@@ -193,18 +193,38 @@ public static GoogleCredentials getApplicationDefault(HttpTransportFactory trans
193193 }
194194
195195 /**
196- * Returns credentials defined by a JSON file stream.
196+ * This method is obsolete because of a potential security risk. Use the credential specific load
197+ * method instead
198+ *
199+ * <p>Important: This method does not validate the credential configuration. A security risk holds
200+ * when a credential configuration is accepted from a source that is not under your control and
201+ * used without validation on your side.
202+ *
203+ * <p>If you know that you will be loading credential configurations of a specific type, it is
204+ * recommended to use a credential-type-specific `fromStream()` method. This will ensure that an
205+ * unexpected credential type with potential for malicious intent is not loaded unintentionally.
206+ * You might still have to do validation for certain credential types. Please follow the
207+ * recommendation for that method. For example, if you want to load only service accounts, you can
208+ * use: <code>
209+ * GoogleCredentials credentials = ServiceAccountCredentials.fromStream(json);
210+ * </code>. See {@link ServiceAccountCredentials#fromStream(InputStream, HttpTransportFactory)}.
211+ *
212+ * <p>If you are loading your credential configuration from an untrusted source and have not
213+ * mitigated the risks (e.g. by validating the configuration yourself), make these changes as soon
214+ * as possible to prevent security risks to your environment.
215+ *
216+ * <p>Regardless of the method used, it is always your responsibility to validate configurations
217+ * received from external sources.
218+ *
219+ * <p>See the {@link <a
220+ * href="https://cloud.google.com/docs/authentication/external/externally-sourced-credentials">documentation</a>}
221+ * for more details.
222+ *
223+ * <p>Returns credentials defined by a JSON file stream.
197224 *
198225 * <p>The stream can contain a Service Account key file in JSON format from the Google Developers
199226 * Console or a stored user credential using the format supported by the Cloud SDK.
200227 *
201- * <p>Important: If you accept a credential configuration (credential JSON/File/Stream) from an
202- * external source for authentication to Google Cloud Platform, you must validate it before
203- * providing it to any Google API or library. Providing an unvalidated credential configuration to
204- * Google APIs can compromise the security of your systems and data. For more information, refer
205- * to {@link <a
206- * href="https://cloud.google.com/docs/authentication/external/externally-sourced-credentials">documentation</a>}.
207- *
208228 * @param credentialsStream the stream with the credential definition.
209229 * @return the credential defined by the credentialsStream.
210230 * @throws IOException if the credential cannot be created from the stream.
@@ -216,21 +236,39 @@ public static GoogleCredentials fromStream(InputStream credentialsStream) throws
216236 }
217237
218238 /**
219- * Returns credentials defined by a JSON file stream.
239+ * This method is obsolete because of a potential security risk. Use the credential specific load
240+ * method instead
241+ *
242+ * <p>Important: This method does not validate the credential configuration. A security risk holds
243+ * when a credential configuration is accepted from a source that is not under your control and
244+ * used without validation on your side.
245+ *
246+ * <p>If you know that you will be loading credential configurations of a specific type, it is
247+ * recommended to use a credential-type-specific `fromStream()` method. This will ensure that an
248+ * unexpected credential type with potential for malicious intent is not loaded unintentionally.
249+ * You might still have to do validation for certain credential types. Please follow the
250+ * recommendation for that method. For example, if you want to load only service accounts, you can
251+ * use: <code>
252+ * GoogleCredentials credentials = ServiceAccountCredentials.fromStream(json);
253+ * </code>. See {@link ServiceAccountCredentials#fromStream(InputStream, HttpTransportFactory)}.
254+ *
255+ * <p>If you are loading your credential configuration from an untrusted source and have not
256+ * mitigated the risks (e.g. by validating the configuration yourself), make these changes as soon
257+ * as possible to prevent security risks to your environment.
258+ *
259+ * <p>Regardless of the method used, it is always your responsibility to validate configurations
260+ * received from external sources.
261+ *
262+ * <p>See the {@link <a
263+ * href="https://cloud.google.com/docs/authentication/external/externally-sourced-credentials">documentation</a>}
264+ * for more details.
265+ *
266+ * <p>Returns credentials defined by a JSON file stream.
220267 *
221268 * <p>The stream can contain a Service Account key file in JSON format from the Google Developers
222269 * Console or a stored user credential using the format supported by the Cloud SDK.
223270 *
224- * <p>Important: If you accept a credential configuration (credential JSON/File/Stream) from an
225- * external source for authentication to Google Cloud Platform, you must validate it before
226- * providing it to any Google API or library. Providing an unvalidated credential configuration to
227- * Google APIs can compromise the security of your systems and data. For more information, refer
228- * to {@link <a
229- * href="https://cloud.google.com/docs/authentication/external/externally-sourced-credentials">documentation</a>}.
230- *
231271 * @param credentialsStream the stream with the credential definition.
232- * @param transportFactory HTTP transport factory, creates the transport used to get access
233- * tokens.
234272 * @return the credential defined by the credentialsStream.
235273 * @throws IOException if the credential cannot be created from the stream.
236274 */
0 commit comments