertNotNull; -import static org.junit.Assert.assertNull; -import static org.junit.Assert.assertTrue; -import static org.junit.Assert.fail; +import static org.junit.Assert.*; import com.google.api.client.http.HttpTransport; import com.google.api.client.testing.http.MockHttpTransport; +import com.google.api.client.util.Clock; import com.google.auth.TestUtils; import com.google.auth.http.HttpTransportFactory; import com.google.auth.oauth2.ExternalAccountAuthorizedUserCredentialsTest.MockExternalAccountAuthorizedUserCredentialsTransportFactory; @@ -62,7 +58,7 @@ /** Test case for {@link GoogleCredentials}. */ @RunWith(JUnit4.class) -public class GoogleCredentialsTest { +public class GoogleCredentialsTest extends BaseSerializationTest { private static final String SA_CLIENT_EMAIL = "36680232662-vrd7ji19qe3nelgchd0ah2csanun6bnr@developer.gserviceaccount.com"; @@ -589,6 +585,16 @@ public void createWithQuotaProject() { assertEquals(null, sameCredentials.getQuotaProjectId()); } + @Test + public void serialize() throws IOException, ClassNotFoundException { + final GoogleCredentials testCredentials = new GoogleCredentials.Builder().build(); + GoogleCredentials deserializedCredentials = serializeAndDeserialize(testCredentials); + assertEquals(testCredentials, deserializedCredentials); + assertEquals(testCredentials.hashCode(), deserializedCredentials.hashCode()); + assertEquals(testCredentials.toString(), deserializedCredentials.toString()); + assertSame(deserializedCredentials.clock, Clock.SYSTEM); + } + private static void testFromStreamException(InputStream stream, String expectedMessageContent) { try { GoogleCredentials.fromStream(stream, DUMMY_TRANSPORT_FACTORY); diff --git a/oauth2_http/javatests/com/google/auth/oauth2/IdentityPoolCredentialsTest.java b/oauth2_http/javatests/com/google/auth/oauth2/IdentityPoolCredentialsTest.java index 373f9b3fb..8771ca9ff 100644 --- a/oauth2_http/javatests/com/google/auth/oauth2/IdentityPoolCredentialsTest.java +++ b/oauth2_http/javatests/com/google/auth/oauth2/IdentityPoolCredentialsTest.java @@ -33,13 +33,11 @@ import static com.google.auth.oauth2.MockExternalAccountCredentialsTransport.SERVICE_ACCOUNT_IMPERSONATION_URL; import static com.google.auth.oauth2.OAuth2Utils.JSON_FACTORY; -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertNotNull; -import static org.junit.Assert.assertTrue; -import static org.junit.Assert.fail; +import static org.junit.Assert.*; import com.google.api.client.http.HttpTransport; import com.google.api.client.json.GenericJson; +import com.google.api.client.util.Clock; import com.google.auth.TestUtils; import com.google.auth.http.HttpTransportFactory; import com.google.auth.oauth2.IdentityPoolCredentials.IdentityPoolCredentialSource; @@ -59,7 +57,7 @@ /** Tests for {@link IdentityPoolCredentials}. */ @RunWith(JUnit4.class) -public class IdentityPoolCredentialsTest { +public class IdentityPoolCredentialsTest extends BaseSerializationTest { private static final String STS_URL = "https://sts.googleapis.com"; @@ -732,6 +730,24 @@ public void builder_emptyWorkforceUserProjectWithWorkforceAudience() { assertTrue(credentials.isWorkforcePoolConfiguration()); } + @Test + public void serialize() throws IOException, ClassNotFoundException { + IdentityPoolCredentials testCredentials = + (IdentityPoolCredentials) + IdentityPoolCredentials.newBuilder(FILE_SOURCED_CREDENTIAL) + .setServiceAccountImpersonationUrl(SERVICE_ACCOUNT_IMPERSONATION_URL) + .setQuotaProjectId("quotaProjectId") + .setClientId("clientId") + .setClientSecret("clientSecret") + .build(); + + IdentityPoolCredentials deserializedCredentials = serializeAndDeserialize(testCredentials); + assertEquals(testCredentials, deserializedCredentials); + assertEquals(testCredentials.hashCode(), deserializedCredentials.hashCode()); + assertEquals(testCredentials.toString(), deserializedCredentials.toString()); + assertSame(deserializedCredentials.clock, Clock.SYSTEM); + } + static InputStream writeIdentityPoolCredentialsStream( String tokenUrl, String url, diff --git a/oauth2_http/javatests/com/google/auth/oauth2/PluggableAuthCredentialsTest.java b/oauth2_http/javatests/com/google/auth/oauth2/PluggableAuthCredentialsTest.java index cf316ade1..ef66e90cd 100644 --- a/oauth2_http/javatests/com/google/auth/oauth2/PluggableAuthCredentialsTest.java +++ b/oauth2_http/javatests/com/google/auth/oauth2/PluggableAuthCredentialsTest.java @@ -32,9 +32,7 @@ package com.google.auth.oauth2; import static com.google.auth.oauth2.MockExternalAccountCredentialsTransport.SERVICE_ACCOUNT_IMPERSONATION_URL; -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertNull; -import static org.junit.Assert.fail; +import static org.junit.Assert.*; import com.google.api.client.http.HttpTransport; import com.google.api.client.json.GenericJson; @@ -45,6 +43,7 @@ import com.google.auth.oauth2.PluggableAuthCredentials.PluggableAuthCredentialSource; import java.io.IOException; import java.io.InputStream; +import java.io.NotSerializableException; import java.math.BigDecimal; import java.util.Arrays; import java.util.HashMap; @@ -54,7 +53,7 @@ import org.junit.Test; /** Tests for {@link PluggableAuthCredentials}. */ -public class PluggableAuthCredentialsTest { +public class PluggableAuthCredentialsTest extends BaseSerializationTest { // The default timeout for waiting for the executable to finish (30 seconds). private static final int DEFAULT_EXECUTABLE_TIMEOUT_MS = 30 * 1000; // The minimum timeout for waiting for the executable to finish (5 seconds). @@ -436,6 +435,22 @@ public void createdScoped_clonedCredentialWithAddedScopes() { assertEquals(credentials.getExecutableHandler(), newCredentials.getExecutableHandler()); } + @Test + public void serialize() throws IOException, ClassNotFoundException { + PluggableAuthCredentials testCredentials = + (PluggableAuthCredentials) + PluggableAuthCredentials.newBuilder(CREDENTIAL) + .setExecutableHandler(options -> "pluggableAuthToken") + .setServiceAccountImpersonationUrl(SERVICE_ACCOUNT_IMPERSONATION_URL) + .setQuotaProjectId("quotaProjectId") + .setClientId("clientId") + .setClientSecret("clientSecret") + .build(); + + // PluggableAuthCredentials are not serializable + assertThrows(NotSerializableException.class, () -> serializeAndDeserialize(testCredentials)); + } + private static CredentialSource buildCredentialSource() { return buildCredentialSource("command", null, null); } From 5bc42498dbf6fc9d9e520642cb7646dd89f6a1df Mon Sep 17 00:00:00 2001 From: Timur Sadykov Date: Fri, 17 Feb 2023 11:19:06 -0800 Subject: [PATCH 07/61] churn: backfilling a branch for LTS 3.0 (#1161) --- .github/release-please.yml | 4 ++++ .github/sync-repo-settings.yaml | 13 +++++++++++++ 2 files changed, 17 insertions(+) diff --git a/.github/release-please.yml b/.github/release-please.yml index d8e09ff1e..ba930a996 100644 --- a/.github/release-please.yml +++ b/.github/release-please.yml @@ -18,3 +18,7 @@ branches: handleGHRelease: true releaseType: java-backport branch: 1.12.x + - bumpMinorPreMajor: true + handleGHRelease: true + releaseType: java-backport + branch: 1.6.x diff --git a/.github/sync-repo-settings.yaml b/.github/sync-repo-settings.yaml index 65e82d9f2..9f8d086d8 100644 --- a/.github/sync-repo-settings.yaml +++ b/.github/sync-repo-settings.yaml @@ -68,6 +68,19 @@ branchProtectionRules: requiredApprovingReviewCount: 1 requiresCodeOwnerReviews: true requiresStrictStatusChecks: true + - pattern: 1.6.x + isAdminEnforced: true + requiredStatusCheckContexts: + - dependencies (8) + - dependencies (11) + - lint + - clirr + - units (8) + - units (11) + - cla/google + requiredApprovingReviewCount: 1 + requiresCodeOwnerReviews: true + requiresStrictStatusChecks: true permissionRules: - team: Googlers permission: pull From e6c23d318dd98021cc8cc04ab2ed5eb1a72acfce Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 22 Feb 2023 11:34:11 +0000 Subject: [PATCH 08/61] chore(deps): bump cryptography from 38.0.3 to 39.0.1 in /.kokoro (#1151) Bumps [cryptography](https://togithub.com/pyca/cryptography) from 38.0.3 to 39.0.1.
Changelog

Sourced from cryptography's changelog.

39.0.1 - 2023-02-07


* **SECURITY ISSUE** - Fixed a bug where ``Cipher.update_into`` accepted Python
  buffer protocol objects, but allowed immutable buffers. **CVE-2023-23931**
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.0.8.

.. _v39-0-0:


39.0.0 - 2023-01-01

  • BACKWARDS INCOMPATIBLE: Support for OpenSSL 1.1.0 has been removed. Users on older version of OpenSSL will need to upgrade.
  • BACKWARDS INCOMPATIBLE: Dropped support for LibreSSL < 3.5. The new minimum LibreSSL version is 3.5.0. Going forward our policy is to support versions of LibreSSL that are available in versions of OpenBSD that are still receiving security support.
  • BACKWARDS INCOMPATIBLE: Removed the encode_point and from_encoded_point methods on :class:~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicNumbers, which had been deprecated for several years. :meth:~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey.public_bytes and :meth:~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey.from_encoded_point should be used instead.
  • BACKWARDS INCOMPATIBLE: Support for using MD5 or SHA1 in :class:~cryptography.x509.CertificateBuilder, other X.509 builders, and PKCS7 has been removed.
  • BACKWARDS INCOMPATIBLE: Dropped support for macOS 10.10 and 10.11, macOS users must upgrade to 10.12 or newer.
  • ANNOUNCEMENT: The next version of cryptography (40.0) will change the way we link OpenSSL. This will only impact users who build cryptography from source (i.e., not from a wheel), and specify their own version of OpenSSL. For those users, the CFLAGS, LDFLAGS, INCLUDE, LIB, and CRYPTOGRAPHY_SUPPRESS_LINK_FLAGS environment variables will no longer be respected. Instead, users will need to configure their builds as documented here_.
  • Added support for :ref:disabling the legacy provider in OpenSSL 3.0.x<legacy-provider>.
  • Added support for disabling RSA key validation checks when loading RSA keys via :func:~cryptography.hazmat.primitives.serialization.load_pem_private_key, :func:~cryptography.hazmat.primitives.serialization.load_der_private_key, and :meth:~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateNumbers.private_key. This speeds up key loading but is :term:unsafe if you are loading potentially attacker supplied keys.
  • Significantly improved performance for :class:~cryptography.hazmat.primitives.ciphers.aead.ChaCha20Poly1305

... (truncated)

Commits

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=cryptography&package-manager=pip&previous-version=38.0.3&new-version=39.0.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://togithub.com/googleapis/google-auth-library-java/network/alerts).
From 77a99c9cfab3c1ce2db50c92e89fc292efaeb3ab Mon Sep 17 00:00:00 2001 From: Leo <39062083+lsirac@users.noreply.github.com> Date: Mon, 6 Mar 2023 13:30:20 -0800 Subject: [PATCH 09/61] fix: Remove AWS credential source validation. (#1177) --- .../google/auth/oauth2/AwsCredentials.java | 28 --------- .../auth/oauth2/AwsCredentialsTest.java | 61 ++----------------- 2 files changed, 4 insertions(+), 85 deletions(-) diff --git a/oauth2_http/java/com/google/auth/oauth2/AwsCredentials.java b/oauth2_http/java/com/google/auth/oauth2/AwsCredentials.java index c76cb9c63..98651f295 100644 --- a/oauth2_http/java/com/google/auth/oauth2/AwsCredentials.java +++ b/oauth2_http/java/com/google/auth/oauth2/AwsCredentials.java @@ -44,8 +44,6 @@ import com.google.common.collect.ImmutableList; import java.io.IOException; import java.io.UnsupportedEncodingException; -import java.net.MalformedURLException; -import java.net.URL; import java.net.URLEncoder; import java.util.ArrayList; import java.util.Collection; @@ -137,32 +135,6 @@ static class AwsCredentialSource extends CredentialSource { } else { this.imdsv2SessionTokenUrl = null; } - - this.validateMetadataServerUrls(); - } - - private void validateMetadataServerUrls() { - validateMetadataServerUrlIfAny(this.regionUrl, "region_url"); - validateMetadataServerUrlIfAny(this.url, "url"); - validateMetadataServerUrlIfAny(this.imdsv2SessionTokenUrl, "imdsv2_session_token_url"); - } - - @VisibleForTesting - static void validateMetadataServerUrlIfAny(String urlString, String nameInConfig) { - if (urlString == null || urlString.trim().length() == 0) { - return; - } - - try { - URL url = new URL(urlString); - String host = url.getHost(); - if (!host.equals("169.254.169.254") && !host.equals("[fd00:ec2::254]")) { - throw new IllegalArgumentException( - String.format("Invalid host %s for %s.", host, nameInConfig)); - } - } catch (MalformedURLException malformedURLException) { - throw new IllegalArgumentException(malformedURLException); - } } } diff --git a/oauth2_http/javatests/com/google/auth/oauth2/AwsCredentialsTest.java b/oauth2_http/javatests/com/google/auth/oauth2/AwsCredentialsTest.java index 098738b4d..7cf3ce3bc 100644 --- a/oauth2_http/javatests/com/google/auth/oauth2/AwsCredentialsTest.java +++ b/oauth2_http/javatests/com/google/auth/oauth2/AwsCredentialsTest.java @@ -35,7 +35,6 @@ import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertNotNull; import static org.junit.Assert.assertNull; -import static org.junit.Assert.assertThrows; import static org.junit.Assert.assertTrue; import static org.junit.Assert.fail; @@ -57,7 +56,6 @@ import java.util.List; import java.util.Map; import org.junit.Test; -import org.junit.function.ThrowingRunnable; import org.junit.runner.RunWith; import org.junit.runners.JUnit4; @@ -106,28 +104,14 @@ public class AwsCredentialsTest extends BaseSerializationTest { .build(); @Test - public void test_awsCredentialSource_ipv6() { - // If no exception is thrown, it means the urls were valid. - new AwsCredentialSource(buildAwsIpv6CredentialSourceMap()); - } - - @Test - public void test_awsCredentialSource_invalid_urls() { + public void test_awsCredentialSource() { String keys[] = {"region_url", "url", "imdsv2_session_token_url"}; for (String key : keys) { Map credentialSourceWithInvalidUrl = buildAwsIpv6CredentialSourceMap(); credentialSourceWithInvalidUrl.put(key, "https://badhost.com/fake"); - IllegalArgumentException e = - assertThrows( - IllegalArgumentException.class, - new ThrowingRunnable() { - @Override - public void run() throws Throwable { - new AwsCredentialSource(credentialSourceWithInvalidUrl); - } - }); - - assertEquals(String.format("Invalid host badhost.com for %s.", key), e.getMessage()); + + // Should succeed as no validation is done. + new AwsCredentialSource(credentialSourceWithInvalidUrl); } } @@ -613,43 +597,6 @@ public void getAwsSecurityCredentials_fromEnvironmentVariables_noMetadataServerC assertEquals("awsSessionToken", credentials.getToken()); } - @Test - public void validateMetadataServerUrlIfAny_validOrEmptyUrls() { - String[] urls = { - "http://[fd00:ec2::254]/region", - "http://169.254.169.254", - "http://169.254.169.254/xyz", - " ", - "", - null - }; - for (String url : urls) { - AwsCredentialSource.validateMetadataServerUrlIfAny(url, "url"); - } - } - - @Test - public void validateMetadataServerUrlIfAny_invalidUrls() { - Map urls = new HashMap(); - urls.put("http://[fd00:ec2::255]/region", "[fd00:ec2::255]"); - urls.put("http://fake.com/region", "fake.com"); - urls.put("http://169.254.169.255", "169.254.169.255"); - - for (Map.Entry entry : urls.entrySet()) { - IllegalArgumentException e = - assertThrows( - IllegalArgumentException.class, - new ThrowingRunnable() { - @Override - public void run() throws Throwable { - AwsCredentialSource.validateMetadataServerUrlIfAny(entry.getKey(), "url"); - } - }); - - assertEquals(String.format("Invalid host %s for url.", entry.getValue()), e.getMessage()); - } - } - @Test public void getAwsSecurityCredentials_fromMetadataServer() throws IOException { MockExternalAccountCredentialsTransportFactory transportFactory = From 51fd1fa463acea002152e9935998f17d76b6d84b Mon Sep 17 00:00:00 2001 From: Timur Sadykov Date: Tue, 4 Apr 2023 16:17:41 -0700 Subject: [PATCH 10/61] chore: updating owl bot rule to exclude file from style check (#1190) * disabling owl bot --- .github/.OwlBot.yaml | 16 ---------------- owlbot.py | 3 ++- pom.xml | 2 ++ 3 files changed, 4 insertions(+), 17 deletions(-) delete mode 100644 .github/.OwlBot.yaml diff --git a/.github/.OwlBot.yaml b/.github/.OwlBot.yaml deleted file mode 100644 index 5d9a9d8b5..000000000 --- a/.github/.OwlBot.yaml +++ /dev/null @@ -1,16 +0,0 @@ -# Copyright 2021 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -docker: - image: "gcr.io/cloud-devrel-public-resources/owlbot-java:latest" diff --git a/owlbot.py b/owlbot.py index 610e82700..8bf9d155d 100644 --- a/owlbot.py +++ b/owlbot.py @@ -36,6 +36,7 @@ ".kokoro/nightly/integration.cfg", ".kokoro/presubmit/integration.cfg", ".kokoro/presubmit/graalvm-native.cfg", - ".kokoro/presubmit/graalvm-native-17.cfg" + ".kokoro/presubmit/graalvm-native-17.cfg", + "oauth2_http/java/com/google/auth/oauth2/ExternalAccountCredentials.java" ] ) diff --git a/pom.xml b/pom.xml index ba2e00312..45fce5aa3 100644 --- a/pom.xml +++ b/pom.xml @@ -214,6 +214,7 @@ 2.13 true + true @@ -268,6 +269,7 @@ src/test + com.google.auth.oauth2.ExternalAccountCredentials From c52ecafc2757912a1f3ca54d130499c17ff0ac41 Mon Sep 17 00:00:00 2001 From: Timur Sadykov Date: Fri, 7 Apr 2023 00:41:32 -0700 Subject: [PATCH 11/61] chore: using full package names to avoid incorrect import merge (#1193) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * fix bogus import error by changing import order * 🦉 Updates from OwlBot post-processor See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md * exclude ExternalAccount from owl bot * 🦉 Updates from OwlBot post-processor See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md * disable import order * change imports again * 🦉 Updates from OwlBot post-processor See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md * disabling owl bot * moving import * 🦉 Updates from OwlBot post-processor See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md * removing owlbot lock file to disable it * Revert "removing owlbot lock file to disable it" This reverts commit 59cb9a7244c0302b5911da9652b6f55398396a04. * Revert "disabling owl bot" This reverts commit 549806174d1026715cab4a2030617305b872c21d. * re-enable owlbot and revert poc config changes --------- Co-authored-by: Owl Bot --- .github/.OwlBot.yaml | 16 ++++++++++++++++ .../auth/oauth2/ExternalAccountCredentials.java | 5 ++--- owlbot.py | 3 +-- pom.xml | 1 - 4 files changed, 19 insertions(+), 6 deletions(-) create mode 100644 .github/.OwlBot.yaml diff --git a/.github/.OwlBot.yaml b/.github/.OwlBot.yaml new file mode 100644 index 000000000..5d9a9d8b5 --- /dev/null +++ b/.github/.OwlBot.yaml @@ -0,0 +1,16 @@ +# Copyright 2021 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +docker: + image: "gcr.io/cloud-devrel-public-resources/owlbot-java:latest" diff --git a/oauth2_http/java/com/google/auth/oauth2/ExternalAccountCredentials.java b/oauth2_http/java/com/google/auth/oauth2/ExternalAccountCredentials.java index 096f66b29..227603957 100644 --- a/oauth2_http/java/com/google/auth/oauth2/ExternalAccountCredentials.java +++ b/oauth2_http/java/com/google/auth/oauth2/ExternalAccountCredentials.java @@ -43,7 +43,6 @@ import com.google.common.base.MoreObjects; import java.io.IOException; import java.io.InputStream; -import java.io.Serializable; import java.math.BigDecimal; import java.net.URI; import java.nio.charset.StandardCharsets; @@ -69,7 +68,7 @@ public abstract class ExternalAccountCredentials extends GoogleCredentials { private static final long serialVersionUID = 8049126194174465023L; /** Base credential source class. Dictates the retrieval method of the external credential. */ - abstract static class CredentialSource implements Serializable { + abstract static class CredentialSource implements java.io.Serializable { private static final long serialVersionUID = 8204657811562399944L; @@ -641,7 +640,7 @@ private static boolean isValidUrl(String url) { * } * */ - static final class ServiceAccountImpersonationOptions implements Serializable { + static final class ServiceAccountImpersonationOptions implements java.io.Serializable { private static final long serialVersionUID = 4250771921886280953L; private static final int DEFAULT_TOKEN_LIFETIME_SECONDS = 3600; diff --git a/owlbot.py b/owlbot.py index 8bf9d155d..610e82700 100644 --- a/owlbot.py +++ b/owlbot.py @@ -36,7 +36,6 @@ ".kokoro/nightly/integration.cfg", ".kokoro/presubmit/integration.cfg", ".kokoro/presubmit/graalvm-native.cfg", - ".kokoro/presubmit/graalvm-native-17.cfg", - "oauth2_http/java/com/google/auth/oauth2/ExternalAccountCredentials.java" + ".kokoro/presubmit/graalvm-native-17.cfg" ] ) diff --git a/pom.xml b/pom.xml index 45fce5aa3..5a3f652ea 100644 --- a/pom.xml +++ b/pom.xml @@ -214,7 +214,6 @@ 2.13 true - true From be7d43f6da6af1ad673dd16cebfd9afe4017854c Mon Sep 17 00:00:00 2001 From: "release-please[bot]" <55107282+release-please[bot]@users.noreply.github.com> Date: Fri, 7 Apr 2023 02:54:38 -0700 Subject: [PATCH 12/61] chore(main): release 1.16.1 (#1159) Co-authored-by: release-please[bot] <55107282+release-please[bot]@users.noreply.github.com> --- CHANGELOG.md | 8 ++++++++ appengine/pom.xml | 2 +- bom/pom.xml | 2 +- credentials/pom.xml | 2 +- oauth2_http/pom.xml | 2 +- pom.xml | 2 +- versions.txt | 12 ++++++------ 7 files changed, 19 insertions(+), 11 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 5ef1e7d4d..6ec67aaaf 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,13 @@ # Changelog +## [1.16.1](https://github.com/googleapis/google-auth-library-java/compare/v1.16.0...v1.16.1) (2023-04-07) + + +### Bug Fixes + +* Make supporting classes of AwsCredentials serializable ([#1113](https://github.com/googleapis/google-auth-library-java/issues/1113)) ([82bf871](https://github.com/googleapis/google-auth-library-java/commit/82bf871125b8473677a499c979ab9a843972c930)) +* Remove AWS credential source validation. ([#1177](https://github.com/googleapis/google-auth-library-java/issues/1177)) ([77a99c9](https://github.com/googleapis/google-auth-library-java/commit/77a99c9cfab3c1ce2db50c92e89fc292efaeb3ab)) + ## [1.16.0](https://github.com/googleapis/google-auth-library-java/compare/v1.15.0...v1.16.0) (2023-02-15) diff --git a/appengine/pom.xml b/appengine/pom.xml index 68276ba95..ba9416175 100644 --- a/appengine/pom.xml +++ b/appengine/pom.xml @@ -5,7 +5,7 @@ com.google.auth google-auth-library-parent - 1.16.1-SNAPSHOT + 1.16.1 ../pom.xml diff --git a/bom/pom.xml b/bom/pom.xml index 31e9e4609..e6880a344 100644 --- a/bom/pom.xml +++ b/bom/pom.xml @@ -3,7 +3,7 @@ 4.0.0 com.google.auth google-auth-library-bom - 1.16.1-SNAPSHOT + 1.16.1 pom Google Auth Library for Java BOM diff --git a/credentials/pom.xml b/credentials/pom.xml index 3015a2300..79876dc46 100644 --- a/credentials/pom.xml +++ b/credentials/pom.xml @@ -4,7 +4,7 @@ com.google.auth google-auth-library-parent - 1.16.1-SNAPSHOT + 1.16.1 ../pom.xml diff --git a/oauth2_http/pom.xml b/oauth2_http/pom.xml index 1bc056bbc..bdc149fae 100644 --- a/oauth2_http/pom.xml +++ b/oauth2_http/pom.xml @@ -7,7 +7,7 @@ com.google.auth google-auth-library-parent - 1.16.1-SNAPSHOT + 1.16.1 ../pom.xml diff --git a/pom.xml b/pom.xml index 5a3f652ea..7a0c528fd 100644 --- a/pom.xml +++ b/pom.xml @@ -5,7 +5,7 @@ 4.0.0 com.google.auth google-auth-library-parent - 1.16.1-SNAPSHOT + 1.16.1 pom Google Auth Library for Java Client libraries providing authentication and diff --git a/versions.txt b/versions.txt index 63cb9c98e..60e9ed409 100644 --- a/versions.txt +++ b/versions.txt @@ -1,9 +1,9 @@ # Format: # module:released-version:current-version -google-auth-library:1.16.0:1.16.1-SNAPSHOT -google-auth-library-bom:1.16.0:1.16.1-SNAPSHOT -google-auth-library-parent:1.16.0:1.16.1-SNAPSHOT -google-auth-library-appengine:1.16.0:1.16.1-SNAPSHOT -google-auth-library-credentials:1.16.0:1.16.1-SNAPSHOT -google-auth-library-oauth2-http:1.16.0:1.16.1-SNAPSHOT +google-auth-library:1.16.1:1.16.1 +google-auth-library-bom:1.16.1:1.16.1 +google-auth-library-parent:1.16.1:1.16.1 +google-auth-library-appengine:1.16.1:1.16.1 +google-auth-library-credentials:1.16.1:1.16.1 +google-auth-library-oauth2-http:1.16.1:1.16.1 From 6c2be858c4024cb0f14ab927af5ff388825cb3b3 Mon Sep 17 00:00:00 2001 From: "release-please[bot]" <55107282+release-please[bot]@users.noreply.github.com> Date: Fri, 7 Apr 2023 09:58:38 +0000 Subject: [PATCH 13/61] chore(main): release 1.16.2-SNAPSHOT (#1197) :robot: I have created a release *beep* *boop* --- ### Updating meta-information for bleeding-edge SNAPSHOT release. --- This PR was generated with [Release Please](https://togithub.com/googleapis/release-please). See [documentation](https://togithub.com/googleapis/release-please#release-please). --- appengine/pom.xml | 2 +- bom/pom.xml | 2 +- credentials/pom.xml | 2 +- oauth2_http/pom.xml | 2 +- pom.xml | 2 +- versions.txt | 12 ++++++------ 6 files changed, 11 insertions(+), 11 deletions(-) diff --git a/appengine/pom.xml b/appengine/pom.xml index ba9416175..c45239b77 100644 --- a/appengine/pom.xml +++ b/appengine/pom.xml @@ -5,7 +5,7 @@ com.google.auth google-auth-library-parent - 1.16.1 + 1.16.2-SNAPSHOT ../pom.xml diff --git a/bom/pom.xml b/bom/pom.xml index e6880a344..004400ae9 100644 --- a/bom/pom.xml +++ b/bom/pom.xml @@ -3,7 +3,7 @@ 4.0.0 com.google.auth google-auth-library-bom - 1.16.1 + 1.16.2-SNAPSHOT pom Google Auth Library for Java BOM diff --git a/credentials/pom.xml b/credentials/pom.xml index 79876dc46..876c35348 100644 --- a/credentials/pom.xml +++ b/credentials/pom.xml @@ -4,7 +4,7 @@ com.google.auth google-auth-library-parent - 1.16.1 + 1.16.2-SNAPSHOT ../pom.xml diff --git a/oauth2_http/pom.xml b/oauth2_http/pom.xml index bdc149fae..bb8bf015e 100644 --- a/oauth2_http/pom.xml +++ b/oauth2_http/pom.xml @@ -7,7 +7,7 @@ com.google.auth google-auth-library-parent - 1.16.1 + 1.16.2-SNAPSHOT ../pom.xml diff --git a/pom.xml b/pom.xml index 7a0c528fd..9bfd18f72 100644 --- a/pom.xml +++ b/pom.xml @@ -5,7 +5,7 @@ 4.0.0 com.google.auth google-auth-library-parent - 1.16.1 + 1.16.2-SNAPSHOT pom Google Auth Library for Java Client libraries providing authentication and diff --git a/versions.txt b/versions.txt index 60e9ed409..0f4eb3c50 100644 --- a/versions.txt +++ b/versions.txt @@ -1,9 +1,9 @@ # Format: # module:released-version:current-version -google-auth-library:1.16.1:1.16.1 -google-auth-library-bom:1.16.1:1.16.1 -google-auth-library-parent:1.16.1:1.16.1 -google-auth-library-appengine:1.16.1:1.16.1 -google-auth-library-credentials:1.16.1:1.16.1 -google-auth-library-oauth2-http:1.16.1:1.16.1 +google-auth-library:1.16.1:1.16.2-SNAPSHOT +google-auth-library-bom:1.16.1:1.16.2-SNAPSHOT +google-auth-library-parent:1.16.1:1.16.2-SNAPSHOT +google-auth-library-appengine:1.16.1:1.16.2-SNAPSHOT +google-auth-library-credentials:1.16.1:1.16.2-SNAPSHOT +google-auth-library-oauth2-http:1.16.1:1.16.2-SNAPSHOT From 608ee87c92b3e6c355541b50e39387b03deebdf8 Mon Sep 17 00:00:00 2001 From: Leo <39062083+lsirac@users.noreply.github.com> Date: Thu, 4 May 2023 02:10:12 -0700 Subject: [PATCH 14/61] feat: adds universe_domain to external account creds (#1199) --- .../oauth2/ExternalAccountCredentials.java | 26 +++ .../auth/oauth2/AwsCredentialsTest.java | 4 + .../ExternalAccountCredentialsTest.java | 174 ++++++++++++++---- .../oauth2/IdentityPoolCredentialsTest.java | 4 + .../oauth2/PluggableAuthCredentialsTest.java | 4 + 5 files changed, 178 insertions(+), 34 deletions(-) diff --git a/oauth2_http/java/com/google/auth/oauth2/ExternalAccountCredentials.java b/oauth2_http/java/com/google/auth/oauth2/ExternalAccountCredentials.java index 227603957..8ac4ec401 100644 --- a/oauth2_http/java/com/google/auth/oauth2/ExternalAccountCredentials.java +++ b/oauth2_http/java/com/google/auth/oauth2/ExternalAccountCredentials.java @@ -95,6 +95,7 @@ abstract static class CredentialSource implements java.io.Serializable { @Nullable private final String serviceAccountImpersonationUrl; @Nullable private final String clientId; @Nullable private final String clientSecret; + @Nullable private final String universeDomain; // This is used for Workforce Pools. It is passed to the Security Token Service during token // exchange in the `options` param and will be embedded in the token by the Security Token @@ -214,6 +215,7 @@ protected ExternalAccountCredentials( this.environmentProvider = environmentProvider == null ? SystemEnvironmentProvider.getInstance() : environmentProvider; this.workforcePoolUserProject = null; + this.universeDomain = null; this.serviceAccountImpersonationOptions = new ServiceAccountImpersonationOptions(new HashMap()); @@ -265,6 +267,8 @@ protected ExternalAccountCredentials(ExternalAccountCredentials.Builder builder) "The workforce_pool_user_project parameter should only be provided for a Workforce Pool configuration."); } + this.universeDomain = builder.universeDomain; + validateTokenUrl(tokenUrl); if (serviceAccountImpersonationUrl != null) { validateServiceAccountImpersonationInfoUrl(serviceAccountImpersonationUrl); @@ -403,6 +407,7 @@ static ExternalAccountCredentials fromJson( String clientSecret = (String) json.get("client_secret"); String quotaProjectId = (String) json.get("quota_project_id"); String userProject = (String) json.get("workforce_pool_user_project"); + String universeDomain = (String) json.get("universe_domain"); Map impersonationOptionsMap = (Map) json.get("service_account_impersonation"); @@ -423,6 +428,7 @@ static ExternalAccountCredentials fromJson( .setClientId(clientId) .setClientSecret(clientSecret) .setServiceAccountImpersonationOptions(impersonationOptionsMap) + .setUniverseDomain(universeDomain) .build(); } else if (isPluggableAuthCredential(credentialSourceMap)) { return PluggableAuthCredentials.newBuilder() @@ -438,6 +444,7 @@ static ExternalAccountCredentials fromJson( .setClientSecret(clientSecret) .setWorkforcePoolUserProject(userProject) .setServiceAccountImpersonationOptions(impersonationOptionsMap) + .setUniverseDomain(universeDomain) .build(); } return IdentityPoolCredentials.newBuilder() @@ -453,6 +460,7 @@ static ExternalAccountCredentials fromJson( .setClientSecret(clientSecret) .setWorkforcePoolUserProject(userProject) .setServiceAccountImpersonationOptions(impersonationOptionsMap) + .setUniverseDomain(universeDomain) .build(); } @@ -571,6 +579,11 @@ public String getWorkforcePoolUserProject() { return workforcePoolUserProject; } + @Nullable + public String getUniverseDomain() { + return universeDomain; + } + @Nullable public ServiceAccountImpersonationOptions getServiceAccountImpersonationOptions() { return serviceAccountImpersonationOptions; @@ -700,6 +713,7 @@ public abstract static class Builder extends GoogleCredentials.Builder { @Nullable protected Collection scopes; @Nullable protected String workforcePoolUserProject; @Nullable protected ServiceAccountImpersonationOptions serviceAccountImpersonationOptions; + @Nullable protected String universeDomain; protected Builder() {} @@ -718,6 +732,7 @@ protected Builder(ExternalAccountCredentials credentials) { this.environmentProvider = credentials.environmentProvider; this.workforcePoolUserProject = credentials.workforcePoolUserProject; this.serviceAccountImpersonationOptions = credentials.serviceAccountImpersonationOptions; + this.universeDomain = credentials.universeDomain; } /** @@ -870,6 +885,17 @@ public Builder setServiceAccountImpersonationOptions(Map options return this; } + /** + * Sets the optional universe domain. + * + * @param universeDomain the universe domain to set + * @return this {@code Builder} object + */ + public Builder setUniverseDomain(String universeDomain) { + this.universeDomain = universeDomain; + return this; + } + /** * Sets the optional Environment Provider. * diff --git a/oauth2_http/javatests/com/google/auth/oauth2/AwsCredentialsTest.java b/oauth2_http/javatests/com/google/auth/oauth2/AwsCredentialsTest.java index 7cf3ce3bc..248bc92df 100644 --- a/oauth2_http/javatests/com/google/auth/oauth2/AwsCredentialsTest.java +++ b/oauth2_http/javatests/com/google/auth/oauth2/AwsCredentialsTest.java @@ -746,6 +746,7 @@ public void createdScoped_clonedCredentialWithAddedScopes() { .setQuotaProjectId("quotaProjectId") .setClientId("clientId") .setClientSecret("clientSecret") + .setUniverseDomain("universeDomain") .build(); List newScopes = Arrays.asList("scope1", "scope2"); @@ -764,6 +765,8 @@ public void createdScoped_clonedCredentialWithAddedScopes() { assertEquals(credentials.getClientId(), newCredentials.getClientId()); assertEquals(credentials.getClientSecret(), newCredentials.getClientSecret()); assertEquals(newScopes, newCredentials.getScopes()); + assertEquals(credentials.getUniverseDomain(), newCredentials.getUniverseDomain()); + assertEquals("universeDomain", newCredentials.getUniverseDomain()); } @Test @@ -991,6 +994,7 @@ public void serialize() throws IOException, ClassNotFoundException { .setQuotaProjectId("quotaProjectId") .setClientId("clientId") .setClientSecret("clientSecret") + .setUniverseDomain("universeDomain") .setScopes(scopes) .build(); diff --git a/oauth2_http/javatests/com/google/auth/oauth2/ExternalAccountCredentialsTest.java b/oauth2_http/javatests/com/google/auth/oauth2/ExternalAccountCredentialsTest.java index a12faa104..6e0f1efd3 100644 --- a/oauth2_http/javatests/com/google/auth/oauth2/ExternalAccountCredentialsTest.java +++ b/oauth2_http/javatests/com/google/auth/oauth2/ExternalAccountCredentialsTest.java @@ -186,6 +186,7 @@ public void fromJson_identityPoolCredentialsWorkload() { assertEquals(STS_URL, credential.getTokenUrl()); assertEquals("tokenInfoUrl", credential.getTokenInfoUrl()); assertNotNull(credential.getCredentialSource()); + assertNull(credential.getUniverseDomain()); } @Test @@ -203,6 +204,7 @@ public void fromJson_identityPoolCredentialsWorkforce() { assertEquals("tokenInfoUrl", credential.getTokenInfoUrl()); assertEquals("userProject", credential.getWorkforcePoolUserProject()); assertNotNull(credential.getCredentialSource()); + assertNull(credential.getUniverseDomain()); } @Test @@ -224,6 +226,27 @@ public void fromJson_identityPoolCredentialsWithServiceAccountImpersonationOptio assertEquals("tokenInfoUrl", credential.getTokenInfoUrl()); assertNotNull(credential.getCredentialSource()); assertEquals(2800, credential.getServiceAccountImpersonationOptions().getLifetime()); + assertNull(credential.getUniverseDomain()); + } + + @Test + public void fromJson_identityPoolCredentialsWithUniverseDomain() { + GenericJson identityPoolCredentialJson = buildJsonIdentityPoolCredential(); + identityPoolCredentialJson.set("universe_domain", "universeDomain"); + + ExternalAccountCredentials credential = + ExternalAccountCredentials.fromJson( + identityPoolCredentialJson, OAuth2Utils.HTTP_TRANSPORT_FACTORY); + + assertTrue(credential instanceof IdentityPoolCredentials); + assertNotNull(credential.getCredentialSource()); + assertEquals( + "//iam.googleapis.com/projects/123/locations/global/workloadIdentityPools/pool/providers/provider", + credential.getAudience()); + assertEquals("subjectTokenType", credential.getSubjectTokenType()); + assertEquals(STS_URL, credential.getTokenUrl()); + assertEquals("tokenInfoUrl", credential.getTokenInfoUrl()); + assertEquals("universeDomain", credential.getUniverseDomain()); } @Test @@ -238,6 +261,7 @@ public void fromJson_awsCredentials() throws IOException { assertEquals(STS_URL, credential.getTokenUrl()); assertEquals("tokenInfoUrl", credential.getTokenInfoUrl()); assertNotNull(credential.getCredentialSource()); + assertNull(credential.getUniverseDomain()); } @Test @@ -256,6 +280,24 @@ public void fromJson_awsCredentialsWithServiceAccountImpersonationOptions() thro assertEquals("tokenInfoUrl", credential.getTokenInfoUrl()); assertNotNull(credential.getCredentialSource()); assertEquals(2800, credential.getServiceAccountImpersonationOptions().getLifetime()); + assertNull(credential.getUniverseDomain()); + } + + @Test + public void fromJson_awsCredentialsWithUniverseDomain() { + GenericJson awsCredentialJson = buildJsonAwsCredential(); + awsCredentialJson.set("universe_domain", "universeDomain"); + + ExternalAccountCredentials credential = + ExternalAccountCredentials.fromJson(awsCredentialJson, OAuth2Utils.HTTP_TRANSPORT_FACTORY); + + assertTrue(credential instanceof AwsCredentials); + assertEquals("audience", credential.getAudience()); + assertEquals("subjectTokenType", credential.getSubjectTokenType()); + assertEquals(STS_URL, credential.getTokenUrl()); + assertEquals("tokenInfoUrl", credential.getTokenInfoUrl()); + assertEquals("universeDomain", credential.getUniverseDomain()); + assertNotNull(credential.getCredentialSource()); } @Test @@ -276,6 +318,7 @@ public void fromJson_pluggableAuthCredentials() { assertEquals("command", source.getCommand()); assertEquals(30000, source.getTimeoutMs()); // Default timeout is 30s. assertNull(source.getOutputFilePath()); + assertNull(credential.getUniverseDomain()); } @Test @@ -300,6 +343,7 @@ public void fromJson_pluggableAuthCredentialsWorkforce() { assertEquals("command", source.getCommand()); assertEquals(30000, source.getTimeoutMs()); // Default timeout is 30s. assertNull(source.getOutputFilePath()); + assertNull(credential.getUniverseDomain()); } @Test @@ -327,6 +371,7 @@ public void fromJson_pluggableAuthCredentials_allExecutableOptionsSet() { assertEquals("command", source.getCommand()); assertEquals("path/to/output/file", source.getOutputFilePath()); assertEquals(5000, source.getTimeoutMs()); + assertNull(credential.getUniverseDomain()); } @Test @@ -347,6 +392,61 @@ public void fromJson_pluggableAuthCredentialsWithServiceAccountImpersonationOpti assertNotNull(credential.getCredentialSource()); assertEquals(2800, credential.getServiceAccountImpersonationOptions().getLifetime()); + PluggableAuthCredentialSource source = + (PluggableAuthCredentialSource) credential.getCredentialSource(); + assertEquals("command", source.getCommand()); + assertEquals(30000, source.getTimeoutMs()); // Default timeout is 30s. + assertNull(source.getOutputFilePath()); + assertNull(credential.getUniverseDomain()); + } + + @Test + public void fromJson_pluggableAuthCredentials_withUniverseDomain() { + GenericJson json = buildJsonPluggableAuthCredential(); + json.set("universe_domain", "universeDomain"); + + Map credentialSourceMap = (Map) json.get("credential_source"); + // Add optional params to the executable config (timeout, output file path). + Map executableConfig = + (Map) credentialSourceMap.get("executable"); + executableConfig.put("timeout_millis", 5000); + executableConfig.put("output_file", "path/to/output/file"); + + ExternalAccountCredentials credential = + ExternalAccountCredentials.fromJson(json, OAuth2Utils.HTTP_TRANSPORT_FACTORY); + + assertTrue(credential instanceof PluggableAuthCredentials); + assertEquals("audience", credential.getAudience()); + assertEquals("subjectTokenType", credential.getSubjectTokenType()); + assertEquals(STS_URL, credential.getTokenUrl()); + assertEquals("tokenInfoUrl", credential.getTokenInfoUrl()); + assertNotNull(credential.getCredentialSource()); + + PluggableAuthCredentialSource source = + (PluggableAuthCredentialSource) credential.getCredentialSource(); + assertEquals("command", source.getCommand()); + assertEquals("path/to/output/file", source.getOutputFilePath()); + assertEquals(5000, source.getTimeoutMs()); + assertEquals("universeDomain", credential.getUniverseDomain()); + } + + @Test + public void fromJson_pluggableAuthCredentialsWithUniverseDomain() { + GenericJson pluggableAuthCredentialJson = buildJsonPluggableAuthCredential(); + pluggableAuthCredentialJson.set("universe_domain", "universeDomain"); + + ExternalAccountCredentials credential = + ExternalAccountCredentials.fromJson( + pluggableAuthCredentialJson, OAuth2Utils.HTTP_TRANSPORT_FACTORY); + + assertTrue(credential instanceof PluggableAuthCredentials); + assertEquals("audience", credential.getAudience()); + assertEquals("subjectTokenType", credential.getSubjectTokenType()); + assertEquals(STS_URL, credential.getTokenUrl()); + assertEquals("tokenInfoUrl", credential.getTokenInfoUrl()); + assertNotNull(credential.getCredentialSource()); + assertEquals("universeDomain", credential.getUniverseDomain()); + PluggableAuthCredentialSource source = (PluggableAuthCredentialSource) credential.getCredentialSource(); assertEquals("command", source.getCommand()); @@ -439,6 +539,7 @@ public void constructor_builder() { .setClientId("clientId") .setClientSecret("clientSecret") .setWorkforcePoolUserProject("workforcePoolUserProject") + .setUniverseDomain("universeDomain") .build(); assertEquals( @@ -454,6 +555,7 @@ public void constructor_builder() { assertEquals("clientId", credentials.getClientId()); assertEquals("clientSecret", credentials.getClientSecret()); assertEquals("workforcePoolUserProject", credentials.getWorkforcePoolUserProject()); + assertEquals("universeDomain", credentials.getUniverseDomain()); assertNotNull(credentials.getCredentialSource()); } @@ -562,6 +664,7 @@ public void constructor_builder_invalidTokenLifetime_throws() { .setClientId("clientId") .setClientSecret("clientSecret") .setWorkforcePoolUserProject("workforcePoolUserProject") + .setUniverseDomain("universeDomain") .setServiceAccountImpersonationOptions(invalidOptionsMap) .build(); fail("Should not be able to continue without exception."); @@ -593,6 +696,7 @@ public void constructor_builder_stringTokenLifetime() { .setClientId("clientId") .setClientSecret("clientSecret") .setWorkforcePoolUserProject("workforcePoolUserProject") + .setUniverseDomain("universeDomain") .setServiceAccountImpersonationOptions(optionsMap) .build(); @@ -619,6 +723,7 @@ public void constructor_builder_bigDecimalTokenLifetime() { .setClientId("clientId") .setClientSecret("clientSecret") .setWorkforcePoolUserProject("workforcePoolUserProject") + .setUniverseDomain("universeDomain") .setServiceAccountImpersonationOptions(optionsMap) .build(); @@ -645,6 +750,7 @@ public void constructor_builder_integerTokenLifetime() { .setClientId("clientId") .setClientSecret("clientSecret") .setWorkforcePoolUserProject("workforcePoolUserProject") + .setUniverseDomain("universeDomain") .setServiceAccountImpersonationOptions(optionsMap) .build(); @@ -657,23 +763,23 @@ public void constructor_builder_lowTokenLifetime_throws() { optionsMap.put("token_lifetime_seconds", 599); try { - ExternalAccountCredentials credentials = - IdentityPoolCredentials.newBuilder() - .setHttpTransportFactory(transportFactory) - .setAudience( - "//iam.googleapis.com/locations/global/workforcePools/pool/providers/provider") - .setSubjectTokenType("subjectTokenType") - .setTokenUrl(STS_URL) - .setTokenInfoUrl("https://tokeninfo.com") - .setServiceAccountImpersonationUrl(SERVICE_ACCOUNT_IMPERSONATION_URL) - .setCredentialSource(new TestCredentialSource(FILE_CREDENTIAL_SOURCE_MAP)) - .setScopes(Arrays.asList("scope1", "scope2")) - .setQuotaProjectId("projectId") - .setClientId("clientId") - .setClientSecret("clientSecret") - .setWorkforcePoolUserProject("workforcePoolUserProject") - .setServiceAccountImpersonationOptions(optionsMap) - .build(); + IdentityPoolCredentials.newBuilder() + .setHttpTransportFactory(transportFactory) + .setAudience( + "//iam.googleapis.com/locations/global/workforcePools/pool/providers/provider") + .setSubjectTokenType("subjectTokenType") + .setTokenUrl(STS_URL) + .setTokenInfoUrl("https://tokeninfo.com") + .setServiceAccountImpersonationUrl(SERVICE_ACCOUNT_IMPERSONATION_URL) + .setCredentialSource(new TestCredentialSource(FILE_CREDENTIAL_SOURCE_MAP)) + .setScopes(Arrays.asList("scope1", "scope2")) + .setQuotaProjectId("projectId") + .setClientId("clientId") + .setClientSecret("clientSecret") + .setWorkforcePoolUserProject("workforcePoolUserProject") + .setUniverseDomain("universeDomain") + .setServiceAccountImpersonationOptions(optionsMap) + .build(); } catch (IllegalArgumentException e) { assertEquals( "The \"token_lifetime_seconds\" field must be between 600 and 43200 seconds.", @@ -687,23 +793,23 @@ public void constructor_builder_highTokenLifetime_throws() { optionsMap.put("token_lifetime_seconds", 43201); try { - ExternalAccountCredentials credentials = - IdentityPoolCredentials.newBuilder() - .setHttpTransportFactory(transportFactory) - .setAudience( - "//iam.googleapis.com/locations/global/workforcePools/pool/providers/provider") - .setSubjectTokenType("subjectTokenType") - .setTokenUrl(STS_URL) - .setTokenInfoUrl("https://tokeninfo.com") - .setServiceAccountImpersonationUrl(SERVICE_ACCOUNT_IMPERSONATION_URL) - .setCredentialSource(new TestCredentialSource(FILE_CREDENTIAL_SOURCE_MAP)) - .setScopes(Arrays.asList("scope1", "scope2")) - .setQuotaProjectId("projectId") - .setClientId("clientId") - .setClientSecret("clientSecret") - .setWorkforcePoolUserProject("workforcePoolUserProject") - .setServiceAccountImpersonationOptions(optionsMap) - .build(); + IdentityPoolCredentials.newBuilder() + .setHttpTransportFactory(transportFactory) + .setAudience( + "//iam.googleapis.com/locations/global/workforcePools/pool/providers/provider") + .setSubjectTokenType("subjectTokenType") + .setTokenUrl(STS_URL) + .setTokenInfoUrl("https://tokeninfo.com") + .setServiceAccountImpersonationUrl(SERVICE_ACCOUNT_IMPERSONATION_URL) + .setCredentialSource(new TestCredentialSource(FILE_CREDENTIAL_SOURCE_MAP)) + .setScopes(Arrays.asList("scope1", "scope2")) + .setQuotaProjectId("projectId") + .setClientId("clientId") + .setClientSecret("clientSecret") + .setWorkforcePoolUserProject("workforcePoolUserProject") + .setUniverseDomain("universeDomain") + .setServiceAccountImpersonationOptions(optionsMap) + .build(); } catch (IllegalArgumentException e) { assertEquals( "The \"token_lifetime_seconds\" field must be between 600 and 43200 seconds.", diff --git a/oauth2_http/javatests/com/google/auth/oauth2/IdentityPoolCredentialsTest.java b/oauth2_http/javatests/com/google/auth/oauth2/IdentityPoolCredentialsTest.java index 8771ca9ff..560334965 100644 --- a/oauth2_http/javatests/com/google/auth/oauth2/IdentityPoolCredentialsTest.java +++ b/oauth2_http/javatests/com/google/auth/oauth2/IdentityPoolCredentialsTest.java @@ -103,6 +103,7 @@ public void createdScoped_clonedCredentialWithAddedScopes() { .setQuotaProjectId("quotaProjectId") .setClientId("clientId") .setClientSecret("clientSecret") + .setUniverseDomain("universeDomain") .build(); List newScopes = Arrays.asList("scope1", "scope2"); @@ -121,6 +122,8 @@ public void createdScoped_clonedCredentialWithAddedScopes() { assertEquals(credentials.getQuotaProjectId(), newCredentials.getQuotaProjectId()); assertEquals(credentials.getClientId(), newCredentials.getClientId()); assertEquals(credentials.getClientSecret(), newCredentials.getClientSecret()); + assertEquals(credentials.getUniverseDomain(), newCredentials.getUniverseDomain()); + assertEquals("universeDomain", newCredentials.getUniverseDomain()); } @Test @@ -739,6 +742,7 @@ public void serialize() throws IOException, ClassNotFoundException { .setQuotaProjectId("quotaProjectId") .setClientId("clientId") .setClientSecret("clientSecret") + .setUniverseDomain("universeDomain") .build(); IdentityPoolCredentials deserializedCredentials = serializeAndDeserialize(testCredentials); diff --git a/oauth2_http/javatests/com/google/auth/oauth2/PluggableAuthCredentialsTest.java b/oauth2_http/javatests/com/google/auth/oauth2/PluggableAuthCredentialsTest.java index ef66e90cd..ddc321fdd 100644 --- a/oauth2_http/javatests/com/google/auth/oauth2/PluggableAuthCredentialsTest.java +++ b/oauth2_http/javatests/com/google/auth/oauth2/PluggableAuthCredentialsTest.java @@ -414,6 +414,7 @@ public void createdScoped_clonedCredentialWithAddedScopes() { .setQuotaProjectId("quotaProjectId") .setClientId("clientId") .setClientSecret("clientSecret") + .setUniverseDomain("universeDomain") .build(); List newScopes = Arrays.asList("scope1", "scope2"); @@ -433,6 +434,8 @@ public void createdScoped_clonedCredentialWithAddedScopes() { assertEquals(credentials.getClientId(), newCredentials.getClientId()); assertEquals(credentials.getClientSecret(), newCredentials.getClientSecret()); assertEquals(credentials.getExecutableHandler(), newCredentials.getExecutableHandler()); + assertEquals(credentials.getUniverseDomain(), newCredentials.getUniverseDomain()); + assertEquals("universeDomain", newCredentials.getUniverseDomain()); } @Test @@ -445,6 +448,7 @@ public void serialize() throws IOException, ClassNotFoundException { .setQuotaProjectId("quotaProjectId") .setClientId("clientId") .setClientSecret("clientSecret") + .setUniverseDomain("universeDomain") .build(); // PluggableAuthCredentials are not serializable From 1a6d02fa87f908fe1531625beb70d52f2d44a931 Mon Sep 17 00:00:00 2001 From: Timur Sadykov Date: Thu, 4 May 2023 15:17:10 -0700 Subject: [PATCH 15/61] chore: fix codeowners for aion-sdk (#1201) * fix: ownership path * fix: add aion sdk as owners for README Co-authored-by: Leo <39062083+lsirac@users.noreply.github.com> --- .github/CODEOWNERS | 95 +++++++++++++++++++++++----------------------- 1 file changed, 48 insertions(+), 47 deletions(-) diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 6afcc5700..b25d5f6db 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -18,50 +18,51 @@ samples/**/*.java @googleapis/java-samples-reviewers samples/snippets/generated/ @googleapis/yoshi-java # 3PI-related files and related base classes - joint ownership between googleapis-auth and aion-sdk -java/com/google/auth/oauth2/ActingParty.java @googleapis/googleapis-auth @googleapis/aion-sdk -java/com/google/auth/oauth2/AwsCredentials.java @googleapis/googleapis-auth @googleapis/aion-sdk -java/com/google/auth/oauth2/AwsDates.java @googleapis/googleapis-auth @googleapis/aion-sdk -java/com/google/auth/oauth2/AwsRequestSignature.java @googleapis/googleapis-auth @googleapis/aion-sdk -java/com/google/auth/oauth2/AwsRequestSigner.java @googleapis/googleapis-auth @googleapis/aion-sdk -java/com/google/auth/oauth2/AwsSecurityCredentials.java @googleapis/googleapis-auth @googleapis/aion-sdk -java/com/google/auth/oauth2/CredentialAccessBoundary.java @googleapis/googleapis-auth @googleapis/aion-sdk -java/com/google/auth/oauth2/DefaultCredentialsProvider.java @googleapis/googleapis-auth @googleapis/aion-sdk -java/com/google/auth/oauth2/DownscopedCredentials.java @googleapis/googleapis-auth @googleapis/aion-sdk -java/com/google/auth/oauth2/EnvironmentProvider.java @googleapis/googleapis-auth @googleapis/aion-sdk -java/com/google/auth/oauth2/ExecutableHandler.java @googleapis/googleapis-auth @googleapis/aion-sdk -java/com/google/auth/oauth2/ExecutableResponse.java @googleapis/googleapis-auth @googleapis/aion-sdk -java/com/google/auth/oauth2/ExternalAccountCredentials.java @googleapis/googleapis-auth @googleapis/aion-sdk -java/com/google/auth/oauth2/GoogleCredentials.java @googleapis/googleapis-auth @googleapis/aion-sdk -java/com/google/auth/oauth2/IdentityPoolCredentials.java @googleapis/googleapis-auth @googleapis/aion-sdk -java/com/google/auth/oauth2/ImpersonatedCredentials.java @googleapis/googleapis-auth @googleapis/aion-sdk -java/com/google/auth/oauth2/OAuth2Credentials.java @googleapis/googleapis-auth @googleapis/aion-sdk -java/com/google/auth/oauth2/OAuth2CredentialsWithRefresh.java @googleapis/googleapis-auth @googleapis/aion-sdk -java/com/google/auth/oauth2/OAuthException.java @googleapis/googleapis-auth @googleapis/aion-sdk -java/com/google/auth/oauth2/PluggableAuthCredentials.java @googleapis/googleapis-auth @googleapis/aion-sdk -java/com/google/auth/oauth2/PluggableAuthException.java @googleapis/googleapis-auth @googleapis/aion-sdk -java/com/google/auth/oauth2/PluggableAuthHandler.java @googleapis/googleapis-auth @googleapis/aion-sdk -java/com/google/auth/oauth2/StsRequestHandler.java @googleapis/googleapis-auth @googleapis/aion-sdk -java/com/google/auth/oauth2/StsTokenExchangeRequest.java @googleapis/googleapis-auth @googleapis/aion-sdk -java/com/google/auth/oauth2/StsTokenExchangeResponse.java @googleapis/googleapis-auth @googleapis/aion-sdk -java/com/google/auth/oauth2/SystemEnvironmentProvider.java @googleapis/googleapis-auth @googleapis/aion-sdk -javatests/com/google/auth/AwsCredentialsTest.java @googleapis/googleapis-auth @googleapis/aion-sdk -javatests/com/google/auth/AwsRequestSignerTest.java @googleapis/googleapis-auth @googleapis/aion-sdk -javatests/com/google/auth/CredentialAccessBoundaryTest.java @googleapis/googleapis-auth @googleapis/aion-sdk -javatests/com/google/auth/DefaultCredentialsProviderTest.java @googleapis/googleapis-auth @googleapis/aion-sdk -javatests/com/google/auth/DownscopedCredentialsTest.java @googleapis/googleapis-auth @googleapis/aion-sdk -javatests/com/google/auth/ExecutableResponseTest.java @googleapis/googleapis-auth @googleapis/aion-sdk -javatests/com/google/auth/ExternalAccountCredentialsTest.java @googleapis/googleapis-auth @googleapis/aion-sdk -javatests/com/google/auth/ITDownscopingTest.java @googleapis/googleapis-auth @googleapis/aion-sdk -javatests/com/google/auth/ITWorkloadIdentityFederationTest.java @googleapis/googleapis-auth @googleapis/aion-sdk -javatests/com/google/auth/IdentityPoolCredentialsTest.java @googleapis/googleapis-auth @googleapis/aion-sdk -javatests/com/google/auth/ImpersonatedCredentialsTest.java @googleapis/googleapis-auth @googleapis/aion-sdk -javatests/com/google/auth/MockExternalAccountCredentialsTransport.java @googleapis/googleapis-auth @googleapis/aion-sdk -javatests/com/google/auth/MockStsTransport.java @googleapis/googleapis-auth @googleapis/aion-sdk -javatests/com/google/auth/OAuth2CredentialsTest.java @googleapis/googleapis-auth @googleapis/aion-sdk -javatests/com/google/auth/OAuth2CredentialsWithRefreshTest.java @googleapis/googleapis-auth @googleapis/aion-sdk -javatests/com/google/auth/OAuthExceptionTest.java @googleapis/googleapis-auth @googleapis/aion-sdk -javatests/com/google/auth/PluggableAuthCredentialsTest.java @googleapis/googleapis-auth @googleapis/aion-sdk -javatests/com/google/auth/PluggableAuthExceptionTest.java @googleapis/googleapis-auth @googleapis/aion-sdk -javatests/com/google/auth/PluggableAuthHandlerTest.java @googleapis/googleapis-auth @googleapis/aion-sdk -javatests/com/google/auth/StsRequestHandlerTest.java @googleapis/googleapis-auth @googleapis/aion-sdk -javatests/com/google/auth/TestEnvironmentProvider.java @googleapis/googleapis-auth @googleapis/aion-sdk +oauth2_http/java/com/google/auth/oauth2/ActingParty.java @googleapis/googleapis-auth @googleapis/aion-sdk +oauth2_http/java/com/google/auth/oauth2/AwsCredentials.java @googleapis/googleapis-auth @googleapis/aion-sdk +oauth2_http/java/com/google/auth/oauth2/AwsDates.java @googleapis/googleapis-auth @googleapis/aion-sdk +oauth2_http/java/com/google/auth/oauth2/AwsRequestSignature.java @googleapis/googleapis-auth @googleapis/aion-sdk +oauth2_http/java/com/google/auth/oauth2/AwsRequestSigner.java @googleapis/googleapis-auth @googleapis/aion-sdk +oauth2_http/java/com/google/auth/oauth2/AwsSecurityCredentials.java @googleapis/googleapis-auth @googleapis/aion-sdk +oauth2_http/java/com/google/auth/oauth2/CredentialAccessBoundary.java @googleapis/googleapis-auth @googleapis/aion-sdk +oauth2_http/java/com/google/auth/oauth2/DefaultCredentialsProvider.java @googleapis/googleapis-auth @googleapis/aion-sdk +oauth2_http/java/com/google/auth/oauth2/DownscopedCredentials.java @googleapis/googleapis-auth @googleapis/aion-sdk +oauth2_http/java/com/google/auth/oauth2/EnvironmentProvider.java @googleapis/googleapis-auth @googleapis/aion-sdk +oauth2_http/java/com/google/auth/oauth2/ExecutableHandler.java @googleapis/googleapis-auth @googleapis/aion-sdk +oauth2_http/java/com/google/auth/oauth2/ExecutableResponse.java @googleapis/googleapis-auth @googleapis/aion-sdk +oauth2_http/java/com/google/auth/oauth2/ExternalAccountCredentials.java @googleapis/googleapis-auth @googleapis/aion-sdk +oauth2_http/java/com/google/auth/oauth2/GoogleCredentials.java @googleapis/googleapis-auth @googleapis/aion-sdk +oauth2_http/java/com/google/auth/oauth2/IdentityPoolCredentials.java @googleapis/googleapis-auth @googleapis/aion-sdk +oauth2_http/java/com/google/auth/oauth2/ImpersonatedCredentials.java @googleapis/googleapis-auth @googleapis/aion-sdk +oauth2_http/java/com/google/auth/oauth2/OAuth2Credentials.java @googleapis/googleapis-auth @googleapis/aion-sdk +oauth2_http/java/com/google/auth/oauth2/OAuth2CredentialsWithRefresh.java @googleapis/googleapis-auth @googleapis/aion-sdk +oauth2_http/java/com/google/auth/oauth2/OAuthException.java @googleapis/googleapis-auth @googleapis/aion-sdk +oauth2_http/java/com/google/auth/oauth2/PluggableAuthCredentials.java @googleapis/googleapis-auth @googleapis/aion-sdk +oauth2_http/java/com/google/auth/oauth2/PluggableAuthException.java @googleapis/googleapis-auth @googleapis/aion-sdk +oauth2_http/java/com/google/auth/oauth2/PluggableAuthHandler.java @googleapis/googleapis-auth @googleapis/aion-sdk +oauth2_http/java/com/google/auth/oauth2/StsRequestHandler.java @googleapis/googleapis-auth @googleapis/aion-sdk +oauth2_http/java/com/google/auth/oauth2/StsTokenExchangeRequest.java @googleapis/googleapis-auth @googleapis/aion-sdk +oauth2_http/java/com/google/auth/oauth2/StsTokenExchangeResponse.java @googleapis/googleapis-auth @googleapis/aion-sdk +oauth2_http/java/com/google/auth/oauth2/SystemEnvironmentProvider.java @googleapis/googleapis-auth @googleapis/aion-sdk +oauth2_http/javatests/com/google/auth/AwsCredentialsTest.java @googleapis/googleapis-auth @googleapis/aion-sdk +oauth2_http/javatests/com/google/auth/AwsRequestSignerTest.java @googleapis/googleapis-auth @googleapis/aion-sdk +oauth2_http/javatests/com/google/auth/CredentialAccessBoundaryTest.java @googleapis/googleapis-auth @googleapis/aion-sdk +oauth2_http/javatests/com/google/auth/DefaultCredentialsProviderTest.java @googleapis/googleapis-auth @googleapis/aion-sdk +oauth2_http/javatests/com/google/auth/DownscopedCredentialsTest.java @googleapis/googleapis-auth @googleapis/aion-sdk +oauth2_http/javatests/com/google/auth/ExecutableResponseTest.java @googleapis/googleapis-auth @googleapis/aion-sdk +oauth2_http/javatests/com/google/auth/ExternalAccountCredentialsTest.java @googleapis/googleapis-auth @googleapis/aion-sdk +oauth2_http/javatests/com/google/auth/ITDownscopingTest.java @googleapis/googleapis-auth @googleapis/aion-sdk +oauth2_http/javatests/com/google/auth/ITWorkloadIdentityFederationTest.java @googleapis/googleapis-auth @googleapis/aion-sdk +oauth2_http/javatests/com/google/auth/IdentityPoolCredentialsTest.java @googleapis/googleapis-auth @googleapis/aion-sdk +oauth2_http/javatests/com/google/auth/ImpersonatedCredentialsTest.java @googleapis/googleapis-auth @googleapis/aion-sdk +oauth2_http/javatests/com/google/auth/MockExternalAccountCredentialsTransport.java @googleapis/googleapis-auth @googleapis/aion-sdk +oauth2_http/javatests/com/google/auth/MockStsTransport.java @googleapis/googleapis-auth @googleapis/aion-sdk +oauth2_http/javatests/com/google/auth/OAuth2CredentialsTest.java @googleapis/googleapis-auth @googleapis/aion-sdk +oauth2_http/javatests/com/google/auth/OAuth2CredentialsWithRefreshTest.java @googleapis/googleapis-auth @googleapis/aion-sdk +oauth2_http/javatests/com/google/auth/OAuthExceptionTest.java @googleapis/googleapis-auth @googleapis/aion-sdk +oauth2_http/javatests/com/google/auth/PluggableAuthCredentialsTest.java @googleapis/googleapis-auth @googleapis/aion-sdk +oauth2_http/javatests/com/google/auth/PluggableAuthExceptionTest.java @googleapis/googleapis-auth @googleapis/aion-sdk +oauth2_http/javatests/com/google/auth/PluggableAuthHandlerTest.java @googleapis/googleapis-auth @googleapis/aion-sdk +oauth2_http/javatests/com/google/auth/StsRequestHandlerTest.java @googleapis/googleapis-auth @googleapis/aion-sdk +oauth2_http/javatests/com/google/auth/TestEnvironmentProvider.java @googleapis/googleapis-auth @googleapis/aion-sdk +README.md @googleapis/googleapis-auth @googleapis/aion-sdk \ No newline at end of file From 2fa9d5211569f802948ed2d1aaf13f7d37f8409c Mon Sep 17 00:00:00 2001 From: Diego Alonso Marquez Palacios Date: Fri, 5 May 2023 15:00:16 -0400 Subject: [PATCH 16/61] =?UTF-8?q?feat:=20expose=20method=20to=20manually?= =?UTF-8?q?=20obtain=20ADC=20from=20gcloud=20CLI=20well-known=E2=80=A6=20(?= =?UTF-8?q?#1188)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * feat: expose method to manually obtain ADC from gcloud CLI well-known file * chore: expose well-known file instead of credentials * 🦉 Updates from OwlBot post-processor See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md * chore: expose path to well-known creds file only * chore: better test name * 🦉 Updates from OwlBot post-processor See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md * 🦉 Updates from OwlBot post-processor See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md * chore: revert changes in favor of util class * chore: move gcloud CLI path logic to new utils class * chore: add GoogleAuthUtils test * chore: use default instance of DCP * chore: revert initial changes of utils class * chore: restore static modifier * chore: use test-friendly method signatures of auth utils * chore: fix utils test to compute path assuming env not set * chore: correct comments for the auth util class * chore: license header for utils test --------- Co-authored-by: Owl Bot --- .../oauth2/DefaultCredentialsProvider.java | 19 +---- .../google/auth/oauth2/GoogleAuthUtils.java | 81 +++++++++++++++++++ .../DefaultCredentialsProviderTest.java | 2 +- .../auth/oauth2/GoogleAuthUtilsTest.java | 58 +++++++++++++ 4 files changed, 144 insertions(+), 16 deletions(-) create mode 100644 oauth2_http/java/com/google/auth/oauth2/GoogleAuthUtils.java create mode 100644 oauth2_http/javatests/com/google/auth/oauth2/GoogleAuthUtilsTest.java diff --git a/oauth2_http/java/com/google/auth/oauth2/DefaultCredentialsProvider.java b/oauth2_http/java/com/google/auth/oauth2/DefaultCredentialsProvider.java index 9f79f854d..2830086da 100644 --- a/oauth2_http/java/com/google/auth/oauth2/DefaultCredentialsProvider.java +++ b/oauth2_http/java/com/google/auth/oauth2/DefaultCredentialsProvider.java @@ -227,6 +227,10 @@ private final GoogleCredentials getDefaultCredentialsUnsynchronized( return credentials; } + private final File getWellKnownCredentialsFile() { + return GoogleAuthUtils.getWellKnownCredentialsFile(this); + } + private void warnAboutProblematicCredentials(GoogleCredentials credentials) { if (credentials instanceof UserCredentials && ((UserCredentials) credentials).getClientId().equals(CLOUDSDK_CLIENT_ID) @@ -235,21 +239,6 @@ private void warnAboutProblematicCredentials(GoogleCredentials credentials) { } } - private final File getWellKnownCredentialsFile() { - File cloudConfigPath; - String envPath = getEnv("CLOUDSDK_CONFIG"); - if (envPath != null) { - cloudConfigPath = new File(envPath); - } else if (getOsName().indexOf("windows") >= 0) { - File appDataPath = new File(getEnv("APPDATA")); - cloudConfigPath = new File(appDataPath, CLOUDSDK_CONFIG_DIRECTORY); - } else { - File configPath = new File(getProperty("user.home", ""), ".config"); - cloudConfigPath = new File(configPath, CLOUDSDK_CONFIG_DIRECTORY); - } - return new File(cloudConfigPath, WELL_KNOWN_CREDENTIALS_FILE); - } - private boolean runningOnAppEngine() { Class systemPropertyClass = null; try { diff --git a/oauth2_http/java/com/google/auth/oauth2/GoogleAuthUtils.java b/oauth2_http/java/com/google/auth/oauth2/GoogleAuthUtils.java new file mode 100644 index 000000000..d82548a08 --- /dev/null +++ b/oauth2_http/java/com/google/auth/oauth2/GoogleAuthUtils.java @@ -0,0 +1,81 @@ +/* + * Copyright 2023, Google Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are + * met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following disclaimer + * in the documentation and/or other materials provided with the + * distribution. + * + * * Neither the name of Google Inc. nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +package com.google.auth.oauth2; + +import java.io.File; + +/** + * This public class provides shared utilities for common OAuth2 utils or ADC. It also exposes + * convenience methods such as a getter for well-known Application Default Credentials file path + */ +public class GoogleAuthUtils { + + /** + * Gets the path to the well-known Application Default Credentials file location + * + * @return the path to the well-known Application Default Credentials file location + */ + public static final String getWellKnownCredentialsPath() { + return getWellKnownCredentialsFile(DefaultCredentialsProvider.DEFAULT).getAbsolutePath(); + } + + /** + * Testing version of getWellKnownCredentialsPath() that uses a custom provider + * + * @return the path to the well-known Application Default Credentials file location + */ + static final String getWellKnownCredentialsPath(DefaultCredentialsProvider provider) { + return getWellKnownCredentialsFile(provider).getAbsolutePath(); + } + + /** + * Platform-independent logic to obtain the well-known Application Default Credentials file + * + * @param provider the provider used to resolve env and system properties (exposed for testing + * purposes) + * @return the well-known Application Default Credentials file + */ + static final File getWellKnownCredentialsFile(DefaultCredentialsProvider provider) { + File cloudConfigPath; + String envPath = provider.getEnv("CLOUDSDK_CONFIG"); + if (envPath != null) { + cloudConfigPath = new File(envPath); + } else if (provider.getOsName().indexOf("windows") >= 0) { + File appDataPath = new File(provider.getEnv("APPDATA")); + cloudConfigPath = new File(appDataPath, provider.CLOUDSDK_CONFIG_DIRECTORY); + } else { + File configPath = new File(provider.getProperty("user.home", ""), ".config"); + cloudConfigPath = new File(configPath, provider.CLOUDSDK_CONFIG_DIRECTORY); + } + return new File(cloudConfigPath, provider.WELL_KNOWN_CREDENTIALS_FILE); + } +} diff --git a/oauth2_http/javatests/com/google/auth/oauth2/DefaultCredentialsProviderTest.java b/oauth2_http/javatests/com/google/auth/oauth2/DefaultCredentialsProviderTest.java index c3a26d260..215a00cf7 100644 --- a/oauth2_http/javatests/com/google/auth/oauth2/DefaultCredentialsProviderTest.java +++ b/oauth2_http/javatests/com/google/auth/oauth2/DefaultCredentialsProviderTest.java @@ -769,7 +769,7 @@ public LowLevelHttpResponse execute() throws IOException { } } - private static class TestDefaultCredentialsProvider extends DefaultCredentialsProvider { + static class TestDefaultCredentialsProvider extends DefaultCredentialsProvider { private final Map> types = new HashMap<>(); private final Map variables = new HashMap<>(); diff --git a/oauth2_http/javatests/com/google/auth/oauth2/GoogleAuthUtilsTest.java b/oauth2_http/javatests/com/google/auth/oauth2/GoogleAuthUtilsTest.java new file mode 100644 index 000000000..4fd5da43e --- /dev/null +++ b/oauth2_http/javatests/com/google/auth/oauth2/GoogleAuthUtilsTest.java @@ -0,0 +1,58 @@ +/* + * Copyright 2023, Google Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are + * met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following disclaimer + * in the documentation and/or other materials provided with the + * distribution. + * + * * Neither the name of Google Inc. nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +package com.google.auth.oauth2; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertNotNull; + +import java.io.File; +import org.junit.Test; + +public class GoogleAuthUtilsTest { + + @Test + public void getWellKnownCredentialsPath_correct() { + DefaultCredentialsProvider provider = + new DefaultCredentialsProviderTest.TestDefaultCredentialsProvider(); + // since the TestDefaultCredentialsProvider properties and envs are not set, + // the base folder will be an empty string using. + File homeDir = new File(""); + File configDir = new File(homeDir, ".config"); + File cloudConfigDir = new File(configDir, provider.CLOUDSDK_CONFIG_DIRECTORY); + File wellKnownFile = new File(cloudConfigDir, provider.WELL_KNOWN_CREDENTIALS_FILE); + + String obtainedPath = GoogleAuthUtils.getWellKnownCredentialsPath(provider); + + assertNotNull(obtainedPath); + assertEquals(obtainedPath, wellKnownFile.getAbsolutePath()); + } +} From bf255749b7b403cc5f7538f6e901d9089f529fca Mon Sep 17 00:00:00 2001 From: aeitzman <12433791+aeitzman@users.noreply.github.com> Date: Sat, 6 May 2023 16:06:12 -0700 Subject: [PATCH 17/61] feat: updating readme for external account authorized user credentials (#1200) Adds readme section for workforce external account authorized user credentials --- README.md | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/README.md b/README.md index dcf695426..bf4fd6521 100644 --- a/README.md +++ b/README.md @@ -32,6 +32,7 @@ credentials as well as utility methods to create them and to get Application Def * [Configurable Token Lifetime](#configurable-token-lifetime) * [Workforce Identity Federation](#workforce-identity-federation) * [Accessing resources using an OIDC or SAML 2.0 identity provider](#accessing-resources-using-an-oidc-or-saml-20-identity-provider) + * [Accessing resources using external account authorized user workforce credentials](#using-external-account-authorized-user-workforce-credentials) * [Accessing resources using Executable-sourced credentials](#using-executable-sourced-workforce-credentials-with-oidc-and-saml) * [Downscoping with Credential Access Boundaries](#downscoping-with-credential-access-boundaries) * [Configuring a Proxy](#configuring-a-proxy) @@ -622,6 +623,29 @@ Where the following variables need to be substituted: `$URL_TO_GET_SAML_ASSERTION`, e.g. `Metadata-Flavor=Google`. - `$WORKFORCE_POOL_USER_PROJECT`: The project number associated with the [workforce pools user project](https://cloud.google.com/iam/docs/workforce-identity-federation#workforce-pools-user-project). +#### Using external account authorized user workforce credentials + +[External account authorized user credentials](https://cloud.google.com/iam/docs/workforce-obtaining-short-lived-credentials#browser-based-sign-in) allow you to sign in with a web browser to an external identity provider account via the +gcloud CLI and create a configuration for the auth library to use. + +To generate an external account authorized user workforce identity configuration, run the following command: + +```bash +gcloud auth application-default login --login-config=$LOGIN_CONFIG +``` + +Where the following variable needs to be substituted: +- `$LOGIN_CONFIG`: The login config file generated with the cloud console or + [gcloud iam workforce-pools create-login-config](https://cloud.google.com/sdk/gcloud/reference/iam/workforce-pools/create-login-config) + +This will open a browser flow for you to sign in via the configured third party identity provider +and then will store the external account authorized user configuration at the well known ADC location. +The auth library will then use the provided refresh token from the configuration to generate and refresh +an access token to call Google Cloud services. + +Note that the default lifetime of the refresh token is one hour, after which a new configuration will need to be generated from the gcloud CLI. +The lifetime can be modified by changing the [session duration of the workforce pool](https://cloud.google.com/iam/docs/reference/rest/v1/locations.workforcePools), and can be set as high as 12 hours. + #### Using Executable-sourced workforce credentials with OIDC and SAML **Executable-sourced credentials** From 6d2251cd8e87b018a65a9296bb5c10f487b304cb Mon Sep 17 00:00:00 2001 From: Timur Sadykov Date: Fri, 12 May 2023 16:12:59 -0700 Subject: [PATCH 18/61] fix: improve errors and warnings related to ADC (#1172) * fix: update with latest text * fix: update error texts --- .../oauth2/DefaultCredentialsProvider.java | 28 +++++++-------- .../DefaultCredentialsProviderTest.java | 34 +++++++++++++------ 2 files changed, 36 insertions(+), 26 deletions(-) diff --git a/oauth2_http/java/com/google/auth/oauth2/DefaultCredentialsProvider.java b/oauth2_http/java/com/google/auth/oauth2/DefaultCredentialsProvider.java index 2830086da..2255dcf8f 100644 --- a/oauth2_http/java/com/google/auth/oauth2/DefaultCredentialsProvider.java +++ b/oauth2_http/java/com/google/auth/oauth2/DefaultCredentialsProvider.java @@ -59,8 +59,6 @@ class DefaultCredentialsProvider { static final String WELL_KNOWN_CREDENTIALS_FILE = "application_default_credentials.json"; static final String CLOUDSDK_CONFIG_DIRECTORY = "gcloud"; - static final String HELP_PERMALINK = - "https://developers.google.com/accounts/docs/application-default-credentials"; static final String APP_ENGINE_SIGNAL_CLASS = "com.google.appengine.api.utils.SystemProperty"; static final String CLOUD_SHELL_ENV_VAR = "DEVSHELL_CLIENT_PORT"; static final String SKIP_APP_ENGINE_ENV_VAR = "GOOGLE_APPLICATION_CREDENTIALS_SKIP_APP_ENGINE"; @@ -74,12 +72,15 @@ class DefaultCredentialsProvider { static final String CLOUDSDK_CLIENT_ID = "764086051850-6qr4p6gpi6hn506pt8ejuq83di341hur.apps.googleusercontent.com"; static final String CLOUDSDK_CREDENTIALS_WARNING = - "Your application has authenticated using end user credentials from Google " - + "Cloud SDK. We recommend that most server applications use service accounts " - + "instead. If your application continues to use end user credentials from Cloud " - + "SDK, you might receive a \"quota exceeded\" or \"API not enabled\" error. For " - + "more information about service accounts, see " - + "https://cloud.google.com/docs/authentication/."; + "You are authenticating using user credentials. " + + "For production, we recommend using service account credentials.\n\n" + + "To learn more about service account credentials, see " + + "http://cloud.google.com/docs/authentication/external/set-up-adc-on-cloud"; + + static final String CLOUDSDK_MISSING_CREDENTIALS = + "Your default credentials were not found. To set up Application Default Credentials " + + "for your environment, see " + + "https://cloud.google.com/docs/authentication/external/set-up-adc."; public static final String SUPPRESS_GCLOUD_CREDS_WARNING_ENV_VAR = "SUPPRESS_GCLOUD_CREDS_WARNING"; @@ -123,12 +124,7 @@ final GoogleCredentials getDefaultCredentials(HttpTransportFactory transportFact } } - throw new IOException( - String.format( - "The Application Default Credentials are not available. They are available if running" - + " in Google Compute Engine. Otherwise, the environment variable %s must be defined" - + " pointing to a file defining the credentials. See %s for more information.", - CREDENTIAL_ENV_VAR, HELP_PERMALINK)); + throw new IOException(CLOUDSDK_MISSING_CREDENTIALS); } private final GoogleCredentials getDefaultCredentialsUnsynchronized( @@ -233,8 +229,8 @@ private final File getWellKnownCredentialsFile() { private void warnAboutProblematicCredentials(GoogleCredentials credentials) { if (credentials instanceof UserCredentials - && ((UserCredentials) credentials).getClientId().equals(CLOUDSDK_CLIENT_ID) - && !Boolean.parseBoolean(getEnv(SUPPRESS_GCLOUD_CREDS_WARNING_ENV_VAR))) { + && !Boolean.parseBoolean(getEnv(SUPPRESS_GCLOUD_CREDS_WARNING_ENV_VAR)) + && ComputeEngineCredentials.checkStaticGceDetection(this)) { LOGGER.log(Level.WARNING, CLOUDSDK_CREDENTIALS_WARNING); } } diff --git a/oauth2_http/javatests/com/google/auth/oauth2/DefaultCredentialsProviderTest.java b/oauth2_http/javatests/com/google/auth/oauth2/DefaultCredentialsProviderTest.java index 215a00cf7..826f1d267 100644 --- a/oauth2_http/javatests/com/google/auth/oauth2/DefaultCredentialsProviderTest.java +++ b/oauth2_http/javatests/com/google/auth/oauth2/DefaultCredentialsProviderTest.java @@ -128,7 +128,7 @@ public void getDefaultCredentials_noCredentials_throws() { fail("No credential expected."); } catch (IOException e) { String message = e.getMessage(); - assertTrue(message.contains(DefaultCredentialsProvider.HELP_PERMALINK)); + assertTrue(message.equals(DefaultCredentialsProvider.CLOUDSDK_MISSING_CREDENTIALS)); } } @@ -143,7 +143,7 @@ public void getDefaultCredentials_noCredentialsSandbox_throwsNonSecurity() { fail("No credential expected."); } catch (IOException e) { String message = e.getMessage(); - assertTrue(message.contains(DefaultCredentialsProvider.HELP_PERMALINK)); + assertTrue(message.equals(DefaultCredentialsProvider.CLOUDSDK_MISSING_CREDENTIALS)); } } @@ -164,7 +164,7 @@ public void getDefaultCredentials_envValidSandbox_throwsNonSecurity() throws Exc fail("No credential expected."); } catch (IOException e) { String message = e.getMessage(); - assertTrue(message.contains(DefaultCredentialsProvider.HELP_PERMALINK)); + assertTrue(message.equals(DefaultCredentialsProvider.CLOUDSDK_MISSING_CREDENTIALS)); } } @@ -179,7 +179,7 @@ public void getDefaultCredentials_noCredentials_singleGceTestRequest() { fail("No credential expected."); } catch (IOException expected) { String message = expected.getMessage(); - assertTrue(message.contains(DefaultCredentialsProvider.HELP_PERMALINK)); + assertTrue(message.equals(DefaultCredentialsProvider.CLOUDSDK_MISSING_CREDENTIALS)); } assertEquals( transportFactory.transport.getRequestCount(), @@ -278,7 +278,7 @@ public void getDefaultCredentials_appEngineClassWithoutRuntime_NotFoundError() { fail("No credential expected when not on App Engine."); } catch (IOException e) { String message = e.getMessage(); - assertTrue(message.contains(DefaultCredentialsProvider.HELP_PERMALINK)); + assertTrue(message.equals(DefaultCredentialsProvider.CLOUDSDK_MISSING_CREDENTIALS)); } } @@ -295,7 +295,7 @@ public void getDefaultCredentials_appEngineRuntimeWithoutClass_throwsHelpfulLoad fail("Credential expected to fail to load if credential class not present."); } catch (IOException e) { String message = e.getMessage(); - assertFalse(message.contains(DefaultCredentialsProvider.HELP_PERMALINK)); + assertFalse(message.equals(DefaultCredentialsProvider.CLOUDSDK_MISSING_CREDENTIALS)); assertTrue(message.contains("Check that the App Engine SDK is deployed.")); } } @@ -633,19 +633,27 @@ public void flush() {} @Test public void getDefaultCredentials_wellKnownFile_logsGcloudWarning() throws IOException { - LogRecord message = getCredentialsAndReturnLogMessage(false); + LogRecord message = getCredentialsAndReturnLogMessage(false, true); assertNotNull(message); assertEquals(Level.WARNING, message.getLevel()); - assertTrue(message.getMessage().contains("end user credentials from Google Cloud SDK")); + assertTrue( + message.getMessage().equals(DefaultCredentialsProvider.CLOUDSDK_CREDENTIALS_WARNING)); + } + + @Test + public void getDefaultCredentials_wellKnownFile_noGcloudWarning() throws IOException { + LogRecord message = getCredentialsAndReturnLogMessage(false, false); + assertNull(message); } @Test public void getDefaultCredentials_wellKnownFile_suppressGcloudWarning() throws IOException { - LogRecord message = getCredentialsAndReturnLogMessage(true); + LogRecord message = getCredentialsAndReturnLogMessage(true, true); assertNull(message); } - private LogRecord getCredentialsAndReturnLogMessage(boolean suppressWarning) throws IOException { + private LogRecord getCredentialsAndReturnLogMessage(boolean suppressWarning, boolean isGce) + throws IOException { Logger logger = Logger.getLogger(DefaultCredentialsProvider.class.getName()); LogHandler handler = new LogHandler(); logger.addHandler(handler); @@ -664,6 +672,12 @@ private LogRecord getCredentialsAndReturnLogMessage(boolean suppressWarning) thr Boolean.toString(suppressWarning)); testProvider.setProperty("os.name", "linux"); testProvider.setProperty("user.home", homeDir.getAbsolutePath()); + if (isGce) { + String productFilePath = SMBIOS_PATH_LINUX; + File productFile = new File(productFilePath); + InputStream productStream = new ByteArrayInputStream("Googlekdjsfhg".getBytes()); + testProvider.addFile(productFile.getAbsolutePath(), productStream); + } testProvider.addFile(wellKnownFile.getAbsolutePath(), userStream); testUserProvidesToken(testProvider, GCLOUDSDK_CLIENT_ID, USER_CLIENT_SECRET, REFRESH_TOKEN); return handler.getRecord(); From 0ff58e1e952d83326900bd982212a303ac93b7b9 Mon Sep 17 00:00:00 2001 From: Mridula <66699525+mpeddada1@users.noreply.github.com> Date: Wed, 17 May 2023 13:27:13 -0400 Subject: [PATCH 19/61] chore: update Kokoro job to GraalVM 22.3.2 (#1204) --- .kokoro/presubmit/graalvm-native-17.cfg | 2 +- .kokoro/presubmit/graalvm-native.cfg | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.kokoro/presubmit/graalvm-native-17.cfg b/.kokoro/presubmit/graalvm-native-17.cfg index 5e65d1ae1..84f831ba5 100644 --- a/.kokoro/presubmit/graalvm-native-17.cfg +++ b/.kokoro/presubmit/graalvm-native-17.cfg @@ -3,7 +3,7 @@ # Configure the docker image for kokoro-trampoline. env_vars: { key: "TRAMPOLINE_IMAGE" - value: "gcr.io/cloud-devrel-kokoro-resources/graalvm17" + value: "gcr.io/cloud-devrel-kokoro-resources/graalvm17:22.3.2" } env_vars: { diff --git a/.kokoro/presubmit/graalvm-native.cfg b/.kokoro/presubmit/graalvm-native.cfg index 73464797d..f5e089088 100644 --- a/.kokoro/presubmit/graalvm-native.cfg +++ b/.kokoro/presubmit/graalvm-native.cfg @@ -3,7 +3,7 @@ # Configure the docker image for kokoro-trampoline. env_vars: { key: "TRAMPOLINE_IMAGE" - value: "gcr.io/cloud-devrel-kokoro-resources/graalvm" + value: "gcr.io/cloud-devrel-kokoro-resources/graalvm:22.3.2" } env_vars: { From 9cce49cbba26892e573629b4d11a375eb6ec28fc Mon Sep 17 00:00:00 2001 From: Leo <39062083+lsirac@users.noreply.github.com> Date: Fri, 19 May 2023 09:54:56 -0700 Subject: [PATCH 20/61] fix: do not expose universe_domain yet (#1206) --- .../java/com/google/auth/oauth2/ExternalAccountCredentials.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/oauth2_http/java/com/google/auth/oauth2/ExternalAccountCredentials.java b/oauth2_http/java/com/google/auth/oauth2/ExternalAccountCredentials.java index 8ac4ec401..ba4b30d4e 100644 --- a/oauth2_http/java/com/google/auth/oauth2/ExternalAccountCredentials.java +++ b/oauth2_http/java/com/google/auth/oauth2/ExternalAccountCredentials.java @@ -580,7 +580,7 @@ public String getWorkforcePoolUserProject() { } @Nullable - public String getUniverseDomain() { + String getUniverseDomain() { return universeDomain; } From 8ea9445a3b738e74c6fc0b59f593b32ef0df5314 Mon Sep 17 00:00:00 2001 From: Timur Sadykov Date: Fri, 19 May 2023 19:22:40 -0700 Subject: [PATCH 21/61] fix: marking 503 as retryable for Compute credentials (#1205) * fix: add retryable for GCE credential in case of 503 * fix: add tests for 503 retryable * fix: update user credential tests --- .../auth/oauth2/ComputeEngineCredentials.java | 7 ++ .../auth/oauth2/GoogleAuthException.java | 4 +- .../oauth2/ComputeEngineCredentialsTest.java | 74 +++++++++++++++++++ .../oauth2/ServiceAccountCredentialsTest.java | 4 +- .../auth/oauth2/UserCredentialsTest.java | 6 +- 5 files changed, 87 insertions(+), 8 deletions(-) diff --git a/oauth2_http/java/com/google/auth/oauth2/ComputeEngineCredentials.java b/oauth2_http/java/com/google/auth/oauth2/ComputeEngineCredentials.java index 43f1b6cfe..0370b6401 100644 --- a/oauth2_http/java/com/google/auth/oauth2/ComputeEngineCredentials.java +++ b/oauth2_http/java/com/google/auth/oauth2/ComputeEngineCredentials.java @@ -37,6 +37,7 @@ import com.google.api.client.http.HttpHeaders; import com.google.api.client.http.HttpRequest; import com.google.api.client.http.HttpResponse; +import com.google.api.client.http.HttpResponseException; import com.google.api.client.http.HttpStatusCodes; import com.google.api.client.json.JsonObjectParser; import com.google.api.client.util.GenericData; @@ -284,6 +285,12 @@ private HttpResponse getMetadataResponse(String url) throws IOException { + " likely because code is not running on Google Compute Engine.", exception); } + + if (response.getStatusCode() == 503) { + throw GoogleAuthException.createWithTokenEndpointResponseException( + new HttpResponseException(response)); + } + return response; } diff --git a/oauth2_http/java/com/google/auth/oauth2/GoogleAuthException.java b/oauth2_http/java/com/google/auth/oauth2/GoogleAuthException.java index 541b810f8..76e9d7c73 100644 --- a/oauth2_http/java/com/google/auth/oauth2/GoogleAuthException.java +++ b/oauth2_http/java/com/google/auth/oauth2/GoogleAuthException.java @@ -121,9 +121,7 @@ static GoogleAuthException createWithTokenEndpointResponseException( int responseStatus = responseException.getStatusCode(); boolean isRetryable = OAuth2Utils.TOKEN_ENDPOINT_RETRYABLE_STATUS_CODES.contains(responseStatus); - // TODO: temporarily setting to default to remove a direct dependency, to be reverted after - // release - int retryCount = ServiceAccountCredentials.DEFAULT_NUMBER_OF_RETRIES; + int retryCount = responseException.getAttemptCount() - 1; if (message == null) { return new GoogleAuthException(isRetryable, retryCount, responseException); diff --git a/oauth2_http/javatests/com/google/auth/oauth2/ComputeEngineCredentialsTest.java b/oauth2_http/javatests/com/google/auth/oauth2/ComputeEngineCredentialsTest.java index 34dff5c1f..a64215fba 100644 --- a/oauth2_http/javatests/com/google/auth/oauth2/ComputeEngineCredentialsTest.java +++ b/oauth2_http/javatests/com/google/auth/oauth2/ComputeEngineCredentialsTest.java @@ -55,11 +55,14 @@ import com.google.auth.oauth2.GoogleCredentialsTest.MockHttpTransportFactory; import java.io.IOException; import java.net.URI; +import java.util.ArrayDeque; import java.util.Arrays; import java.util.Collection; import java.util.Collections; import java.util.List; import java.util.Map; +import java.util.Queue; +import java.util.stream.IntStream; import org.junit.Test; import org.junit.runner.RunWith; import org.junit.runners.JUnit4; @@ -533,6 +536,77 @@ public LowLevelHttpResponse execute() throws IOException { } } + @Test + public void refresh_503_retryable_throws() { + MockMetadataServerTransportFactory transportFactory = new MockMetadataServerTransportFactory(); + + transportFactory.transport = + new MockMetadataServerTransport() { + @Override + public LowLevelHttpRequest buildRequest(String method, String url) throws IOException { + return new MockLowLevelHttpRequest(url) { + @Override + public LowLevelHttpResponse execute() throws IOException { + return new MockLowLevelHttpResponse() + .setStatusCode(HttpStatusCodes.STATUS_CODE_SERVICE_UNAVAILABLE) + .setContent(TestUtils.errorJson("Some error")); + } + }; + } + }; + + ComputeEngineCredentials credentials = + ComputeEngineCredentials.newBuilder().setHttpTransportFactory(transportFactory).build(); + + try { + credentials.refreshAccessToken(); + fail("Should have failed"); + } catch (IOException e) { + assertTrue(e.getCause().getMessage().contains("503")); + assertTrue(e instanceof GoogleAuthException); + assertTrue(((GoogleAuthException) e).isRetryable()); + } + } + + @Test + public void refresh_non503_ioexception_throws() { + MockMetadataServerTransportFactory transportFactory = new MockMetadataServerTransportFactory(); + final Queue responseSequence = new ArrayDeque<>(); + IntStream.rangeClosed(400, 600).forEach(i -> responseSequence.add(i)); + + while (!responseSequence.isEmpty()) { + if (responseSequence.peek() == 503) { + responseSequence.poll(); + continue; + } + + transportFactory.transport = + new MockMetadataServerTransport() { + @Override + public LowLevelHttpRequest buildRequest(String method, String url) throws IOException { + return new MockLowLevelHttpRequest(url) { + @Override + public LowLevelHttpResponse execute() throws IOException { + return new MockLowLevelHttpResponse() + .setStatusCode(responseSequence.poll()) + .setContent(TestUtils.errorJson("Some error")); + } + }; + } + }; + + ComputeEngineCredentials credentials = + ComputeEngineCredentials.newBuilder().setHttpTransportFactory(transportFactory).build(); + + try { + credentials.refreshAccessToken(); + fail("Should have failed"); + } catch (IOException e) { + assertFalse(e instanceof GoogleAuthException); + } + } + } + @Test public void sign_emptyContent_throws() { MockMetadataServerTransportFactory transportFactory = new MockMetadataServerTransportFactory(); diff --git a/oauth2_http/javatests/com/google/auth/oauth2/ServiceAccountCredentialsTest.java b/oauth2_http/javatests/com/google/auth/oauth2/ServiceAccountCredentialsTest.java index f3b3f0983..304cf000a 100644 --- a/oauth2_http/javatests/com/google/auth/oauth2/ServiceAccountCredentialsTest.java +++ b/oauth2_http/javatests/com/google/auth/oauth2/ServiceAccountCredentialsTest.java @@ -747,7 +747,7 @@ public void refreshAccessToken_defaultRetriesDisabled() throws IOException { } catch (GoogleAuthException ex) { assertTrue(ex.getMessage().contains("Error getting access token for service account: 408")); assertTrue(ex.isRetryable()); - assertEquals(3, ex.getRetryCount()); + assertEquals(0, ex.getRetryCount()); } } @@ -866,7 +866,7 @@ public void refreshAccessToken_4xx_5xx_NonRetryableFails() throws IOException { fail("Should not be able to use credential without exception."); } catch (GoogleAuthException ex) { assertFalse(ex.isRetryable()); - assertEquals(3, ex.getRetryCount()); + assertEquals(0, ex.getRetryCount()); } } } diff --git a/oauth2_http/javatests/com/google/auth/oauth2/UserCredentialsTest.java b/oauth2_http/javatests/com/google/auth/oauth2/UserCredentialsTest.java index c16a217db..01010f99e 100644 --- a/oauth2_http/javatests/com/google/auth/oauth2/UserCredentialsTest.java +++ b/oauth2_http/javatests/com/google/auth/oauth2/UserCredentialsTest.java @@ -758,7 +758,7 @@ public void IdTokenCredentials_NoRetry_RetryableStatus_throws() throws IOExcepti } catch (GoogleAuthException ex) { assertTrue(ex.getMessage().contains("com.google.api.client.http.HttpResponseException: 408")); assertTrue(ex.isRetryable()); - assertEquals(3, ex.getRetryCount()); + assertEquals(0, ex.getRetryCount()); } IdTokenCredentials tokenCredential = @@ -774,7 +774,7 @@ public void IdTokenCredentials_NoRetry_RetryableStatus_throws() throws IOExcepti } catch (GoogleAuthException ex) { assertTrue(ex.getMessage().contains("com.google.api.client.http.HttpResponseException: 429")); assertTrue(ex.isRetryable()); - assertEquals(3, ex.getRetryCount()); + assertEquals(0, ex.getRetryCount()); } } @@ -801,7 +801,7 @@ public void refreshAccessToken_4xx_5xx_NonRetryableFails() throws IOException { fail("Should not be able to use credential without exception."); } catch (GoogleAuthException ex) { assertFalse(ex.isRetryable()); - assertEquals(3, ex.getRetryCount()); + assertEquals(0, ex.getRetryCount()); } } } From b54882fa6acbe6840de2a118d2df9df791e2293a Mon Sep 17 00:00:00 2001 From: "release-please[bot]" <55107282+release-please[bot]@users.noreply.github.com> Date: Fri, 19 May 2023 19:28:57 -0700 Subject: [PATCH 22/61] chore(main): release 1.17.0 (#1202) Co-authored-by: release-please[bot] <55107282+release-please[bot]@users.noreply.github.com> --- CHANGELOG.md | 16 ++++++++++++++++ appengine/pom.xml | 2 +- bom/pom.xml | 2 +- credentials/pom.xml | 2 +- oauth2_http/pom.xml | 2 +- pom.xml | 2 +- versions.txt | 12 ++++++------ 7 files changed, 27 insertions(+), 11 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 6ec67aaaf..6e8aec6de 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,21 @@ # Changelog +## [1.17.0](https://github.com/googleapis/google-auth-library-java/compare/v1.16.1...v1.17.0) (2023-05-20) + + +### Features + +* Adds universe_domain to external account creds ([#1199](https://github.com/googleapis/google-auth-library-java/issues/1199)) ([608ee87](https://github.com/googleapis/google-auth-library-java/commit/608ee87c92b3e6c355541b50e39387b03deebdf8)) +* Expose method to manually obtain ADC from gcloud CLI well-known… ([#1188](https://github.com/googleapis/google-auth-library-java/issues/1188)) ([2fa9d52](https://github.com/googleapis/google-auth-library-java/commit/2fa9d5211569f802948ed2d1aaf13f7d37f8409c)) +* Updating readme for external account authorized user credentials ([#1200](https://github.com/googleapis/google-auth-library-java/issues/1200)) ([bf25574](https://github.com/googleapis/google-auth-library-java/commit/bf255749b7b403cc5f7538f6e901d9089f529fca)) + + +### Bug Fixes + +* Do not expose universe_domain yet ([#1206](https://github.com/googleapis/google-auth-library-java/issues/1206)) ([9cce49c](https://github.com/googleapis/google-auth-library-java/commit/9cce49cbba26892e573629b4d11a375eb6ec28fc)) +* Improve errors and warnings related to ADC ([#1172](https://github.com/googleapis/google-auth-library-java/issues/1172)) ([6d2251c](https://github.com/googleapis/google-auth-library-java/commit/6d2251cd8e87b018a65a9296bb5c10f487b304cb)) +* Marking 503 as retryable for Compute credentials ([#1205](https://github.com/googleapis/google-auth-library-java/issues/1205)) ([8ea9445](https://github.com/googleapis/google-auth-library-java/commit/8ea9445a3b738e74c6fc0b59f593b32ef0df5314)) + ## [1.16.1](https://github.com/googleapis/google-auth-library-java/compare/v1.16.0...v1.16.1) (2023-04-07) diff --git a/appengine/pom.xml b/appengine/pom.xml index c45239b77..7bed2b664 100644 --- a/appengine/pom.xml +++ b/appengine/pom.xml @@ -5,7 +5,7 @@ com.google.auth google-auth-library-parent - 1.16.2-SNAPSHOT + 1.17.0 ../pom.xml diff --git a/bom/pom.xml b/bom/pom.xml index 004400ae9..4db6fab52 100644 --- a/bom/pom.xml +++ b/bom/pom.xml @@ -3,7 +3,7 @@ 4.0.0 com.google.auth google-auth-library-bom - 1.16.2-SNAPSHOT + 1.17.0 pom Google Auth Library for Java BOM diff --git a/credentials/pom.xml b/credentials/pom.xml index 876c35348..2be39a2d1 100644 --- a/credentials/pom.xml +++ b/credentials/pom.xml @@ -4,7 +4,7 @@ com.google.auth google-auth-library-parent - 1.16.2-SNAPSHOT + 1.17.0 ../pom.xml diff --git a/oauth2_http/pom.xml b/oauth2_http/pom.xml index bb8bf015e..6fd4bcd07 100644 --- a/oauth2_http/pom.xml +++ b/oauth2_http/pom.xml @@ -7,7 +7,7 @@ com.google.auth google-auth-library-parent - 1.16.2-SNAPSHOT + 1.17.0 ../pom.xml diff --git a/pom.xml b/pom.xml index 9bfd18f72..59b4e4584 100644 --- a/pom.xml +++ b/pom.xml @@ -5,7 +5,7 @@ 4.0.0 com.google.auth google-auth-library-parent - 1.16.2-SNAPSHOT + 1.17.0 pom Google Auth Library for Java Client libraries providing authentication and diff --git a/versions.txt b/versions.txt index 0f4eb3c50..07caeb15d 100644 --- a/versions.txt +++ b/versions.txt @@ -1,9 +1,9 @@ # Format: # module:released-version:current-version -google-auth-library:1.16.1:1.16.2-SNAPSHOT -google-auth-library-bom:1.16.1:1.16.2-SNAPSHOT -google-auth-library-parent:1.16.1:1.16.2-SNAPSHOT -google-auth-library-appengine:1.16.1:1.16.2-SNAPSHOT -google-auth-library-credentials:1.16.1:1.16.2-SNAPSHOT -google-auth-library-oauth2-http:1.16.1:1.16.2-SNAPSHOT +google-auth-library:1.17.0:1.17.0 +google-auth-library-bom:1.17.0:1.17.0 +google-auth-library-parent:1.17.0:1.17.0 +google-auth-library-appengine:1.17.0:1.17.0 +google-auth-library-credentials:1.17.0:1.17.0 +google-auth-library-oauth2-http:1.17.0:1.17.0 From f5e7cb8abb443f535c45912c1ccec9d83736bf91 Mon Sep 17 00:00:00 2001 From: "release-please[bot]" <55107282+release-please[bot]@users.noreply.github.com> Date: Sat, 20 May 2023 02:32:13 +0000 Subject: [PATCH 23/61] chore(main): release 1.17.1-SNAPSHOT (#1208) :robot: I have created a release *beep* *boop* --- ### Updating meta-information for bleeding-edge SNAPSHOT release. --- This PR was generated with [Release Please](https://togithub.com/googleapis/release-please). See [documentation](https://togithub.com/googleapis/release-please#release-please). --- appengine/pom.xml | 2 +- bom/pom.xml | 2 +- credentials/pom.xml | 2 +- oauth2_http/pom.xml | 2 +- pom.xml | 2 +- versions.txt | 12 ++++++------ 6 files changed, 11 insertions(+), 11 deletions(-) diff --git a/appengine/pom.xml b/appengine/pom.xml index 7bed2b664..3adb4cee9 100644 --- a/appengine/pom.xml +++ b/appengine/pom.xml @@ -5,7 +5,7 @@ com.google.auth google-auth-library-parent - 1.17.0 + 1.17.1-SNAPSHOT ../pom.xml diff --git a/bom/pom.xml b/bom/pom.xml index 4db6fab52..97f0c13e9 100644 --- a/bom/pom.xml +++ b/bom/pom.xml @@ -3,7 +3,7 @@ 4.0.0 com.google.auth google-auth-library-bom - 1.17.0 + 1.17.1-SNAPSHOT pom Google Auth Library for Java BOM diff --git a/credentials/pom.xml b/credentials/pom.xml index 2be39a2d1..46c19912f 100644 --- a/credentials/pom.xml +++ b/credentials/pom.xml @@ -4,7 +4,7 @@ com.google.auth google-auth-library-parent - 1.17.0 + 1.17.1-SNAPSHOT ../pom.xml diff --git a/oauth2_http/pom.xml b/oauth2_http/pom.xml index 6fd4bcd07..538c3cdd7 100644 --- a/oauth2_http/pom.xml +++ b/oauth2_http/pom.xml @@ -7,7 +7,7 @@ com.google.auth google-auth-library-parent - 1.17.0 + 1.17.1-SNAPSHOT ../pom.xml diff --git a/pom.xml b/pom.xml index 59b4e4584..8665f971c 100644 --- a/pom.xml +++ b/pom.xml @@ -5,7 +5,7 @@ 4.0.0 com.google.auth google-auth-library-parent - 1.17.0 + 1.17.1-SNAPSHOT pom Google Auth Library for Java Client libraries providing authentication and diff --git a/versions.txt b/versions.txt index 07caeb15d..25bfa6b10 100644 --- a/versions.txt +++ b/versions.txt @@ -1,9 +1,9 @@ # Format: # module:released-version:current-version -google-auth-library:1.17.0:1.17.0 -google-auth-library-bom:1.17.0:1.17.0 -google-auth-library-parent:1.17.0:1.17.0 -google-auth-library-appengine:1.17.0:1.17.0 -google-auth-library-credentials:1.17.0:1.17.0 -google-auth-library-oauth2-http:1.17.0:1.17.0 +google-auth-library:1.17.0:1.17.1-SNAPSHOT +google-auth-library-bom:1.17.0:1.17.1-SNAPSHOT +google-auth-library-parent:1.17.0:1.17.1-SNAPSHOT +google-auth-library-appengine:1.17.0:1.17.1-SNAPSHOT +google-auth-library-credentials:1.17.0:1.17.1-SNAPSHOT +google-auth-library-oauth2-http:1.17.0:1.17.1-SNAPSHOT From 8b6e28e00aa609edefceafbb4f2c1dbc10afd6f9 Mon Sep 17 00:00:00 2001 From: Alice <65933803+alicejli@users.noreply.github.com> Date: Thu, 25 May 2023 10:22:53 -0400 Subject: [PATCH 24/61] deps: update doclet version to v1.9.0 (#1211) --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 8665f971c..312baab18 100644 --- a/pom.xml +++ b/pom.xml @@ -478,7 +478,7 @@ - java-docfx-doclet-1.5.0 + java-docfx-doclet-1.9.0 ${project.build.directory}/docfx-yml ${project.artifactId} From 7d8373419cf6c630bc61f91aa67d8a914418e64f Mon Sep 17 00:00:00 2001 From: "release-please[bot]" <55107282+release-please[bot]@users.noreply.github.com> Date: Thu, 25 May 2023 14:26:13 +0000 Subject: [PATCH 25/61] chore(main): release 1.17.1 (#1212) :robot: I have created a release *beep* *boop* --- ## [1.17.1](https://togithub.com/googleapis/google-auth-library-java/compare/v1.17.0...v1.17.1) (2023-05-25) ### Dependencies * Update doclet version to v1.9.0 ([#1211](https://togithub.com/googleapis/google-auth-library-java/issues/1211)) ([8b6e28e](https://togithub.com/googleapis/google-auth-library-java/commit/8b6e28e00aa609edefceafbb4f2c1dbc10afd6f9)) --- This PR was generated with [Release Please](https://togithub.com/googleapis/release-please). See [documentation](https://togithub.com/googleapis/release-please#release-please). --- CHANGELOG.md | 7 +++++++ appengine/pom.xml | 2 +- bom/pom.xml | 2 +- credentials/pom.xml | 2 +- oauth2_http/pom.xml | 2 +- pom.xml | 2 +- versions.txt | 12 ++++++------ 7 files changed, 18 insertions(+), 11 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 6e8aec6de..56d1a5cdd 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,12 @@ # Changelog +## [1.17.1](https://github.com/googleapis/google-auth-library-java/compare/v1.17.0...v1.17.1) (2023-05-25) + + +### Dependencies + +* Update doclet version to v1.9.0 ([#1211](https://github.com/googleapis/google-auth-library-java/issues/1211)) ([8b6e28e](https://github.com/googleapis/google-auth-library-java/commit/8b6e28e00aa609edefceafbb4f2c1dbc10afd6f9)) + ## [1.17.0](https://github.com/googleapis/google-auth-library-java/compare/v1.16.1...v1.17.0) (2023-05-20) diff --git a/appengine/pom.xml b/appengine/pom.xml index 3adb4cee9..33e0b3f45 100644 --- a/appengine/pom.xml +++ b/appengine/pom.xml @@ -5,7 +5,7 @@ com.google.auth google-auth-library-parent - 1.17.1-SNAPSHOT + 1.17.1 ../pom.xml diff --git a/bom/pom.xml b/bom/pom.xml index 97f0c13e9..bc17fe6ca 100644 --- a/bom/pom.xml +++ b/bom/pom.xml @@ -3,7 +3,7 @@ 4.0.0 com.google.auth google-auth-library-bom - 1.17.1-SNAPSHOT + 1.17.1 pom Google Auth Library for Java BOM diff --git a/credentials/pom.xml b/credentials/pom.xml index 46c19912f..ecc72ae48 100644 --- a/credentials/pom.xml +++ b/credentials/pom.xml @@ -4,7 +4,7 @@ com.google.auth google-auth-library-parent - 1.17.1-SNAPSHOT + 1.17.1 ../pom.xml diff --git a/oauth2_http/pom.xml b/oauth2_http/pom.xml index 538c3cdd7..2a1575fd3 100644 --- a/oauth2_http/pom.xml +++ b/oauth2_http/pom.xml @@ -7,7 +7,7 @@ com.google.auth google-auth-library-parent - 1.17.1-SNAPSHOT + 1.17.1 ../pom.xml diff --git a/pom.xml b/pom.xml index 312baab18..1d4b365f0 100644 --- a/pom.xml +++ b/pom.xml @@ -5,7 +5,7 @@ 4.0.0 com.google.auth google-auth-library-parent - 1.17.1-SNAPSHOT + 1.17.1 pom Google Auth Library for Java Client libraries providing authentication and diff --git a/versions.txt b/versions.txt index 25bfa6b10..dd2d3cfa9 100644 --- a/versions.txt +++ b/versions.txt @@ -1,9 +1,9 @@ # Format: # module:released-version:current-version -google-auth-library:1.17.0:1.17.1-SNAPSHOT -google-auth-library-bom:1.17.0:1.17.1-SNAPSHOT -google-auth-library-parent:1.17.0:1.17.1-SNAPSHOT -google-auth-library-appengine:1.17.0:1.17.1-SNAPSHOT -google-auth-library-credentials:1.17.0:1.17.1-SNAPSHOT -google-auth-library-oauth2-http:1.17.0:1.17.1-SNAPSHOT +google-auth-library:1.17.1:1.17.1 +google-auth-library-bom:1.17.1:1.17.1 +google-auth-library-parent:1.17.1:1.17.1 +google-auth-library-appengine:1.17.1:1.17.1 +google-auth-library-credentials:1.17.1:1.17.1 +google-auth-library-oauth2-http:1.17.1:1.17.1 From b152e76386c54e5682969f4ba5157f4bc20e7fb5 Mon Sep 17 00:00:00 2001 From: "release-please[bot]" <55107282+release-please[bot]@users.noreply.github.com> Date: Thu, 25 May 2023 14:30:13 +0000 Subject: [PATCH 26/61] chore(main): release 1.17.2-SNAPSHOT (#1213) :robot: I have created a release *beep* *boop* --- ### Updating meta-information for bleeding-edge SNAPSHOT release. --- This PR was generated with [Release Please](https://togithub.com/googleapis/release-please). See [documentation](https://togithub.com/googleapis/release-please#release-please). --- appengine/pom.xml | 2 +- bom/pom.xml | 2 +- credentials/pom.xml | 2 +- oauth2_http/pom.xml | 2 +- pom.xml | 2 +- versions.txt | 12 ++++++------ 6 files changed, 11 insertions(+), 11 deletions(-) diff --git a/appengine/pom.xml b/appengine/pom.xml index 33e0b3f45..d9f9f49ad 100644 --- a/appengine/pom.xml +++ b/appengine/pom.xml @@ -5,7 +5,7 @@ com.google.auth google-auth-library-parent - 1.17.1 + 1.17.2-SNAPSHOT ../pom.xml diff --git a/bom/pom.xml b/bom/pom.xml index bc17fe6ca..0d105956d 100644 --- a/bom/pom.xml +++ b/bom/pom.xml @@ -3,7 +3,7 @@ 4.0.0 com.google.auth google-auth-library-bom - 1.17.1 + 1.17.2-SNAPSHOT pom Google Auth Library for Java BOM diff --git a/credentials/pom.xml b/credentials/pom.xml index ecc72ae48..89f119e01 100644 --- a/credentials/pom.xml +++ b/credentials/pom.xml @@ -4,7 +4,7 @@ com.google.auth google-auth-library-parent - 1.17.1 + 1.17.2-SNAPSHOT ../pom.xml diff --git a/oauth2_http/pom.xml b/oauth2_http/pom.xml index 2a1575fd3..1f7ce23f1 100644 --- a/oauth2_http/pom.xml +++ b/oauth2_http/pom.xml @@ -7,7 +7,7 @@ com.google.auth google-auth-library-parent - 1.17.1 + 1.17.2-SNAPSHOT ../pom.xml diff --git a/pom.xml b/pom.xml index 1d4b365f0..b8b08df9e 100644 --- a/pom.xml +++ b/pom.xml @@ -5,7 +5,7 @@ 4.0.0 com.google.auth google-auth-library-parent - 1.17.1 + 1.17.2-SNAPSHOT pom Google Auth Library for Java Client libraries providing authentication and diff --git a/versions.txt b/versions.txt index dd2d3cfa9..943ab5a7a 100644 --- a/versions.txt +++ b/versions.txt @@ -1,9 +1,9 @@ # Format: # module:released-version:current-version -google-auth-library:1.17.1:1.17.1 -google-auth-library-bom:1.17.1:1.17.1 -google-auth-library-parent:1.17.1:1.17.1 -google-auth-library-appengine:1.17.1:1.17.1 -google-auth-library-credentials:1.17.1:1.17.1 -google-auth-library-oauth2-http:1.17.1:1.17.1 +google-auth-library:1.17.1:1.17.2-SNAPSHOT +google-auth-library-bom:1.17.1:1.17.2-SNAPSHOT +google-auth-library-parent:1.17.1:1.17.2-SNAPSHOT +google-auth-library-appengine:1.17.1:1.17.2-SNAPSHOT +google-auth-library-credentials:1.17.1:1.17.2-SNAPSHOT +google-auth-library-oauth2-http:1.17.1:1.17.2-SNAPSHOT From ce985c60358c3b48d408b3f3d13e7019ca88fa61 Mon Sep 17 00:00:00 2001 From: "gcf-owl-bot[bot]" <78513119+gcf-owl-bot[bot]@users.noreply.github.com> Date: Tue, 6 Jun 2023 13:55:06 -0700 Subject: [PATCH 27/61] build: migrate release scripts (#1799) (#1207) Source-Link: https://github.com/googleapis/synthtool/commit/1fd6dff029bb3d873a4780e616388f802f086907 Post-Processor: gcr.io/cloud-devrel-public-resources/owlbot-java:latest@sha256:ad9cabee4c022f1aab04a71332369e0c23841062124818a4490f73337f790337 Co-authored-by: Owl Bot Co-authored-by: Jeff Ching --- .github/.OwlBot.lock.yaml | 5 +- .github/dependabot.yml | 14 +++ .github/release-trigger.yml | 1 + .kokoro/build.sh | 4 +- .kokoro/requirements.in | 40 +----- .kokoro/requirements.txt | 245 ++++++++++++++---------------------- 6 files changed, 121 insertions(+), 188 deletions(-) create mode 100644 .github/dependabot.yml diff --git a/.github/.OwlBot.lock.yaml b/.github/.OwlBot.lock.yaml index 202e7084c..aadf54f64 100644 --- a/.github/.OwlBot.lock.yaml +++ b/.github/.OwlBot.lock.yaml @@ -1,4 +1,4 @@ -# Copyright 2022 Google LLC +# Copyright 2023 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,5 +13,4 @@ # limitations under the License. docker: image: gcr.io/cloud-devrel-public-resources/owlbot-java:latest - digest: sha256:a57d2ea6d1a77aa96c17ad0850b779ec6295f88b6c1da3d214b2095d140a2066 - + digest: sha256:ad9cabee4c022f1aab04a71332369e0c23841062124818a4490f73337f790337 diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 000000000..c8f413b0d --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,14 @@ +version: 2 +updates: + - package-ecosystem: "maven" + directory: "/" + schedule: + interval: "daily" + # Disable version updates for Maven dependencies + open-pull-requests-limit: 0 + - package-ecosystem: "pip" + directory: "/" + schedule: + interval: "daily" + # Disable version updates for pip dependencies + open-pull-requests-limit: 0 \ No newline at end of file diff --git a/.github/release-trigger.yml b/.github/release-trigger.yml index d4ca94189..6e1259c3f 100644 --- a/.github/release-trigger.yml +++ b/.github/release-trigger.yml @@ -1 +1,2 @@ enabled: true +multiScmName: google-auth-library-java diff --git a/.kokoro/build.sh b/.kokoro/build.sh index c483ec7bf..7417ad53d 100755 --- a/.kokoro/build.sh +++ b/.kokoro/build.sh @@ -71,12 +71,12 @@ integration) ;; graalvm) # Run Unit and Integration Tests with Native Image - mvn -B ${INTEGRATION_TEST_ARGS} -ntp -Pnative -Penable-integration-tests test + mvn -B ${INTEGRATION_TEST_ARGS} -ntp -Pnative test RETURN_CODE=$? ;; graalvm17) # Run Unit and Integration Tests with Native Image - mvn -B ${INTEGRATION_TEST_ARGS} -ntp -Pnative -Penable-integration-tests test + mvn -B ${INTEGRATION_TEST_ARGS} -ntp -Pnative test RETURN_CODE=$? ;; samples) diff --git a/.kokoro/requirements.in b/.kokoro/requirements.in index 924f94ae6..2092cc741 100644 --- a/.kokoro/requirements.in +++ b/.kokoro/requirements.in @@ -1,34 +1,6 @@ -gcp-docuploader==0.6.3 -google-crc32c==1.3.0 -googleapis-common-protos==1.56.3 -gcp-releasetool==1.9.1 -cryptography==38.0.3 -cachetools==4.2.4 -cffi==1.15.1 -jeepney==0.7.1 -jinja2==3.0.3 -markupsafe==2.0.1 -keyring==23.4.1 -packaging==21.3 -protobuf==3.19.5 -pyjwt==2.4.0 -pyparsing==3.0.9 -pycparser==2.21 -pyperclip==1.8.2 -python-dateutil==2.8.2 -requests==2.27.1 -certifi==2022.9.24 -importlib-metadata==4.8.3 -zipp==3.6.0 -google_api_core==2.8.2 -google-cloud-storage==2.0.0 -google-resumable-media==2.3.3 -google-cloud-core==2.3.1 -typing-extensions==4.1.1 -urllib3==1.26.12 -zipp==3.6.0 -rsa==4.9 -six==1.16.0 -attrs==22.1.0 -google-auth==2.14.1 -idna==3.4 \ No newline at end of file +gcp-docuploader +gcp-releasetool>=1.10.5 # required for compatibility with cryptography>=39.x +wheel +setuptools +typing-extensions +click<8.1.0 \ No newline at end of file diff --git a/.kokoro/requirements.txt b/.kokoro/requirements.txt index 71fcafc70..c80f0a87c 100644 --- a/.kokoro/requirements.txt +++ b/.kokoro/requirements.txt @@ -1,27 +1,21 @@ # -# This file is autogenerated by pip-compile with python 3.10 -# To update, run: +# This file is autogenerated by pip-compile with Python 3.11 +# by the following command: # -# pip-compile --generate-hashes requirements.in +# pip-compile --allow-unsafe --generate-hashes requirements.in # attrs==22.1.0 \ --hash=sha256:29adc2665447e5191d0e7c568fde78b21f9672d344281d0c6e1ab085429b22b6 \ --hash=sha256:86efa402f67bf2df34f51a335487cf46b1ec130d02b8d39fd248abfd30da551c - # via - # -r requirements.in - # gcp-releasetool + # via gcp-releasetool cachetools==4.2.4 \ --hash=sha256:89ea6f1b638d5a73a4f9226be57ac5e4f399d22770b92355f92dcb0f7f001693 \ --hash=sha256:92971d3cb7d2a97efff7c7bb1657f21a8f5fb309a37530537c71b1774189f2d1 - # via - # -r requirements.in - # google-auth -certifi==2022.9.24 \ - --hash=sha256:0d9c601124e5a6ba9712dbc60d9c53c21e34f5f641fe83002317394311bdce14 \ - --hash=sha256:90c1a32f1d68f940488354e36370f6cca89f0f106db09518524c88d6ed83f382 - # via - # -r requirements.in - # requests + # via google-auth +certifi==2022.12.7 \ + --hash=sha256:35824b4c3a97115964b408844d64aa14db1cc518f6562e8d7261699d1350a9e3 \ + --hash=sha256:4ad3232f5e926d6718ec31cfc1fcadfde020920e278684144551c91769c7bc18 + # via requests cffi==1.15.1 \ --hash=sha256:00a9ed42e88df81ffae7a8ab6d9356b371399b91dbdf0c3cb1e84c03a13aceb5 \ --hash=sha256:03425bdae262c76aad70202debd780501fabeaca237cdfddc008987c0e0f59ef \ @@ -87,9 +81,7 @@ cffi==1.15.1 \ --hash=sha256:ed9cb427ba5504c1dc15ede7d516b84757c3e3d7868ccc85121d9310d27eed0b \ --hash=sha256:fa6693661a4c91757f4412306191b6dc88c1703f780c8234035eac011922bc01 \ --hash=sha256:fcd131dd944808b5bdb38e6f5b53013c5aa4f334c5cad0c72742f6eba4b73db0 - # via - # -r requirements.in - # cryptography + # via cryptography charset-normalizer==2.0.12 \ --hash=sha256:2857e29ff0d34db842cd7ca3230549d1a697f96ee6d3fb071cfa6c7393832597 \ --hash=sha256:6881edbebdb17b39b4eaaa821b438bf6eddffb4468cf344f09f89def34a8b1df @@ -98,62 +90,56 @@ click==8.0.4 \ --hash=sha256:6a7a62563bbfabfda3a38f3023a1db4a35978c0abd76f6c9605ecd6554d6d9b1 \ --hash=sha256:8458d7b1287c5fb128c90e23381cf99dcde74beaf6c7ff6384ce84d6fe090adb # via + # -r requirements.in # gcp-docuploader # gcp-releasetool colorlog==6.7.0 \ --hash=sha256:0d33ca236784a1ba3ff9c532d4964126d8a2c44f1f0cb1d2b0728196f512f662 \ --hash=sha256:bd94bd21c1e13fac7bd3153f4bc3a7dc0eb0974b8bc2fdf1a989e474f6e582e5 # via gcp-docuploader -cryptography==38.0.3 \ - --hash=sha256:068147f32fa662c81aebab95c74679b401b12b57494872886eb5c1139250ec5d \ - --hash=sha256:06fc3cc7b6f6cca87bd56ec80a580c88f1da5306f505876a71c8cfa7050257dd \ - --hash=sha256:25c1d1f19729fb09d42e06b4bf9895212292cb27bb50229f5aa64d039ab29146 \ - --hash=sha256:402852a0aea73833d982cabb6d0c3bb582c15483d29fb7085ef2c42bfa7e38d7 \ - --hash=sha256:4e269dcd9b102c5a3d72be3c45d8ce20377b8076a43cbed6f660a1afe365e436 \ - --hash=sha256:5419a127426084933076132d317911e3c6eb77568a1ce23c3ac1e12d111e61e0 \ - --hash=sha256:554bec92ee7d1e9d10ded2f7e92a5d70c1f74ba9524947c0ba0c850c7b011828 \ - --hash=sha256:5e89468fbd2fcd733b5899333bc54d0d06c80e04cd23d8c6f3e0542358c6060b \ - --hash=sha256:65535bc550b70bd6271984d9863a37741352b4aad6fb1b3344a54e6950249b55 \ - --hash=sha256:6ab9516b85bebe7aa83f309bacc5f44a61eeb90d0b4ec125d2d003ce41932d36 \ - --hash=sha256:6addc3b6d593cd980989261dc1cce38263c76954d758c3c94de51f1e010c9a50 \ - --hash=sha256:728f2694fa743a996d7784a6194da430f197d5c58e2f4e278612b359f455e4a2 \ - --hash=sha256:785e4056b5a8b28f05a533fab69febf5004458e20dad7e2e13a3120d8ecec75a \ - --hash=sha256:78cf5eefac2b52c10398a42765bfa981ce2372cbc0457e6bf9658f41ec3c41d8 \ - --hash=sha256:7f836217000342d448e1c9a342e9163149e45d5b5eca76a30e84503a5a96cab0 \ - --hash=sha256:8d41a46251bf0634e21fac50ffd643216ccecfaf3701a063257fe0b2be1b6548 \ - --hash=sha256:984fe150f350a3c91e84de405fe49e688aa6092b3525f407a18b9646f6612320 \ - --hash=sha256:9b24bcff7853ed18a63cfb0c2b008936a9554af24af2fb146e16d8e1aed75748 \ - --hash=sha256:b1b35d9d3a65542ed2e9d90115dfd16bbc027b3f07ee3304fc83580f26e43249 \ - --hash=sha256:b1b52c9e5f8aa2b802d48bd693190341fae201ea51c7a167d69fc48b60e8a959 \ - --hash=sha256:bbf203f1a814007ce24bd4d51362991d5cb90ba0c177a9c08825f2cc304d871f \ - --hash=sha256:be243c7e2bfcf6cc4cb350c0d5cdf15ca6383bbcb2a8ef51d3c9411a9d4386f0 \ - --hash=sha256:bfbe6ee19615b07a98b1d2287d6a6073f734735b49ee45b11324d85efc4d5cbd \ - --hash=sha256:c46837ea467ed1efea562bbeb543994c2d1f6e800785bd5a2c98bc096f5cb220 \ - --hash=sha256:dfb4f4dd568de1b6af9f4cda334adf7d72cf5bc052516e1b2608b683375dd95c \ - --hash=sha256:ed7b00096790213e09eb11c97cc6e2b757f15f3d2f85833cd2d3ec3fe37c1722 +cryptography==39.0.1 \ + --hash=sha256:0f8da300b5c8af9f98111ffd512910bc792b4c77392a9523624680f7956a99d4 \ + --hash=sha256:35f7c7d015d474f4011e859e93e789c87d21f6f4880ebdc29896a60403328f1f \ + --hash=sha256:5aa67414fcdfa22cf052e640cb5ddc461924a045cacf325cd164e65312d99502 \ + --hash=sha256:5d2d8b87a490bfcd407ed9d49093793d0f75198a35e6eb1a923ce1ee86c62b41 \ + --hash=sha256:6687ef6d0a6497e2b58e7c5b852b53f62142cfa7cd1555795758934da363a965 \ + --hash=sha256:6f8ba7f0328b79f08bdacc3e4e66fb4d7aab0c3584e0bd41328dce5262e26b2e \ + --hash=sha256:706843b48f9a3f9b9911979761c91541e3d90db1ca905fd63fee540a217698bc \ + --hash=sha256:807ce09d4434881ca3a7594733669bd834f5b2c6d5c7e36f8c00f691887042ad \ + --hash=sha256:83e17b26de248c33f3acffb922748151d71827d6021d98c70e6c1a25ddd78505 \ + --hash=sha256:96f1157a7c08b5b189b16b47bc9db2332269d6680a196341bf30046330d15388 \ + --hash=sha256:aec5a6c9864be7df2240c382740fcf3b96928c46604eaa7f3091f58b878c0bb6 \ + --hash=sha256:b0afd054cd42f3d213bf82c629efb1ee5f22eba35bf0eec88ea9ea7304f511a2 \ + --hash=sha256:ced4e447ae29ca194449a3f1ce132ded8fcab06971ef5f618605aacaa612beac \ + --hash=sha256:d1f6198ee6d9148405e49887803907fe8962a23e6c6f83ea7d98f1c0de375695 \ + --hash=sha256:e124352fd3db36a9d4a21c1aa27fd5d051e621845cb87fb851c08f4f75ce8be6 \ + --hash=sha256:e422abdec8b5fa8462aa016786680720d78bdce7a30c652b7fadf83a4ba35336 \ + --hash=sha256:ef8b72fa70b348724ff1218267e7f7375b8de4e8194d1636ee60510aae104cd0 \ + --hash=sha256:f0c64d1bd842ca2633e74a1a28033d139368ad959872533b1bab8c80e8240a0c \ + --hash=sha256:f24077a3b5298a5a06a8e0536e3ea9ec60e4c7ac486755e5fb6e6ea9b3500106 \ + --hash=sha256:fdd188c8a6ef8769f148f88f859884507b954cc64db6b52f66ef199bb9ad660a \ + --hash=sha256:fe913f20024eb2cb2f323e42a64bdf2911bb9738a15dba7d3cce48151034e3a8 # via - # -r requirements.in # gcp-releasetool # secretstorage -gcp-docuploader==0.6.3 \ - --hash=sha256:ba8c9d76b3bbac54b0311c503a373b00edc2dc02d6d54ea9507045adb8e870f7 \ - --hash=sha256:c0f5aaa82ce1854a386197e4e359b120ad6d4e57ae2c812fce42219a3288026b +gcp-docuploader==0.6.4 \ + --hash=sha256:01486419e24633af78fd0167db74a2763974765ee8078ca6eb6964d0ebd388af \ + --hash=sha256:70861190c123d907b3b067da896265ead2eeb9263969d6955c9e0bb091b5ccbf # via -r requirements.in -gcp-releasetool==1.9.1 \ - --hash=sha256:952f4055d5d986b070ae2a71c4410b250000f9cc5a1e26398fcd55a5bbc5a15f \ - --hash=sha256:d0d3c814a97c1a237517e837d8cfa668ced8df4b882452578ecef4a4e79c583b +gcp-releasetool==1.10.5 \ + --hash=sha256:174b7b102d704b254f2a26a3eda2c684fd3543320ec239baf771542a2e58e109 \ + --hash=sha256:e29d29927fe2ca493105a82958c6873bb2b90d503acac56be2c229e74de0eec9 # via -r requirements.in google-api-core==2.8.2 \ --hash=sha256:06f7244c640322b508b125903bb5701bebabce8832f85aba9335ec00b3d02edc \ --hash=sha256:93c6a91ccac79079ac6bbf8b74ee75db970cc899278b97d53bc012f35908cf50 # via - # -r requirements.in # google-cloud-core # google-cloud-storage google-auth==2.14.1 \ + --hash=sha256:ccaa901f31ad5cbb562615eb8b664b3dd0bf5404a67618e642307f00613eda4d \ --hash=sha256:f5d8701633bebc12e0deea4df8abd8aff31c28b355360597f7f2ee60f2e4d016 # via - # -r requirements.in # gcp-releasetool # google-api-core # google-cloud-core @@ -161,15 +147,11 @@ google-auth==2.14.1 \ google-cloud-core==2.3.1 \ --hash=sha256:113ba4f492467d5bd442c8d724c1a25ad7384045c3178369038840ecdd19346c \ --hash=sha256:34334359cb04187bdc80ddcf613e462dfd7a3aabbc3fe4d118517ab4b9303d53 - # via - # -r requirements.in - # google-cloud-storage + # via google-cloud-storage google-cloud-storage==2.0.0 \ --hash=sha256:a57a15aead0f9dfbd4381f1bfdbe8bf89818a4bd75bab846cafcefb2db846c47 \ --hash=sha256:ec4be60bb223a3a960f0d01697d849b86d91cad815a84915a32ed3635e93a5e7 - # via - # -r requirements.in - # gcp-docuploader + # via gcp-docuploader google-crc32c==1.3.0 \ --hash=sha256:04e7c220798a72fd0f08242bc8d7a05986b2a08a0573396187fd32c1dcdd58b3 \ --hash=sha256:05340b60bf05b574159e9bd940152a47d38af3fb43803ffe71f11d704b7696a6 \ @@ -214,52 +196,37 @@ google-crc32c==1.3.0 \ --hash=sha256:fe31de3002e7b08eb20823b3735b97c86c5926dd0581c7710a680b418a8709d4 \ --hash=sha256:fec221a051150eeddfdfcff162e6db92c65ecf46cb0f7bb1bf812a1520ec026b \ --hash=sha256:ff71073ebf0e42258a42a0b34f2c09ec384977e7f6808999102eedd5b49920e3 - # via - # -r requirements.in - # google-resumable-media + # via google-resumable-media google-resumable-media==2.3.3 \ --hash=sha256:27c52620bd364d1c8116eaac4ea2afcbfb81ae9139fb3199652fcac1724bfb6c \ --hash=sha256:5b52774ea7a829a8cdaa8bd2d4c3d4bc660c91b30857ab2668d0eb830f4ea8c5 - # via - # -r requirements.in - # google-cloud-storage + # via google-cloud-storage googleapis-common-protos==1.56.3 \ --hash=sha256:6f1369b58ed6cf3a4b7054a44ebe8d03b29c309257583a2bbdc064cd1e4a1442 \ --hash=sha256:87955d7b3a73e6e803f2572a33179de23989ebba725e05ea42f24838b792e461 - # via - # -r requirements.in - # google-api-core + # via google-api-core idna==3.4 \ --hash=sha256:814f528e8dead7d329833b91c5faa87d60bf71824cd12a7530b5526063d02cb4 \ --hash=sha256:90b77e79eaa3eba6de819a0c442c0b4ceefc341a7a2ab77d7562bf49f425c5c2 - # via - # -r requirements.in - # requests + # via requests importlib-metadata==4.8.3 \ --hash=sha256:65a9576a5b2d58ca44d133c42a241905cc45e34d2c06fd5ba2bafa221e5d7b5e \ --hash=sha256:766abffff765960fcc18003801f7044eb6755ffae4521c8e8ce8e83b9c9b0668 + # via keyring +jeepney==0.8.0 \ + --hash=sha256:5efe48d255973902f6badc3ce55e2aa6c5c3b3bc642059ef3a91247bcfcc5806 \ + --hash=sha256:c0a454ad016ca575060802ee4d590dd912e35c122fa04e70306de3d076cce755 # via - # -r requirements.in - # keyring -jeepney==0.7.1 \ - --hash=sha256:1b5a0ea5c0e7b166b2f5895b91a08c14de8915afda4407fb5022a195224958ac \ - --hash=sha256:fa9e232dfa0c498bd0b8a3a73b8d8a31978304dcef0515adc859d4e096f96f4f - # via - # -r requirements.in # keyring # secretstorage jinja2==3.0.3 \ --hash=sha256:077ce6014f7b40d03b47d1f1ca4b0fc8328a692bd284016f806ed0eaca390ad8 \ --hash=sha256:611bb273cd68f3b993fabdc4064fc858c5b47a973cb5aa7999ec1ba405c87cd7 - # via - # -r requirements.in - # gcp-releasetool + # via gcp-releasetool keyring==23.4.1 \ --hash=sha256:17e49fb0d6883c2b4445359434dba95aad84aabb29bbff044ad0ed7100232eca \ --hash=sha256:89cbd74d4683ed164c8082fb38619341097741323b3786905c6dac04d6915a55 - # via - # -r requirements.in - # gcp-releasetool + # via gcp-releasetool markupsafe==2.0.1 \ --hash=sha256:01a9b8ea66f1658938f65b93a85ebe8bc016e6769611be228d797c9d998dd298 \ --hash=sha256:023cb26ec21ece8dc3907c0e8320058b2e0cb3c55cf9564da612bc325bed5e64 \ @@ -330,49 +297,39 @@ markupsafe==2.0.1 \ --hash=sha256:f8ba0e8349a38d3001fae7eadded3f6606f0da5d748ee53cc1dab1d6527b9509 \ --hash=sha256:f9081981fe268bd86831e5c75f7de206ef275defcb82bc70740ae6dc507aee51 \ --hash=sha256:fa130dd50c57d53368c9d59395cb5526eda596d3ffe36666cd81a44d56e48872 - # via - # -r requirements.in - # jinja2 + # via jinja2 packaging==21.3 \ --hash=sha256:dd47c42927d89ab911e606518907cc2d3a1f38bbd026385970643f9c5b8ecfeb \ --hash=sha256:ef103e05f519cdc783ae24ea4e2e0f508a9c99b2d4969652eed6a2e1ea5bd522 + # via gcp-releasetool +protobuf==3.20.2 \ + --hash=sha256:03d76b7bd42ac4a6e109742a4edf81ffe26ffd87c5993126d894fe48a120396a \ + --hash=sha256:09e25909c4297d71d97612f04f41cea8fa8510096864f2835ad2f3b3df5a5559 \ + --hash=sha256:18e34a10ae10d458b027d7638a599c964b030c1739ebd035a1dfc0e22baa3bfe \ + --hash=sha256:291fb4307094bf5ccc29f424b42268640e00d5240bf0d9b86bf3079f7576474d \ + --hash=sha256:2c0b040d0b5d5d207936ca2d02f00f765906622c07d3fa19c23a16a8ca71873f \ + --hash=sha256:384164994727f274cc34b8abd41a9e7e0562801361ee77437099ff6dfedd024b \ + --hash=sha256:3cb608e5a0eb61b8e00fe641d9f0282cd0eedb603be372f91f163cbfbca0ded0 \ + --hash=sha256:5d9402bf27d11e37801d1743eada54372f986a372ec9679673bfcc5c60441151 \ + --hash=sha256:712dca319eee507a1e7df3591e639a2b112a2f4a62d40fe7832a16fd19151750 \ + --hash=sha256:7a5037af4e76c975b88c3becdf53922b5ffa3f2cddf657574a4920a3b33b80f3 \ + --hash=sha256:8228e56a865c27163d5d1d1771d94b98194aa6917bcfb6ce139cbfa8e3c27334 \ + --hash=sha256:84a1544252a933ef07bb0b5ef13afe7c36232a774affa673fc3636f7cee1db6c \ + --hash=sha256:84fe5953b18a383fd4495d375fe16e1e55e0a3afe7b4f7b4d01a3a0649fcda9d \ + --hash=sha256:9c673c8bfdf52f903081816b9e0e612186684f4eb4c17eeb729133022d6032e3 \ + --hash=sha256:a9e5ae5a8e8985c67e8944c23035a0dff2c26b0f5070b2f55b217a1c33bbe8b1 \ + --hash=sha256:b4fdb29c5a7406e3f7ef176b2a7079baa68b5b854f364c21abe327bbeec01cdb \ + --hash=sha256:c184485e0dfba4dfd451c3bd348c2e685d6523543a0f91b9fd4ae90eb09e8422 \ + --hash=sha256:c9cdf251c582c16fd6a9f5e95836c90828d51b0069ad22f463761d27c6c19019 \ + --hash=sha256:e39cf61bb8582bda88cdfebc0db163b774e7e03364bbf9ce1ead13863e81e359 \ + --hash=sha256:e8fbc522303e09036c752a0afcc5c0603e917222d8bedc02813fd73b4b4ed804 \ + --hash=sha256:f34464ab1207114e73bba0794d1257c150a2b89b7a9faf504e00af7c9fd58978 \ + --hash=sha256:f52dabc96ca99ebd2169dadbe018824ebda08a795c7684a0b7d203a290f3adb0 # via - # -r requirements.in - # gcp-releasetool -protobuf==3.19.5 \ - --hash=sha256:1867f93b06a183f87696871bb8d1e99ee71dbb69d468ce1f0cc8bf3d30f982f3 \ - --hash=sha256:3c4160b601220627f7e91154e572baf5e161a9c3f445a8242d536ee3d0b7b17c \ - --hash=sha256:4ee2af7051d3b10c8a4fe6fd1a2c69f201fea36aeee7086cf202a692e1b99ee1 \ - --hash=sha256:5266c36cc0af3bb3dbf44f199d225b33da66a9a5c3bdc2b14865ad10eddf0e37 \ - --hash=sha256:5470f892961af464ae6eaf0f3099e2c1190ae8c7f36f174b89491281341f79ca \ - --hash=sha256:66d14b5b90090353efe75c9fb1bf65ef7267383034688d255b500822e37d5c2f \ - --hash=sha256:67efb5d20618020aa9596e17bfc37ca068c28ec0c1507d9507f73c93d46c9855 \ - --hash=sha256:696e6cfab94cc15a14946f2bf72719dced087d437adbd994fff34f38986628bc \ - --hash=sha256:6a02172b9650f819d01fb8e224fc69b0706458fc1ab4f1c669281243c71c1a5e \ - --hash=sha256:6eca9ae238ba615d702387a2ddea635d535d769994a9968c09a4ca920c487ab9 \ - --hash=sha256:950abd6c00e7b51f87ae8b18a0ce4d69fea217f62f171426e77de5061f6d9850 \ - --hash=sha256:9e1d74032f56ff25f417cfe84c8147047732e5059137ca42efad20cbbd25f5e0 \ - --hash=sha256:9e42b1cf2ecd8a1bd161239e693f22035ba99905ae6d7efeac8a0546c7ec1a27 \ - --hash=sha256:9f957ef53e872d58a0afd3bf6d80d48535d28c99b40e75e6634cbc33ea42fd54 \ - --hash=sha256:a89aa0c042e61e11ade320b802d6db4ee5391d8d973e46d3a48172c1597789f8 \ - --hash=sha256:c0f80876a8ff0ae7064084ed094eb86497bd5a3812e6fc96a05318b92301674e \ - --hash=sha256:c44e3282cff74ad18c7e8a0375f407f69ee50c2116364b44492a196293e08b21 \ - --hash=sha256:d249519ba5ecf5dd6b18150c9b6bcde510b273714b696f3923ff8308fc11ae49 \ - --hash=sha256:d3973a2d58aefc7d1230725c2447ce7f86a71cbc094b86a77c6ee1505ac7cdb1 \ - --hash=sha256:dca2284378a5f2a86ffed35c6ac147d14c48b525eefcd1083e5a9ce28dfa8657 \ - --hash=sha256:e63b0b3c42e51c94add62b010366cd4979cb6d5f06158bcae8faac4c294f91e1 \ - --hash=sha256:f2b599a21c9a32e171ec29a2ac54e03297736c578698e11b099d031f79da114b \ - --hash=sha256:f2bde37667b18c2b5280df83bc799204394a5d2d774e4deaf9de0eb741df6833 \ - --hash=sha256:f4f909f4dde413dec435a44b0894956d55bb928ded7d6e3c726556ca4c796e84 \ - --hash=sha256:f976234e20ab2785f54224bcdafa027674e23663b132fa3ca0caa291a6cfbde7 \ - --hash=sha256:f9cebda093c2f6bfed88f1c17cdade09d4d96096421b344026feee236532d4de - # via - # -r requirements.in # gcp-docuploader # gcp-releasetool # google-api-core # google-cloud-storage - # googleapis-common-protos pyasn1==0.4.8 \ --hash=sha256:39c7e2ec30515947ff4e87fb6f456dfc6e84857d34be479c9d4a4ba4bf46aa5d \ --hash=sha256:aef77c9fb94a3ac588e87841208bdec464471d9871bd5050a287cc9a475cd0ba @@ -386,71 +343,61 @@ pyasn1-modules==0.2.8 \ pycparser==2.21 \ --hash=sha256:8ee45429555515e1f6b185e78100aea234072576aa43ab53aefcae078162fca9 \ --hash=sha256:e644fdec12f7872f86c58ff790da456218b10f863970249516d60a5eaca77206 - # via - # -r requirements.in - # cffi + # via cffi pyjwt==2.4.0 \ --hash=sha256:72d1d253f32dbd4f5c88eaf1fdc62f3a19f676ccbadb9dbc5d07e951b2b26daf \ --hash=sha256:d42908208c699b3b973cbeb01a969ba6a96c821eefb1c5bfe4c390c01d67abba - # via - # -r requirements.in - # gcp-releasetool + # via gcp-releasetool pyparsing==3.0.9 \ --hash=sha256:2b020ecf7d21b687f219b71ecad3631f644a47f01403fa1d1036b0c6416d70fb \ --hash=sha256:5026bae9a10eeaefb61dab2f09052b9f4307d44aee4eda64b309723d8d206bbc - # via - # -r requirements.in - # packaging + # via packaging pyperclip==1.8.2 \ --hash=sha256:105254a8b04934f0bc84e9c24eb360a591aaf6535c9def5f29d92af107a9bf57 - # via - # -r requirements.in - # gcp-releasetool + # via gcp-releasetool python-dateutil==2.8.2 \ --hash=sha256:0123cacc1627ae19ddf3c27a5de5bd67ee4586fbdd6440d9748f8abb483d3e86 \ --hash=sha256:961d03dc3453ebbc59dbdea9e4e11c5651520a876d0f4db161e8674aae935da9 - # via - # -r requirements.in - # gcp-releasetool + # via gcp-releasetool requests==2.27.1 \ --hash=sha256:68d7c56fd5a8999887728ef304a6d12edc7be74f1cfa47714fc8b414525c9a61 \ --hash=sha256:f22fa1e554c9ddfd16e6e41ac79759e17be9e492b3587efa038054674760e72d # via - # -r requirements.in # gcp-releasetool # google-api-core # google-cloud-storage rsa==4.9 \ --hash=sha256:90260d9058e514786967344d0ef75fa8727eed8a7d2e43ce9f4bcf1b536174f7 \ --hash=sha256:e38464a49c6c85d7f1351b0126661487a7e0a14a50f1675ec50eb34d4f20ef21 - # via - # -r requirements.in - # google-auth + # via google-auth secretstorage==3.3.3 \ --hash=sha256:2403533ef369eca6d2ba81718576c5e0f564d5cca1b58f73a8b23e7d4eeebd77 \ --hash=sha256:f356e6628222568e3af06f2eba8df495efa13b3b63081dafd4f7d9a7b7bc9f99 # via keyring +setuptools==67.3.2 \ + --hash=sha256:95f00380ef2ffa41d9bba85d95b27689d923c93dfbafed4aecd7cf988a25e012 \ + --hash=sha256:bb6d8e508de562768f2027902929f8523932fcd1fb784e6d573d2cafac995a48 + # via -r requirements.in six==1.16.0 \ --hash=sha256:1e61c37477a1626458e36f7b1d82aa5c9b094fa4802892072e49de9c60c4c926 \ --hash=sha256:8abb2f1d86890a2dfb989f9a77cfcfd3e47c2a354b01111771326f8aa26e0254 # via - # -r requirements.in # gcp-docuploader # google-auth # python-dateutil -typing-extensions==4.1.1 \ - --hash=sha256:1a9462dcc3347a79b1f1c0271fbe79e844580bb598bafa1ed208b94da3cdcd42 \ - --hash=sha256:21c85e0fe4b9a155d0799430b0ad741cdce7e359660ccbd8b530613e8df88ce2 +typing-extensions==4.4.0 \ + --hash=sha256:1511434bb92bf8dd198c12b1cc812e800d4181cfcb867674e0f8279cc93087aa \ + --hash=sha256:16fa4864408f655d35ec496218b85f79b3437c829e93320c7c9215ccfd92489e # via -r requirements.in urllib3==1.26.12 \ --hash=sha256:3fa96cf423e6987997fc326ae8df396db2a8b7c667747d47ddd8ecba91f4a74e \ --hash=sha256:b930dd878d5a8afb066a637fbb35144fe7901e3b209d1cd4f524bd0e9deee997 - # via - # -r requirements.in - # requests + # via requests +wheel==0.38.4 \ + --hash=sha256:965f5259b566725405b05e7cf774052044b1ed30119b5d586b2703aafe8719ac \ + --hash=sha256:b60533f3f5d530e971d6737ca6d58681ee434818fab630c83a734bb10c083ce8 + # via -r requirements.in zipp==3.6.0 \ --hash=sha256:71c644c5369f4a6e07636f0aa966270449561fcea2e3d6747b8d23efaa9d7832 \ --hash=sha256:9fe5ea21568a0a70e50f273397638d39b03353731e6cbbb3fd8502a33fec40bc - # via - # -r requirements.in - # importlib-metadata + # via importlib-metadata From 5fa7039482298cc1c0ea09889db47081c83d990b Mon Sep 17 00:00:00 2001 From: Alice <65933803+alicejli@users.noreply.github.com> Date: Wed, 7 Jun 2023 14:16:31 -0400 Subject: [PATCH 28/61] chore: update to use Java8 for javadoc generation (#1218) --- pom.xml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pom.xml b/pom.xml index b8b08df9e..a823dbeb1 100644 --- a/pom.xml +++ b/pom.xml @@ -171,7 +171,7 @@ maven-javadoc-plugin 3.4.1 - 7 + 8 false @@ -336,7 +336,7 @@ false none - 7 + 8 ${project.build.directory}/javadoc Google Auth Library for Java ${project.version} ${basedir}/overview.html @@ -483,7 +483,7 @@ ${project.artifactId} - 7 + 8 From 3a2c5d3d1abf23bce0af7f958240b5f9ee9d1bf8 Mon Sep 17 00:00:00 2001 From: sai-sunder-s <4540365+sai-sunder-s@users.noreply.github.com> Date: Fri, 16 Jun 2023 07:54:51 -0700 Subject: [PATCH 29/61] feat: Introduce a way to pass additional parameters to auhtorization url (#1134) * feat: Introduce a way to pass additional parameters to auhtorization url * casing * Add custom params to token endpoint * minor updates * modify test to check for persistence of additional params --- .../google/auth/oauth2/UserAuthorizer.java | 43 +++++++++ .../auth/oauth2/MockTokenServerTransport.java | 35 ++++++- .../auth/oauth2/UserAuthorizerTest.java | 96 ++++++++++++++++++- 3 files changed, 171 insertions(+), 3 deletions(-) diff --git a/oauth2_http/java/com/google/auth/oauth2/UserAuthorizer.java b/oauth2_http/java/com/google/auth/oauth2/UserAuthorizer.java index 29a8284d5..63cc23170 100644 --- a/oauth2_http/java/com/google/auth/oauth2/UserAuthorizer.java +++ b/oauth2_http/java/com/google/auth/oauth2/UserAuthorizer.java @@ -50,6 +50,7 @@ import java.util.Collection; import java.util.Date; import java.util.List; +import java.util.Map; /** Handles an interactive 3-Legged-OAuth2 (3LO) user consent authorization. */ public class UserAuthorizer { @@ -168,6 +169,20 @@ public TokenStore getTokenStore() { * @return The URL that can be navigated or redirected to. */ public URL getAuthorizationUrl(String userId, String state, URI baseUri) { + return this.getAuthorizationUrl(userId, state, baseUri, null); + } + + /** + * Return an URL that performs the authorization consent prompt web UI. + * + * @param userId Application's identifier for the end user. + * @param state State that is passed on to the OAuth2 callback URI after the consent. + * @param baseUri The URI to resolve the OAuth2 callback URI relative to. + * @param additionalParameters Additional query parameters to be added to the authorization URL. + * @return The URL that can be navigated or redirected to. + */ + public URL getAuthorizationUrl( + String userId, String state, URI baseUri, Map additionalParameters) { URI resolvedCallbackUri = getCallbackUri(baseUri); String scopesString = Joiner.on(' ').join(scopes); @@ -185,6 +200,13 @@ public URL getAuthorizationUrl(String userId, String state, URI baseUri) { url.put("login_hint", userId); } url.put("include_granted_scopes", true); + + if (additionalParameters != null) { + for (Map.Entry entry : additionalParameters.entrySet()) { + url.put(entry.getKey(), entry.getValue()); + } + } + if (pkce != null) { url.put("code_challenge", pkce.getCodeChallenge()); url.put("code_challenge_method", pkce.getCodeChallengeMethod()); @@ -247,6 +269,21 @@ public UserCredentials getCredentials(String userId) throws IOException { * @throws IOException An error from the server API call to get the tokens. */ public UserCredentials getCredentialsFromCode(String code, URI baseUri) throws IOException { + return getCredentialsFromCode(code, baseUri, null); + } + + /** + * Returns a UserCredentials instance by exchanging an OAuth2 authorization code for tokens. + * + * @param code Code returned from OAuth2 consent prompt. + * @param baseUri The URI to resolve the OAuth2 callback URI relative to. + * @param additionalParameters Additional parameters to be added to the post body of token + * endpoint request. + * @return the UserCredentials instance created from the authorization code. + * @throws IOException An error from the server API call to get the tokens. + */ + public UserCredentials getCredentialsFromCode( + String code, URI baseUri, Map additionalParameters) throws IOException { Preconditions.checkNotNull(code); URI resolvedCallbackUri = getCallbackUri(baseUri); @@ -257,6 +294,12 @@ public UserCredentials getCredentialsFromCode(String code, URI baseUri) throws I tokenData.put("redirect_uri", resolvedCallbackUri); tokenData.put("grant_type", "authorization_code"); + if (additionalParameters != null) { + for (Map.Entry entry : additionalParameters.entrySet()) { + tokenData.put(entry.getKey(), entry.getValue()); + } + } + if (pkce != null) { tokenData.put("code_verifier", pkce.getCodeVerifier()); } diff --git a/oauth2_http/javatests/com/google/auth/oauth2/MockTokenServerTransport.java b/oauth2_http/javatests/com/google/auth/oauth2/MockTokenServerTransport.java index b9579663a..95680c02e 100644 --- a/oauth2_http/javatests/com/google/auth/oauth2/MockTokenServerTransport.java +++ b/oauth2_http/javatests/com/google/auth/oauth2/MockTokenServerTransport.java @@ -65,6 +65,8 @@ public class MockTokenServerTransport extends MockHttpTransport { final Map serviceAccounts = new HashMap(); final Map gdchServiceAccounts = new HashMap(); final Map codes = new HashMap(); + final Map> additionalParameters = + new HashMap>(); URI tokenServerUri = OAuth2Utils.TOKEN_SERVER_URI; private IOException error; private final Queue> responseSequence = new ArrayDeque<>(); @@ -81,10 +83,18 @@ public void setTokenServerUri(URI tokenServerUri) { } public void addAuthorizationCode( - String code, String refreshToken, String accessToken, String grantedScopes) { + String code, + String refreshToken, + String accessToken, + String grantedScopes, + Map additionalParameters) { codes.put(code, refreshToken); refreshTokens.put(refreshToken, accessToken); this.grantedScopes.put(refreshToken, grantedScopes); + + if (additionalParameters != null) { + this.additionalParameters.put(refreshToken, additionalParameters); + } } public void addClient(String clientId, String clientSecret) { @@ -220,6 +230,29 @@ public LowLevelHttpResponse execute() throws IOException { if (grantedScopes.containsKey(refreshToken)) { grantedScopesString = grantedScopes.get(refreshToken); } + + if (additionalParameters.containsKey(refreshToken)) { + Map additionalParametersMap = additionalParameters.get(refreshToken); + for (Map.Entry entry : additionalParametersMap.entrySet()) { + String key = entry.getKey(); + String expectedValue = entry.getValue(); + if (!query.containsKey(key)) { + throw new IllegalArgumentException("Missing additional parameter: " + key); + } else { + String actualValue = query.get(key); + if (!expectedValue.equals(actualValue)) { + throw new IllegalArgumentException( + "For additional parameter " + + key + + ", Actual value: " + + actualValue + + ", Expected value: " + + expectedValue); + } + } + } + } + } else if (query.containsKey("grant_type")) { String grantType = query.get("grant_type"); String assertion = query.get("assertion"); diff --git a/oauth2_http/javatests/com/google/auth/oauth2/UserAuthorizerTest.java b/oauth2_http/javatests/com/google/auth/oauth2/UserAuthorizerTest.java index 7f444330f..f90098382 100644 --- a/oauth2_http/javatests/com/google/auth/oauth2/UserAuthorizerTest.java +++ b/oauth2_http/javatests/com/google/auth/oauth2/UserAuthorizerTest.java @@ -32,6 +32,7 @@ package com.google.auth.oauth2; import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertNull; import static org.junit.Assert.assertSame; import static org.junit.Assert.fail; @@ -43,6 +44,7 @@ import java.net.URL; import java.util.Arrays; import java.util.Date; +import java.util.HashMap; import java.util.List; import java.util.Map; import org.junit.Test; @@ -170,6 +172,50 @@ public void getAuthorizationUrl() throws IOException { assertEquals(pkce.getCodeChallengeMethod(), parameters.get("code_challenge_method")); } + @Test + public void getAuthorizationUrl_additionalParameters() throws IOException { + final String CUSTOM_STATE = "custom_state"; + final String PROTOCOL = "https"; + final String HOST = "accounts.test.com"; + final String PATH = "/o/o/oauth2/auth"; + final URI AUTH_URI = URI.create(PROTOCOL + "://" + HOST + PATH); + final String EXPECTED_CALLBACK = "http://example.com" + CALLBACK_URI.toString(); + UserAuthorizer authorizer = + UserAuthorizer.newBuilder() + .setClientId(CLIENT_ID) + .setScopes(DUMMY_SCOPES) + .setCallbackUri(CALLBACK_URI) + .setUserAuthUri(AUTH_URI) + .build(); + Map additionalParameters = new HashMap(); + additionalParameters.put("param1", "value1"); + additionalParameters.put("param2", "value2"); + + // Verify that the authorization URL doesn't include the additional parameters if they are not + // passed in. + URL authorizationUrl = authorizer.getAuthorizationUrl(USER_ID, CUSTOM_STATE, BASE_URI); + String query = authorizationUrl.getQuery(); + Map parameters = TestUtils.parseQuery(query); + assertFalse(parameters.containsKey("param1")); + assertFalse(parameters.containsKey("param2")); + + // Verify that the authorization URL includes the additional parameters if they are passed in. + authorizationUrl = + authorizer.getAuthorizationUrl(USER_ID, CUSTOM_STATE, BASE_URI, additionalParameters); + query = authorizationUrl.getQuery(); + parameters = TestUtils.parseQuery(query); + assertEquals("value1", parameters.get("param1")); + assertEquals("value2", parameters.get("param2")); + + // Verify that the authorization URL doesn't include the additional parameters passed in the + // previous call to the authorizer + authorizationUrl = authorizer.getAuthorizationUrl(USER_ID, CUSTOM_STATE, BASE_URI); + query = authorizationUrl.getQuery(); + parameters = TestUtils.parseQuery(query); + assertFalse(parameters.containsKey("param1")); + assertFalse(parameters.containsKey("param2")); + } + @Test public void getCredentials_noCredentials_returnsNull() throws IOException { UserAuthorizer authorizer = @@ -340,7 +386,41 @@ public void getCredentialsFromCode_conevertsCodeToTokens() throws IOException { MockTokenServerTransportFactory transportFactory = new MockTokenServerTransportFactory(); transportFactory.transport.addClient(CLIENT_ID_VALUE, CLIENT_SECRET); transportFactory.transport.addAuthorizationCode( - CODE, REFRESH_TOKEN, ACCESS_TOKEN_VALUE, GRANTED_SCOPES_STRING); + CODE, REFRESH_TOKEN, ACCESS_TOKEN_VALUE, GRANTED_SCOPES_STRING, null); + TokenStore tokenStore = new MemoryTokensStorage(); + UserAuthorizer authorizer = + UserAuthorizer.newBuilder() + .setClientId(CLIENT_ID) + .setScopes(DUMMY_SCOPES) + .setTokenStore(tokenStore) + .setHttpTransportFactory(transportFactory) + .build(); + + UserCredentials credentials = authorizer.getCredentialsFromCode(CODE, BASE_URI); + + assertEquals(REFRESH_TOKEN, credentials.getRefreshToken()); + assertEquals(ACCESS_TOKEN_VALUE, credentials.getAccessToken().getTokenValue()); + assertEquals(GRANTED_SCOPES, credentials.getAccessToken().getScopes()); + } + + @Test + public void getCredentialsFromCode_additionalParameters() throws IOException { + MockTokenServerTransportFactory transportFactory = new MockTokenServerTransportFactory(); + transportFactory.transport.addClient(CLIENT_ID_VALUE, CLIENT_SECRET); + + Map additionalParameters = new HashMap(); + additionalParameters.put("param1", "value1"); + additionalParameters.put("param2", "value2"); + + String code2 = "code2"; + String refreshToken2 = "refreshToken2"; + String accessTokenValue2 = "accessTokenValue2"; + + transportFactory.transport.addAuthorizationCode( + CODE, REFRESH_TOKEN, ACCESS_TOKEN_VALUE, GRANTED_SCOPES_STRING, null); + transportFactory.transport.addAuthorizationCode( + code2, refreshToken2, accessTokenValue2, GRANTED_SCOPES_STRING, additionalParameters); + TokenStore tokenStore = new MemoryTokensStorage(); UserAuthorizer authorizer = UserAuthorizer.newBuilder() @@ -350,8 +430,20 @@ public void getCredentialsFromCode_conevertsCodeToTokens() throws IOException { .setHttpTransportFactory(transportFactory) .build(); + // Verify that the additional parameters are not attached to the post body when not specified UserCredentials credentials = authorizer.getCredentialsFromCode(CODE, BASE_URI); + assertEquals(REFRESH_TOKEN, credentials.getRefreshToken()); + assertEquals(ACCESS_TOKEN_VALUE, credentials.getAccessToken().getTokenValue()); + assertEquals(GRANTED_SCOPES, credentials.getAccessToken().getScopes()); + + // Verify that the additional parameters are attached to the post body when specified + credentials = authorizer.getCredentialsFromCode(code2, BASE_URI, additionalParameters); + assertEquals(refreshToken2, credentials.getRefreshToken()); + assertEquals(accessTokenValue2, credentials.getAccessToken().getTokenValue()); + assertEquals(GRANTED_SCOPES, credentials.getAccessToken().getScopes()); + // Verify that the additional parameters from previous request are not attached to the post body + credentials = authorizer.getCredentialsFromCode(CODE, BASE_URI); assertEquals(REFRESH_TOKEN, credentials.getRefreshToken()); assertEquals(ACCESS_TOKEN_VALUE, credentials.getAccessToken().getTokenValue()); assertEquals(GRANTED_SCOPES, credentials.getAccessToken().getScopes()); @@ -376,7 +468,7 @@ public void getAndStoreCredentialsFromCode_getAndStoresCredentials() throws IOEx MockTokenServerTransportFactory transportFactory = new MockTokenServerTransportFactory(); transportFactory.transport.addClient(CLIENT_ID_VALUE, CLIENT_SECRET); transportFactory.transport.addAuthorizationCode( - CODE, REFRESH_TOKEN, accessTokenValue1, GRANTED_SCOPES_STRING); + CODE, REFRESH_TOKEN, accessTokenValue1, GRANTED_SCOPES_STRING, null); TokenStore tokenStore = new MemoryTokensStorage(); UserAuthorizer authorizer = UserAuthorizer.newBuilder() From 24ef147116e155acaf6ecc740346d915f55736ae Mon Sep 17 00:00:00 2001 From: "release-please[bot]" <55107282+release-please[bot]@users.noreply.github.com> Date: Fri, 16 Jun 2023 14:28:43 -0700 Subject: [PATCH 30/61] chore(main): release 1.18.0 (#1221) Co-authored-by: release-please[bot] <55107282+release-please[bot]@users.noreply.github.com> --- CHANGELOG.md | 7 +++++++ appengine/pom.xml | 2 +- bom/pom.xml | 2 +- credentials/pom.xml | 2 +- oauth2_http/pom.xml | 2 +- pom.xml | 2 +- versions.txt | 12 ++++++------ 7 files changed, 18 insertions(+), 11 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 56d1a5cdd..fd7aa4877 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,12 @@ # Changelog +## [1.18.0](https://github.com/googleapis/google-auth-library-java/compare/v1.17.1...v1.18.0) (2023-06-16) + + +### Features + +* Introduce a way to pass additional parameters to auhtorization url ([#1134](https://github.com/googleapis/google-auth-library-java/issues/1134)) ([3a2c5d3](https://github.com/googleapis/google-auth-library-java/commit/3a2c5d3d1abf23bce0af7f958240b5f9ee9d1bf8)) + ## [1.17.1](https://github.com/googleapis/google-auth-library-java/compare/v1.17.0...v1.17.1) (2023-05-25) diff --git a/appengine/pom.xml b/appengine/pom.xml index d9f9f49ad..774203eae 100644 --- a/appengine/pom.xml +++ b/appengine/pom.xml @@ -5,7 +5,7 @@ com.google.auth google-auth-library-parent - 1.17.2-SNAPSHOT + 1.18.0 ../pom.xml diff --git a/bom/pom.xml b/bom/pom.xml index 0d105956d..8db536206 100644 --- a/bom/pom.xml +++ b/bom/pom.xml @@ -3,7 +3,7 @@ 4.0.0 com.google.auth google-auth-library-bom - 1.17.2-SNAPSHOT + 1.18.0 pom Google Auth Library for Java BOM diff --git a/credentials/pom.xml b/credentials/pom.xml index 89f119e01..4f85fc910 100644 --- a/credentials/pom.xml +++ b/credentials/pom.xml @@ -4,7 +4,7 @@ com.google.auth google-auth-library-parent - 1.17.2-SNAPSHOT + 1.18.0 ../pom.xml diff --git a/oauth2_http/pom.xml b/oauth2_http/pom.xml index 1f7ce23f1..484ae50a6 100644 --- a/oauth2_http/pom.xml +++ b/oauth2_http/pom.xml @@ -7,7 +7,7 @@ com.google.auth google-auth-library-parent - 1.17.2-SNAPSHOT + 1.18.0 ../pom.xml diff --git a/pom.xml b/pom.xml index a823dbeb1..8e5344c54 100644 --- a/pom.xml +++ b/pom.xml @@ -5,7 +5,7 @@ 4.0.0 com.google.auth google-auth-library-parent - 1.17.2-SNAPSHOT + 1.18.0 pom Google Auth Library for Java Client libraries providing authentication and diff --git a/versions.txt b/versions.txt index 943ab5a7a..d6bd9c0c1 100644 --- a/versions.txt +++ b/versions.txt @@ -1,9 +1,9 @@ # Format: # module:released-version:current-version -google-auth-library:1.17.1:1.17.2-SNAPSHOT -google-auth-library-bom:1.17.1:1.17.2-SNAPSHOT -google-auth-library-parent:1.17.1:1.17.2-SNAPSHOT -google-auth-library-appengine:1.17.1:1.17.2-SNAPSHOT -google-auth-library-credentials:1.17.1:1.17.2-SNAPSHOT -google-auth-library-oauth2-http:1.17.1:1.17.2-SNAPSHOT +google-auth-library:1.18.0:1.18.0 +google-auth-library-bom:1.18.0:1.18.0 +google-auth-library-parent:1.18.0:1.18.0 +google-auth-library-appengine:1.18.0:1.18.0 +google-auth-library-credentials:1.18.0:1.18.0 +google-auth-library-oauth2-http:1.18.0:1.18.0 From 27db5f2979ff868e78ce7d6cb0dbefd817684723 Mon Sep 17 00:00:00 2001 From: "release-please[bot]" <55107282+release-please[bot]@users.noreply.github.com> Date: Fri, 16 Jun 2023 21:32:14 +0000 Subject: [PATCH 31/61] chore(main): release 1.18.1-SNAPSHOT (#1222) :robot: I have created a release *beep* *boop* --- ### Updating meta-information for bleeding-edge SNAPSHOT release. --- This PR was generated with [Release Please](https://togithub.com/googleapis/release-please). See [documentation](https://togithub.com/googleapis/release-please#release-please). --- appengine/pom.xml | 2 +- bom/pom.xml | 2 +- credentials/pom.xml | 2 +- oauth2_http/pom.xml | 2 +- pom.xml | 2 +- versions.txt | 12 ++++++------ 6 files changed, 11 insertions(+), 11 deletions(-) diff --git a/appengine/pom.xml b/appengine/pom.xml index 774203eae..03a438ecd 100644 --- a/appengine/pom.xml +++ b/appengine/pom.xml @@ -5,7 +5,7 @@ com.google.auth google-auth-library-parent - 1.18.0 + 1.18.1-SNAPSHOT ../pom.xml diff --git a/bom/pom.xml b/bom/pom.xml index 8db536206..5e6a1e017 100644 --- a/bom/pom.xml +++ b/bom/pom.xml @@ -3,7 +3,7 @@ 4.0.0 com.google.auth google-auth-library-bom - 1.18.0 + 1.18.1-SNAPSHOT pom Google Auth Library for Java BOM diff --git a/credentials/pom.xml b/credentials/pom.xml index 4f85fc910..747a5eeba 100644 --- a/credentials/pom.xml +++ b/credentials/pom.xml @@ -4,7 +4,7 @@ com.google.auth google-auth-library-parent - 1.18.0 + 1.18.1-SNAPSHOT ../pom.xml diff --git a/oauth2_http/pom.xml b/oauth2_http/pom.xml index 484ae50a6..4515bb19b 100644 --- a/oauth2_http/pom.xml +++ b/oauth2_http/pom.xml @@ -7,7 +7,7 @@ com.google.auth google-auth-library-parent - 1.18.0 + 1.18.1-SNAPSHOT ../pom.xml diff --git a/pom.xml b/pom.xml index 8e5344c54..963473100 100644 --- a/pom.xml +++ b/pom.xml @@ -5,7 +5,7 @@ 4.0.0 com.google.auth google-auth-library-parent - 1.18.0 + 1.18.1-SNAPSHOT pom Google Auth Library for Java Client libraries providing authentication and diff --git a/versions.txt b/versions.txt index d6bd9c0c1..9a9f7c039 100644 --- a/versions.txt +++ b/versions.txt @@ -1,9 +1,9 @@ # Format: # module:released-version:current-version -google-auth-library:1.18.0:1.18.0 -google-auth-library-bom:1.18.0:1.18.0 -google-auth-library-parent:1.18.0:1.18.0 -google-auth-library-appengine:1.18.0:1.18.0 -google-auth-library-credentials:1.18.0:1.18.0 -google-auth-library-oauth2-http:1.18.0:1.18.0 +google-auth-library:1.18.0:1.18.1-SNAPSHOT +google-auth-library-bom:1.18.0:1.18.1-SNAPSHOT +google-auth-library-parent:1.18.0:1.18.1-SNAPSHOT +google-auth-library-appengine:1.18.0:1.18.1-SNAPSHOT +google-auth-library-credentials:1.18.0:1.18.1-SNAPSHOT +google-auth-library-oauth2-http:1.18.0:1.18.1-SNAPSHOT From 12e8db6025e0263b801d5385844924a4f5ff7b7e Mon Sep 17 00:00:00 2001 From: Diego Alonso Marquez Palacios Date: Thu, 22 Jun 2023 23:58:27 -0400 Subject: [PATCH 32/61] test: expose test-jar and mock classes in oauth2 (#1224) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * test: expose test-jar and mock classes in oauth2 * 🦉 Updates from OwlBot post-processor See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md * test: adapt appengine oauth2-http import * test: correct appengine import in pom * test: correct base serialization test export * chore: expose MockTokenServerTransportFactory * chore: infer version from parent in appengine pom dependencies --------- Co-authored-by: Owl Bot --- appengine/pom.xml | 3 ++- .../auth/http/HttpCredentialsAdapterTest.java | 2 +- .../oauth2/ComputeEngineCredentialsTest.java | 1 - .../DefaultCredentialsProviderTest.java | 2 -- .../oauth2/DownscopedCredentialsTest.java | 6 ++--- .../auth/oauth2/GdchCredentialsTest.java | 12 +++++---- .../auth/oauth2/GdchCredentialsTestUtil.java | 27 +++++++++++++++++++ .../auth/oauth2/GoogleCredentialsTest.java | 22 --------------- .../oauth2/ImpersonatedCredentialsTest.java | 1 - .../auth/oauth2/MockHttpTransportFactory.java | 15 +++++++++++ .../MockTokenServerTransportFactory.java | 14 ++++++++++ .../auth/oauth2/OAuth2CredentialsTest.java | 2 -- .../oauth2/ServiceAccountCredentialsTest.java | 2 -- ...erviceAccountJwtAccessCredentialsTest.java | 1 - .../google/auth/oauth2/TokenVerifierTest.java | 1 - .../auth/oauth2/UserAuthorizerTest.java | 1 - .../auth/oauth2/UserCredentialsTest.java | 2 -- oauth2_http/pom.xml | 16 +++++++++++ pom.xml | 1 + 19 files changed, 85 insertions(+), 46 deletions(-) create mode 100644 oauth2_http/javatests/com/google/auth/oauth2/GdchCredentialsTestUtil.java create mode 100644 oauth2_http/javatests/com/google/auth/oauth2/MockHttpTransportFactory.java create mode 100644 oauth2_http/javatests/com/google/auth/oauth2/MockTokenServerTransportFactory.java diff --git a/appengine/pom.xml b/appengine/pom.xml index 03a438ecd..b76e03031 100644 --- a/appengine/pom.xml +++ b/appengine/pom.xml @@ -75,8 +75,9 @@ com.google.auth google-auth-library-oauth2-http - test-jar test + test-jar + testlib diff --git a/oauth2_http/javatests/com/google/auth/http/HttpCredentialsAdapterTest.java b/oauth2_http/javatests/com/google/auth/http/HttpCredentialsAdapterTest.java index 723cec837..bdbcd2c91 100644 --- a/oauth2_http/javatests/com/google/auth/http/HttpCredentialsAdapterTest.java +++ b/oauth2_http/javatests/com/google/auth/http/HttpCredentialsAdapterTest.java @@ -42,8 +42,8 @@ import com.google.api.client.http.HttpResponse; import com.google.api.client.http.HttpTransport; import com.google.auth.Credentials; -import com.google.auth.oauth2.GoogleCredentialsTest.MockTokenServerTransportFactory; import com.google.auth.oauth2.MockTokenCheckingTransport; +import com.google.auth.oauth2.MockTokenServerTransportFactory; import com.google.auth.oauth2.OAuth2Credentials; import com.google.auth.oauth2.UserCredentials; import java.io.IOException; diff --git a/oauth2_http/javatests/com/google/auth/oauth2/ComputeEngineCredentialsTest.java b/oauth2_http/javatests/com/google/auth/oauth2/ComputeEngineCredentialsTest.java index a64215fba..e39cc2cb1 100644 --- a/oauth2_http/javatests/com/google/auth/oauth2/ComputeEngineCredentialsTest.java +++ b/oauth2_http/javatests/com/google/auth/oauth2/ComputeEngineCredentialsTest.java @@ -52,7 +52,6 @@ import com.google.auth.ServiceAccountSigner.SigningException; import com.google.auth.TestUtils; import com.google.auth.http.HttpTransportFactory; -import com.google.auth.oauth2.GoogleCredentialsTest.MockHttpTransportFactory; import java.io.IOException; import java.net.URI; import java.util.ArrayDeque; diff --git a/oauth2_http/javatests/com/google/auth/oauth2/DefaultCredentialsProviderTest.java b/oauth2_http/javatests/com/google/auth/oauth2/DefaultCredentialsProviderTest.java index 826f1d267..3b7abe203 100644 --- a/oauth2_http/javatests/com/google/auth/oauth2/DefaultCredentialsProviderTest.java +++ b/oauth2_http/javatests/com/google/auth/oauth2/DefaultCredentialsProviderTest.java @@ -47,8 +47,6 @@ import com.google.auth.TestUtils; import com.google.auth.http.HttpTransportFactory; import com.google.auth.oauth2.ComputeEngineCredentialsTest.MockMetadataServerTransportFactory; -import com.google.auth.oauth2.GoogleCredentialsTest.MockHttpTransportFactory; -import com.google.auth.oauth2.GoogleCredentialsTest.MockTokenServerTransportFactory; import java.io.BufferedReader; import java.io.ByteArrayInputStream; import java.io.File; diff --git a/oauth2_http/javatests/com/google/auth/oauth2/DownscopedCredentialsTest.java b/oauth2_http/javatests/com/google/auth/oauth2/DownscopedCredentialsTest.java index cf778b003..d7cade9f6 100644 --- a/oauth2_http/javatests/com/google/auth/oauth2/DownscopedCredentialsTest.java +++ b/oauth2_http/javatests/com/google/auth/oauth2/DownscopedCredentialsTest.java @@ -204,8 +204,7 @@ public void builder_noTransport_defaults() throws IOException { private static GoogleCredentials getServiceAccountSourceCredentials(boolean canRefresh) throws IOException { - GoogleCredentialsTest.MockTokenServerTransportFactory transportFactory = - new GoogleCredentialsTest.MockTokenServerTransportFactory(); + MockTokenServerTransportFactory transportFactory = new MockTokenServerTransportFactory(); String email = "service-account@google.com"; @@ -228,8 +227,7 @@ private static GoogleCredentials getServiceAccountSourceCredentials(boolean canR } private static GoogleCredentials getUserSourceCredentials() { - GoogleCredentialsTest.MockTokenServerTransportFactory transportFactory = - new GoogleCredentialsTest.MockTokenServerTransportFactory(); + MockTokenServerTransportFactory transportFactory = new MockTokenServerTransportFactory(); transportFactory.transport.addClient("clientId", "clientSecret"); transportFactory.transport.addRefreshToken("refreshToken", "accessToken"); AccessToken accessToken = new AccessToken("accessToken", new Date()); diff --git a/oauth2_http/javatests/com/google/auth/oauth2/GdchCredentialsTest.java b/oauth2_http/javatests/com/google/auth/oauth2/GdchCredentialsTest.java index 84f7e7d85..14688e4f5 100644 --- a/oauth2_http/javatests/com/google/auth/oauth2/GdchCredentialsTest.java +++ b/oauth2_http/javatests/com/google/auth/oauth2/GdchCredentialsTest.java @@ -46,7 +46,6 @@ import com.google.api.client.testing.http.FixedClock; import com.google.api.client.util.Clock; import com.google.auth.TestUtils; -import com.google.auth.oauth2.GoogleCredentialsTest.MockTokenServerTransportFactory; import java.io.File; import java.io.IOException; import java.io.InputStream; @@ -510,11 +509,14 @@ public void refreshAccessToken_correct() throws IOException { GdchCredentials credentials = GdchCredentials.fromJson(json, transportFactory); GdchCredentials gdchWithAudience = credentials.createWithGdchAudience(API_AUDIENCE); - gdchWithAudience.clock = new FixedClock(0L); + GdchCredentialsTestUtil.registerGdchCredentialWithMockTransport( + gdchWithAudience, + transportFactory.transport, + PROJECT_ID, + SERVICE_IDENTITY_NAME, + tokenString, + TOKEN_SERVER_URI); - transportFactory.transport.addGdchServiceAccount( - GdchCredentials.getIssuerSubjectValue(PROJECT_ID, SERVICE_IDENTITY_NAME), tokenString); - transportFactory.transport.setTokenServerUri(TOKEN_SERVER_URI); AccessToken accessToken = gdchWithAudience.refreshAccessToken(); assertNotNull(accessToken); assertEquals(tokenString, accessToken.getTokenValue()); diff --git a/oauth2_http/javatests/com/google/auth/oauth2/GdchCredentialsTestUtil.java b/oauth2_http/javatests/com/google/auth/oauth2/GdchCredentialsTestUtil.java new file mode 100644 index 000000000..51880ddcc --- /dev/null +++ b/oauth2_http/javatests/com/google/auth/oauth2/GdchCredentialsTestUtil.java @@ -0,0 +1,27 @@ +package com.google.auth.oauth2; + +import com.google.api.client.testing.http.FixedClock; +import java.io.IOException; +import java.net.URI; +import java.util.Map; + +public class GdchCredentialsTestUtil { + public static void registerGdchCredentialWithMockTransport( + GdchCredentials credentials, + MockTokenServerTransport transport, + String projectId, + String serviceIdentityName, + String tokenString, + URI tokenServerUri) { + credentials.clock = new FixedClock(0L); + transport.addGdchServiceAccount( + GdchCredentials.getIssuerSubjectValue(projectId, serviceIdentityName), tokenString); + transport.setTokenServerUri(tokenServerUri); + } + + public static GdchCredentials fromJson( + Map json, MockTokenServerTransportFactory transportFactory) + throws IOException { + return GdchCredentials.fromJson(json, transportFactory); + } +} diff --git a/oauth2_http/javatests/com/google/auth/oauth2/GoogleCredentialsTest.java b/oauth2_http/javatests/com/google/auth/oauth2/GoogleCredentialsTest.java index 415260760..80e28b3ec 100644 --- a/oauth2_http/javatests/com/google/auth/oauth2/GoogleCredentialsTest.java +++ b/oauth2_http/javatests/com/google/auth/oauth2/GoogleCredentialsTest.java @@ -33,8 +33,6 @@ import static org.junit.Assert.*; -import com.google.api.client.http.HttpTransport; -import com.google.api.client.testing.http.MockHttpTransport; import com.google.api.client.util.Clock; import com.google.auth.TestUtils; import com.google.auth.http.HttpTransportFactory; @@ -93,26 +91,6 @@ public class GoogleCredentialsTest extends BaseSerializationTest { private static final Collection DEFAULT_SCOPES = Collections.unmodifiableCollection(Arrays.asList("scope3")); - static class MockHttpTransportFactory implements HttpTransportFactory { - - MockHttpTransport transport = new MockHttpTransport(); - - @Override - public HttpTransport create() { - return transport; - } - } - - public static class MockTokenServerTransportFactory implements HttpTransportFactory { - - public MockTokenServerTransport transport = new MockTokenServerTransport(); - - @Override - public HttpTransport create() { - return transport; - } - } - @Test public void getApplicationDefault_nullTransport_throws() throws IOException { try { diff --git a/oauth2_http/javatests/com/google/auth/oauth2/ImpersonatedCredentialsTest.java b/oauth2_http/javatests/com/google/auth/oauth2/ImpersonatedCredentialsTest.java index 9ff555a47..aa3df6ec4 100644 --- a/oauth2_http/javatests/com/google/auth/oauth2/ImpersonatedCredentialsTest.java +++ b/oauth2_http/javatests/com/google/auth/oauth2/ImpersonatedCredentialsTest.java @@ -52,7 +52,6 @@ import com.google.auth.ServiceAccountSigner.SigningException; import com.google.auth.TestUtils; import com.google.auth.http.HttpTransportFactory; -import com.google.auth.oauth2.GoogleCredentialsTest.MockTokenServerTransportFactory; import com.google.common.collect.ImmutableList; import com.google.common.collect.ImmutableSet; import java.io.ByteArrayOutputStream; diff --git a/oauth2_http/javatests/com/google/auth/oauth2/MockHttpTransportFactory.java b/oauth2_http/javatests/com/google/auth/oauth2/MockHttpTransportFactory.java new file mode 100644 index 000000000..00976e00f --- /dev/null +++ b/oauth2_http/javatests/com/google/auth/oauth2/MockHttpTransportFactory.java @@ -0,0 +1,15 @@ +package com.google.auth.oauth2; + +import com.google.api.client.http.HttpTransport; +import com.google.api.client.testing.http.MockHttpTransport; +import com.google.auth.http.HttpTransportFactory; + +public class MockHttpTransportFactory implements HttpTransportFactory { + + MockHttpTransport transport = new MockHttpTransport(); + + @Override + public HttpTransport create() { + return transport; + } +} diff --git a/oauth2_http/javatests/com/google/auth/oauth2/MockTokenServerTransportFactory.java b/oauth2_http/javatests/com/google/auth/oauth2/MockTokenServerTransportFactory.java new file mode 100644 index 000000000..a1d5831ad --- /dev/null +++ b/oauth2_http/javatests/com/google/auth/oauth2/MockTokenServerTransportFactory.java @@ -0,0 +1,14 @@ +package com.google.auth.oauth2; + +import com.google.api.client.http.HttpTransport; +import com.google.auth.http.HttpTransportFactory; + +public class MockTokenServerTransportFactory implements HttpTransportFactory { + + public MockTokenServerTransport transport = new MockTokenServerTransport(); + + @Override + public HttpTransport create() { + return transport; + } +} diff --git a/oauth2_http/javatests/com/google/auth/oauth2/OAuth2CredentialsTest.java b/oauth2_http/javatests/com/google/auth/oauth2/OAuth2CredentialsTest.java index 7032fde32..62aa08225 100644 --- a/oauth2_http/javatests/com/google/auth/oauth2/OAuth2CredentialsTest.java +++ b/oauth2_http/javatests/com/google/auth/oauth2/OAuth2CredentialsTest.java @@ -45,10 +45,8 @@ import com.google.auth.TestClock; import com.google.auth.TestUtils; import com.google.auth.http.AuthHttpConstants; -import com.google.auth.oauth2.GoogleCredentialsTest.MockTokenServerTransportFactory; import com.google.auth.oauth2.OAuth2Credentials.OAuthValue; import com.google.auth.oauth2.OAuth2Credentials.RefreshTask; -import com.google.auth.oauth2.OAuth2Credentials.RefreshTaskListener; import com.google.common.collect.ImmutableList; import com.google.common.collect.ImmutableMap; import com.google.common.util.concurrent.ListenableFutureTask; diff --git a/oauth2_http/javatests/com/google/auth/oauth2/ServiceAccountCredentialsTest.java b/oauth2_http/javatests/com/google/auth/oauth2/ServiceAccountCredentialsTest.java index 304cf000a..6da93d409 100644 --- a/oauth2_http/javatests/com/google/auth/oauth2/ServiceAccountCredentialsTest.java +++ b/oauth2_http/javatests/com/google/auth/oauth2/ServiceAccountCredentialsTest.java @@ -55,8 +55,6 @@ import com.google.auth.TestUtils; import com.google.auth.http.AuthHttpConstants; import com.google.auth.http.HttpTransportFactory; -import com.google.auth.oauth2.GoogleCredentialsTest.MockHttpTransportFactory; -import com.google.auth.oauth2.GoogleCredentialsTest.MockTokenServerTransportFactory; import com.google.common.collect.ImmutableSet; import java.io.ByteArrayInputStream; import java.io.IOException; diff --git a/oauth2_http/javatests/com/google/auth/oauth2/ServiceAccountJwtAccessCredentialsTest.java b/oauth2_http/javatests/com/google/auth/oauth2/ServiceAccountJwtAccessCredentialsTest.java index 3e03c0368..df95ea2f3 100644 --- a/oauth2_http/javatests/com/google/auth/oauth2/ServiceAccountJwtAccessCredentialsTest.java +++ b/oauth2_http/javatests/com/google/auth/oauth2/ServiceAccountJwtAccessCredentialsTest.java @@ -49,7 +49,6 @@ import com.google.auth.RequestMetadataCallback; import com.google.auth.TestClock; import com.google.auth.http.AuthHttpConstants; -import com.google.auth.oauth2.GoogleCredentialsTest.MockHttpTransportFactory; import java.io.IOException; import java.io.InputStream; import java.net.URI; diff --git a/oauth2_http/javatests/com/google/auth/oauth2/TokenVerifierTest.java b/oauth2_http/javatests/com/google/auth/oauth2/TokenVerifierTest.java index 5a81e27a4..5168cb90e 100644 --- a/oauth2_http/javatests/com/google/auth/oauth2/TokenVerifierTest.java +++ b/oauth2_http/javatests/com/google/auth/oauth2/TokenVerifierTest.java @@ -43,7 +43,6 @@ import com.google.api.client.testing.http.MockLowLevelHttpResponse; import com.google.api.client.util.Clock; import com.google.auth.http.HttpTransportFactory; -import com.google.auth.oauth2.GoogleCredentialsTest.MockTokenServerTransportFactory; import com.google.auth.oauth2.TokenVerifier.VerificationException; import com.google.common.io.CharStreams; import java.io.IOException; diff --git a/oauth2_http/javatests/com/google/auth/oauth2/UserAuthorizerTest.java b/oauth2_http/javatests/com/google/auth/oauth2/UserAuthorizerTest.java index f90098382..e0a8e2753 100644 --- a/oauth2_http/javatests/com/google/auth/oauth2/UserAuthorizerTest.java +++ b/oauth2_http/javatests/com/google/auth/oauth2/UserAuthorizerTest.java @@ -38,7 +38,6 @@ import static org.junit.Assert.fail; import com.google.auth.TestUtils; -import com.google.auth.oauth2.GoogleCredentialsTest.MockTokenServerTransportFactory; import java.io.IOException; import java.net.URI; import java.net.URL; diff --git a/oauth2_http/javatests/com/google/auth/oauth2/UserCredentialsTest.java b/oauth2_http/javatests/com/google/auth/oauth2/UserCredentialsTest.java index 01010f99e..a5c666936 100644 --- a/oauth2_http/javatests/com/google/auth/oauth2/UserCredentialsTest.java +++ b/oauth2_http/javatests/com/google/auth/oauth2/UserCredentialsTest.java @@ -45,8 +45,6 @@ import com.google.auth.RequestMetadataCallback; import com.google.auth.TestUtils; import com.google.auth.http.AuthHttpConstants; -import com.google.auth.oauth2.GoogleCredentialsTest.MockHttpTransportFactory; -import com.google.auth.oauth2.GoogleCredentialsTest.MockTokenServerTransportFactory; import com.google.common.collect.ImmutableList; import com.google.common.collect.ImmutableMap; import java.io.ByteArrayInputStream; diff --git a/oauth2_http/pom.xml b/oauth2_http/pom.xml index 4515bb19b..0267cc590 100644 --- a/oauth2_http/pom.xml +++ b/oauth2_http/pom.xml @@ -125,6 +125,22 @@ + + + + test-jar + + + false + testlib + + **/Mock* + **/*TestUtil* + **/BaseSerializationTest* + + + + org.apache.maven.plugins diff --git a/pom.xml b/pom.xml index 963473100..2181bfe81 100644 --- a/pom.xml +++ b/pom.xml @@ -134,6 +134,7 @@ google-auth-library-oauth2-http ${project.version} test-jar + testlib From d88ee25a58fd9a4d653b07ffaeeeb5122c3450ad Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 27 Jun 2023 11:02:37 -0400 Subject: [PATCH 33/61] chore(deps): bump guava from 31.0.1-android to 32.0.0-android (#1219) Bumps [guava](https://github.com/google/guava) from 31.0.1-android to 32.0.0-android. - [Release notes](https://github.com/google/guava/releases) - [Commits](https://github.com/google/guava/commits) --- updated-dependencies: - dependency-name: com.google.guava:guava dependency-type: direct:production ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 2181bfe81..e99fa5083 100644 --- a/pom.xml +++ b/pom.xml @@ -65,7 +65,7 @@ UTF-8 1.42.3 4.13.2 - 31.0.1-android + 32.0.0-android 2.0.10 3.0.2 false From 6c35996c9f2d0cf043e02723b97dfd4b990e29a2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 27 Jun 2023 11:19:42 -0400 Subject: [PATCH 34/61] chore(deps): bump cryptography from 39.0.1 to 41.0.0 in /.kokoro (#1216) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * chore(deps): bump cryptography from 39.0.1 to 41.0.0 in /.kokoro Bumps [cryptography](https://github.com/pyca/cryptography) from 39.0.1 to 41.0.0. - [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst) - [Commits](https://github.com/pyca/cryptography/compare/39.0.1...41.0.0) --- updated-dependencies: - dependency-name: cryptography dependency-type: indirect ... Signed-off-by: dependabot[bot] * 🦉 Updates from OwlBot post-processor See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md --------- Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Owl Bot Co-authored-by: Diego Alonso Marquez Palacios From b7211a80b6641eb326a5f39a77d298d85f78db91 Mon Sep 17 00:00:00 2001 From: "gcf-owl-bot[bot]" <78513119+gcf-owl-bot[bot]@users.noreply.github.com> Date: Tue, 27 Jun 2023 11:51:05 -0400 Subject: [PATCH 35/61] chore: Update `dependabot.yml` template (#1813) (#1220) * chore: Update `dependabot.yml` template not to touch pip dependencies Source-Link: https://github.com/googleapis/synthtool/commit/f961eb0fe51109238128055897ccba1b70dbd804 Post-Processor: gcr.io/cloud-devrel-public-resources/owlbot-java:latest@sha256:af2eda87a54601ae7b7b2be5055c17b43ac98a7805b586772db314de8a7d4a1d Co-authored-by: Owl Bot Co-authored-by: Diego Alonso Marquez Palacios --- .github/.OwlBot.lock.yaml | 3 ++- .github/dependabot.yml | 7 +++++-- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/.github/.OwlBot.lock.yaml b/.github/.OwlBot.lock.yaml index aadf54f64..73568a1e9 100644 --- a/.github/.OwlBot.lock.yaml +++ b/.github/.OwlBot.lock.yaml @@ -13,4 +13,5 @@ # limitations under the License. docker: image: gcr.io/cloud-devrel-public-resources/owlbot-java:latest - digest: sha256:ad9cabee4c022f1aab04a71332369e0c23841062124818a4490f73337f790337 + digest: sha256:af2eda87a54601ae7b7b2be5055c17b43ac98a7805b586772db314de8a7d4a1d +# created: 2023-06-16T02:10:09.149325782Z diff --git a/.github/dependabot.yml b/.github/dependabot.yml index c8f413b0d..fde1ced49 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -5,10 +5,13 @@ updates: schedule: interval: "daily" # Disable version updates for Maven dependencies - open-pull-requests-limit: 0 + # we use renovate-bot as well as shared-dependencies BOM to update maven dependencies. + ignore: "*" - package-ecosystem: "pip" directory: "/" schedule: interval: "daily" # Disable version updates for pip dependencies - open-pull-requests-limit: 0 \ No newline at end of file + # If a security vulnerability comes in, we will be notified about + # it via template in the synthtool repository. + ignore: "*" From b71d8547387b84f66b66497f271c9b63433f883f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 27 Jun 2023 17:22:39 -0400 Subject: [PATCH 36/61] chore(deps): bump requests from 2.27.1 to 2.31.0 in /.kokoro (#1209) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * chore(deps): bump requests from 2.27.1 to 2.31.0 in /.kokoro Bumps [requests](https://github.com/psf/requests) from 2.27.1 to 2.31.0. - [Release notes](https://github.com/psf/requests/releases) - [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md) - [Commits](https://github.com/psf/requests/compare/v2.27.1...v2.31.0) --- updated-dependencies: - dependency-name: requests dependency-type: direct:production ... Signed-off-by: dependabot[bot] * 🦉 Updates from OwlBot post-processor See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md --------- Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Owl Bot Co-authored-by: Diego Alonso Marquez Palacios From 469d342ead21cc5b3e293fa6ec6cae1d6c781dbc Mon Sep 17 00:00:00 2001 From: "release-please[bot]" <55107282+release-please[bot]@users.noreply.github.com> Date: Tue, 27 Jun 2023 17:48:43 -0400 Subject: [PATCH 37/61] chore(main): release 1.19.0 (#1229) Co-authored-by: release-please[bot] <55107282+release-please[bot]@users.noreply.github.com> --- CHANGELOG.md | 7 +++++++ appengine/pom.xml | 2 +- bom/pom.xml | 2 +- credentials/pom.xml | 2 +- oauth2_http/pom.xml | 2 +- pom.xml | 2 +- versions.txt | 12 ++++++------ 7 files changed, 18 insertions(+), 11 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index fd7aa4877..ded7b4004 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,12 @@ # Changelog +## [1.19.0](https://github.com/googleapis/google-auth-library-java/compare/v1.18.0...v1.19.0) (2023-06-27) + + +### Features + +* Expose test-jar and mock classes in oauth2 ([12e8db6](https://github.com/googleapis/google-auth-library-java/commit/12e8db6025e0263b801d5385844924a4f5ff7b7e)) + ## [1.18.0](https://github.com/googleapis/google-auth-library-java/compare/v1.17.1...v1.18.0) (2023-06-16) diff --git a/appengine/pom.xml b/appengine/pom.xml index b76e03031..857b261f4 100644 --- a/appengine/pom.xml +++ b/appengine/pom.xml @@ -5,7 +5,7 @@ com.google.auth google-auth-library-parent - 1.18.1-SNAPSHOT + 1.19.0 ../pom.xml diff --git a/bom/pom.xml b/bom/pom.xml index 5e6a1e017..be6b0907b 100644 --- a/bom/pom.xml +++ b/bom/pom.xml @@ -3,7 +3,7 @@ 4.0.0 com.google.auth google-auth-library-bom - 1.18.1-SNAPSHOT + 1.19.0 pom Google Auth Library for Java BOM diff --git a/credentials/pom.xml b/credentials/pom.xml index 747a5eeba..ffdd74389 100644 --- a/credentials/pom.xml +++ b/credentials/pom.xml @@ -4,7 +4,7 @@ com.google.auth google-auth-library-parent - 1.18.1-SNAPSHOT + 1.19.0 ../pom.xml diff --git a/oauth2_http/pom.xml b/oauth2_http/pom.xml index 0267cc590..68497cba1 100644 --- a/oauth2_http/pom.xml +++ b/oauth2_http/pom.xml @@ -7,7 +7,7 @@ com.google.auth google-auth-library-parent - 1.18.1-SNAPSHOT + 1.19.0 ../pom.xml diff --git a/pom.xml b/pom.xml index e99fa5083..9a71af5b9 100644 --- a/pom.xml +++ b/pom.xml @@ -5,7 +5,7 @@ 4.0.0 com.google.auth google-auth-library-parent - 1.18.1-SNAPSHOT + 1.19.0 pom Google Auth Library for Java Client libraries providing authentication and diff --git a/versions.txt b/versions.txt index 9a9f7c039..9e6a7601f 100644 --- a/versions.txt +++ b/versions.txt @@ -1,9 +1,9 @@ # Format: # module:released-version:current-version -google-auth-library:1.18.0:1.18.1-SNAPSHOT -google-auth-library-bom:1.18.0:1.18.1-SNAPSHOT -google-auth-library-parent:1.18.0:1.18.1-SNAPSHOT -google-auth-library-appengine:1.18.0:1.18.1-SNAPSHOT -google-auth-library-credentials:1.18.0:1.18.1-SNAPSHOT -google-auth-library-oauth2-http:1.18.0:1.18.1-SNAPSHOT +google-auth-library:1.19.0:1.19.0 +google-auth-library-bom:1.19.0:1.19.0 +google-auth-library-parent:1.19.0:1.19.0 +google-auth-library-appengine:1.19.0:1.19.0 +google-auth-library-credentials:1.19.0:1.19.0 +google-auth-library-oauth2-http:1.19.0:1.19.0 From d11ca694c5152686b60ebb0060b9fa6d3b7e35f3 Mon Sep 17 00:00:00 2001 From: "release-please[bot]" <55107282+release-please[bot]@users.noreply.github.com> Date: Tue, 27 Jun 2023 21:52:13 +0000 Subject: [PATCH 38/61] chore(main): release 1.19.1-SNAPSHOT (#1230) :robot: I have created a release *beep* *boop* --- ### Updating meta-information for bleeding-edge SNAPSHOT release. --- This PR was generated with [Release Please](https://togithub.com/googleapis/release-please). See [documentation](https://togithub.com/googleapis/release-please#release-please). --- appengine/pom.xml | 2 +- bom/pom.xml | 2 +- credentials/pom.xml | 2 +- oauth2_http/pom.xml | 2 +- pom.xml | 2 +- versions.txt | 12 ++++++------ 6 files changed, 11 insertions(+), 11 deletions(-) diff --git a/appengine/pom.xml b/appengine/pom.xml index 857b261f4..280af336e 100644 --- a/appengine/pom.xml +++ b/appengine/pom.xml @@ -5,7 +5,7 @@ com.google.auth google-auth-library-parent - 1.19.0 + 1.19.1-SNAPSHOT ../pom.xml diff --git a/bom/pom.xml b/bom/pom.xml index be6b0907b..a46f80b4c 100644 --- a/bom/pom.xml +++ b/bom/pom.xml @@ -3,7 +3,7 @@ 4.0.0 com.google.auth google-auth-library-bom - 1.19.0 + 1.19.1-SNAPSHOT pom Google Auth Library for Java BOM diff --git a/credentials/pom.xml b/credentials/pom.xml index ffdd74389..a8c0d586f 100644 --- a/credentials/pom.xml +++ b/credentials/pom.xml @@ -4,7 +4,7 @@ com.google.auth google-auth-library-parent - 1.19.0 + 1.19.1-SNAPSHOT ../pom.xml diff --git a/oauth2_http/pom.xml b/oauth2_http/pom.xml index 68497cba1..4e8c69678 100644 --- a/oauth2_http/pom.xml +++ b/oauth2_http/pom.xml @@ -7,7 +7,7 @@ com.google.auth google-auth-library-parent - 1.19.0 + 1.19.1-SNAPSHOT ../pom.xml diff --git a/pom.xml b/pom.xml index 9a71af5b9..996cc08d5 100644 --- a/pom.xml +++ b/pom.xml @@ -5,7 +5,7 @@ 4.0.0 com.google.auth google-auth-library-parent - 1.19.0 + 1.19.1-SNAPSHOT pom Google Auth Library for Java Client libraries providing authentication and diff --git a/versions.txt b/versions.txt index 9e6a7601f..64eb46b91 100644 --- a/versions.txt +++ b/versions.txt @@ -1,9 +1,9 @@ # Format: # module:released-version:current-version -google-auth-library:1.19.0:1.19.0 -google-auth-library-bom:1.19.0:1.19.0 -google-auth-library-parent:1.19.0:1.19.0 -google-auth-library-appengine:1.19.0:1.19.0 -google-auth-library-credentials:1.19.0:1.19.0 -google-auth-library-oauth2-http:1.19.0:1.19.0 +google-auth-library:1.19.0:1.19.1-SNAPSHOT +google-auth-library-bom:1.19.0:1.19.1-SNAPSHOT +google-auth-library-parent:1.19.0:1.19.1-SNAPSHOT +google-auth-library-appengine:1.19.0:1.19.1-SNAPSHOT +google-auth-library-credentials:1.19.0:1.19.1-SNAPSHOT +google-auth-library-oauth2-http:1.19.0:1.19.1-SNAPSHOT From 38bdf60189b44171f5d481fa934f4ece60553653 Mon Sep 17 00:00:00 2001 From: aeitzman <12433791+aeitzman@users.noreply.github.com> Date: Fri, 14 Jul 2023 14:00:30 -0700 Subject: [PATCH 39/61] feat: Byoid metrics framework (#1232) * feat: adding byoid metrics framework * fix: formatting * fix: formatting * Addressing PR comments * Update oauth2_http/java/com/google/auth/oauth2/MetricsUtils.java Co-authored-by: Leo <39062083+lsirac@users.noreply.github.com> * Update oauth2_http/java/com/google/auth/oauth2/MetricsUtils.java Co-authored-by: Leo <39062083+lsirac@users.noreply.github.com> * Update oauth2_http/java/com/google/auth/oauth2/MetricsUtils.java Co-authored-by: Leo <39062083+lsirac@users.noreply.github.com> * fix test * formatting * regex fix * lint fix * remove builder method and fix tests * rename handler class, fix tests * addressing comments, credential source type --------- Co-authored-by: Leo <39062083+lsirac@users.noreply.github.com> --- .../google/auth/oauth2/AwsCredentials.java | 5 ++ .../oauth2/ExternalAccountCredentials.java | 26 ++++++- .../oauth2/ExternalAccountMetricsHandler.java | 78 +++++++++++++++++++ .../auth/oauth2/IdentityPoolCredentials.java | 11 +++ .../com/google/auth/oauth2/MetricsUtils.java | 70 +++++++++++++++++ .../auth/oauth2/PluggableAuthCredentials.java | 5 ++ .../auth/oauth2/AwsCredentialsTest.java | 33 ++++++-- .../ExternalAccountCredentialsTest.java | 31 ++++++++ .../oauth2/IdentityPoolCredentialsTest.java | 38 +++++++-- .../google/auth/oauth2/MetricsUtilsTest.java | 56 +++++++++++++ .../oauth2/PluggableAuthCredentialsTest.java | 43 ++++++++-- oauth2_http/pom.xml | 15 ++++ .../oauth2/google-auth-library.properties | 1 + pom.xml | 5 ++ 14 files changed, 400 insertions(+), 17 deletions(-) create mode 100644 oauth2_http/java/com/google/auth/oauth2/ExternalAccountMetricsHandler.java create mode 100644 oauth2_http/java/com/google/auth/oauth2/MetricsUtils.java create mode 100644 oauth2_http/javatests/com/google/auth/oauth2/MetricsUtilsTest.java create mode 100644 oauth2_http/resources/com/google/auth/oauth2/google-auth-library.properties diff --git a/oauth2_http/java/com/google/auth/oauth2/AwsCredentials.java b/oauth2_http/java/com/google/auth/oauth2/AwsCredentials.java index 98651f295..6613b3f76 100644 --- a/oauth2_http/java/com/google/auth/oauth2/AwsCredentials.java +++ b/oauth2_http/java/com/google/auth/oauth2/AwsCredentials.java @@ -197,6 +197,11 @@ public GoogleCredentials createScoped(Collection newScopes) { return new AwsCredentials((AwsCredentials.Builder) newBuilder(this).setScopes(newScopes)); } + @Override + String getCredentialSourceType() { + return "aws"; + } + private String retrieveResource(String url, String resourceName, Map headers) throws IOException { return retrieveResource(url, resourceName, HttpMethods.GET, headers, /* content= */ null); diff --git a/oauth2_http/java/com/google/auth/oauth2/ExternalAccountCredentials.java b/oauth2_http/java/com/google/auth/oauth2/ExternalAccountCredentials.java index ba4b30d4e..089c3b0a5 100644 --- a/oauth2_http/java/com/google/auth/oauth2/ExternalAccountCredentials.java +++ b/oauth2_http/java/com/google/auth/oauth2/ExternalAccountCredentials.java @@ -33,6 +33,7 @@ import static com.google.common.base.Preconditions.checkNotNull; +import com.google.api.client.http.HttpHeaders; import com.google.api.client.json.GenericJson; import com.google.api.client.json.JsonObjectParser; import com.google.auth.RequestMetadataCallback; @@ -90,6 +91,7 @@ abstract static class CredentialSource implements java.io.Serializable { private final CredentialSource credentialSource; private final Collection scopes; private final ServiceAccountImpersonationOptions serviceAccountImpersonationOptions; + private ExternalAccountMetricsHandler metricsHandler; @Nullable private final String tokenInfoUrl; @Nullable private final String serviceAccountImpersonationUrl; @@ -224,6 +226,8 @@ protected ExternalAccountCredentials( validateServiceAccountImpersonationInfoUrl(serviceAccountImpersonationUrl); } + this.metricsHandler = new ExternalAccountMetricsHandler(this); + this.impersonatedCredentials = buildImpersonatedCredentials(); } @@ -274,6 +278,11 @@ protected ExternalAccountCredentials(ExternalAccountCredentials.Builder builder) validateServiceAccountImpersonationInfoUrl(serviceAccountImpersonationUrl); } + this.metricsHandler = + builder.metricsHandler == null + ? new ExternalAccountMetricsHandler(this) + : builder.metricsHandler; + this.impersonatedCredentials = buildImpersonatedCredentials(); } @@ -505,6 +514,12 @@ protected AccessToken exchangeExternalCredentialForAccessToken( requestHandler.setInternalOptions(options.toString()); } + // Set BYOID Metrics header. + HttpHeaders additionalHeaders = new HttpHeaders(); + additionalHeaders.set( + MetricsUtils.API_CLIENT_HEADER, this.metricsHandler.getExternalAccountMetricsHeader()); + requestHandler.setHeaders(additionalHeaders); + if (stsTokenExchangeRequest.getInternalOptions() != null) { // Overwrite internal options. Let subclass handle setting options. requestHandler.setInternalOptions(stsTokenExchangeRequest.getInternalOptions()); @@ -589,6 +604,10 @@ public ServiceAccountImpersonationOptions getServiceAccountImpersonationOptions( return serviceAccountImpersonationOptions; } + String getCredentialSourceType() { + return "unknown"; + } + EnvironmentProvider getEnvironmentProvider() { return environmentProvider; } @@ -663,8 +682,11 @@ static final class ServiceAccountImpersonationOptions implements java.io.Seriali private final int lifetime; + final boolean customTokenLifetimeRequested; + ServiceAccountImpersonationOptions(Map optionsMap) { - if (!optionsMap.containsKey(TOKEN_LIFETIME_SECONDS_KEY)) { + customTokenLifetimeRequested = optionsMap.containsKey(TOKEN_LIFETIME_SECONDS_KEY); + if (!customTokenLifetimeRequested) { lifetime = DEFAULT_TOKEN_LIFETIME_SECONDS; return; } @@ -714,6 +736,7 @@ public abstract static class Builder extends GoogleCredentials.Builder { @Nullable protected String workforcePoolUserProject; @Nullable protected ServiceAccountImpersonationOptions serviceAccountImpersonationOptions; @Nullable protected String universeDomain; + @Nullable protected ExternalAccountMetricsHandler metricsHandler; protected Builder() {} @@ -733,6 +756,7 @@ protected Builder(ExternalAccountCredentials credentials) { this.workforcePoolUserProject = credentials.workforcePoolUserProject; this.serviceAccountImpersonationOptions = credentials.serviceAccountImpersonationOptions; this.universeDomain = credentials.universeDomain; + this.metricsHandler = credentials.metricsHandler; } /** diff --git a/oauth2_http/java/com/google/auth/oauth2/ExternalAccountMetricsHandler.java b/oauth2_http/java/com/google/auth/oauth2/ExternalAccountMetricsHandler.java new file mode 100644 index 000000000..fcb656b5d --- /dev/null +++ b/oauth2_http/java/com/google/auth/oauth2/ExternalAccountMetricsHandler.java @@ -0,0 +1,78 @@ +/* + * Copyright 2023 Google LLC + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are + * met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following disclaimer + * in the documentation and/or other materials provided with the + * distribution. + * + * * Neither the name of Google LLC nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +package com.google.auth.oauth2; + +/** + * A handler for generating the x-goog-api-client header value for BYOID external account + * credentials. + */ +class ExternalAccountMetricsHandler implements java.io.Serializable { + private static final String SOURCE_KEY = "source"; + private static final String IMPERSONATION_KEY = "sa-impersonation"; + private static final String CONFIG_LIFETIME_KEY = "config-lifetime"; + private static final String BYOID_METRICS_SECTION = "google-byoid-sdk"; + + private final boolean configLifetime; + private final boolean saImpersonation; + private String credentialSourceType; + + /** + * Constructor for the external account metrics handler. + * + * @param creds the {@code ExternalAccountCredentials} object to set the external account metrics + * options from. + */ + ExternalAccountMetricsHandler(ExternalAccountCredentials creds) { + this.saImpersonation = creds.getServiceAccountImpersonationUrl() != null; + this.configLifetime = + creds.getServiceAccountImpersonationOptions().customTokenLifetimeRequested; + this.credentialSourceType = creds.getCredentialSourceType(); + } + + /** + * Gets the external account metrics header value for the x-goog-api-client header. + * + * @return the header value. + */ + String getExternalAccountMetricsHeader() { + return String.format( + "%s %s %s/%s %s/%s %s/%s", + MetricsUtils.getLanguageAndAuthLibraryVersions(), + BYOID_METRICS_SECTION, + SOURCE_KEY, + this.credentialSourceType, + IMPERSONATION_KEY, + this.saImpersonation, + CONFIG_LIFETIME_KEY, + this.configLifetime); + } +} diff --git a/oauth2_http/java/com/google/auth/oauth2/IdentityPoolCredentials.java b/oauth2_http/java/com/google/auth/oauth2/IdentityPoolCredentials.java index 91b837e45..aab014f2e 100644 --- a/oauth2_http/java/com/google/auth/oauth2/IdentityPoolCredentials.java +++ b/oauth2_http/java/com/google/auth/oauth2/IdentityPoolCredentials.java @@ -38,6 +38,7 @@ import com.google.api.client.json.GenericJson; import com.google.api.client.json.JsonObjectParser; import com.google.auth.oauth2.IdentityPoolCredentials.IdentityPoolCredentialSource.CredentialFormatType; +import com.google.auth.oauth2.IdentityPoolCredentials.IdentityPoolCredentialSource.IdentityPoolCredentialSourceType; import com.google.common.io.CharStreams; import java.io.BufferedReader; import java.io.File; @@ -192,6 +193,16 @@ public String retrieveSubjectToken() throws IOException { return getSubjectTokenFromMetadataServer(); } + @Override + String getCredentialSourceType() { + if (((IdentityPoolCredentialSource) this.getCredentialSource()).credentialSourceType + == IdentityPoolCredentialSourceType.FILE) { + return "file"; + } else { + return "url"; + } + } + private String retrieveSubjectTokenFromCredentialFile() throws IOException { String credentialFilePath = identityPoolCredentialSource.credentialLocation; if (!Files.exists(Paths.get(credentialFilePath), LinkOption.NOFOLLOW_LINKS)) { diff --git a/oauth2_http/java/com/google/auth/oauth2/MetricsUtils.java b/oauth2_http/java/com/google/auth/oauth2/MetricsUtils.java new file mode 100644 index 000000000..0267e8729 --- /dev/null +++ b/oauth2_http/java/com/google/auth/oauth2/MetricsUtils.java @@ -0,0 +1,70 @@ +/* + * Copyright 2023 Google LLC + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are + * met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following disclaimer + * in the documentation and/or other materials provided with the + * distribution. + * + * * Neither the name of Google LLC nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +package com.google.auth.oauth2; + +import java.io.IOException; +import java.io.InputStream; +import java.util.Properties; + +class MetricsUtils { + static final String API_CLIENT_HEADER = "x-goog-api-client"; + private static final String authLibraryVersion = getAuthLibraryVersion(); + private static final String javaLanguageVersion = System.getProperty("java.version"); + + /** + * Gets the x-goog-api-client header value for the current Java language version and the auth + * library version. + * + * @return the header value. + */ + static String getLanguageAndAuthLibraryVersions() { + return String.format("gl-java/%s auth/%s", javaLanguageVersion, authLibraryVersion); + } + + private static String getAuthLibraryVersion() { + // Attempt to read the library's version from a properties file generated during the build. + // This value should be read and cached for later use. + String version = "unknown-version"; + try (InputStream inputStream = + MetricsUtils.class.getResourceAsStream( + "/com/google/auth/oauth2/google-auth-library.properties")) { + if (inputStream != null) { + final Properties properties = new Properties(); + properties.load(inputStream); + version = properties.getProperty("google-auth-library.version"); + } + } catch (IOException e) { + // Ignore. + } + return version; + } +} diff --git a/oauth2_http/java/com/google/auth/oauth2/PluggableAuthCredentials.java b/oauth2_http/java/com/google/auth/oauth2/PluggableAuthCredentials.java index 0042dfdc2..0fe3c9800 100644 --- a/oauth2_http/java/com/google/auth/oauth2/PluggableAuthCredentials.java +++ b/oauth2_http/java/com/google/auth/oauth2/PluggableAuthCredentials.java @@ -292,6 +292,11 @@ public PluggableAuthCredentials createScoped(Collection newScopes) { (PluggableAuthCredentials.Builder) newBuilder(this).setScopes(newScopes)); } + @Override + String getCredentialSourceType() { + return "executable"; + } + public static Builder newBuilder() { return new Builder(); } diff --git a/oauth2_http/javatests/com/google/auth/oauth2/AwsCredentialsTest.java b/oauth2_http/javatests/com/google/auth/oauth2/AwsCredentialsTest.java index 248bc92df..9abbcc822 100644 --- a/oauth2_http/javatests/com/google/auth/oauth2/AwsCredentialsTest.java +++ b/oauth2_http/javatests/com/google/auth/oauth2/AwsCredentialsTest.java @@ -131,6 +131,11 @@ public void refreshAccessToken_withoutServiceAccountImpersonation() throws IOExc AccessToken accessToken = awsCredential.refreshAccessToken(); assertEquals(transportFactory.transport.getAccessToken(), accessToken.getTokenValue()); + + // Validate metrics header is set correctly on the sts request. + Map> headers = + transportFactory.transport.getRequests().get(3).getHeaders(); + ExternalAccountCredentialsTest.validateMetricsHeader(headers, "aws", false, false); } @Test @@ -142,18 +147,26 @@ public void refreshAccessToken_withServiceAccountImpersonation() throws IOExcept AwsCredentials awsCredential = (AwsCredentials) - AwsCredentials.newBuilder(AWS_CREDENTIAL) + AwsCredentials.newBuilder() + .setHttpTransportFactory(transportFactory) + .setAudience("audience") + .setSubjectTokenType("subjectTokenType") .setTokenUrl(transportFactory.transport.getStsUrl()) + .setTokenInfoUrl("tokenInfoUrl") + .setCredentialSource(buildAwsCredentialSource(transportFactory)) .setServiceAccountImpersonationUrl( transportFactory.transport.getServiceAccountImpersonationUrl()) - .setHttpTransportFactory(transportFactory) - .setCredentialSource(buildAwsCredentialSource(transportFactory)) .build(); AccessToken accessToken = awsCredential.refreshAccessToken(); assertEquals( transportFactory.transport.getServiceAccountAccessToken(), accessToken.getTokenValue()); + + // Validate metrics header is set correctly on the sts request. + Map> headers = + transportFactory.transport.getRequests().get(6).getHeaders(); + ExternalAccountCredentialsTest.validateMetricsHeader(headers, "aws", true, false); } @Test @@ -165,12 +178,15 @@ public void refreshAccessToken_withServiceAccountImpersonationOptions() throws I AwsCredentials awsCredential = (AwsCredentials) - AwsCredentials.newBuilder(AWS_CREDENTIAL) + AwsCredentials.newBuilder() + .setHttpTransportFactory(transportFactory) + .setAudience("audience") + .setSubjectTokenType("subjectTokenType") .setTokenUrl(transportFactory.transport.getStsUrl()) + .setTokenInfoUrl("tokenInfoUrl") + .setCredentialSource(buildAwsCredentialSource(transportFactory)) .setServiceAccountImpersonationUrl( transportFactory.transport.getServiceAccountImpersonationUrl()) - .setHttpTransportFactory(transportFactory) - .setCredentialSource(buildAwsCredentialSource(transportFactory)) .setServiceAccountImpersonationOptions( ExternalAccountCredentialsTest.buildServiceAccountImpersonationOptions(2800)) .build(); @@ -187,6 +203,11 @@ public void refreshAccessToken_withServiceAccountImpersonationOptions() throws I .parseAndClose(GenericJson.class); assertEquals("2800s", query.get("lifetime")); + + // Validate metrics header is set correctly on the sts request. + Map> headers = + transportFactory.transport.getRequests().get(6).getHeaders(); + ExternalAccountCredentialsTest.validateMetricsHeader(headers, "aws", true, true); } @Test diff --git a/oauth2_http/javatests/com/google/auth/oauth2/ExternalAccountCredentialsTest.java b/oauth2_http/javatests/com/google/auth/oauth2/ExternalAccountCredentialsTest.java index 6e0f1efd3..c147675d5 100644 --- a/oauth2_http/javatests/com/google/auth/oauth2/ExternalAccountCredentialsTest.java +++ b/oauth2_http/javatests/com/google/auth/oauth2/ExternalAccountCredentialsTest.java @@ -834,6 +834,11 @@ public void exchangeExternalCredentialForAccessToken() throws IOException { Map query = TestUtils.parseQuery(transportFactory.transport.getLastRequest().getContentAsString()); assertNull(query.get("options")); + + // Validate metrics header is set correctly on the sts request. + Map> headers = + transportFactory.transport.getRequests().get(0).getHeaders(); + validateMetricsHeader(headers, "file", false, false); } @Test @@ -952,6 +957,11 @@ public void exchangeExternalCredentialForAccessToken_withServiceAccountImpersona .parseAndClose(GenericJson.class); assertEquals("3600s", query.get("lifetime")); + + // Validate metrics header is set correctly on the sts request. + Map> headers = + transportFactory.transport.getRequests().get(1).getHeaders(); + validateMetricsHeader(headers, "url", true, false); } @Test @@ -983,6 +993,10 @@ public void exchangeExternalCredentialForAccessToken_withServiceAccountImpersona .createJsonParser(transportFactory.transport.getLastRequest().getContentAsString()) .parseAndClose(GenericJson.class); + // Validate metrics header is set correctly on the sts request. + Map> headers = + transportFactory.transport.getRequests().get(1).getHeaders(); + validateMetricsHeader(headers, "url", true, true); assertEquals("2800s", query.get("lifetime")); } @@ -1257,6 +1271,23 @@ static Map buildServiceAccountImpersonationOptions(Integer lifet return map; } + static void validateMetricsHeader( + Map> headers, + String source, + boolean saImpersonationUsed, + boolean configLifetimeUsed) { + assertTrue(headers.containsKey(MetricsUtils.API_CLIENT_HEADER)); + String actualMetricsValue = headers.get(MetricsUtils.API_CLIENT_HEADER).get(0); + String expectedMetricsValue = + String.format( + "%s google-byoid-sdk source/%s sa-impersonation/%s config-lifetime/%s", + MetricsUtils.getLanguageAndAuthLibraryVersions(), + source, + saImpersonationUsed, + configLifetimeUsed); + assertEquals(expectedMetricsValue, actualMetricsValue); + } + static class TestExternalAccountCredentials extends ExternalAccountCredentials { static class TestCredentialSource extends IdentityPoolCredentials.IdentityPoolCredentialSource { protected TestCredentialSource(Map credentialSourceMap) { diff --git a/oauth2_http/javatests/com/google/auth/oauth2/IdentityPoolCredentialsTest.java b/oauth2_http/javatests/com/google/auth/oauth2/IdentityPoolCredentialsTest.java index 560334965..cf04a43fb 100644 --- a/oauth2_http/javatests/com/google/auth/oauth2/IdentityPoolCredentialsTest.java +++ b/oauth2_http/javatests/com/google/auth/oauth2/IdentityPoolCredentialsTest.java @@ -318,7 +318,12 @@ public void refreshAccessToken_withoutServiceAccountImpersonation() throws IOExc IdentityPoolCredentials credential = (IdentityPoolCredentials) - IdentityPoolCredentials.newBuilder(FILE_SOURCED_CREDENTIAL) + IdentityPoolCredentials.newBuilder() + .setAudience( + "//iam.googleapis.com/projects/123/locations/global/workloadIdentityPools/pool/providers/provider") + .setSubjectTokenType("subjectTokenType") + .setTokenInfoUrl("tokenInfoUrl") + .setCredentialSource(FILE_CREDENTIAL_SOURCE) .setTokenUrl(transportFactory.transport.getStsUrl()) .setHttpTransportFactory(transportFactory) .setCredentialSource( @@ -328,6 +333,11 @@ public void refreshAccessToken_withoutServiceAccountImpersonation() throws IOExc AccessToken accessToken = credential.refreshAccessToken(); assertEquals(transportFactory.transport.getAccessToken(), accessToken.getTokenValue()); + + // Validate metrics header is set correctly on the sts request. + Map> headers = + transportFactory.transport.getRequests().get(1).getHeaders(); + ExternalAccountCredentialsTest.validateMetricsHeader(headers, "url", false, false); } @Test @@ -372,10 +382,14 @@ public void refreshAccessToken_withServiceAccountImpersonation() throws IOExcept transportFactory.transport.setExpireTime(TestUtils.getDefaultExpireTime()); IdentityPoolCredentials credential = (IdentityPoolCredentials) - IdentityPoolCredentials.newBuilder(FILE_SOURCED_CREDENTIAL) - .setTokenUrl(transportFactory.transport.getStsUrl()) + IdentityPoolCredentials.newBuilder() + .setAudience( + "//iam.googleapis.com/projects/123/locations/global/workloadIdentityPools/pool/providers/provider") + .setSubjectTokenType("subjectTokenType") + .setTokenInfoUrl("tokenInfoUrl") .setServiceAccountImpersonationUrl( transportFactory.transport.getServiceAccountImpersonationUrl()) + .setTokenUrl(transportFactory.transport.getStsUrl()) .setHttpTransportFactory(transportFactory) .setCredentialSource( buildUrlBasedCredentialSource(transportFactory.transport.getMetadataUrl())) @@ -385,6 +399,11 @@ public void refreshAccessToken_withServiceAccountImpersonation() throws IOExcept assertEquals( transportFactory.transport.getServiceAccountAccessToken(), accessToken.getTokenValue()); + + // Validate metrics header is set correctly on the sts request. + Map> headers = + transportFactory.transport.getRequests().get(2).getHeaders(); + ExternalAccountCredentialsTest.validateMetricsHeader(headers, "url", true, false); } @Test @@ -395,11 +414,15 @@ public void refreshAccessToken_withServiceAccountImpersonationOptions() throws I transportFactory.transport.setExpireTime(TestUtils.getDefaultExpireTime()); IdentityPoolCredentials credential = (IdentityPoolCredentials) - IdentityPoolCredentials.newBuilder(FILE_SOURCED_CREDENTIAL) + IdentityPoolCredentials.newBuilder() + .setAudience( + "//iam.googleapis.com/projects/123/locations/global/workloadIdentityPools/pool/providers/provider") + .setSubjectTokenType("subjectTokenType") + .setTokenInfoUrl("tokenInfoUrl") .setTokenUrl(transportFactory.transport.getStsUrl()) + .setHttpTransportFactory(transportFactory) .setServiceAccountImpersonationUrl( transportFactory.transport.getServiceAccountImpersonationUrl()) - .setHttpTransportFactory(transportFactory) .setCredentialSource( buildUrlBasedCredentialSource(transportFactory.transport.getMetadataUrl())) .setServiceAccountImpersonationOptions( @@ -418,6 +441,11 @@ public void refreshAccessToken_withServiceAccountImpersonationOptions() throws I .parseAndClose(GenericJson.class); assertEquals("2800s", query.get("lifetime")); + + // Validate metrics header is set correctly on the sts request. + Map> headers = + transportFactory.transport.getRequests().get(2).getHeaders(); + ExternalAccountCredentialsTest.validateMetricsHeader(headers, "url", true, true); } @Test diff --git a/oauth2_http/javatests/com/google/auth/oauth2/MetricsUtilsTest.java b/oauth2_http/javatests/com/google/auth/oauth2/MetricsUtilsTest.java new file mode 100644 index 000000000..aba4d98c9 --- /dev/null +++ b/oauth2_http/javatests/com/google/auth/oauth2/MetricsUtilsTest.java @@ -0,0 +1,56 @@ +/* + * Copyright 2023, Google LLC + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are + * met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following disclaimer + * in the documentation and/or other materials provided with the + * distribution. + * + * * Neither the name of Google LLC nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +package com.google.auth.oauth2; + +import static org.junit.Assert.*; + +import java.util.regex.Pattern; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.junit.runners.JUnit4; + +@RunWith(JUnit4.class) +public class MetricsUtilsTest { + + public static void assertVersions(String version) { + assertNotNull("version constant should not be null", version); + Pattern semverPattern = + Pattern.compile("gl-java/[\\d\\._-]+ auth/\\d+\\.\\d+\\.\\d+(-sp\\.\\d+)?(-SNAPSHOT)?"); + assertTrue(semverPattern.matcher(version).matches()); + } + + @Test + public void getVersionWorks() { + String version = MetricsUtils.getLanguageAndAuthLibraryVersions(); + assertVersions(version); + } +} diff --git a/oauth2_http/javatests/com/google/auth/oauth2/PluggableAuthCredentialsTest.java b/oauth2_http/javatests/com/google/auth/oauth2/PluggableAuthCredentialsTest.java index ddc321fdd..fcd845e7a 100644 --- a/oauth2_http/javatests/com/google/auth/oauth2/PluggableAuthCredentialsTest.java +++ b/oauth2_http/javatests/com/google/auth/oauth2/PluggableAuthCredentialsTest.java @@ -200,6 +200,11 @@ public void refreshAccessToken_withoutServiceAccountImpersonation() throws IOExc Map query = TestUtils.parseQuery(transportFactory.transport.getRequests().get(0).getContentAsString()); assertEquals(query.get("subject_token"), "pluggableAuthToken"); + + // Validate metrics header is set correctly on the sts request. + Map> headers = + transportFactory.transport.getRequests().get(0).getHeaders(); + ExternalAccountCredentialsTest.validateMetricsHeader(headers, "executable", false, false); } @Test @@ -211,14 +216,23 @@ public void refreshAccessToken_withServiceAccountImpersonation() throws IOExcept PluggableAuthCredentials credential = (PluggableAuthCredentials) - PluggableAuthCredentials.newBuilder(CREDENTIAL) - .setExecutableHandler(options -> "pluggableAuthToken") + PluggableAuthCredentials.newBuilder() + .setAudience( + "//iam.googleapis.com/projects/123/locations/global/workloadIdentityPools/pool/providers/provider") + .setSubjectTokenType("subjectTokenType") + .setTokenInfoUrl("tokenInfoUrl") .setTokenUrl(transportFactory.transport.getStsUrl()) + .setCredentialSource(buildCredentialSource()) .setServiceAccountImpersonationUrl( transportFactory.transport.getServiceAccountImpersonationUrl()) .setHttpTransportFactory(transportFactory) .build(); + credential = + PluggableAuthCredentials.newBuilder(credential) + .setExecutableHandler(options -> "pluggableAuthToken") + .build(); + AccessToken accessToken = credential.refreshAccessToken(); assertEquals( @@ -228,6 +242,11 @@ public void refreshAccessToken_withServiceAccountImpersonation() throws IOExcept Map query = TestUtils.parseQuery(transportFactory.transport.getRequests().get(0).getContentAsString()); assertEquals(query.get("subject_token"), "pluggableAuthToken"); + + // Validate metrics header is set correctly on the sts request. + Map> headers = + transportFactory.transport.getRequests().get(0).getHeaders(); + ExternalAccountCredentialsTest.validateMetricsHeader(headers, "executable", true, false); } @Test @@ -239,16 +258,25 @@ public void refreshAccessToken_withServiceAccountImpersonationOptions() throws I PluggableAuthCredentials credential = (PluggableAuthCredentials) - PluggableAuthCredentials.newBuilder(CREDENTIAL) - .setExecutableHandler(options -> "pluggableAuthToken") + PluggableAuthCredentials.newBuilder() + .setAudience( + "//iam.googleapis.com/projects/123/locations/global/workloadIdentityPools/pool/providers/provider") + .setSubjectTokenType("subjectTokenType") + .setTokenInfoUrl("tokenInfoUrl") .setTokenUrl(transportFactory.transport.getStsUrl()) + .setCredentialSource(buildCredentialSource()) .setServiceAccountImpersonationUrl( transportFactory.transport.getServiceAccountImpersonationUrl()) - .setHttpTransportFactory(transportFactory) .setServiceAccountImpersonationOptions( ExternalAccountCredentialsTest.buildServiceAccountImpersonationOptions(2800)) + .setHttpTransportFactory(transportFactory) .build(); + credential = + PluggableAuthCredentials.newBuilder(credential) + .setExecutableHandler(options -> "pluggableAuthToken") + .build(); + AccessToken accessToken = credential.refreshAccessToken(); assertEquals( @@ -261,6 +289,11 @@ public void refreshAccessToken_withServiceAccountImpersonationOptions() throws I .parseAndClose(GenericJson.class); assertEquals("2800s", query.get("lifetime")); + + // Validate metrics header is set correctly on the sts request. + Map> headers = + transportFactory.transport.getRequests().get(0).getHeaders(); + ExternalAccountCredentialsTest.validateMetricsHeader(headers, "executable", true, true); } @Test diff --git a/oauth2_http/pom.xml b/oauth2_http/pom.xml index 4e8c69678..3c158f708 100644 --- a/oauth2_http/pom.xml +++ b/oauth2_http/pom.xml @@ -86,6 +86,7 @@ resources + true javatests @@ -95,6 +96,17 @@ + + org.apache.maven.plugins + maven-resources-plugin + + + + resources + + + + org.sonatype.plugins nexus-staging-maven-plugin @@ -120,6 +132,9 @@ maven-jar-plugin + + true + com.google.auth.oauth2 diff --git a/oauth2_http/resources/com/google/auth/oauth2/google-auth-library.properties b/oauth2_http/resources/com/google/auth/oauth2/google-auth-library.properties new file mode 100644 index 000000000..32474acb0 --- /dev/null +++ b/oauth2_http/resources/com/google/auth/oauth2/google-auth-library.properties @@ -0,0 +1 @@ +google-auth-library.version=${project.parent.version} diff --git a/pom.xml b/pom.xml index 996cc08d5..d8da8a347 100644 --- a/pom.xml +++ b/pom.xml @@ -316,6 +316,11 @@ + + org.apache.maven.plugins + maven-resources-plugin + 3.3.0 + From 0c5cff26fc66ad90d2dbccd374c6ead81f66d569 Mon Sep 17 00:00:00 2001 From: Max Rumpf Date: Sat, 22 Jul 2023 01:54:23 +0200 Subject: [PATCH 40/61] docs: Update library definitions in README to the latest version (#1239) --- README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index bf4fd6521..a3306addf 100644 --- a/README.md +++ b/README.md @@ -57,7 +57,7 @@ If you are using Maven, add this to your pom.xml file (notice that you can repla com.google.auth google-auth-library-oauth2-http - 1.3.0 + 1.19.0 ``` [//]: # ({x-version-update-end}) @@ -67,7 +67,7 @@ If you are using Gradle, add this to your dependencies [//]: # ({x-version-update-start:google-auth-library-oauth2-http:released}) ```Groovy -implementation 'com.google.auth:google-auth-library-oauth2-http:1.3.0' +implementation 'com.google.auth:google-auth-library-oauth2-http:1.19.0' ``` [//]: # ({x-version-update-end}) @@ -75,7 +75,7 @@ If you are using SBT, add this to your dependencies [//]: # ({x-version-update-start:google-auth-library-oauth2-http:released}) ```Scala -libraryDependencies += "com.google.auth" % "google-auth-library-oauth2-http" % "1.3.0" +libraryDependencies += "com.google.auth" % "google-auth-library-oauth2-http" % "1.19.0" ``` [//]: # ({x-version-update-end}) From a63add3f9e0c2c9f0907eb6ba742c16925f1acec Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 24 Jul 2023 19:00:19 +0000 Subject: [PATCH 41/61] chore(deps): bump cryptography from 39.0.1 to 41.0.2 in /.kokoro (#1238) Bumps [cryptography](https://togithub.com/pyca/cryptography) from 39.0.1 to 41.0.2.
Changelog

Sourced from cryptography's changelog.

41.0.2 - 2023-07-10


* Fixed bugs in creating and parsing SSH certificates where critical options
  with values were handled incorrectly. Certificates are now created correctly
  and parsing accepts correct values as well as the previously generated
  invalid forms with a warning. In the next release, support for parsing these
  invalid forms will be removed.

.. _v41-0-1:


41.0.1 - 2023-06-01

  • Temporarily allow invalid ECDSA signature algorithm parameters in X.509 certificates, which are generated by older versions of Java.
  • Allow null bytes in pass phrases when serializing private keys.

.. _v41-0-0:

41.0.0 - 2023-05-30


* **BACKWARDS INCOMPATIBLE:** Support for OpenSSL less than 1.1.1d has been
  removed.  Users on older version of OpenSSL will need to upgrade.
* **BACKWARDS INCOMPATIBLE:** Support for Python 3.6 has been removed.
* **BACKWARDS INCOMPATIBLE:** Dropped support for LibreSSL < 3.6.
* Updated the minimum supported Rust version (MSRV) to 1.56.0, from 1.48.0.
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.1.1.
* Added support for the :class:`~cryptography.x509.OCSPAcceptableResponses`
  OCSP extension.
* Added support for the :class:`~cryptography.x509.MSCertificateTemplate`
  proprietary Microsoft certificate extension.
* Implemented support for equality checks on all asymmetric public key types.
* Added support for ``aes256-gcm@openssh.com`` encrypted keys in
  :func:`~cryptography.hazmat.primitives.serialization.load_ssh_private_key`.
* Added support for obtaining X.509 certificate signature algorithm parameters
  (including PSS) via
  :meth:`~cryptography.x509.Certificate.signature_algorithm_parameters`.
* Support signing :class:`~cryptography.hazmat.primitives.asymmetric.padding.PSS`
  X.509 certificates via the new keyword-only argument ``rsa_padding`` on
  :meth:`~cryptography.x509.CertificateBuilder.sign`.
* Added support for
  :class:`~cryptography.hazmat.primitives.ciphers.aead.ChaCha20Poly1305`
  on BoringSSL.

.. _v40-0-2:


40.0.2 - 2023-04-14

... (truncated)

Commits

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=cryptography&package-manager=pip&previous-version=39.0.1&new-version=41.0.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://togithub.com/googleapis/google-auth-library-java/network/alerts).
From 41e6c74fc133142b77ce3f7de7e72ebff76ef1bd Mon Sep 17 00:00:00 2001 From: Mend Renovate Date: Mon, 24 Jul 2023 21:50:22 +0200 Subject: [PATCH 42/61] chore(deps): update dependency org.apache.maven.plugins:maven-compiler-plugin to v3.11.0 (#1176) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [org.apache.maven.plugins:maven-compiler-plugin](https://maven.apache.org/plugins/) | `3.10.1` -> `3.11.0` | [![age](https://developer.mend.io/api/mc/badges/age/maven/org.apache.maven.plugins:maven-compiler-plugin/3.11.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/maven/org.apache.maven.plugins:maven-compiler-plugin/3.11.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/maven/org.apache.maven.plugins:maven-compiler-plugin/3.10.1/3.11.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/maven/org.apache.maven.plugins:maven-compiler-plugin/3.10.1/3.11.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/googleapis/google-auth-library-java). --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index d8da8a347..12d02d8af 100644 --- a/pom.xml +++ b/pom.xml @@ -227,7 +227,7 @@ maven-compiler-plugin - 3.10.1 + 3.11.0 1.8 1.8 From d0bb831efa5f0f887f3fb26648c286196f4fe87a Mon Sep 17 00:00:00 2001 From: Mend Renovate Date: Mon, 24 Jul 2023 21:54:18 +0200 Subject: [PATCH 43/61] chore(deps): update dependency com.google.http-client:google-http-client-bom to v1.43.3 (#1174) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [com.google.http-client:google-http-client-bom](https://togithub.com/googleapis/google-http-java-client/tree/master/google-http-client-bom) ([source](https://togithub.com/googleapis/google-http-java-client)) | `1.42.3` -> `1.43.3` | [![age](https://developer.mend.io/api/mc/badges/age/maven/com.google.http-client:google-http-client-bom/1.43.3?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/maven/com.google.http-client:google-http-client-bom/1.43.3?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/maven/com.google.http-client:google-http-client-bom/1.42.3/1.43.3?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/maven/com.google.http-client:google-http-client-bom/1.42.3/1.43.3?slim=true)](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes
googleapis/google-http-java-client (com.google.http-client:google-http-client-bom) ### [`v1.43.3`](https://togithub.com/googleapis/google-http-java-client/blob/HEAD/CHANGELOG.md#1433-2023-06-21) [Compare Source](https://togithub.com/googleapis/google-http-java-client/compare/v1.43.2...v1.43.3) ##### Dependencies - Update dependency com.google.j2objc:j2objc-annotations to v2 ([#​1805](https://togithub.com/googleapis/google-http-java-client/issues/1805)) ([00eb7b1](https://togithub.com/googleapis/google-http-java-client/commit/00eb7b1d6b29148ee76b4cf59be7bf8288cc5152)) - Update doclet version to v1.9.0 ([#​1853](https://togithub.com/googleapis/google-http-java-client/issues/1853)) ([eeea739](https://togithub.com/googleapis/google-http-java-client/commit/eeea739f855cdeaef2dd6c38246660723656dc36)) ### [`v1.43.2`](https://togithub.com/googleapis/google-http-java-client/blob/HEAD/CHANGELOG.md#1432-2023-05-09) [Compare Source](https://togithub.com/googleapis/google-http-java-client/compare/v1.43.1...v1.43.2) ##### Bug Fixes - UriTemplate reserved expansion does not escape reserved chars ([#​1844](https://togithub.com/googleapis/google-http-java-client/issues/1844)) ([91c46a9](https://togithub.com/googleapis/google-http-java-client/commit/91c46a99b0b9464d01b5aca2116bbe073b878725)), closes [#​1838](https://togithub.com/googleapis/google-http-java-client/issues/1838) ### [`v1.43.1`](https://togithub.com/googleapis/google-http-java-client/blob/HEAD/CHANGELOG.md#1431-2023-03-14) [Compare Source](https://togithub.com/googleapis/google-http-java-client/compare/v1.43.0...v1.43.1) ##### Bug Fixes - JSON deserialization setter case priority ([#​1831](https://togithub.com/googleapis/google-http-java-client/issues/1831)) ([30182e1](https://togithub.com/googleapis/google-http-java-client/commit/30182e13e7b294b8a0771e47a84b0ed45a628a1f)) ##### Dependencies - Update project.appengine.version to v2.0.12 ([#​1816](https://togithub.com/googleapis/google-http-java-client/issues/1816)) ([ba84066](https://togithub.com/googleapis/google-http-java-client/commit/ba8406642c47045378153e5687667dda6c37c7be)) ### [`v1.43.0`](https://togithub.com/googleapis/google-http-java-client/blob/HEAD/CHANGELOG.md#1430-2023-02-24) [Compare Source](https://togithub.com/googleapis/google-http-java-client/compare/v1.42.3...v1.43.0) ##### Features - GsonFactory to have read leniency option via `GsonFactory.builder().setReadLeniency(true).build()` ([00d61b9](https://togithub.com/googleapis/google-http-java-client/commit/00d61b96dff050ec4b061bead047239b21a48764)) - Next release from main branch is 1.43.0 ([#​1764](https://togithub.com/googleapis/google-http-java-client/issues/1764)) ([9fbae6c](https://togithub.com/googleapis/google-http-java-client/commit/9fbae6c0721cce7cb4a9042f8fed4823ce291e80)) ##### Dependencies - Update dependency com.fasterxml.jackson.core:jackson-core to v2.14.0 ([#​1774](https://togithub.com/googleapis/google-http-java-client/issues/1774)) ([dc41010](https://togithub.com/googleapis/google-http-java-client/commit/dc410107c98e06531021e5a44ac68ff7621dc47f)) - Update dependency com.fasterxml.jackson.core:jackson-core to v2.14.1 ([#​1785](https://togithub.com/googleapis/google-http-java-client/issues/1785)) ([234e7b5](https://togithub.com/googleapis/google-http-java-client/commit/234e7b53a1fc2f3b8a8b7a80a4c9fa9118dcbc37)) - Update dependency com.fasterxml.jackson.core:jackson-core to v2.14.2 ([#​1810](https://togithub.com/googleapis/google-http-java-client/issues/1810)) ([23094ff](https://togithub.com/googleapis/google-http-java-client/commit/23094ffa028acdee63ed868ea070d877f2c5ea95)) - Update dependency com.google.code.gson:gson to v2.10.1 ([#​1799](https://togithub.com/googleapis/google-http-java-client/issues/1799)) ([a114c7e](https://togithub.com/googleapis/google-http-java-client/commit/a114c7ed815216dccf165fc8763a768892a58723)) - Update dependency com.google.errorprone:error_prone_annotations to v2.18.0 ([#​1797](https://togithub.com/googleapis/google-http-java-client/issues/1797)) ([09f3607](https://togithub.com/googleapis/google-http-java-client/commit/09f360775001c035d4d26d29f9e28e5f47fb5bd5)) - Update dependency com.google.protobuf:protobuf-java to v3.21.12 ([#​1789](https://togithub.com/googleapis/google-http-java-client/issues/1789)) ([03b5b32](https://togithub.com/googleapis/google-http-java-client/commit/03b5b321f20543c354447f52669f05a9d1bd00b1)) - Update dependency kr.motd.maven:os-maven-plugin to v1.7.1 ([#​1777](https://togithub.com/googleapis/google-http-java-client/issues/1777)) ([3f318f4](https://togithub.com/googleapis/google-http-java-client/commit/3f318f44305d9b59aecbdd980abdad525ca47bf3)) - Update dependency org.apache.httpcomponents:httpclient to v4.5.14 ([#​1790](https://togithub.com/googleapis/google-http-java-client/issues/1790)) ([0664e17](https://togithub.com/googleapis/google-http-java-client/commit/0664e1744e0885a1cb8787481ccfbab0de845fe9)) - Update dependency org.apache.httpcomponents:httpcore to v4.4.16 ([#​1787](https://togithub.com/googleapis/google-http-java-client/issues/1787)) ([512aa23](https://togithub.com/googleapis/google-http-java-client/commit/512aa2398adf64b89e27b505de03b6e3f2a32875)) - Update project.appengine.version to v2.0.10 ([#​1773](https://togithub.com/googleapis/google-http-java-client/issues/1773)) ([5ddb634](https://togithub.com/googleapis/google-http-java-client/commit/5ddb634887601bfad64ac482643f65c820b55fd4))
--- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/googleapis/google-auth-library-java). --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 12d02d8af..2bc494a5b 100644 --- a/pom.xml +++ b/pom.xml @@ -63,7 +63,7 @@ UTF-8 - 1.42.3 + 1.43.3 4.13.2 32.0.0-android 2.0.10 From 354d09d9ea72b2ce24019b9ff74f1ed71770f89e Mon Sep 17 00:00:00 2001 From: Mend Renovate Date: Mon, 24 Jul 2023 21:56:18 +0200 Subject: [PATCH 44/61] chore(deps): update dependency org.apache.maven.plugins:maven-javadoc-plugin to v3.5.0 (#1158) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [org.apache.maven.plugins:maven-javadoc-plugin](https://maven.apache.org/plugins/) | `3.4.1` -> `3.5.0` | [![age](https://developer.mend.io/api/mc/badges/age/maven/org.apache.maven.plugins:maven-javadoc-plugin/3.5.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/maven/org.apache.maven.plugins:maven-javadoc-plugin/3.5.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/maven/org.apache.maven.plugins:maven-javadoc-plugin/3.4.1/3.5.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/maven/org.apache.maven.plugins:maven-javadoc-plugin/3.4.1/3.5.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/googleapis/google-auth-library-java). --- bom/pom.xml | 2 +- pom.xml | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/bom/pom.xml b/bom/pom.xml index a46f80b4c..4849c7bd8 100644 --- a/bom/pom.xml +++ b/bom/pom.xml @@ -83,7 +83,7 @@ org.apache.maven.plugins maven-javadoc-plugin - 3.4.1 + 3.5.0 true diff --git a/pom.xml b/pom.xml index 2bc494a5b..350c00e1b 100644 --- a/pom.xml +++ b/pom.xml @@ -170,7 +170,7 @@ org.apache.maven.plugins maven-javadoc-plugin - 3.4.1 + 3.5.0 8 false @@ -329,7 +329,7 @@ org.apache.maven.plugins maven-javadoc-plugin - 3.4.1 + 3.5.0 html @@ -397,7 +397,7 @@ org.apache.maven.plugins maven-javadoc-plugin - 3.4.1 + 3.5.0 attach-javadocs @@ -497,7 +497,7 @@ org.apache.maven.plugins maven-javadoc-plugin - 3.4.1 + 3.5.0 com.microsoft.doclet.DocFxDoclet false From 828625402efb5950608d8b940b596ed00d3929bb Mon Sep 17 00:00:00 2001 From: Mend Renovate Date: Mon, 24 Jul 2023 22:24:18 +0200 Subject: [PATCH 45/61] chore(deps): update autovalue packages to v1.10.2 (#1246) --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 350c00e1b..1f5b45eb3 100644 --- a/pom.xml +++ b/pom.xml @@ -70,7 +70,7 @@ 3.0.2 false 1.8.2 - 1.10.1 + 1.10.2 From ac8cef2ffff71a49b5dbeb4fac479db699196924 Mon Sep 17 00:00:00 2001 From: Mend Renovate Date: Tue, 25 Jul 2023 16:18:43 +0200 Subject: [PATCH 46/61] chore(deps): update dependency org.apache.maven.plugins:maven-dependency-plugin to v3.6.0 (#1247) --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 1f5b45eb3..5f151d4f9 100644 --- a/pom.xml +++ b/pom.xml @@ -207,7 +207,7 @@ org.apache.maven.plugins maven-dependency-plugin - 3.5.0 + 3.6.0 com.coveo From b9f4ebdefbd1bdda392780bb03d189ac484d5c3a Mon Sep 17 00:00:00 2001 From: Mend Renovate Date: Tue, 25 Jul 2023 16:59:04 +0200 Subject: [PATCH 47/61] chore(deps): update dependency com.google.appengine:appengine-api-1.0-sdk to v2.0.16 (#1248) --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 5f151d4f9..d842082d5 100644 --- a/pom.xml +++ b/pom.xml @@ -66,7 +66,7 @@ 1.43.3 4.13.2 32.0.0-android - 2.0.10 + 2.0.16 3.0.2 false 1.8.2 From 833ba3b8dc01d6837318214d122b7ec85e91328f Mon Sep 17 00:00:00 2001 From: Mend Renovate Date: Tue, 25 Jul 2023 17:26:27 +0200 Subject: [PATCH 48/61] chore(deps): update dependency com.google.truth:truth to v1.1.5 (#1249) --- samples/snippets/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/samples/snippets/pom.xml b/samples/snippets/pom.xml index db1da8a40..078718508 100644 --- a/samples/snippets/pom.xml +++ b/samples/snippets/pom.xml @@ -74,7 +74,7 @@ truth com.google.truth test - 1.1.3 + 1.1.5 From 2e7950c9dea4a77058023b0092f818e768ad0aa8 Mon Sep 17 00:00:00 2001 From: Mend Renovate Date: Tue, 25 Jul 2023 17:42:12 +0200 Subject: [PATCH 49/61] chore(deps): update dependency org.graalvm.buildtools:native-maven-plugin to v0.9.23 (#1156) --- oauth2_http/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/oauth2_http/pom.xml b/oauth2_http/pom.xml index 3c158f708..86f0351ac 100644 --- a/oauth2_http/pom.xml +++ b/oauth2_http/pom.xml @@ -58,7 +58,7 @@ org.graalvm.buildtools native-maven-plugin - 0.9.19 + 0.9.23 true From 74518681f4d3ab97bdc1b4dbf66b7e975ac9e569 Mon Sep 17 00:00:00 2001 From: Mend Renovate Date: Tue, 25 Jul 2023 18:07:53 +0200 Subject: [PATCH 50/61] chore(deps): update dependency org.graalvm.buildtools:junit-platform-native to v0.9.23 (#1155) --- oauth2_http/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/oauth2_http/pom.xml b/oauth2_http/pom.xml index 86f0351ac..5f073979c 100644 --- a/oauth2_http/pom.xml +++ b/oauth2_http/pom.xml @@ -35,7 +35,7 @@ org.graalvm.buildtools junit-platform-native - 0.9.19 + 0.9.23 test From c137f0a04b075297e0cbc571367189f202fcdd09 Mon Sep 17 00:00:00 2001 From: Mend Renovate Date: Tue, 25 Jul 2023 18:27:14 +0200 Subject: [PATCH 51/61] chore(deps): update dependency org.jacoco:jacoco-maven-plugin to v0.8.10 (#1252) --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index d842082d5..7173f0926 100644 --- a/pom.xml +++ b/pom.xml @@ -285,7 +285,7 @@ org.jacoco jacoco-maven-plugin - 0.8.8 + 0.8.10 From 9dfdf39076fb9bb6df8f5da8803c5642457c7cb3 Mon Sep 17 00:00:00 2001 From: Mend Renovate Date: Tue, 25 Jul 2023 18:38:33 +0200 Subject: [PATCH 52/61] chore(deps): update dependency com.google.cloud:google-iam-admin to v3.17.0 (#1254) --- samples/snippets/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/samples/snippets/pom.xml b/samples/snippets/pom.xml index 078718508..277198c87 100644 --- a/samples/snippets/pom.xml +++ b/samples/snippets/pom.xml @@ -50,7 +50,7 @@ com.google.cloud google-iam-admin - 3.5.0 + 3.17.0 From 65b958b761e6bf4592f9c45cdd39d03793432ce9 Mon Sep 17 00:00:00 2001 From: Mend Renovate Date: Tue, 25 Jul 2023 18:49:15 +0200 Subject: [PATCH 53/61] chore(deps): update dependency org.apache.maven.plugins:maven-resources-plugin to v3.3.1 (#1251) --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 7173f0926..c058040a8 100644 --- a/pom.xml +++ b/pom.xml @@ -319,7 +319,7 @@ org.apache.maven.plugins maven-resources-plugin - 3.3.0 + 3.3.1 From d38893f05800b4bd049aa3c17200388aef343ae7 Mon Sep 17 00:00:00 2001 From: Mend Renovate Date: Tue, 25 Jul 2023 19:31:36 +0200 Subject: [PATCH 54/61] chore(deps): update dependency com.google.auto.service:auto-service-annotations to v1.1.1 (#1253) Co-authored-by: Lawrence Qiu --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index c058040a8..07b9f8ab0 100644 --- a/pom.xml +++ b/pom.xml @@ -465,7 +465,7 @@ com.google.auto.service auto-service-annotations - 1.0.1 + 1.1.1 From 6c70219418badc0c2313cd6afc007be6b3122d9c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 25 Jul 2023 18:56:13 +0000 Subject: [PATCH 55/61] chore(deps): bump certifi from 2022.12.7 to 2023.7.22 in /.kokoro (#1250) Bumps [certifi](https://togithub.com/certifi/python-certifi) from 2022.12.7 to 2023.7.22.
Commits

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=certifi&package-manager=pip&previous-version=2022.12.7&new-version=2023.7.22)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://togithub.com/googleapis/google-auth-library-java/network/alerts).
From 0df82bb121800368a5e35bf298fef1a7d59b431f Mon Sep 17 00:00:00 2001 From: Mend Renovate Date: Tue, 25 Jul 2023 20:56:18 +0200 Subject: [PATCH 56/61] chore(deps): update dependency org.apache.maven.plugins:maven-failsafe-plugin to v3.1.2 (#1256) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [org.apache.maven.plugins:maven-failsafe-plugin](https://maven.apache.org/surefire/) | `3.0.0-M7` -> `3.1.2` | [![age](https://developer.mend.io/api/mc/badges/age/maven/org.apache.maven.plugins:maven-failsafe-plugin/3.1.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/maven/org.apache.maven.plugins:maven-failsafe-plugin/3.1.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/maven/org.apache.maven.plugins:maven-failsafe-plugin/3.0.0-M7/3.1.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/maven/org.apache.maven.plugins:maven-failsafe-plugin/3.0.0-M7/3.1.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/googleapis/google-auth-library-java). --- oauth2_http/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/oauth2_http/pom.xml b/oauth2_http/pom.xml index 5f073979c..b532435dc 100644 --- a/oauth2_http/pom.xml +++ b/oauth2_http/pom.xml @@ -160,7 +160,7 @@ org.apache.maven.plugins maven-failsafe-plugin - 3.0.0-M7 + 3.1.2 1200 sponge_log From 62cc7ae530e7780658b18348dbfa31a50a4f82b0 Mon Sep 17 00:00:00 2001 From: Mend Renovate Date: Tue, 25 Jul 2023 21:00:21 +0200 Subject: [PATCH 57/61] chore(deps): update dependency com.google.cloud:libraries-bom to v26.19.0 (#1255) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [com.google.cloud:libraries-bom](https://cloud.google.com/java/docs/bom) ([source](https://togithub.com/googleapis/java-cloud-bom)) | `26.8.0` -> `26.19.0` | [![age](https://developer.mend.io/api/mc/badges/age/maven/com.google.cloud:libraries-bom/26.19.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/maven/com.google.cloud:libraries-bom/26.19.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/maven/com.google.cloud:libraries-bom/26.8.0/26.19.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/maven/com.google.cloud:libraries-bom/26.8.0/26.19.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes
googleapis/java-cloud-bom (com.google.cloud:libraries-bom) ### [`v26.19.0`](https://togithub.com/googleapis/java-cloud-bom/blob/HEAD/CHANGELOG.md#26190-2023-07-18) [Compare Source](https://togithub.com/googleapis/java-cloud-bom/compare/v26.18.0...v26.19.0) ##### Dependencies - update dependency com.google.cloud:first-party-dependencies to v3.13.0 ([#​6079](https://togithub.com/googleapis/java-cloud-bom/issues/6079)) ([a4fa3fa](https://togithub.com/googleapis/java-cloud-bom/commit/a4fa3fa1516a5f12bace0b7461f931313537fb96)) - update dependency com.google.cloud:gapic-libraries-bom to v1.15.0 ([#​6086](https://togithub.com/googleapis/java-cloud-bom/issues/6086)) ([5900bae](https://togithub.com/googleapis/java-cloud-bom/commit/5900bae39118920c54b57f8cc77d06fbab9007da)) - update dependency com.google.cloud:google-cloud-bigquery to v2.30.0 ([#​6094](https://togithub.com/googleapis/java-cloud-bom/issues/6094)) ([e394eeb](https://togithub.com/googleapis/java-cloud-bom/commit/e394eebd6635fc2807d2efd293288e13a7ec8a3c)) - update dependency com.google.cloud:google-cloud-bigquery to v2.30.1 ([#​6100](https://togithub.com/googleapis/java-cloud-bom/issues/6100)) ([aae3677](https://togithub.com/googleapis/java-cloud-bom/commit/aae3677d23b9becd28a05aeaa7e2d5f080ee2574)) - update dependency com.google.cloud:google-cloud-bigquerystorage-bom to v2.40.0 ([#​6095](https://togithub.com/googleapis/java-cloud-bom/issues/6095)) ([d502ebe](https://togithub.com/googleapis/java-cloud-bom/commit/d502ebe6f02e2c639705e18916b66e92ffff11fb)) - update dependency com.google.cloud:google-cloud-bigquerystorage-bom to v2.40.1 ([#​6097](https://togithub.com/googleapis/java-cloud-bom/issues/6097)) ([dc310e1](https://togithub.com/googleapis/java-cloud-bom/commit/dc310e1862c6a4878a913bb99c1affbe4d43aef8)) - update dependency com.google.cloud:google-cloud-bigtable-bom to v2.25.0 ([#​6088](https://togithub.com/googleapis/java-cloud-bom/issues/6088)) ([c7b5190](https://togithub.com/googleapis/java-cloud-bom/commit/c7b5190e648541b62aaacaddf4ff5c89c536d878)) - update dependency com.google.cloud:google-cloud-datastore-bom to v2.16.1 ([#​6081](https://togithub.com/googleapis/java-cloud-bom/issues/6081)) ([64aeea9](https://togithub.com/googleapis/java-cloud-bom/commit/64aeea9d83b5b8222e62a432e318cc09469b42d3)) - update dependency com.google.cloud:google-cloud-firestore-bom to v3.13.3 ([#​6085](https://togithub.com/googleapis/java-cloud-bom/issues/6085)) ([0877eac](https://togithub.com/googleapis/java-cloud-bom/commit/0877eac464c9bdc2c78055d6d4bae739e886ed3c)) - update dependency com.google.cloud:google-cloud-logging-bom to v3.15.6 ([#​6090](https://togithub.com/googleapis/java-cloud-bom/issues/6090)) ([71f7e20](https://togithub.com/googleapis/java-cloud-bom/commit/71f7e205568770254665d4e0af57c7f91856d250)) - update dependency com.google.cloud:google-cloud-logging-logback to v0.130.18-alpha ([#​6091](https://togithub.com/googleapis/java-cloud-bom/issues/6091)) ([c0cecca](https://togithub.com/googleapis/java-cloud-bom/commit/c0ceccae680732fa86c285cf5ab0250cda231b76)) - update dependency com.google.cloud:google-cloud-nio to v0.126.19 ([#​6082](https://togithub.com/googleapis/java-cloud-bom/issues/6082)) ([25ce438](https://togithub.com/googleapis/java-cloud-bom/commit/25ce438f8fc4b592a2dedf237b69a33437a9878d)) - update dependency com.google.cloud:google-cloud-pubsub-bom to v1.123.18 ([#​6092](https://togithub.com/googleapis/java-cloud-bom/issues/6092)) ([09f666c](https://togithub.com/googleapis/java-cloud-bom/commit/09f666c6fa18fa592cd2ec79b68b774fe64af357)) - update dependency com.google.cloud:google-cloud-pubsublite-bom to v1.12.11 ([#​6093](https://togithub.com/googleapis/java-cloud-bom/issues/6093)) ([d7cb3ae](https://togithub.com/googleapis/java-cloud-bom/commit/d7cb3ae7153a9156dc685f63a760245b0b2394a7)) - update dependency com.google.cloud:google-cloud-pubsublite-bom to v1.12.11 ([#​6096](https://togithub.com/googleapis/java-cloud-bom/issues/6096)) ([3c411a8](https://togithub.com/googleapis/java-cloud-bom/commit/3c411a893bf93a9a1b758d79fb898aa7e06ce369)) - update dependency com.google.cloud:google-cloud-spanner-bom to v6.43.2 ([#​6084](https://togithub.com/googleapis/java-cloud-bom/issues/6084)) ([4667f38](https://togithub.com/googleapis/java-cloud-bom/commit/4667f382103fcc450e57e435888b809b6f8ac8ee)) - update dependency com.google.cloud:google-cloud-spanner-jdbc to v2.11.4 ([#​6080](https://togithub.com/googleapis/java-cloud-bom/issues/6080)) ([6c45712](https://togithub.com/googleapis/java-cloud-bom/commit/6c457120952b2f6956b4d99a305d833673c1c2a0)) - update dependency com.google.cloud:google-cloud-storage-bom to v2.22.6 ([#​6099](https://togithub.com/googleapis/java-cloud-bom/issues/6099)) ([f72d18c](https://togithub.com/googleapis/java-cloud-bom/commit/f72d18c1f665333872730ff56101ad357f4e6a23)) ### [`v26.18.0`](https://togithub.com/googleapis/java-cloud-bom/blob/HEAD/CHANGELOG.md#26180-2023-06-28) [Compare Source](https://togithub.com/googleapis/java-cloud-bom/compare/v26.17.0...v26.18.0) ##### Dependencies - update dependency com.google.cloud:first-party-dependencies to v3.12.0 ([#​6057](https://togithub.com/googleapis/java-cloud-bom/issues/6057)) ([4c52805](https://togithub.com/googleapis/java-cloud-bom/commit/4c52805563963c5f03d75542d83a86785ddde2eb)) - update dependency com.google.cloud:gapic-libraries-bom to v1.14.0 ([#​6067](https://togithub.com/googleapis/java-cloud-bom/issues/6067)) ([2ba5fb8](https://togithub.com/googleapis/java-cloud-bom/commit/2ba5fb8a1a5de8ab5f925313e68128cb914b5e6b)) - update dependency com.google.cloud:google-cloud-bigquery to v2.29.0 ([#​6051](https://togithub.com/googleapis/java-cloud-bom/issues/6051)) ([f0e719c](https://togithub.com/googleapis/java-cloud-bom/commit/f0e719cbe972e09a9b75d0f5841122518123248a)) - update dependency com.google.cloud:google-cloud-bigquerystorage-bom to v2.39.1 ([#​6058](https://togithub.com/googleapis/java-cloud-bom/issues/6058)) ([795e555](https://togithub.com/googleapis/java-cloud-bom/commit/795e5550a97e9724bfc777a7295e962ea6ebedf5)) - update dependency com.google.cloud:google-cloud-bigtable-bom to v2.24.1 ([#​6076](https://togithub.com/googleapis/java-cloud-bom/issues/6076)) ([47b8b96](https://togithub.com/googleapis/java-cloud-bom/commit/47b8b96e0660434628cdcdd68ea9b66d38bf51a0)) - update dependency com.google.cloud:google-cloud-datastore-bom to v2.16.0 ([#​6066](https://togithub.com/googleapis/java-cloud-bom/issues/6066)) ([4b3b665](https://togithub.com/googleapis/java-cloud-bom/commit/4b3b66506c4f7ea53f790d5e95ca6f687ec2c512)) - update dependency com.google.cloud:google-cloud-firestore-bom to v3.13.2 ([#​6052](https://togithub.com/googleapis/java-cloud-bom/issues/6052)) ([dfd0068](https://togithub.com/googleapis/java-cloud-bom/commit/dfd00685d239bf5cd6613221874fcac02f0e2eaf)) - update dependency com.google.cloud:google-cloud-logging-bom to v3.15.5 ([#​6055](https://togithub.com/googleapis/java-cloud-bom/issues/6055)) ([23ba420](https://togithub.com/googleapis/java-cloud-bom/commit/23ba420a4a1eaa4baed11161871278311ff6e4dd)) - update dependency com.google.cloud:google-cloud-logging-logback to v0.130.17-alpha ([#​6061](https://togithub.com/googleapis/java-cloud-bom/issues/6061)) ([5182d43](https://togithub.com/googleapis/java-cloud-bom/commit/5182d43e53a1dfda0776f1f9559620d643bfedca)) - update dependency com.google.cloud:google-cloud-nio to v0.126.18 ([#​6060](https://togithub.com/googleapis/java-cloud-bom/issues/6060)) ([9bbf047](https://togithub.com/googleapis/java-cloud-bom/commit/9bbf047c93ca1f6929e79eb5ceee29f2f0acb9d2)) - update dependency com.google.cloud:google-cloud-pubsub-bom to v1.123.15 ([#​6059](https://togithub.com/googleapis/java-cloud-bom/issues/6059)) ([7d5eecd](https://togithub.com/googleapis/java-cloud-bom/commit/7d5eecda25b4270dfe0add8adabc277f8d6c5a6e)) - update dependency com.google.cloud:google-cloud-pubsub-bom to v1.123.16 ([#​6070](https://togithub.com/googleapis/java-cloud-bom/issues/6070)) ([9a627d4](https://togithub.com/googleapis/java-cloud-bom/commit/9a627d49381dd10304965ad080d270e66650965a)) - update dependency com.google.cloud:google-cloud-pubsub-bom to v1.123.17 ([#​6073](https://togithub.com/googleapis/java-cloud-bom/issues/6073)) ([3f3a096](https://togithub.com/googleapis/java-cloud-bom/commit/3f3a0967049de9f401afa6c4cb5c306fe7dd7025)) - update dependency com.google.cloud:google-cloud-pubsublite-bom to v1.12.10 ([#​6077](https://togithub.com/googleapis/java-cloud-bom/issues/6077)) ([8ef9b9c](https://togithub.com/googleapis/java-cloud-bom/commit/8ef9b9c773052a9d9a3d07f4877e0a31213417f6)) - update dependency com.google.cloud:google-cloud-pubsublite-bom to v1.12.9 ([#​6065](https://togithub.com/googleapis/java-cloud-bom/issues/6065)) ([d1005e9](https://togithub.com/googleapis/java-cloud-bom/commit/d1005e9b3c4ffa21ceead5e923e020935f1eaa58)) - update dependency com.google.cloud:google-cloud-spanner-bom to v6.43.1 ([#​6071](https://togithub.com/googleapis/java-cloud-bom/issues/6071)) ([9e51be0](https://togithub.com/googleapis/java-cloud-bom/commit/9e51be059519912d5703288efedfa02d876fee06)) - update dependency com.google.cloud:google-cloud-spanner-jdbc to v2.11.1 ([#​6072](https://togithub.com/googleapis/java-cloud-bom/issues/6072)) ([05565e8](https://togithub.com/googleapis/java-cloud-bom/commit/05565e8ead5f86451bdcc911953219fa9e18ca57)) - update dependency com.google.cloud:google-cloud-spanner-jdbc to v2.11.2 ([#​6074](https://togithub.com/googleapis/java-cloud-bom/issues/6074)) ([236016b](https://togithub.com/googleapis/java-cloud-bom/commit/236016bf309a9e4e1d657d58cf19608ec4b06a05)) - update dependency com.google.cloud:google-cloud-storage-bom to v2.22.5 ([#​6064](https://togithub.com/googleapis/java-cloud-bom/issues/6064)) ([2315aeb](https://togithub.com/googleapis/java-cloud-bom/commit/2315aeb00346bb56a26d53178917f17df7644525)) - update dependency com.google.cloud.tools:dependencies to v1.5.13 ([#​6046](https://togithub.com/googleapis/java-cloud-bom/issues/6046)) ([72382c3](https://togithub.com/googleapis/java-cloud-bom/commit/72382c3db2833da664363bc9cbdea9f22fe60c19)) ### [`v26.17.0`](https://togithub.com/googleapis/java-cloud-bom/blob/HEAD/CHANGELOG.md#26170-2023-06-13) [Compare Source](https://togithub.com/googleapis/java-cloud-bom/compare/v26.16.0...v26.17.0) ##### Dependencies - update dependency com.google.cloud:first-party-dependencies to v3.11.0 ([#​6028](https://togithub.com/googleapis/java-cloud-bom/issues/6028)) ([23aa58f](https://togithub.com/googleapis/java-cloud-bom/commit/23aa58f7721ac4181d13e33491c1ba134bf1841a)) - update dependency com.google.cloud:gapic-libraries-bom to v1.13.0 ([#​6040](https://togithub.com/googleapis/java-cloud-bom/issues/6040)) ([4a276a5](https://togithub.com/googleapis/java-cloud-bom/commit/4a276a507a91dbc4db9f9765ad3f7eafc6ea6a61)) - update dependency com.google.cloud:google-cloud-bigquery to v2.27.1 ([#​6044](https://togithub.com/googleapis/java-cloud-bom/issues/6044)) ([bef12ad](https://togithub.com/googleapis/java-cloud-bom/commit/bef12add57a7ad7a7f4ecd81436e031303e607df)) - update dependency com.google.cloud:google-cloud-bigquerystorage-bom to v2.38.0 ([#​6041](https://togithub.com/googleapis/java-cloud-bom/issues/6041)) ([ed484e6](https://togithub.com/googleapis/java-cloud-bom/commit/ed484e601feafb93ba4559fc63d10043a56836e8)) - update dependency com.google.cloud:google-cloud-bigtable-bom to v2.23.3 ([#​6033](https://togithub.com/googleapis/java-cloud-bom/issues/6033)) ([2b56736](https://togithub.com/googleapis/java-cloud-bom/commit/2b5673668683abcd9ef599cff793af6061d7693a)) - update dependency com.google.cloud:google-cloud-datastore-bom to v2.15.0 ([#​6042](https://togithub.com/googleapis/java-cloud-bom/issues/6042)) ([a988f92](https://togithub.com/googleapis/java-cloud-bom/commit/a988f92dce1502990e026ea294d473a367cfb6af)) - update dependency com.google.cloud:google-cloud-firestore-bom to v3.13.0 ([#​6024](https://togithub.com/googleapis/java-cloud-bom/issues/6024)) ([47f4f64](https://togithub.com/googleapis/java-cloud-bom/commit/47f4f640bd8c2a6d32f29f348b4824db36dd849d)) - update dependency com.google.cloud:google-cloud-logging-bom to v3.15.3 ([#​6036](https://togithub.com/googleapis/java-cloud-bom/issues/6036)) ([4a48f41](https://togithub.com/googleapis/java-cloud-bom/commit/4a48f41e558f395d095d0dfaeef8c5fe0c9079d2)) - update dependency com.google.cloud:google-cloud-logging-logback to v0.130.14-alpha ([#​6034](https://togithub.com/googleapis/java-cloud-bom/issues/6034)) ([1af8b72](https://togithub.com/googleapis/java-cloud-bom/commit/1af8b72a30dad680444bee9e1a6493b31a39ff0b)) - update dependency com.google.cloud:google-cloud-logging-logback to v0.130.15-alpha ([#​6035](https://togithub.com/googleapis/java-cloud-bom/issues/6035)) ([ca65ce5](https://togithub.com/googleapis/java-cloud-bom/commit/ca65ce561152f0c71247e7d4165d982590ccfff6)) - update dependency com.google.cloud:google-cloud-nio to v0.126.17 ([#​6037](https://togithub.com/googleapis/java-cloud-bom/issues/6037)) ([fa1ebf6](https://togithub.com/googleapis/java-cloud-bom/commit/fa1ebf66050edd8d657bd650e610478dcb9a1261)) - update dependency com.google.cloud:google-cloud-pubsub-bom to v1.123.14 ([#​6038](https://togithub.com/googleapis/java-cloud-bom/issues/6038)) ([1be40ff](https://togithub.com/googleapis/java-cloud-bom/commit/1be40ff79a699c8e3e267ab9474145c27c6d4cb1)) - update dependency com.google.cloud:google-cloud-pubsublite-bom to v1.12.8 ([#​6039](https://togithub.com/googleapis/java-cloud-bom/issues/6039)) ([33d292a](https://togithub.com/googleapis/java-cloud-bom/commit/33d292a8af9bcdd2bcddd593fe59f19771a3ea4d)) - update dependency com.google.cloud:google-cloud-spanner-bom to v6.43.0 ([#​6029](https://togithub.com/googleapis/java-cloud-bom/issues/6029)) ([7f8df1e](https://togithub.com/googleapis/java-cloud-bom/commit/7f8df1eacf15f7cfd42cf034dfcd0d30be0e41b6)) - update dependency com.google.cloud:google-cloud-spanner-jdbc to v2.11.0 ([#​6043](https://togithub.com/googleapis/java-cloud-bom/issues/6043)) ([0f152e7](https://togithub.com/googleapis/java-cloud-bom/commit/0f152e73e9cd2b46afca848067d374b56069ed02)) - update dependency com.google.cloud:google-cloud-storage-bom to v2.22.4 ([#​6031](https://togithub.com/googleapis/java-cloud-bom/issues/6031)) ([f85721f](https://togithub.com/googleapis/java-cloud-bom/commit/f85721fdbb6ec2b7083676d74fc3e9244ea72525)) - update dependency commons-io:commons-io to v2.12.0 ([#​5994](https://togithub.com/googleapis/java-cloud-bom/issues/5994)) ([14f8655](https://togithub.com/googleapis/java-cloud-bom/commit/14f8655132e91778f9675f524989519841dfeaeb)) - update dependency commons-io:commons-io to v2.13.0 ([#​6030](https://togithub.com/googleapis/java-cloud-bom/issues/6030)) ([5b7a0d3](https://togithub.com/googleapis/java-cloud-bom/commit/5b7a0d3b3a8b3db9f41befbd16b2de0831c3c48a)) ### [`v26.16.0`](https://togithub.com/googleapis/java-cloud-bom/blob/HEAD/CHANGELOG.md#26160-2023-05-31) [Compare Source](https://togithub.com/googleapis/java-cloud-bom/compare/v26.15.0...v26.16.0) ##### Dependencies - update dependency com.google.cloud:first-party-dependencies to v3.10.0 ([#​6000](https://togithub.com/googleapis/java-cloud-bom/issues/6000)) ([9880029](https://togithub.com/googleapis/java-cloud-bom/commit/9880029ca50417bc05d15cf0af50954256226b47)) - update dependency com.google.cloud:first-party-dependencies to v3.10.1 ([#​6018](https://togithub.com/googleapis/java-cloud-bom/issues/6018)) ([291545a](https://togithub.com/googleapis/java-cloud-bom/commit/291545a9f21bc405cebc547d1b1e8bdc90a4fe46)) - update dependency com.google.cloud:gapic-libraries-bom to v1.12.0 ([#​6002](https://togithub.com/googleapis/java-cloud-bom/issues/6002)) ([27ecac9](https://togithub.com/googleapis/java-cloud-bom/commit/27ecac9088655948c83089c2e3c4f701211d8e45)) - update dependency com.google.cloud:google-cloud-bigquery to v2.27.0 ([#​5993](https://togithub.com/googleapis/java-cloud-bom/issues/5993)) ([a9867e8](https://togithub.com/googleapis/java-cloud-bom/commit/a9867e854f8aea21a488919cb7494aec1a443c7a)) - update dependency com.google.cloud:google-cloud-bigquerystorage-bom to v2.37.2 ([#​6001](https://togithub.com/googleapis/java-cloud-bom/issues/6001)) ([9f2e1f7](https://togithub.com/googleapis/java-cloud-bom/commit/9f2e1f7725f0cfa207810d069ceed1c3d5ae7a4e)) - update dependency com.google.cloud:google-cloud-bigtable-bom to v2.23.2 ([#​6010](https://togithub.com/googleapis/java-cloud-bom/issues/6010)) ([4aa461c](https://togithub.com/googleapis/java-cloud-bom/commit/4aa461c5897a7df2f3593a7ed55153adf25c5b70)) - update dependency com.google.cloud:google-cloud-datastore-bom to v2.14.7 ([#​6003](https://togithub.com/googleapis/java-cloud-bom/issues/6003)) ([3f38cb1](https://togithub.com/googleapis/java-cloud-bom/commit/3f38cb11a24837c03bda4e005d49db978dd7e1c5)) - update dependency com.google.cloud:google-cloud-firestore-bom to v3.12.0 ([#​6014](https://togithub.com/googleapis/java-cloud-bom/issues/6014)) ([352c3ee](https://togithub.com/googleapis/java-cloud-bom/commit/352c3eeb9481e2ba1679b59d9de3970cd9913580)) - update dependency com.google.cloud:google-cloud-logging-bom to v3.15.2 ([#​6006](https://togithub.com/googleapis/java-cloud-bom/issues/6006)) ([da161ad](https://togithub.com/googleapis/java-cloud-bom/commit/da161adf965666aa123c469120119057e52a93a7)) - update dependency com.google.cloud:google-cloud-logging-logback to v0.130.13-alpha ([#​6011](https://togithub.com/googleapis/java-cloud-bom/issues/6011)) ([c9e6e0f](https://togithub.com/googleapis/java-cloud-bom/commit/c9e6e0f701c9c3ee9ce49218f84334427df49dc4)) - update dependency com.google.cloud:google-cloud-nio to v0.126.16 ([#​6008](https://togithub.com/googleapis/java-cloud-bom/issues/6008)) ([19f3cb0](https://togithub.com/googleapis/java-cloud-bom/commit/19f3cb039c8698e2dd6c2b9d2ed334df688f6810)) - update dependency com.google.cloud:google-cloud-pubsub-bom to v1.123.13 ([#​6009](https://togithub.com/googleapis/java-cloud-bom/issues/6009)) ([5b8348d](https://togithub.com/googleapis/java-cloud-bom/commit/5b8348d926032d4ea3df3e7d1ed52de372e9ad74)) - update dependency com.google.cloud:google-cloud-pubsublite-bom to v1.12.6 ([#​6012](https://togithub.com/googleapis/java-cloud-bom/issues/6012)) ([88e259c](https://togithub.com/googleapis/java-cloud-bom/commit/88e259c36b607d94348d51382712a0f267af76eb)) - update dependency com.google.cloud:google-cloud-spanner-bom to v6.42.2 ([#​5997](https://togithub.com/googleapis/java-cloud-bom/issues/5997)) ([a233987](https://togithub.com/googleapis/java-cloud-bom/commit/a23398776b5304485c5365378b5f93f4eadf0304)) - update dependency com.google.cloud:google-cloud-spanner-bom to v6.42.3 ([#​6016](https://togithub.com/googleapis/java-cloud-bom/issues/6016)) ([e063e7c](https://togithub.com/googleapis/java-cloud-bom/commit/e063e7c2473b369af25c70c098cb7f815e0a59da)) - update dependency com.google.cloud:google-cloud-spanner-jdbc to v2.10.0 ([#​6017](https://togithub.com/googleapis/java-cloud-bom/issues/6017)) ([9f6ec63](https://togithub.com/googleapis/java-cloud-bom/commit/9f6ec63d16d6b3e70177d25709208baaabb93aed)) - update dependency com.google.cloud:google-cloud-storage-bom to v2.22.3 ([#​6007](https://togithub.com/googleapis/java-cloud-bom/issues/6007)) ([0de3cda](https://togithub.com/googleapis/java-cloud-bom/commit/0de3cda024458a7d39b9e3ccf4c77c564d545f96)) ### [`v26.15.0`](https://togithub.com/googleapis/java-cloud-bom/blob/HEAD/CHANGELOG.md#26150-2023-05-16) [Compare Source](https://togithub.com/googleapis/java-cloud-bom/compare/v26.14.0...v26.15.0) ##### Dependencies - update dependency com.google.cloud:first-party-dependencies to v3.9.0 ([#​5974](https://togithub.com/googleapis/java-cloud-bom/issues/5974)) ([3730711](https://togithub.com/googleapis/java-cloud-bom/commit/3730711dbf7616fcc914a65a1e956b26a13beee3)) - update dependency com.google.cloud:gapic-libraries-bom to v1.11.0 ([#​5981](https://togithub.com/googleapis/java-cloud-bom/issues/5981)) ([26d29e3](https://togithub.com/googleapis/java-cloud-bom/commit/26d29e38e2ee6e46fce204e001f6ac292c1d1ab3)) - update dependency com.google.cloud:google-cloud-bigquery to v2.26.0 ([#​5989](https://togithub.com/googleapis/java-cloud-bom/issues/5989)) ([7cbc31a](https://togithub.com/googleapis/java-cloud-bom/commit/7cbc31ac30d95fdd31b6e94d7af79fc1a021b059)) - update dependency com.google.cloud:google-cloud-bigquerystorage-bom to v2.37.0 ([#​5986](https://togithub.com/googleapis/java-cloud-bom/issues/5986)) ([e72a9b9](https://togithub.com/googleapis/java-cloud-bom/commit/e72a9b9a7282e87d68de1465e61310814476debe)) - update dependency com.google.cloud:google-cloud-bigtable-bom to v2.23.0 ([#​5975](https://togithub.com/googleapis/java-cloud-bom/issues/5975)) ([7670085](https://togithub.com/googleapis/java-cloud-bom/commit/7670085733f6803849fa027da53d956d55a0afa6)) - update dependency com.google.cloud:google-cloud-bigtable-bom to v2.23.1 ([#​5982](https://togithub.com/googleapis/java-cloud-bom/issues/5982)) ([6555f26](https://togithub.com/googleapis/java-cloud-bom/commit/6555f26029d1cbfa21898cd0b25cd19728d588c6)) - update dependency com.google.cloud:google-cloud-datastore-bom to v2.14.6 ([#​5976](https://togithub.com/googleapis/java-cloud-bom/issues/5976)) ([4b33ff3](https://togithub.com/googleapis/java-cloud-bom/commit/4b33ff3331897654215d306925aa10c11bfff5a5)) - update dependency com.google.cloud:google-cloud-firestore-bom to v3.11.0 ([#​5990](https://togithub.com/googleapis/java-cloud-bom/issues/5990)) ([34e6d13](https://togithub.com/googleapis/java-cloud-bom/commit/34e6d13eb868a2578752b4468dc0df03e27768c2)) - update dependency com.google.cloud:google-cloud-logging-bom to v3.15.0 ([#​5973](https://togithub.com/googleapis/java-cloud-bom/issues/5973)) ([6b5e212](https://togithub.com/googleapis/java-cloud-bom/commit/6b5e21232feb9b44fa9943ac7efb78544d88cae0)) - update dependency com.google.cloud:google-cloud-logging-bom to v3.15.1 ([#​5983](https://togithub.com/googleapis/java-cloud-bom/issues/5983)) ([ab7420a](https://togithub.com/googleapis/java-cloud-bom/commit/ab7420a3e05b121c4a4f12d0ef1a0029aa116738)) - update dependency com.google.cloud:google-cloud-logging-logback to v0.130.12-alpha ([#​5987](https://togithub.com/googleapis/java-cloud-bom/issues/5987)) ([903db64](https://togithub.com/googleapis/java-cloud-bom/commit/903db645e4cc353cfdf4bf1f2ddc03de0c029bba)) - update dependency com.google.cloud:google-cloud-nio to v0.126.15 ([#​5980](https://togithub.com/googleapis/java-cloud-bom/issues/5980)) ([c30c6db](https://togithub.com/googleapis/java-cloud-bom/commit/c30c6db9a14ed16039f55cdb3ae53f736c300bda)) - update dependency com.google.cloud:google-cloud-pubsub-bom to v1.123.12 ([#​5984](https://togithub.com/googleapis/java-cloud-bom/issues/5984)) ([f0c8b46](https://togithub.com/googleapis/java-cloud-bom/commit/f0c8b46d8003d9eabd72f99e37a3c0e66cd00521)) - update dependency com.google.cloud:google-cloud-pubsublite-bom to v1.12.5 ([#​5988](https://togithub.com/googleapis/java-cloud-bom/issues/5988)) ([d537c53](https://togithub.com/googleapis/java-cloud-bom/commit/d537c532eef156625281e4bf8ef4712c97af4ebb)) - update dependency com.google.cloud:google-cloud-spanner-bom to v6.42.0 ([#​5991](https://togithub.com/googleapis/java-cloud-bom/issues/5991)) ([530dc1b](https://togithub.com/googleapis/java-cloud-bom/commit/530dc1b7358b980dad755d1fe4624e0f46c89f4d)) - update dependency com.google.cloud:google-cloud-spanner-jdbc to v2.9.16 ([#​5985](https://togithub.com/googleapis/java-cloud-bom/issues/5985)) ([f47314a](https://togithub.com/googleapis/java-cloud-bom/commit/f47314a7f5590983a0b3ebb1c0394aa2572fa94a)) - update dependency com.google.cloud:google-cloud-storage-bom to v2.22.2 ([#​5978](https://togithub.com/googleapis/java-cloud-bom/issues/5978)) ([f61a097](https://togithub.com/googleapis/java-cloud-bom/commit/f61a097ee841ec5176f797c86a4f60ba519110bb)) ### [`v26.14.0`](https://togithub.com/googleapis/java-cloud-bom/blob/HEAD/CHANGELOG.md#26140-2023-05-02) [Compare Source](https://togithub.com/googleapis/java-cloud-bom/compare/v26.13.0...v26.14.0) ##### Dependencies - update dependency com.google.cloud:first-party-dependencies to v3.8.0 ([#​5943](https://togithub.com/googleapis/java-cloud-bom/issues/5943)) ([a21b99b](https://togithub.com/googleapis/java-cloud-bom/commit/a21b99bfb952b3a8387a02bf69c755b8f987b88c)) - update dependency com.google.cloud:gapic-libraries-bom to v1.10.0 ([#​5949](https://togithub.com/googleapis/java-cloud-bom/issues/5949)) ([86615dd](https://togithub.com/googleapis/java-cloud-bom/commit/86615dd3713b75f0f9e3c13e14722ea18ef9869d)) - update dependency com.google.cloud:google-cloud-bigquery to v2.25.0 ([#​5958](https://togithub.com/googleapis/java-cloud-bom/issues/5958)) ([1589569](https://togithub.com/googleapis/java-cloud-bom/commit/1589569398ac0f52e0ab0588e1dad0c872197d93)) - update dependency com.google.cloud:google-cloud-bigquerystorage-bom to v2.36.1 ([#​5948](https://togithub.com/googleapis/java-cloud-bom/issues/5948)) ([48d7962](https://togithub.com/googleapis/java-cloud-bom/commit/48d7962fd5d3d075c0bef4490970a19a3a025da5)) - update dependency com.google.cloud:google-cloud-bigtable-bom to v2.21.0 ([#​5953](https://togithub.com/googleapis/java-cloud-bom/issues/5953)) ([4477816](https://togithub.com/googleapis/java-cloud-bom/commit/4477816136ad21dd116febf87e141ccab9491379)) - update dependency com.google.cloud:google-cloud-bigtable-bom to v2.22.0 ([#​5966](https://togithub.com/googleapis/java-cloud-bom/issues/5966)) ([3ebccb6](https://togithub.com/googleapis/java-cloud-bom/commit/3ebccb64233350248ddc8db16dcab01e20c009f8)) - update dependency com.google.cloud:google-cloud-datastore-bom to v2.14.5 ([#​5945](https://togithub.com/googleapis/java-cloud-bom/issues/5945)) ([9c88e22](https://togithub.com/googleapis/java-cloud-bom/commit/9c88e2244ecdb285aeb55879c1f329cd7d797487)) - update dependency com.google.cloud:google-cloud-firestore-bom to v3.10.0 ([#​5965](https://togithub.com/googleapis/java-cloud-bom/issues/5965)) ([3c34d63](https://togithub.com/googleapis/java-cloud-bom/commit/3c34d63e89e39c3043137d4c1be4ce0ad95e2775)) - update dependency com.google.cloud:google-cloud-firestore-bom to v3.9.6 ([#​5944](https://togithub.com/googleapis/java-cloud-bom/issues/5944)) ([82a8435](https://togithub.com/googleapis/java-cloud-bom/commit/82a84356e440e00c16cb5928ec802239b31d3151)) - update dependency com.google.cloud:google-cloud-logging-bom to v3.14.9 ([#​5947](https://togithub.com/googleapis/java-cloud-bom/issues/5947)) ([9f7a645](https://togithub.com/googleapis/java-cloud-bom/commit/9f7a645b75ac24a3e5f5973ae267e16676f314e9)) - update dependency com.google.cloud:google-cloud-logging-logback to v0.130.11-alpha ([#​5954](https://togithub.com/googleapis/java-cloud-bom/issues/5954)) ([4c1e32c](https://togithub.com/googleapis/java-cloud-bom/commit/4c1e32c21c912a94846671f69d22cd9b5144d84b)) - update dependency com.google.cloud:google-cloud-nio to v0.126.14 ([#​5955](https://togithub.com/googleapis/java-cloud-bom/issues/5955)) ([866a0fe](https://togithub.com/googleapis/java-cloud-bom/commit/866a0fe28eb1ae9dcdaa6dd08617d90493bc1a62)) - update dependency com.google.cloud:google-cloud-pubsub-bom to v1.123.11 ([#​5952](https://togithub.com/googleapis/java-cloud-bom/issues/5952)) ([4a2a6ce](https://togithub.com/googleapis/java-cloud-bom/commit/4a2a6ce2972a30809cdc0647b716021fc4b6484b)) - update dependency com.google.cloud:google-cloud-pubsublite-bom to v1.12.4 ([#​5956](https://togithub.com/googleapis/java-cloud-bom/issues/5956)) ([865229e](https://togithub.com/googleapis/java-cloud-bom/commit/865229e9c951d7f99f5d372ef8d1978887bb6a18)) - update dependency com.google.cloud:google-cloud-spanner-bom to v6.41.0 ([#​5959](https://togithub.com/googleapis/java-cloud-bom/issues/5959)) ([7c07f17](https://togithub.com/googleapis/java-cloud-bom/commit/7c07f174e1580f2e52536af23e49aef482db96dc)) - update dependency com.google.cloud:google-cloud-spanner-jdbc to v2.9.13 ([#​5957](https://togithub.com/googleapis/java-cloud-bom/issues/5957)) ([bd5c9db](https://togithub.com/googleapis/java-cloud-bom/commit/bd5c9db91de214fa67dee7dcc3644c2e67a7e06b)) - update dependency com.google.cloud:google-cloud-spanner-jdbc to v2.9.14 ([#​5964](https://togithub.com/googleapis/java-cloud-bom/issues/5964)) ([d36fff1](https://togithub.com/googleapis/java-cloud-bom/commit/d36fff18b0d0ca894dd1a2c1eada50ad87c29d1a)) - update dependency com.google.cloud:google-cloud-storage-bom to v2.22.1 ([#​5946](https://togithub.com/googleapis/java-cloud-bom/issues/5946)) ([c5ed86b](https://togithub.com/googleapis/java-cloud-bom/commit/c5ed86be206459fbca0b52cf2adc4f1d8bac421f)) - update dependency com.google.googlejavaformat:google-java-format to v1.17.0 ([#​5963](https://togithub.com/googleapis/java-cloud-bom/issues/5963)) ([6579e69](https://togithub.com/googleapis/java-cloud-bom/commit/6579e69e0c00e8c8fa9fc2edaea8988b0ee43ba7)) ### [`v26.13.0`](https://togithub.com/googleapis/java-cloud-bom/blob/HEAD/CHANGELOG.md#26130-2023-04-20) [Compare Source](https://togithub.com/googleapis/java-cloud-bom/compare/v26.12.0...v26.13.0) ##### Dependencies - update dependency com.google.cloud:first-party-dependencies to v3.7.0 ([#​5917](https://togithub.com/googleapis/java-cloud-bom/issues/5917)) ([46cbbfa](https://togithub.com/googleapis/java-cloud-bom/commit/46cbbfadda5ba334dc6a4228024a61e8a9588cd7)) - update dependency com.google.cloud:gapic-libraries-bom to v1.9.0 ([#​5927](https://togithub.com/googleapis/java-cloud-bom/issues/5927)) ([49303bd](https://togithub.com/googleapis/java-cloud-bom/commit/49303bdf07fe4a709d515d1cbd3ef1fa083373af)) - update dependency com.google.cloud:google-cloud-bigquery to v2.24.5 ([#​5926](https://togithub.com/googleapis/java-cloud-bom/issues/5926)) ([6ecfd47](https://togithub.com/googleapis/java-cloud-bom/commit/6ecfd47c1ecf83f4b4f996c48ccc0d23df994719)) - update dependency com.google.cloud:google-cloud-bigquerystorage-bom to v2.35.0 ([#​5925](https://togithub.com/googleapis/java-cloud-bom/issues/5925)) ([181cf7a](https://togithub.com/googleapis/java-cloud-bom/commit/181cf7aed06b5e875c8c1750d50e4023a5f8bee0)) - update dependency com.google.cloud:google-cloud-bigtable-bom to v2.20.4 ([#​5932](https://togithub.com/googleapis/java-cloud-bom/issues/5932)) ([d5ef51c](https://togithub.com/googleapis/java-cloud-bom/commit/d5ef51c2b1b48aef8eff8683029239c14a57fad3)) - update dependency com.google.cloud:google-cloud-datastore-bom to v2.14.3 ([#​5923](https://togithub.com/googleapis/java-cloud-bom/issues/5923)) ([82e1036](https://togithub.com/googleapis/java-cloud-bom/commit/82e10369bf430faf72a98487a5ce5267b5ae668f)) - update dependency com.google.cloud:google-cloud-firestore-bom to v3.9.4 ([#​5918](https://togithub.com/googleapis/java-cloud-bom/issues/5918)) ([cc6a30d](https://togithub.com/googleapis/java-cloud-bom/commit/cc6a30d6de77e6ef822b2f8ee0d1f3688c51c9e5)) - update dependency com.google.cloud:google-cloud-logging-bom to v3.14.8 ([#​5933](https://togithub.com/googleapis/java-cloud-bom/issues/5933)) ([5451255](https://togithub.com/googleapis/java-cloud-bom/commit/54512558b4f71b9af0e0fc69d034a1927265be95)) - update dependency com.google.cloud:google-cloud-logging-logback to v0.130.10-alpha ([#​5941](https://togithub.com/googleapis/java-cloud-bom/issues/5941)) ([d7bf039](https://togithub.com/googleapis/java-cloud-bom/commit/d7bf03917289e7bfdccfb6164738d4fa3306a7cc)) - update dependency com.google.cloud:google-cloud-nio to v0.126.13 ([#​5919](https://togithub.com/googleapis/java-cloud-bom/issues/5919)) ([28f172d](https://togithub.com/googleapis/java-cloud-bom/commit/28f172de4b72988623f07b5af3f427ecb10917ac)) - update dependency com.google.cloud:google-cloud-pubsub-bom to v1.123.10 ([#​5934](https://togithub.com/googleapis/java-cloud-bom/issues/5934)) ([0fb277c](https://togithub.com/googleapis/java-cloud-bom/commit/0fb277c0adff79513ab79bc6c1fd3db2a3f4a054)) - update dependency com.google.cloud:google-cloud-pubsub-bom to v1.123.9 ([#​5924](https://togithub.com/googleapis/java-cloud-bom/issues/5924)) ([59ea6f0](https://togithub.com/googleapis/java-cloud-bom/commit/59ea6f0d2aa4e69e36c71ea56284b17a59305004)) - update dependency com.google.cloud:google-cloud-pubsublite-bom to v1.12.3 ([#​5935](https://togithub.com/googleapis/java-cloud-bom/issues/5935)) ([bf9ed0c](https://togithub.com/googleapis/java-cloud-bom/commit/bf9ed0cd480a19eaf295a482badcc96f22950526)) - update dependency com.google.cloud:google-cloud-spanner-bom to v6.40.1 ([#​5916](https://togithub.com/googleapis/java-cloud-bom/issues/5916)) ([94b5c34](https://togithub.com/googleapis/java-cloud-bom/commit/94b5c3458e792c91ae7f0fc26a283cfc10219a86)) - update dependency com.google.cloud:google-cloud-spanner-jdbc to v2.9.12 ([#​5940](https://togithub.com/googleapis/java-cloud-bom/issues/5940)) ([7c53255](https://togithub.com/googleapis/java-cloud-bom/commit/7c5325546bc7630b0c65a2b317660298286a3f50)) - update dependency com.google.cloud:google-cloud-storage-bom to v2.22.0 ([#​5920](https://togithub.com/googleapis/java-cloud-bom/issues/5920)) ([21507fd](https://togithub.com/googleapis/java-cloud-bom/commit/21507fded910de06fe9dfaf5aa432f6bad60fcb9)) ### [`v26.12.0`](https://togithub.com/googleapis/java-cloud-bom/blob/HEAD/CHANGELOG.md#26120-2023-04-04) [Compare Source](https://togithub.com/googleapis/java-cloud-bom/compare/v26.11.0...v26.12.0) ##### Dependencies - update dependency com.google.cloud:first-party-dependencies to v3.6.0 ([#​5893](https://togithub.com/googleapis/java-cloud-bom/issues/5893)) ([1b6e4d0](https://togithub.com/googleapis/java-cloud-bom/commit/1b6e4d08838827942d1dd3cccc6e6b715e7aef1e)) - update dependency com.google.cloud:gapic-libraries-bom to v1.8.0 ([#​5902](https://togithub.com/googleapis/java-cloud-bom/issues/5902)) ([2a292e0](https://togithub.com/googleapis/java-cloud-bom/commit/2a292e0d17e773d6a32b51f0c791bf50198ae87a)) - update dependency com.google.cloud:google-cloud-bigquery to v2.24.3 ([#​5890](https://togithub.com/googleapis/java-cloud-bom/issues/5890)) ([278f74a](https://togithub.com/googleapis/java-cloud-bom/commit/278f74aa5139e5304556c2dfdb81e96a75066938)) - update dependency com.google.cloud:google-cloud-bigquery to v2.24.4 ([#​5901](https://togithub.com/googleapis/java-cloud-bom/issues/5901)) ([14687f6](https://togithub.com/googleapis/java-cloud-bom/commit/14687f6199509bdede2eaee41fea1942bb40b849)) - update dependency com.google.cloud:google-cloud-bigquerystorage-bom to v2.34.2 ([#​5900](https://togithub.com/googleapis/java-cloud-bom/issues/5900)) ([34de054](https://togithub.com/googleapis/java-cloud-bom/commit/34de05450df961a00e302fd6276e2fdc8f94f835)) - update dependency com.google.cloud:google-cloud-bigtable-bom to v2.20.2 ([#​5904](https://togithub.com/googleapis/java-cloud-bom/issues/5904)) ([fe66de5](https://togithub.com/googleapis/java-cloud-bom/commit/fe66de5dc2c50fb45710543fa1b417cc9a0cd48e)) - update dependency com.google.cloud:google-cloud-bigtable-bom to v2.20.3 ([#​5905](https://togithub.com/googleapis/java-cloud-bom/issues/5905)) ([970fdea](https://togithub.com/googleapis/java-cloud-bom/commit/970fdea74455b004cf23dbeb2d8a072616ef9fd3)) - update dependency com.google.cloud:google-cloud-datastore-bom to v2.14.2 ([#​5899](https://togithub.com/googleapis/java-cloud-bom/issues/5899)) ([7dd6048](https://togithub.com/googleapis/java-cloud-bom/commit/7dd6048b2f888ab2d39df54096f7848c5bd5976a)) - update dependency com.google.cloud:google-cloud-firestore-bom to v3.9.3 ([#​5897](https://togithub.com/googleapis/java-cloud-bom/issues/5897)) ([046528f](https://togithub.com/googleapis/java-cloud-bom/commit/046528f66480fa84d2095098f8a4f0dee0f81e41)) - update dependency com.google.cloud:google-cloud-logging-bom to v3.14.7 ([#​5894](https://togithub.com/googleapis/java-cloud-bom/issues/5894)) ([f6820a1](https://togithub.com/googleapis/java-cloud-bom/commit/f6820a186666416a8e004845884d3b168f9d6609)) - update dependency com.google.cloud:google-cloud-logging-logback to v0.130.9-alpha ([#​5895](https://togithub.com/googleapis/java-cloud-bom/issues/5895)) ([1af16aa](https://togithub.com/googleapis/java-cloud-bom/commit/1af16aa657c6a5ecfd2fc118c6c806b8937dd27e)) - update dependency com.google.cloud:google-cloud-nio to v0.126.11 ([#​5910](https://togithub.com/googleapis/java-cloud-bom/issues/5910)) ([85f14a3](https://togithub.com/googleapis/java-cloud-bom/commit/85f14a3ec6ff117413d5fd8e1a056efb73a42864)) - update dependency com.google.cloud:google-cloud-pubsub-bom to v1.123.8 ([#​5909](https://togithub.com/googleapis/java-cloud-bom/issues/5909)) ([bb4a0c6](https://togithub.com/googleapis/java-cloud-bom/commit/bb4a0c62b68dd8063ece2ce8b06a0958f001d59e)) - update dependency com.google.cloud:google-cloud-pubsublite-bom to v1.12.2 ([#​5911](https://togithub.com/googleapis/java-cloud-bom/issues/5911)) ([d168583](https://togithub.com/googleapis/java-cloud-bom/commit/d168583255a4978ae06ccc8e3ce0321b21ce54f1)) - update dependency com.google.cloud:google-cloud-spanner-bom to v6.38.2 ([#​5896](https://togithub.com/googleapis/java-cloud-bom/issues/5896)) ([5b82b21](https://togithub.com/googleapis/java-cloud-bom/commit/5b82b218bf39181c33d65580e02b583fdbb52e93)) - update dependency com.google.cloud:google-cloud-spanner-jdbc to v2.9.11 ([#​5898](https://togithub.com/googleapis/java-cloud-bom/issues/5898)) ([e6061a6](https://togithub.com/googleapis/java-cloud-bom/commit/e6061a6f4f13c2d5c2dec4266c3f73e6b72c037a)) - update dependency com.google.cloud:google-cloud-storage-bom to v2.21.0 ([#​5908](https://togithub.com/googleapis/java-cloud-bom/issues/5908)) ([a3f8081](https://togithub.com/googleapis/java-cloud-bom/commit/a3f80819ed3fbd385129a9b184b8c79b936e1136)) ### [`v26.11.0`](https://togithub.com/googleapis/java-cloud-bom/blob/HEAD/CHANGELOG.md#26110-2023-03-23) [Compare Source](https://togithub.com/googleapis/java-cloud-bom/compare/v26.10.0...v26.11.0) ##### Dependencies - update dependency com.google.cloud:first-party-dependencies to v3.5.0 ([#​5874](https://togithub.com/googleapis/java-cloud-bom/issues/5874)) ([2f4599b](https://togithub.com/googleapis/java-cloud-bom/commit/2f4599bef728b73229f95c85a1d8449b52b30c00)) - update dependency com.google.cloud:gapic-libraries-bom to v1.7.0 ([#​5875](https://togithub.com/googleapis/java-cloud-bom/issues/5875)) ([ed472fe](https://togithub.com/googleapis/java-cloud-bom/commit/ed472fe76c6d12f8b1d6503d0e337f94d6d43516)) - update dependency com.google.cloud:google-cloud-bigquery to v2.23.2 ([#​5865](https://togithub.com/googleapis/java-cloud-bom/issues/5865)) ([8c5bd59](https://togithub.com/googleapis/java-cloud-bom/commit/8c5bd59c461a0c57378015fb4b5c1391ebefcf69)) - update dependency com.google.cloud:google-cloud-bigquery to v2.24.2 ([#​5884](https://togithub.com/googleapis/java-cloud-bom/issues/5884)) ([1b2eea1](https://togithub.com/googleapis/java-cloud-bom/commit/1b2eea166fd1e1e2b4e5e7d502aac635d309738a)) - update dependency com.google.cloud:google-cloud-bigquerystorage-bom to v2.34.1 ([#​5868](https://togithub.com/googleapis/java-cloud-bom/issues/5868)) ([c60ffa4](https://togithub.com/googleapis/java-cloud-bom/commit/c60ffa43d93b45b094a1af91a285b7556b57de26)) - update dependency com.google.cloud:google-cloud-bigtable-bom to v2.20.1 ([#​5880](https://togithub.com/googleapis/java-cloud-bom/issues/5880)) ([cf42c6b](https://togithub.com/googleapis/java-cloud-bom/commit/cf42c6bf55a99e4094a968f6ea697ab89e8a742e)) - update dependency com.google.cloud:google-cloud-datastore-bom to v2.14.0 ([#​5864](https://togithub.com/googleapis/java-cloud-bom/issues/5864)) ([9ae94ed](https://togithub.com/googleapis/java-cloud-bom/commit/9ae94ed147232faf8c4756deb596c1ff556f1612)) - update dependency com.google.cloud:google-cloud-datastore-bom to v2.14.1 ([#​5881](https://togithub.com/googleapis/java-cloud-bom/issues/5881)) ([2546fe0](https://togithub.com/googleapis/java-cloud-bom/commit/2546fe01944d9e68286fdecdefc3831e40eb5d14)) - update dependency com.google.cloud:google-cloud-firestore-bom to v3.9.2 ([#​5871](https://togithub.com/googleapis/java-cloud-bom/issues/5871)) ([599df32](https://togithub.com/googleapis/java-cloud-bom/commit/599df32950ad79668aff1385ad0066d41ef0c0a4)) - update dependency com.google.cloud:google-cloud-logging-bom to v3.14.6 ([#​5882](https://togithub.com/googleapis/java-cloud-bom/issues/5882)) ([5215757](https://togithub.com/googleapis/java-cloud-bom/commit/5215757a4ebfc01faa96e56f0088d9ea5623de11)) - update dependency com.google.cloud:google-cloud-logging-logback to v0.130.8-alpha ([#​5883](https://togithub.com/googleapis/java-cloud-bom/issues/5883)) ([31d7713](https://togithub.com/googleapis/java-cloud-bom/commit/31d7713db8d34c239b35b8cbd92c4526964f921a)) - update dependency com.google.cloud:google-cloud-nio to v0.126.10 ([#​5887](https://togithub.com/googleapis/java-cloud-bom/issues/5887)) ([19d72f1](https://togithub.com/googleapis/java-cloud-bom/commit/19d72f1e6acac02748c5f106d96cbb7c798d9ae6)) - update dependency com.google.cloud:google-cloud-nio to v0.126.9 ([#​5872](https://togithub.com/googleapis/java-cloud-bom/issues/5872)) ([612761b](https://togithub.com/googleapis/java-cloud-bom/commit/612761bfea9037c2cf94bc2246cf339737a450ac)) - update dependency com.google.cloud:google-cloud-pubsub-bom to v1.123.7 ([#​5873](https://togithub.com/googleapis/java-cloud-bom/issues/5873)) ([60a0f32](https://togithub.com/googleapis/java-cloud-bom/commit/60a0f32e01b9c5a479032af0b21c38a098ddfe5e)) - update dependency com.google.cloud:google-cloud-pubsublite-bom to v1.12.0 ([#​5870](https://togithub.com/googleapis/java-cloud-bom/issues/5870)) ([bd313a8](https://togithub.com/googleapis/java-cloud-bom/commit/bd313a8dda2ba269ac1c196a0dd94de711aaac86)) - update dependency com.google.cloud:google-cloud-pubsublite-bom to v1.12.1 ([#​5885](https://togithub.com/googleapis/java-cloud-bom/issues/5885)) ([82651c5](https://togithub.com/googleapis/java-cloud-bom/commit/82651c50b16e5bd14d1cd71348f6b47d54bfdce8)) - update dependency com.google.cloud:google-cloud-spanner-bom to v6.38.0 ([#​5877](https://togithub.com/googleapis/java-cloud-bom/issues/5877)) ([75c3096](https://togithub.com/googleapis/java-cloud-bom/commit/75c3096a828b50c181fb6428318e5c58621fe81a)) - update dependency com.google.cloud:google-cloud-spanner-jdbc to v2.9.9 ([#​5878](https://togithub.com/googleapis/java-cloud-bom/issues/5878)) ([55c452c](https://togithub.com/googleapis/java-cloud-bom/commit/55c452cdf7f67930f0f7ec2baf2e120e35740e4b)) - update dependency com.google.cloud:google-cloud-storage-bom to v2.20.2 ([#​5886](https://togithub.com/googleapis/java-cloud-bom/issues/5886)) ([6dd9180](https://togithub.com/googleapis/java-cloud-bom/commit/6dd9180883774cf33da24b6fff8d58e79fe9ee88)) ### [`v26.10.0`](https://togithub.com/googleapis/java-cloud-bom/blob/HEAD/CHANGELOG.md#26100-2023-03-08) [Compare Source](https://togithub.com/googleapis/java-cloud-bom/compare/v26.9.0...v26.10.0) ##### Dependencies - update dependency com.google.cloud:first-party-dependencies to v3.4.0 ([#​5842](https://togithub.com/googleapis/java-cloud-bom/issues/5842)) ([85791d8](https://togithub.com/googleapis/java-cloud-bom/commit/85791d88e358f04f2cc075f1f657f0826cfc49ee)) - update dependency com.google.cloud:gapic-libraries-bom to v1.6.0 ([#​5843](https://togithub.com/googleapis/java-cloud-bom/issues/5843)) ([a08cb16](https://togithub.com/googleapis/java-cloud-bom/commit/a08cb169cbe6a8a97dc210ef46b0e680b83f5427)) - update dependency com.google.cloud:google-cloud-bigquery to v2.23.1 ([#​5853](https://togithub.com/googleapis/java-cloud-bom/issues/5853)) ([c8de59a](https://togithub.com/googleapis/java-cloud-bom/commit/c8de59a529ce970424fdf1abca4ea5f14cf16b52)) - update dependency com.google.cloud:google-cloud-bigquerystorage-bom to v2.33.0 ([#​5844](https://togithub.com/googleapis/java-cloud-bom/issues/5844)) ([dbc3e5c](https://togithub.com/googleapis/java-cloud-bom/commit/dbc3e5c977b4c321f3f526bd4bba58003d5c5fa5)) - update dependency com.google.cloud:google-cloud-bigquerystorage-bom to v2.33.1 ([#​5851](https://togithub.com/googleapis/java-cloud-bom/issues/5851)) ([e7a0c60](https://togithub.com/googleapis/java-cloud-bom/commit/e7a0c60ee8be28728616e6462b77a7ded14caa30)) - update dependency com.google.cloud:google-cloud-bigtable-bom to v2.20.0 ([#​5852](https://togithub.com/googleapis/java-cloud-bom/issues/5852)) ([b31ffc4](https://togithub.com/googleapis/java-cloud-bom/commit/b31ffc492c82ea2517e41c5d33059149bd3a8fe7)) - update dependency com.google.cloud:google-cloud-datastore-bom to v2.13.6 ([#​5848](https://togithub.com/googleapis/java-cloud-bom/issues/5848)) ([a4ed804](https://togithub.com/googleapis/java-cloud-bom/commit/a4ed80434f5bc4a7702b4da6786b886ad8d51a4c)) - update dependency com.google.cloud:google-cloud-firestore-bom to v3.8.2 ([#​5849](https://togithub.com/googleapis/java-cloud-bom/issues/5849)) ([05816f3](https://togithub.com/googleapis/java-cloud-bom/commit/05816f399d61cb033cc24cd75763891f64fbb5b2)) - update dependency com.google.cloud:google-cloud-firestore-bom to v3.9.0 ([#​5862](https://togithub.com/googleapis/java-cloud-bom/issues/5862)) ([dee70c2](https://togithub.com/googleapis/java-cloud-bom/commit/dee70c247151dfb40ae88413cf9a910dbb5f1dcf)) - update dependency com.google.cloud:google-cloud-logging-bom to v3.14.5 ([#​5850](https://togithub.com/googleapis/java-cloud-bom/issues/5850)) ([b3854b6](https://togithub.com/googleapis/java-cloud-bom/commit/b3854b6d6944a4d004f8df090c214036b044e764)) - update dependency com.google.cloud:google-cloud-logging-logback to v0.130.6-alpha ([#​5846](https://togithub.com/googleapis/java-cloud-bom/issues/5846)) ([d7f14e3](https://togithub.com/googleapis/java-cloud-bom/commit/d7f14e389a0bfa5671ddfcfc06d51cc70c8cb36f)) - update dependency com.google.cloud:google-cloud-logging-logback to v0.130.7-alpha ([#​5854](https://togithub.com/googleapis/java-cloud-bom/issues/5854)) ([0a33a34](https://togithub.com/googleapis/java-cloud-bom/commit/0a33a34ec234190f1c958cc7a2afcb2dbb64a03c)) - update dependency com.google.cloud:google-cloud-nio to v0.126.8 ([#​5860](https://togithub.com/googleapis/java-cloud-bom/issues/5860)) ([f30d7a7](https://togithub.com/googleapis/java-cloud-bom/commit/f30d7a731910f2738526a9e81a2b3690b881a06e)) - update dependency com.google.cloud:google-cloud-pubsub-bom to v1.123.4 ([#​5840](https://togithub.com/googleapis/java-cloud-bom/issues/5840)) ([a8f9751](https://togithub.com/googleapis/java-cloud-bom/commit/a8f975110ececaaa3587782eb07f0c216820c808)) - update dependency com.google.cloud:google-cloud-pubsub-bom to v1.123.5 ([#​5855](https://togithub.com/googleapis/java-cloud-bom/issues/5855)) ([5e19876](https://togithub.com/googleapis/java-cloud-bom/commit/5e198762430f66a620a796963edb64fa144c389d)) - update dependency com.google.cloud:google-cloud-pubsublite-bom to v1.11.2 ([#​5859](https://togithub.com/googleapis/java-cloud-bom/issues/5859)) ([757b61f](https://togithub.com/googleapis/java-cloud-bom/commit/757b61f8278c42846bde5a1bd36b5b95f0f1aa38)) - update dependency com.google.cloud:google-cloud-spanner-bom to v6.37.0 ([#​5856](https://togithub.com/googleapis/java-cloud-bom/issues/5856)) ([76e01f9](https://togithub.com/googleapis/java-cloud-bom/commit/76e01f965d8854d02a220c0bc27f152df783d05d)) - update dependency com.google.cloud:google-cloud-spanner-jdbc to v2.9.8 ([#​5857](https://togithub.com/googleapis/java-cloud-bom/issues/5857)) ([217277d](https://togithub.com/googleapis/java-cloud-bom/commit/217277dcbfe4f70f1017a15d1ffdadfe8bcbce6a)) - update dependency com.google.cloud:google-cloud-storage-bom to v2.20.1 ([#​5861](https://togithub.com/googleapis/java-cloud-bom/issues/5861)) ([254fb97](https://togithub.com/googleapis/java-cloud-bom/commit/254fb97ae388225a6fcbcccbb8d86b7e49e84547)) - update dependency com.google.googlejavaformat:google-java-format to v1.16.0 ([#​5841](https://togithub.com/googleapis/java-cloud-bom/issues/5841)) ([5e174d6](https://togithub.com/googleapis/java-cloud-bom/commit/5e174d655410c9354a7080df96deb955363200df)) - update dependency org.codehaus.plexus:plexus-utils to v3.5.1 ([#​5845](https://togithub.com/googleapis/java-cloud-bom/issues/5845)) ([b6ec90a](https://togithub.com/googleapis/java-cloud-bom/commit/b6ec90ac0089a98d1a36ff7e6034ebfda298f659)) ### [`v26.9.0`](https://togithub.com/googleapis/java-cloud-bom/blob/HEAD/CHANGELOG.md#2690-2023-02-22) [Compare Source](https://togithub.com/googleapis/java-cloud-bom/compare/v26.8.0...v26.9.0) ##### Dependencies - update dependency com.google.cloud:first-party-dependencies to v3.3.0 ([#​5824](https://togithub.com/googleapis/java-cloud-bom/issues/5824)) ([3db6ecd](https://togithub.com/googleapis/java-cloud-bom/commit/3db6ecdc788a34e87e62d26cb97db70387e2e296)) - update dependency com.google.cloud:gapic-libraries-bom to v1.5.0 ([#​5825](https://togithub.com/googleapis/java-cloud-bom/issues/5825)) ([ab635c7](https://togithub.com/googleapis/java-cloud-bom/commit/ab635c7f06ebb32807c94189076ab21247f79c39)) - update dependency com.google.cloud:google-cloud-bigquery to v2.23.0 ([#​5837](https://togithub.com/googleapis/java-cloud-bom/issues/5837)) ([7a264e6](https://togithub.com/googleapis/java-cloud-bom/commit/7a264e662caa63541d778ffc561539ca3ff99f27)) - update dependency com.google.cloud:google-cloud-bigquerystorage-bom to v2.32.0 ([#​5821](https://togithub.com/googleapis/java-cloud-bom/issues/5821)) ([f3a37ef](https://togithub.com/googleapis/java-cloud-bom/commit/f3a37ef17e17d8a5892531300fcc331af869db64)) - update dependency com.google.cloud:google-cloud-bigquerystorage-bom to v2.32.1 ([#​5835](https://togithub.com/googleapis/java-cloud-bom/issues/5835)) ([ffceb48](https://togithub.com/googleapis/java-cloud-bom/commit/ffceb481df81c00f87b52c4fa985be7a42640e50)) - update dependency com.google.cloud:google-cloud-bigtable-bom to v2.19.2 ([#​5823](https://togithub.com/googleapis/java-cloud-bom/issues/5823)) ([27c7606](https://togithub.com/googleapis/java-cloud-bom/commit/27c760639a57dc9f553936822afdae9884343106)) - update dependency com.google.cloud:google-cloud-datastore-bom to v2.13.5 ([#​5828](https://togithub.com/googleapis/java-cloud-bom/issues/5828)) ([9aa4bda](https://togithub.com/googleapis/java-cloud-bom/commit/9aa4bda998bc1d770c14bfa067a09f362c070b5b)) - update dependency com.google.cloud:google-cloud-firestore-bom to v3.8.1 ([#​5822](https://togithub.com/googleapis/java-cloud-bom/issues/5822)) ([29e2b5a](https://togithub.com/googleapis/java-cloud-bom/commit/29e2b5a99fa1f0cbb7388d43ccf438406362805d)) - update dependency com.google.cloud:google-cloud-logging-bom to v3.14.4 ([#​5829](https://togithub.com/googleapis/java-cloud-bom/issues/5829)) ([04f7556](https://togithub.com/googleapis/java-cloud-bom/commit/04f755657dd15cb79e2ce27cb267ffdbdd20bafc)) - update dependency com.google.cloud:google-cloud-logging-logback to v0.130.5-alpha ([#​5830](https://togithub.com/googleapis/java-cloud-bom/issues/5830)) ([48996e4](https://togithub.com/googleapis/java-cloud-bom/commit/48996e4fca9c94cede51406e461709ccedfd565a)) - update dependency com.google.cloud:google-cloud-nio to v0.126.6 ([#​5831](https://togithub.com/googleapis/java-cloud-bom/issues/5831)) ([f4ccf74](https://togithub.com/googleapis/java-cloud-bom/commit/f4ccf74f0e484d07a887a011fdc0dbbbe27a1893)) - update dependency com.google.cloud:google-cloud-pubsub-bom to v1.123.3 ([#​5836](https://togithub.com/googleapis/java-cloud-bom/issues/5836)) ([2583e4f](https://togithub.com/googleapis/java-cloud-bom/commit/2583e4fbb6f44db9263fce466bd76c2e053d73a3)) - update dependency com.google.cloud:google-cloud-pubsublite-bom to v1.11.1 ([#​5826](https://togithub.com/googleapis/java-cloud-bom/issues/5826)) ([8e6a811](https://togithub.com/googleapis/java-cloud-bom/commit/8e6a8114fae2a1c4c8704944a03c719283ecbc6f)) - update dependency com.google.cloud:google-cloud-spanner-bom to v6.36.1 ([#​5827](https://togithub.com/googleapis/java-cloud-bom/issues/5827)) ([0c68c8b](https://togithub.com/googleapis/java-cloud-bom/commit/0c68c8bfd6b3637d0925cb7440e38f6f295fde24)) - update dependency com.google.cloud:google-cloud-spanner-jdbc to v2.9.7 ([#​5815](https://togithub.com/googleapis/java-cloud-bom/issues/5815)) ([6dc0bbb](https://togithub.com/googleapis/java-cloud-bom/commit/6dc0bbb1908d3f306ee9224148e6fb1ff00ef9ad)) - update dependency com.google.cloud:google-cloud-storage-bom to v2.19.0 ([#​5832](https://togithub.com/googleapis/java-cloud-bom/issues/5832)) ([41003bc](https://togithub.com/googleapis/java-cloud-bom/commit/41003bc1b0b0f13ecf69e7c0250d5dcb9a1d9617))
--- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/googleapis/google-auth-library-java). --- samples/snippets/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/samples/snippets/pom.xml b/samples/snippets/pom.xml index 277198c87..78481cdae 100644 --- a/samples/snippets/pom.xml +++ b/samples/snippets/pom.xml @@ -30,7 +30,7 @@ com.google.cloud libraries-bom - 26.8.0 + 26.19.0 pom import From cc26863045eead29a7664ab54c003a171554b88e Mon Sep 17 00:00:00 2001 From: Mend Renovate Date: Tue, 25 Jul 2023 21:04:15 +0200 Subject: [PATCH 58/61] chore(deps): update dependency org.apache.maven.plugins:maven-source-plugin to v3.3.0 (#1258) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [org.apache.maven.plugins:maven-source-plugin](https://maven.apache.org/plugins/) | `3.2.1` -> `3.3.0` | [![age](https://developer.mend.io/api/mc/badges/age/maven/org.apache.maven.plugins:maven-source-plugin/3.3.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/maven/org.apache.maven.plugins:maven-source-plugin/3.3.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/maven/org.apache.maven.plugins:maven-source-plugin/3.2.1/3.3.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/maven/org.apache.maven.plugins:maven-source-plugin/3.2.1/3.3.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/googleapis/google-auth-library-java). --- pom.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pom.xml b/pom.xml index 07b9f8ab0..caca0ec9d 100644 --- a/pom.xml +++ b/pom.xml @@ -157,7 +157,7 @@ org.apache.maven.plugins maven-source-plugin - 3.2.1 + 3.3.0 attach-sources @@ -384,7 +384,7 @@ org.apache.maven.plugins maven-source-plugin - 3.2.1 + 3.3.0 attach-sources From a6925ca857f08a5f2afd4e7590a05387c64b5920 Mon Sep 17 00:00:00 2001 From: Mend Renovate Date: Tue, 25 Jul 2023 21:08:16 +0200 Subject: [PATCH 59/61] chore(deps): update dependency org.apache.maven.plugins:maven-gpg-plugin to v3.1.0 (#1257) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [org.apache.maven.plugins:maven-gpg-plugin](https://maven.apache.org/plugins/) | `3.0.1` -> `3.1.0` | [![age](https://developer.mend.io/api/mc/badges/age/maven/org.apache.maven.plugins:maven-gpg-plugin/3.1.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/maven/org.apache.maven.plugins:maven-gpg-plugin/3.1.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/maven/org.apache.maven.plugins:maven-gpg-plugin/3.0.1/3.1.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/maven/org.apache.maven.plugins:maven-gpg-plugin/3.0.1/3.1.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/googleapis/google-auth-library-java). --- bom/pom.xml | 2 +- pom.xml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/bom/pom.xml b/bom/pom.xml index 4849c7bd8..71cd8820d 100644 --- a/bom/pom.xml +++ b/bom/pom.xml @@ -122,7 +122,7 @@ org.apache.maven.plugins maven-gpg-plugin - 3.0.1 + 3.1.0 sign-artifacts diff --git a/pom.xml b/pom.xml index caca0ec9d..449510ff4 100644 --- a/pom.xml +++ b/pom.xml @@ -410,7 +410,7 @@ org.apache.maven.plugins maven-gpg-plugin - 3.0.1 + 3.1.0 sign-artifacts From d10722b4830a1c86213ed52ea3a72520b1eeaa42 Mon Sep 17 00:00:00 2001 From: Mend Renovate Date: Tue, 25 Jul 2023 21:14:17 +0200 Subject: [PATCH 60/61] chore(deps): update dependency org.junit.vintage:junit-vintage-engine to v5.10.0 (#1147) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [org.junit.vintage:junit-vintage-engine](https://junit.org/junit5/) ([source](https://togithub.com/junit-team/junit5)) | `5.9.1` -> `5.10.0` | [![age](https://developer.mend.io/api/mc/badges/age/maven/org.junit.vintage:junit-vintage-engine/5.10.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/maven/org.junit.vintage:junit-vintage-engine/5.10.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/maven/org.junit.vintage:junit-vintage-engine/5.9.1/5.10.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/maven/org.junit.vintage:junit-vintage-engine/5.9.1/5.10.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/googleapis/google-auth-library-java). --- oauth2_http/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/oauth2_http/pom.xml b/oauth2_http/pom.xml index b532435dc..0b04d6cb4 100644 --- a/oauth2_http/pom.xml +++ b/oauth2_http/pom.xml @@ -29,7 +29,7 @@ org.junit.vintage junit-vintage-engine - 5.9.1 + 5.10.0 test From 701cebaccfa9dd4b24225f4f895f6800a43b7046 Mon Sep 17 00:00:00 2001 From: Mend Renovate Date: Tue, 25 Jul 2023 21:20:14 +0200 Subject: [PATCH 61/61] chore(deps): update dependency org.apache.maven.plugins:maven-checkstyle-plugin to v3.3.0 (#1126) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [org.apache.maven.plugins:maven-checkstyle-plugin](https://maven.apache.org/plugins/) | `3.2.0` -> `3.3.0` | [![age](https://developer.mend.io/api/mc/badges/age/maven/org.apache.maven.plugins:maven-checkstyle-plugin/3.3.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/maven/org.apache.maven.plugins:maven-checkstyle-plugin/3.3.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/maven/org.apache.maven.plugins:maven-checkstyle-plugin/3.2.0/3.3.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/maven/org.apache.maven.plugins:maven-checkstyle-plugin/3.2.0/3.3.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/googleapis/google-auth-library-java). --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 449510ff4..c8cbb27fe 100644 --- a/pom.xml +++ b/pom.xml @@ -246,7 +246,7 @@ org.apache.maven.plugins maven-checkstyle-plugin - 3.2.0 + 3.3.0 checkstyle