Skip to content

Commit 63d8a27

Browse files
daniel-sanchedaniel-sanche
committed
Merge branch 'main' into remove-rsa-dependency
2 parents e587b28 + 0387bb9 commit 63d8a27

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

60 files changed

+4455
-370
lines changed

.github/.OwlBot.lock.yaml

Lines changed: 0 additions & 17 deletions
This file was deleted.

.github/.OwlBot.yaml

Lines changed: 0 additions & 18 deletions
This file was deleted.

.github/CODEOWNERS

Lines changed: 23 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -4,27 +4,27 @@
44
# For syntax help see:
55
# https://help.github.com/en/github/creating-cloning-and-archiving-repositories/about-code-owners#codeowners-syntax
66

7-
# The @googleapis/googleapis-auth and @googleapis/yoshi-python is the default owner for changes in this repo
8-
* @googleapis/googleapis-auth @googleapis/yoshi-python
9-
google/auth/_default.py @googleapis/googleapis-auth @googleapis/aion-sdk
10-
google/auth/aws.py @googleapis/googleapis-auth @googleapis/aion-sdk
11-
google/auth/credentials.py @googleapis/googleapis-auth @googleapis/aion-sdk
12-
google/auth/downscoped.py @googleapis/googleapis-auth @googleapis/aion-sdk
13-
google/auth/external_account.py @googleapis/googleapis-auth @googleapis/aion-sdk
14-
google/auth/external_account_authorized_user.py @googleapis/googleapis-auth @googleapis/aion-sdk
15-
google/auth/identity_pool.py @googleapis/googleapis-auth @googleapis/aion-sdk
16-
google/auth/pluggable.py @googleapis/googleapis-auth @googleapis/aion-sdk
17-
google/auth/sts.py @googleapis/googleapis-auth @googleapis/aion-sdk
18-
google/auth/impersonated_credentials.py @googleapis/googleapis-auth @googleapis/aion-sdk
19-
tests/test__default.py @googleapis/googleapis-auth @googleapis/aion-sdk
20-
tests/test_aws.py @googleapis/googleapis-auth @googleapis/aion-sdk
21-
tests/test_credentials.py @googleapis/googleapis-auth @googleapis/aion-sdk
22-
tests/test_downscoped.py @googleapis/googleapis-auth @googleapis/aion-sdk
23-
tests/test_external_account.py @googleapis/googleapis-auth @googleapis/aion-sdk
24-
tests/test_external_account_authorized_user.py @googleapis/googleapis-auth @googleapis/aion-sdk
25-
tests/test_identity_pool.py @googleapis/googleapis-auth @googleapis/aion-sdk
26-
tests/test_pluggable.py @googleapis/googleapis-auth @googleapis/aion-sdk
27-
tests/test_sts.py @googleapis/googleapis-auth @googleapis/aion-sdk
28-
tests/test_impersonated_credentials.py @googleapis/googleapis-auth @googleapis/aion-sdk
29-
/samples/ @googleapis/googleapis-auth @googleapis/aion-sdk @googleapis/python-samples-owners
7+
# The @googleapis/googleapis-auth and @googleapis/python-core-client-libraries is the default owner for changes in this repo
8+
* @googleapis/googleapis-auth @googleapis/python-core-client-libraries
9+
google/auth/_default.py @googleapis/googleapis-auth @googleapis/aion-sdk @googleapis/python-core-client-libraries
10+
google/auth/aws.py @googleapis/googleapis-auth @googleapis/aion-sdk @googleapis/python-core-client-libraries
11+
google/auth/credentials.py @googleapis/googleapis-auth @googleapis/aion-sdk @googleapis/python-core-client-libraries
12+
google/auth/downscoped.py @googleapis/googleapis-auth @googleapis/aion-sdk @googleapis/python-core-client-libraries
13+
google/auth/external_account.py @googleapis/googleapis-auth @googleapis/aion-sdk @googleapis/python-core-client-libraries
14+
google/auth/external_account_authorized_user.py @googleapis/googleapis-auth @googleapis/aion-sdk @googleapis/python-core-client-libraries
15+
google/auth/identity_pool.py @googleapis/googleapis-auth @googleapis/aion-sdk @googleapis/python-core-client-libraries
16+
google/auth/pluggable.py @googleapis/googleapis-auth @googleapis/aion-sdk @googleapis/python-core-client-libraries
17+
google/auth/sts.py @googleapis/googleapis-auth @googleapis/aion-sdk @googleapis/python-core-client-libraries
18+
google/auth/impersonated_credentials.py @googleapis/googleapis-auth @googleapis/aion-sdk @googleapis/python-core-client-libraries
19+
tests/test__default.py @googleapis/googleapis-auth @googleapis/aion-sdk @googleapis/python-core-client-libraries
20+
tests/test_aws.py @googleapis/googleapis-auth @googleapis/aion-sdk @googleapis/python-core-client-libraries
21+
tests/test_credentials.py @googleapis/googleapis-auth @googleapis/aion-sdk @googleapis/python-core-client-libraries
22+
tests/test_downscoped.py @googleapis/googleapis-auth @googleapis/aion-sdk @googleapis/python-core-client-libraries
23+
tests/test_external_account.py @googleapis/googleapis-auth @googleapis/aion-sdk @googleapis/python-core-client-libraries
24+
tests/test_external_account_authorized_user.py @googleapis/googleapis-auth @googleapis/aion-sdk @googleapis/python-core-client-libraries
25+
tests/test_identity_pool.py @googleapis/googleapis-auth @googleapis/aion-sdk @googleapis/python-core-client-libraries
26+
tests/test_pluggable.py @googleapis/googleapis-auth @googleapis/aion-sdk @googleapis/python-core-client-libraries
27+
tests/test_sts.py @googleapis/googleapis-auth @googleapis/aion-sdk @googleapis/python-core-client-libraries
28+
tests/test_impersonated_credentials.py @googleapis/googleapis-auth @googleapis/aion-sdk @googleapis/python-core-client-libraries
29+
/samples/ @googleapis/googleapis-auth @googleapis/aion-sdk @googleapis/python-samples-owners @googleapis/python-core-client-libraries
3030
system_tests/secrets.tar.enc # Remove noise from test creds.

.github/release-please.yml

Lines changed: 0 additions & 2 deletions
This file was deleted.

.github/release-trigger.yml

Lines changed: 0 additions & 1 deletion
This file was deleted.

.kokoro/presubmit/system-3.7.cfg renamed to .kokoro/presubmit/system-3.10.cfg

File renamed without changes.

.librarian/config.yaml

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,6 @@
1+
global_files_allowlist:
2+
# Allow the container to read and write the root `CHANGELOG.md`
3+
# file during the `release` step to update the latest client library
4+
# versions which are hardcoded in the file.
5+
- path: "CHANGELOG.md"
6+
permissions: "read-write"

.librarian/state.yaml

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,11 @@
1+
image: us-central1-docker.pkg.dev/cloud-sdk-librarian-prod/images-prod/python-librarian-generator:latest
2+
libraries:
3+
- id: google-auth
4+
version: 2.43.0
5+
last_generated_commit: 102d9f92ac6ed649a61efd9b208e4d1de278e9bb
6+
apis: []
7+
source_roots:
8+
- .
9+
preserve_regex: []
10+
remove_regex: []
11+
tag_format: v{version}

CHANGELOG.md

Lines changed: 91 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,97 @@
44

55
[1]: https://pypi.org/project/google-auth/#history
66

7+
## [2.43.0](https://github.com/googleapis/google-cloud-python/compare/google-auth-v2.42.1...google-auth-v2.43.0) (2025-11-05)
8+
9+
10+
### Features
11+
12+
* Add public wrapper for _mtls_helper.check_use_client_cert which enables mTLS if GOOGLE_API_USE_CLIENT_CERTIFICATE is not set, when the MWID/X.509 cert sources detected (#1859) Add public wrapper for check_use_client_cert which enables mTLS if
13+
GOOGLE_API_USE_CLIENT_CERTIFICATE is not set, when the MWID/X.509 cert
14+
sources detected. Also, fix check_use_client_cert to return boolean
15+
value.
16+
Change #1848 added the check_use_client_cert method that helps know if
17+
client cert should be used for mTLS connection. However, that was in a
18+
private class, thus, created a public wrapper of the same function so
19+
that it can be used by python Client Libraries. Also, updated
20+
check_use_client_cert to return a boolean value instead of existing
21+
string value for better readability and future scope.
22+
--------- ([1535eccbff0ad8f3fd6a9775316ac8b77dca66ba](https://github.com/googleapis/google-cloud-python/commit/1535eccbff0ad8f3fd6a9775316ac8b77dca66ba))
23+
* Enable mTLS if GOOGLE_API_USE_CLIENT_CERTIFICATE is not set, if the MWID/X.509 cert sources detected (#1848) The Python SDK will use a hybrid approach for mTLS enablement:
24+
- If the GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable is set
25+
(either true or false), the SDK will respect that setting. This is
26+
necessary for test scenarios and users who need to explicitly control
27+
mTLS behavior.
28+
- If the GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable is not
29+
set, the SDK will automatically enable mTLS only if it detects Managed
30+
Workload Identity (MWID) or X.509 Workforce Identity Federation (WIF)
31+
certificate sources. In other cases where the variable is not set, mTLS
32+
will remain disabled.
33+
** This change also adds the helper method `check_use_client_cert` and
34+
it's unit test, which will be used for checking the criteria for setting
35+
the mTLS to true
36+
** This change is only for Auth-Library, other changes will be created
37+
for Client-Library use-cases.
38+
--------- ([395e405b64b56ddb82ee639958c2e8056ad2e82b](https://github.com/googleapis/google-cloud-python/commit/395e405b64b56ddb82ee639958c2e8056ad2e82b))
39+
* onboard `google-auth` to librarian (#1838) This PR onboards `google-auth` library to the Librarian system.
40+
Wait for
41+
https://github.com/googleapis/google-auth-library-python/pull/1819. ([c503eaa511357d7a76cc1e1f1d3a3be2dabd5bca](https://github.com/googleapis/google-cloud-python/commit/c503eaa511357d7a76cc1e1f1d3a3be2dabd5bca))
42+
43+
## [2.42.1](https://github.com/googleapis/google-auth-library-python/compare/v2.42.0...v2.42.1) (2025-10-30)
44+
45+
46+
### Bug Fixes
47+
48+
* Catch ValueError for json.loads() ([#1842](https://github.com/googleapis/google-auth-library-python/issues/1842)) ([b074cad](https://github.com/googleapis/google-auth-library-python/commit/b074cad460589633adfc6744c01726ae86f2aa2b))
49+
50+
## [2.42.0](https://github.com/googleapis/google-auth-library-python/compare/v2.41.1...v2.42.0) (2025-10-24)
51+
52+
53+
### Features
54+
55+
* Add trust boundary support for external accounts. ([#1809](https://github.com/googleapis/google-auth-library-python/issues/1809)) ([36ecb1d](https://github.com/googleapis/google-auth-library-python/commit/36ecb1d65883477d27faf9c2281fc289659b9903))
56+
57+
58+
### Bug Fixes
59+
60+
* Read scopes from ADC json for impersoanted cred ([#1820](https://github.com/googleapis/google-auth-library-python/issues/1820)) ([62c0fc8](https://github.com/googleapis/google-auth-library-python/commit/62c0fc82a3625542381f85c698595446fc99ddae))
61+
62+
## [2.41.1](https://github.com/googleapis/google-auth-library-python/compare/v2.41.0...v2.41.1) (2025-09-30)
63+
64+
65+
### Bug Fixes
66+
67+
* Suppress deprecation warning for ADC ([#1815](https://github.com/googleapis/google-auth-library-python/issues/1815)) ([751ce3f](https://github.com/googleapis/google-auth-library-python/commit/751ce3f625eb24029e9f0c59c081bdd3e18eb583))
68+
69+
## [2.41.0](https://github.com/googleapis/google-auth-library-python/compare/v2.40.3...v2.41.0) (2025-09-29)
70+
71+
72+
### Features
73+
74+
* Add support for cachetools 6.0 ([#1773](https://github.com/googleapis/google-auth-library-python/issues/1773)) ([af18060](https://github.com/googleapis/google-auth-library-python/commit/af18060d521baf86c219d66a26631decb3b28e79))
75+
* Add trust boundary support for service accounts and impersonation. ([#1778](https://github.com/googleapis/google-auth-library-python/issues/1778)) ([99be2ce](https://github.com/googleapis/google-auth-library-python/commit/99be2ce19401296718f880c7a80cd2e841df78bf))
76+
77+
78+
### Bug Fixes
79+
80+
* Deprecating [load_credentials_from_dict](https://googleapis.dev/python/google-auth/latest/reference/google.auth.html#google.auth.load_credentials_from_dict) ([58b66ec](https://github.com/googleapis/google-auth-library-python/commit/58b66ec8069bfe5304c7da512fe89a8e838ce1ca))
81+
* Deprecating [load_credentials_from_file](https://googleapis.dev/python/google-auth/latest/reference/google.auth.html#google.auth.load_credentials_from_file) ([58b66ec](https://github.com/googleapis/google-auth-library-python/commit/58b66ec8069bfe5304c7da512fe89a8e838ce1ca))
82+
* Fix type error in credentials.py for python 3.7 and 3.8 ([#1805](https://github.com/googleapis/google-auth-library-python/issues/1805)) ([c30a6a7](https://github.com/googleapis/google-auth-library-python/commit/c30a6a781d3e385598a0ac28a370a7f4800010cc))
83+
84+
85+
### Documentation
86+
87+
* Update user guide to include x509 feature. ([#1802](https://github.com/googleapis/google-auth-library-python/issues/1802)) ([2d89ab4](https://github.com/googleapis/google-auth-library-python/commit/2d89ab4d85568564e1f462f5b463991ffd9b82b1))
88+
89+
## [2.40.3](https://github.com/googleapis/google-auth-library-python/compare/v2.40.2...v2.40.3) (2025-06-04)
90+
91+
92+
### Bug Fixes
93+
94+
* Auth fetch token from default endpoint ([#1779](https://github.com/googleapis/google-auth-library-python/issues/1779)) ([88891cc](https://github.com/googleapis/google-auth-library-python/commit/88891cc596640b0bb3a2891532e2d32f2c9f0ec3))
95+
* Remove unnecessary call to mds service ([#1769](https://github.com/googleapis/google-auth-library-python/issues/1769)) ([7c61c7d](https://github.com/googleapis/google-auth-library-python/commit/7c61c7d0a42ceec3eab693065745a74f524acab0))
96+
* Retry 504 errors ([#1767](https://github.com/googleapis/google-auth-library-python/issues/1767)) ([554f967](https://github.com/googleapis/google-auth-library-python/commit/554f967620da2b02e5d44ac7463dcc2407ace5dd))
97+
798
## [2.40.2](https://github.com/googleapis/google-auth-library-python/compare/v2.40.1...v2.40.2) (2025-05-21)
899

9100

0 commit comments

Comments
 (0)