Merge branch 'main' into owl-bot-update-lock-023a21377a2a00008057f99f0118edadc30a19d1636a3fee47189ebec2f3921c

Author: parthea

google/auth/transport/urllib3.py

@@ -34,13 +34,21 @@
 try:
     import urllib3  # type: ignore
     import urllib3.exceptions  # type: ignore
+    from packaging import version  # type: ignore
 except ImportError as caught_exc:  # pragma: NO COVER
     raise ImportError(
-        "The urllib3 library is not installed from please install the "
-        "urllib3 package to use the urllib3 transport."
+        ""
+        f"Error: {caught_exc}."
+        " The 'google-auth' library requires the extras installed "
+        "for urllib3 network transport."
+        "\n"
+        "Please install the necessary dependencies using pip:\n"
+        "  pip install google-auth[urllib3]\n"
+        "\n"
+        "(Note: Using '[urllib3]' ensures the specific dependencies needed for this feature are installed. "
+        "We recommend running this command in your virtual environment.)"
     ) from caught_exc
 
-from packaging import version  # type: ignore
 
 from google.auth import environment_vars
 from google.auth import exceptions
@@ -414,7 +422,7 @@ def urlopen(self, method, url, body=None, headers=None, **kwargs):
                 body=body,
                 headers=headers,
                 _credential_refresh_attempt=_credential_refresh_attempt + 1,
-                **kwargs
+                **kwargs,
             )
 
         return response

noxfile.py

@@ -89,8 +89,7 @@ def unit(session):
     constraints_path = str(
         CURRENT_DIRECTORY / "testing" / f"constraints-{session.python}.txt"
     )
-    session.install("-r", "testing/requirements.txt", "-c", constraints_path)
-    session.install("-e", ".", "-c", constraints_path)
+    session.install("-e", ".[testing]", "-c", constraints_path)
     session.run(
         "pytest",
         f"--junitxml=unit_{session.python}_sponge_log.xml",
@@ -105,8 +104,7 @@ def unit(session):
 
 @nox.session(python="3.8")
 def cover(session):
-    session.install("-r", "testing/requirements.txt")
-    session.install("-e", ".")
+    session.install("-e", ".[testing]")
     session.run(
         "pytest",
         "--cov=google.auth",
@@ -144,8 +142,7 @@ def docs(session):
 
 @nox.session(python="pypy")
 def pypy(session):
-    session.install("-r", "testing/requirements.txt")
-    session.install("-e", ".")
+    session.install("-e", ".[testing]")
     session.run(
         "pytest",
         f"--junitxml=unit_{session.python}_sponge_log.xml",

setup.py

@@ -27,13 +27,70 @@
     "rsa>=3.1.4,<5",
 )
 
+# TODO(https://github.com/googleapis/google-auth-library-python/issues/1737): Unit test fails with
+#  `No module named 'cryptography.hazmat.backends.openssl.x509' for Python 3.7``.
+cryptography_base_require = [
+    "cryptography >= 38.0.3",
+    "cryptography < 39.0.0; python_version < '3.8'",
+]
+
+requests_extra_require = ["requests >= 2.20.0, < 3.0.0"]
+
+aiohttp_extra_require = ["aiohttp >= 3.6.2, < 4.0.0", *requests_extra_require]
+
+pyjwt_extra_require = ["pyjwt>=2.0", *cryptography_base_require]
+
+reauth_extra_require = ["pyu2f>=0.1.5"]
+
+# TODO(https://github.com/googleapis/google-auth-library-python/issues/1738): Add bounds for cryptography and pyopenssl dependencies.
+enterprise_cert_extra_require = ["cryptography", "pyopenssl"]
+
+pyopenssl_extra_require = ["pyopenssl>=20.0.0", cryptography_base_require]
+
+# TODO(https://github.com/googleapis/google-auth-library-python/issues/1739): Add bounds for urllib3 and packaging dependencies.
+urllib3_extra_require = ["urllib3", "packaging"]
+
+# Unit test requirements.
+testing_extra_require = [
+    # TODO(https://github.com/googleapis/google-auth-library-python/issues/1735): Remove `grpcio` from testing requirements once an extra is added for `grpcio` dependency.
+    "grpcio",
+    "flask",
+    "freezegun",
+    "mock",
+    # TODO(https://github.com/googleapis/google-auth-library-python/issues/1736): Remove `oauth2client` from testing requirements once an extra is added for `oauth2client` dependency.
+    "oauth2client",
+    *pyjwt_extra_require,
+    "pytest",
+    "pytest-cov",
+    "pytest-localserver",
+    *pyopenssl_extra_require,
+    *reauth_extra_require,
+    "responses",
+    *urllib3_extra_require,
+    # Async Dependencies
+    *aiohttp_extra_require,
+    "aioresponses",
+    "pytest-asyncio",
+    # TODO(https://github.com/googleapis/google-auth-library-python/issues/1665): Remove the pinned version of pyopenssl
+    # once `TestDecryptPrivateKey::test_success` is updated to remove the deprecated `OpenSSL.crypto.sign` and
+    # `OpenSSL.crypto.verify` methods. See: https://www.pyopenssl.org/en/latest/changelog.html#id3.
+    "pyopenssl < 24.3.0",
+    # TODO(https://github.com/googleapis/google-auth-library-python/issues/1722): `test_aiohttp_requests` depend on
+    # aiohttp < 3.10.0 which is a bug. Investigate and remove the pinned aiohttp version.
+    "aiohttp < 3.10.0",
+]
+
 extras = {
-    "aiohttp": ["aiohttp >= 3.6.2, < 4.0.0.dev0", "requests >= 2.20.0, < 3.0.0.dev0"],
-    "pyopenssl": ["pyopenssl>=20.0.0", "cryptography>=38.0.3"],
-    "requests": "requests >= 2.20.0, < 3.0.0.dev0",
-    "reauth": "pyu2f>=0.1.5",
-    "enterprise_cert": ["cryptography", "pyopenssl"],
-    "pyjwt": ["pyjwt>=2.0", "cryptography>=38.0.3"],
+    "aiohttp": aiohttp_extra_require,
+    "enterprise_cert": enterprise_cert_extra_require,
+    "pyopenssl": pyopenssl_extra_require,
+    "pyjwt": pyjwt_extra_require,
+    "reauth": reauth_extra_require,
+    "requests": requests_extra_require,
+    "testing": testing_extra_require,
+    "urllib3": urllib3_extra_require,
+    # TODO(https://github.com/googleapis/google-auth-library-python/issues/1735): Add an extra for `grpcio` dependency.
+    # TODO(https://github.com/googleapis/google-auth-library-python/issues/1736): Add an extra for `oauth2client` dependency.
 }
 
 with io.open("README.rst", "r") as fh: