[Git][java-team/google-auth-java][upstream] New upstream version 0.15.0
Olek Wojnar
gitlab at salsa.debian.org
Thu Jul 2 06:12:37 BST 2020
Olek Wojnar pushed to branch upstream at Debian Java Maintainers / google-auth-java
Commits:
d1112000 by Olek Wojnar at 2020-07-02T00:55:49-04:00
New upstream version 0.15.0
- - - - -
25 changed files:
- .kokoro/release/drop.sh
- .kokoro/release/promote.sh
- + .kokoro/release/publish_javadoc.cfg
- + .kokoro/release/publish_javadoc.sh
- .kokoro/release/stage.cfg
- .kokoro/release/stage.sh
- README.md
- appengine/java/com/google/auth/appengine/AppEngineCredentials.java
- appengine/pom.xml
- credentials/pom.xml
- oauth2_http/java/com/google/auth/oauth2/ClientId.java
- oauth2_http/java/com/google/auth/oauth2/CloudShellCredentials.java
- oauth2_http/java/com/google/auth/oauth2/ComputeEngineCredentials.java
- oauth2_http/java/com/google/auth/oauth2/GoogleCredentials.java
- oauth2_http/java/com/google/auth/oauth2/OAuth2Credentials.java
- oauth2_http/java/com/google/auth/oauth2/ServiceAccountCredentials.java
- oauth2_http/java/com/google/auth/oauth2/ServiceAccountJwtAccessCredentials.java
- oauth2_http/java/com/google/auth/oauth2/UserAuthorizer.java
- oauth2_http/java/com/google/auth/oauth2/UserCredentials.java
- oauth2_http/javatests/com/google/auth/oauth2/ComputeEngineCredentialsTest.java
- oauth2_http/javatests/com/google/auth/oauth2/GoogleCredentialsTest.java
- oauth2_http/javatests/com/google/auth/oauth2/MockMetadataServerTransport.java
- oauth2_http/pom.xml
- pom.xml
- versions.txt
Changes:
=====================================
.kokoro/release/drop.sh
=====================================
@@ -15,11 +15,18 @@
set -eo pipefail
+# STAGING_REPOSITORY_ID must be set
+if [ -z "${STAGING_REPOSITORY_ID}" ]; then
+ echo "Missing STAGING_REPOSITORY_ID environment variable"
+ exit 1
+fi
+
source $(dirname "$0")/common.sh
-MAVEN_SETTINGS_FILE=$(realpath $(dirname "$0")/../)/settings.xml
-pushd $(dirname "$0")/../
+pushd $(dirname "$0")/../../
setup_environment_secrets
create_settings_xml_file "settings.xml"
-mvn nexus-staging:drop -DperformRelease=true
\ No newline at end of file
+mvn nexus-staging:drop -B \
+ --settings=settings.xml \
+ -DstagingRepositoryId=${STAGING_REPOSITORY_ID}
=====================================
.kokoro/release/promote.sh
=====================================
@@ -15,11 +15,20 @@
set -eo pipefail
+# STAGING_REPOSITORY_ID must be set
+if [ -z "${STAGING_REPOSITORY_ID}" ]; then
+ echo "Missing STAGING_REPOSITORY_ID environment variable"
+ exit 1
+fi
+
source $(dirname "$0")/common.sh
-MAVEN_SETTINGS_FILE=$(realpath $(dirname "$0")/../)/settings.xml
-pushd $(dirname "$0")/../
+
+pushd $(dirname "$0")/../../
setup_environment_secrets
create_settings_xml_file "settings.xml"
-mvn nexus-staging:release -DperformRelease=true
+mvn nexus-staging:release -B \
+ -DperformRelease=true \
+ --settings=settings.xml \
+ -DstagingRepositoryId=${STAGING_REPOSITORY_ID}
=====================================
.kokoro/release/publish_javadoc.cfg
=====================================
@@ -0,0 +1,16 @@
+# Format: //devtools/kokoro/config/proto/build.proto
+
+env_vars: {
+ key: "TRAMPOLINE_BUILD_FILE"
+ value: "github/google-auth-library-java/.kokoro/release/publish_javadoc.sh"
+}
+
+env_vars: {
+ key: "LINK_LATEST"
+ value: "true"
+}
+
+env_vars: {
+ key: "BUCKET"
+ value: "gcloud-javadoc-testing"
+}
=====================================
.kokoro/release/publish_javadoc.sh
=====================================
@@ -0,0 +1,65 @@
+#!/bin/bash
+# Copyright 2018, Google Inc. All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are
+# met:
+#
+# * Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+# * Redistributions in binary form must reproduce the above
+# copyright notice, this list of conditions and the following disclaimer
+# in the documentation and/or other materials provided with the
+# distribution.
+#
+# * Neither the name of Google Inc. nor the names of its
+# contributors may be used to endorse or promote products derived from
+# this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+set -e
+
+if [[ -z "${BUCKET}" ]]; then
+ echo "Must set BUCKET environment variable"
+ exit 1
+fi
+
+pushd $(dirname "$0")/../../
+
+# Pull the library version from project properties
+VERSION=$(mvn org.apache.maven.plugins:maven-help-plugin:2.1.1:evaluate -Dexpression=project.version | grep -Ev '(^\[|\w+:)')
+
+case "${VERSION}" in
+ *-SNAPSHOT)
+ echo "Cannot publish javadoc for -SNAPSHOT versions"
+ exit 1
+ ;;
+ "")
+ echo "Could not obtain version number from maven-help-plugin."
+ exit 1
+ ;;
+esac
+
+# Generate the javadoc from scratch
+mvn clean install javadoc:aggregate -DskipTests=true -B
+
+# Sync the current version to gCS
+gsutil -m rsync -d target/site gs://${BUCKET}/java/google-auth-library-java/${VERSION}
+
+if [[ "${LINK_LATEST}" == "true" ]]; then
+ # Sync the current content to latest
+ gsutil -m rsync gs://${BUCKET}/java/google-auth-library-java/${VERSION} gs://${BUCKET}/java/google-auth-library-java/latest
+fi
+
+popd
=====================================
.kokoro/release/stage.cfg
=====================================
@@ -12,3 +12,13 @@ action {
strip_prefix: "github/google-auth-library-java"
}
}
+
+# Fetch the token needed for reporting release status to GitHub
+before_action {
+ fetch_keystore {
+ keystore_resource {
+ keystore_config_id: 73713
+ keyname: "yoshi-automation-github-key"
+ }
+ }
+}
=====================================
.kokoro/release/stage.sh
=====================================
@@ -15,6 +15,10 @@
set -eo pipefail
+# Start the releasetool reporter
+python3 -m pip install gcp-releasetool
+python3 -m releasetool publish-reporter-script > /tmp/publisher-script; source /tmp/publisher-script
+
source $(dirname "$0")/common.sh
MAVEN_SETTINGS_FILE=$(realpath $(dirname "$0")/../../)/settings.xml
pushd $(dirname "$0")/../../
=====================================
README.md
=====================================
@@ -34,7 +34,7 @@ If you are using Maven, add this to your pom.xml file (notice that you can repla
<dependency>
<groupId>com.google.auth</groupId>
<artifactId>google-auth-library-oauth2-http</artifactId>
- <version>0.12.0</version>
+ <version>0.15.0</version>
</dependency>
```
[//]: # ({x-version-update-end})
@@ -44,7 +44,7 @@ If you are using Gradle, add this to your dependencies
[//]: # ({x-version-update-start:google-auth-library-oauth2-http:released})
```Groovy
-compile 'com.google.auth:google-auth-library-oauth2-http:0.12.0'
+compile 'com.google.auth:google-auth-library-oauth2-http:0.15.0'
```
[//]: # ({x-version-update-end})
@@ -52,7 +52,7 @@ If you are using SBT, add this to your dependencies
[//]: # ({x-version-update-start:google-auth-library-oauth2-http:released})
```Scala
-libraryDependencies += "com.google.auth" % "google-auth-library-oauth2-http" % "0.12.0"
+libraryDependencies += "com.google.auth" % "google-auth-library-oauth2-http" % "0.15.0"
```
[//]: # ({x-version-update-end})
@@ -69,13 +69,13 @@ capable of signing byte arrays using the credentials associated to a Google Serv
## google-auth-library-appengine
This artifact depends on the App Engine SDK (`appengine-api-1.0-sdk`) and should be used only by
-applications running on App Engine. The `AppEngineCredentials` class allows to authorize your App
+applications running on App Engine. The `AppEngineCredentials` class allows you to authorize your App
Engine application given an instance of [AppIdentityService](https://cloud.google.com/appengine/docs/java/javadoc/com/google/appengine/api/appidentity/AppIdentityService).
You can install the App Engine SDK from Maven Central:
```bash
-$ mvn dependency:get -Dartifact=com.google.appengine:appengine-api-1.0-sdk:1.9.65
+$ mvn dependency:get -Dartifact=com.google.appengine:appengine-api-1.0-sdk:1.9.71
```
You can find [all available versions][appengine-sdk-versions] on Maven Central.
@@ -88,7 +88,7 @@ This artifact contains a wide variety of credentials as well as utility methods
to get Application Default Credentials.
Credentials classes contained in this artifact are:
- `CloudShellCredentials`: credentials for Google Cloud Shell built-in service account
-- `CloudShellCredentials`: credentials for Google Compute Engine built-in service account
+- `ComputeEngineCredentials`: credentials for Google Compute Engine built-in service account
- `OAuth2Credentials`: base class for OAuth2-based credentials
- `ServiceAccountCredentials`: credentials for a Service Account - use a JSON Web Token (JWT) to get
access tokens
=====================================
appengine/java/com/google/auth/appengine/AppEngineCredentials.java
=====================================
@@ -62,30 +62,7 @@ public class AppEngineCredentials extends GoogleCredentials implements ServiceAc
private transient AppIdentityService appIdentityService;
- /**
- * Create a new AppEngineCredential.
- *
- * @param scopes Collection of scopes to request.
- *
- * @deprecated Use {@link #newBuilder()} instead. This constructor will either be deleted or made
- * private in a later version.
- */
- @Deprecated
- public AppEngineCredentials(Collection<String> scopes) {
- this(scopes, null);
- }
-
- /**
- * Create a new AppEngineCredential.
- *
- * @param scopes Collection of scopes to request.
- * @param appIdentityService Custom service used for signing.
- *
- * @deprecated Use {@link #newBuilder()} instead. This constructor will either be deleted or made
- * private in a later version.
- */
- @Deprecated
- public AppEngineCredentials(Collection<String> scopes, AppIdentityService appIdentityService) {
+ private AppEngineCredentials(Collection<String> scopes, AppIdentityService appIdentityService) {
this.scopes = scopes == null ? ImmutableSet.<String>of() : ImmutableList.copyOf(scopes);
this.appIdentityService = appIdentityService != null ? appIdentityService
: AppIdentityServiceFactory.getAppIdentityService();
=====================================
appengine/pom.xml
=====================================
@@ -5,7 +5,7 @@
<parent>
<groupId>com.google.auth</groupId>
<artifactId>google-auth-library-parent</artifactId>
- <version>0.12.0</version><!-- {x-version-update:google-auth-library-parent:current} -->
+ <version>0.15.0</version><!-- {x-version-update:google-auth-library-parent:current} -->
<relativePath>../pom.xml</relativePath>
</parent>
=====================================
credentials/pom.xml
=====================================
@@ -5,7 +5,7 @@
<parent>
<groupId>com.google.auth</groupId>
<artifactId>google-auth-library-parent</artifactId>
- <version>0.12.0</version><!-- {x-version-update:google-auth-library-parent:current} -->
+ <version>0.15.0</version><!-- {x-version-update:google-auth-library-parent:current} -->
<relativePath>../pom.xml</relativePath>
</parent>
=====================================
oauth2_http/java/com/google/auth/oauth2/ClientId.java
=====================================
@@ -136,11 +136,8 @@ public class ClientId {
*
* @param clientId Text identifier of the Client ID.
* @param clientSecret Secret to associated with the Client ID.
- * @deprecated Use {@link #of(String, String)} instead. This constructor will either be deleted
- * or made private in a later version.
*/
- @Deprecated
- public ClientId(String clientId, String clientSecret) {
+ private ClientId(String clientId, String clientSecret) {
this.clientId = Preconditions.checkNotNull(clientId);
this.clientSecret = clientSecret;
}
=====================================
oauth2_http/java/com/google/auth/oauth2/CloudShellCredentials.java
=====================================
@@ -32,12 +32,13 @@
package com.google.auth.oauth2;
import com.google.api.client.json.JsonParser;
+import com.google.common.base.Charsets;
import com.google.common.base.MoreObjects;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
-import java.io.PrintWriter;
+import java.io.OutputStream;
import java.net.Socket;
import java.util.ArrayList;
import java.util.List;
@@ -54,36 +55,21 @@ public class CloudShellCredentials extends GoogleCredentials {
/**
* The Cloud Shell back authorization channel uses serialized
- * Javascript Protobufers, preceeded by the message length and a
+ * Javascript Protobuffers, preceded by the message length and a
* new line character. However, the request message has no content,
* so a token request consists of an empty JsPb, and its 2 character
- * lenth prefix.
+ * length prefix.
*/
protected final static String GET_AUTH_TOKEN_REQUEST = "2\n[]";
+ protected final static byte[] GET_AUTH_TOKEN_REQUEST_BYTES = (GET_AUTH_TOKEN_REQUEST + "\n").getBytes(Charsets.UTF_8);
private final int authPort;
- /**
- * @param authPort Authentication port.
- * @return The CloudShellCredentials.
- * @deprecated Use {@link #create(int)} instead. This method will be deleted in a later version.
- */
- @Deprecated
- public static CloudShellCredentials of(int authPort) {
- return create(authPort);
- }
-
public static CloudShellCredentials create(int authPort) {
return CloudShellCredentials.newBuilder().setAuthPort(authPort).build();
}
- /**
- * @param authPort Authentication port.
- * @deprecated Use {@link #create(int)} instead. This constructor will either be deleted or
- * made private in a later version.
- */
- @Deprecated
- public CloudShellCredentials(int authPort) {
+ private CloudShellCredentials(int authPort) {
this.authPort = authPort;
}
@@ -96,10 +82,9 @@ public class CloudShellCredentials extends GoogleCredentials {
Socket socket = new Socket("localhost", this.getAuthPort());
socket.setSoTimeout(READ_TIMEOUT_MS);
AccessToken token;
- try {
- PrintWriter out =
- new PrintWriter(socket.getOutputStream(), true);
- out.println(GET_AUTH_TOKEN_REQUEST);
+ try {
+ OutputStream os = socket.getOutputStream();
+ os.write(GET_AUTH_TOKEN_REQUEST_BYTES);
BufferedReader input =
new BufferedReader(new InputStreamReader(socket.getInputStream()));
=====================================
oauth2_http/java/com/google/auth/oauth2/ComputeEngineCredentials.java
=====================================
@@ -71,9 +71,9 @@ public class ComputeEngineCredentials extends GoogleCredentials implements Servi
private static final Logger LOGGER = Logger.getLogger(ComputeEngineCredentials.class.getName());
// Note: the explicit IP address is used to avoid name server resolution issues.
- static final String DEFAULT_METADATA_SERVER_URL = "http://169.254.169.254";
+ static final String DEFAULT_METADATA_SERVER_URL = "http://metadata.google.internal";
- static final String SIGN_BLOB_URL_FORMAT = "https://iam.googleapis.com/v1/projects/-/serviceAccounts/%s:signBlob?alt=json";
+ static final String SIGN_BLOB_URL_FORMAT = "https://iamcredentials.googleapis.com/v1/projects/-/serviceAccounts/%s:signBlob";
// Note: the explicit `timeout` and `tries` below is a workaround. The underlying
// issue is that resolving an unknown host on some networks will take
@@ -97,40 +97,13 @@ public class ComputeEngineCredentials extends GoogleCredentials implements Servi
private transient HttpTransportFactory transportFactory;
private transient String serviceAccountEmail;
- /**
- * Returns a credentials instance from the given transport factory
- *
- * @param transportFactory The Http transport factory
- * @return the credential instance
- * @deprecated Use {@link #newBuilder()} instead. This constructor will either be deleted or made
- * private in a later version.
- */
- @Deprecated
- public static ComputeEngineCredentials of(HttpTransportFactory transportFactory) {
- return ComputeEngineCredentials.newBuilder().setHttpTransportFactory(transportFactory).build();
- }
-
- /**
- * Create a new ComputeEngineCredentials instance with default behavior.
- *
- * @deprecated Use {@link #create()} instead. This constructor will either be deleted or
- * made private in a later version.
- */
- @Deprecated
- public ComputeEngineCredentials() {
- this(null);
- }
-
/**
* Constructor with overridden transport.
*
* @param transportFactory HTTP transport factory, creates the transport used to get access
* tokens.
- * @deprecated Use {@link #newBuilder()} instead. This constructor will either be deleted or made
- * private in a later version.
*/
- @Deprecated
- public ComputeEngineCredentials(HttpTransportFactory transportFactory) {
+ private ComputeEngineCredentials(HttpTransportFactory transportFactory) {
this.transportFactory = firstNonNull(transportFactory,
getFromServiceLoader(HttpTransportFactory.class, OAuth2Utils.HTTP_TRANSPORT_FACTORY));
this.transportFactoryClassName = this.transportFactory.getClass().getName();
@@ -222,10 +195,11 @@ public class ComputeEngineCredentials extends GoogleCredentials implements Servi
} catch (SocketTimeoutException expected) {
// Ignore logging timeouts which is the expected failure mode in non GCE environments.
} catch (IOException e) {
- LOGGER.log(
- Level.INFO, "Failed to detect whether we are running on Google Compute Engine.", e);
+ LOGGER.log(Level.FINE, "Encountered an unexpected exception when determining" +
+ " if we are running on Google Compute Engine.", e);
}
}
+ LOGGER.log(Level.INFO, "Failed to detect whether we are running on Google Compute Engine.");
return false;
}
@@ -309,7 +283,7 @@ public class ComputeEngineCredentials extends GoogleCredentials implements Servi
* @param toSign bytes to sign
* @return signed bytes
* @throws SigningException if the attempt to sign the provided bytes failed
- * @see <a href="https://cloud.google.com/iam/reference/rest/v1/projects.serviceAccounts/signBlob">Blob Signing</a>
+ * @see <a href="https://cloud.google.com/iam/credentials/reference/rest/v1/projects.serviceAccounts/signBlob">Blob Signing</a>
*/
@Override
public byte[] sign(byte[] toSign) {
@@ -328,7 +302,7 @@ public class ComputeEngineCredentials extends GoogleCredentials implements Servi
GenericUrl genericUrl = new GenericUrl(signBlobUrl);
GenericData signRequest = new GenericData();
- signRequest.set("bytesToSign", bytes);
+ signRequest.set("payload", bytes);
JsonHttpContent signContent = new JsonHttpContent(OAuth2Utils.JSON_FACTORY, signRequest);
HttpRequest request = transportFactory.create().createRequestFactory().buildPostRequest(genericUrl, signContent);
Map<String, List<String>> headers = getRequestMetadata();
@@ -361,7 +335,7 @@ public class ComputeEngineCredentials extends GoogleCredentials implements Servi
}
GenericData responseData = response.parseAs(GenericData.class);
- return OAuth2Utils.validateString(responseData, "signature", PARSE_ERROR_SIGNATURE);
+ return OAuth2Utils.validateString(responseData, "signedBlob", PARSE_ERROR_SIGNATURE);
}
private String getDefaultServiceAccount() throws IOException {
=====================================
oauth2_http/java/com/google/auth/oauth2/GoogleCredentials.java
=====================================
@@ -36,6 +36,7 @@ import com.google.api.client.json.JsonFactory;
import com.google.api.client.json.JsonObjectParser;
import com.google.api.client.util.Preconditions;
import com.google.auth.http.HttpTransportFactory;
+import com.google.common.collect.ImmutableList;
import java.io.IOException;
import java.io.InputStream;
@@ -54,19 +55,6 @@ public class GoogleCredentials extends OAuth2Credentials {
private static final DefaultCredentialsProvider defaultCredentialsProvider =
new DefaultCredentialsProvider();
- /**
- * Returns the credentials instance from the given access token.
- *
- * @param accessToken the access token
- * @return the credentials instance
- * @deprecated Use {@link #create(AccessToken)} instead. This method will be deleted in a later
- * version.
- */
- @Deprecated
- public static GoogleCredentials of(AccessToken accessToken) {
- return create(accessToken);
- }
-
/**
* Returns the credentials instance from the given access token.
*
@@ -189,11 +177,8 @@ public class GoogleCredentials extends OAuth2Credentials {
/**
* Constructor with explicit access token.
*
- * @param accessToken Initial or temporary access token.
- * @deprecated Use {@link #create(AccessToken)} instead. This constructor will either be deleted
- * or made protected/private in a later version.
- **/
- @Deprecated
+ * @param accessToken initial or temporary access token
+ */
public GoogleCredentials(AccessToken accessToken) {
super(accessToken);
}
@@ -227,6 +212,17 @@ public class GoogleCredentials extends OAuth2Credentials {
return this;
}
+ /**
+ * If the credentials support scopes, creates a copy of the the identity with the specified
+ * scopes; otherwise, returns the same instance.
+ *
+ * @param scopes Collection of scopes to request.
+ * @return GoogleCredentials with requested scopes.
+ */
+ public GoogleCredentials createScoped(String... scopes) {
+ return createScoped(ImmutableList.copyOf(scopes));
+ }
+
/**
* If the credentials support domain-wide delegation, creates a copy
* of the identity so that it impersonates the specified user;
=====================================
oauth2_http/java/com/google/auth/oauth2/OAuth2Credentials.java
=====================================
@@ -71,19 +71,6 @@ public class OAuth2Credentials extends Credentials {
@VisibleForTesting
transient Clock clock = Clock.SYSTEM;
- /**
- * Returns the credentials instance from the given access token.
- *
- * @param accessToken the access token
- * @return the credentials instance
- * @deprecated Use {@link #create(AccessToken)} instead. This method will be deleted in a later
- * version.
- */
- @Deprecated
- public static OAuth2Credentials of(AccessToken accessToken) {
- return create(accessToken);
- }
-
/**
* Returns the credentials instance from the given access token.
*
@@ -104,12 +91,9 @@ public class OAuth2Credentials extends Credentials {
/**
* Constructor with explicit access token.
*
- * @param accessToken Initial or temporary access token.
- * @deprecated Use {@link #create(AccessToken)} instead. This constructor will either be deleted
- * or made private in a later version.
+ * @param accessToken initial or temporary access token
**/
- @Deprecated
- public OAuth2Credentials(AccessToken accessToken) {
+ protected OAuth2Credentials(AccessToken accessToken) {
if (accessToken != null) {
useAccessToken(accessToken);
}
=====================================
oauth2_http/java/com/google/auth/oauth2/ServiceAccountCredentials.java
=====================================
@@ -102,47 +102,6 @@ public class ServiceAccountCredentials extends GoogleCredentials implements Serv
private transient HttpTransportFactory transportFactory;
- /**
- * Constructor with minimum identifying information.
- *
- * @param clientId Client ID of the service account from the console. May be null.
- * @param clientEmail Client email address of the service account from the console.
- * @param privateKey RSA private key object for the service account.
- * @param privateKeyId Private key identifier for the service account. May be null.
- * @param scopes Scope strings for the APIs to be called. May be null or an empty collection,
- * which results in a credential that must have createScoped called before use.
- * @deprecated Use {@link #newBuilder()} instead. This constructor will either be deleted or made
- * private in a later version.
- */
- @Deprecated
- public ServiceAccountCredentials(
- String clientId, String clientEmail, PrivateKey privateKey, String privateKeyId,
- Collection<String> scopes) {
- this(clientId, clientEmail, privateKey, privateKeyId, scopes, null, null, null, null);
- }
-
- /**
- * Constructor with minimum identifying information and custom HTTP transport.
- *
- * @param clientId Client ID of the service account from the console. May be null.
- * @param clientEmail Client email address of the service account from the console.
- * @param privateKey RSA private key object for the service account.
- * @param privateKeyId Private key identifier for the service account. May be null.
- * @param scopes Scope strings for the APIs to be called. May be null or an empty collection,
- * which results in a credential that must have createScoped called before use.
- * @param transportFactory HTTP transport factory, creates the transport used to get access
- * tokens.
- * @param tokenServerUri URI of the end point that provides tokens.
- * @deprecated Use {@link #newBuilder()} instead. This constructor will either be deleted or made
- * private in a later version.
- */
- @Deprecated
- public ServiceAccountCredentials(
- String clientId, String clientEmail, PrivateKey privateKey, String privateKeyId,
- Collection<String> scopes, HttpTransportFactory transportFactory, URI tokenServerUri) {
- this(clientId, clientEmail, privateKey, privateKeyId, scopes, transportFactory, tokenServerUri, null, null);
- }
-
/**
* Constructor with minimum identifying information and custom HTTP transport.
*
=====================================
oauth2_http/java/com/google/auth/oauth2/ServiceAccountJwtAccessCredentials.java
=====================================
@@ -120,11 +120,8 @@ public class ServiceAccountJwtAccessCredentials extends Credentials
* @param privateKey RSA private key object for the service account.
* @param privateKeyId Private key identifier for the service account. May be null.
* @param defaultAudience Audience to use if not provided by transport. May be null.
- * @deprecated Use {@link #newBuilder()} instead. This constructor will either be deleted or made
- * private in a later version.
*/
- @Deprecated
- public ServiceAccountJwtAccessCredentials(String clientId, String clientEmail,
+ private ServiceAccountJwtAccessCredentials(String clientId, String clientEmail,
PrivateKey privateKey, String privateKeyId, URI defaultAudience) {
this.clientId = clientId;
this.clientEmail = Preconditions.checkNotNull(clientEmail);
@@ -135,7 +132,7 @@ public class ServiceAccountJwtAccessCredentials extends Credentials
}
/**
- * Returns service account crentials defined by JSON using the format supported by the Google
+ * Returns service account credentials defined by JSON using the format supported by the Google
* Developers Console.
*
* @param json a map from the JSON representing the credentials.
=====================================
oauth2_http/java/com/google/auth/oauth2/UserAuthorizer.java
=====================================
@@ -69,52 +69,20 @@ public class UserAuthorizer {
private final URI tokenServerUri;
private final URI userAuthUri;
- /**
- * Constructor with minimal parameters.
- *
- * @param clientId Client ID to identify the OAuth2 consent prompt.
- * @param scopes OAUth2 scopes defining the user consent.
- * @param tokenStore Implementation of component for long term storage of tokens.
- * @deprecated Use {@link #newBuilder()} instead. This constructor will either be deleted or made
- * private in a later version.
- */
- @Deprecated
- public UserAuthorizer(ClientId clientId, Collection<String> scopes, TokenStore tokenStore) {
- this(clientId, scopes, tokenStore, null, null, null, null);
- }
-
- /**
- * Constructor with common parameters.
- *
- * @param clientId Client ID to identify the OAuth2 consent prompt.
- * @param scopes OAUth2 scopes defining the user consent.
- * @param tokenStore Implementation of component for long term storage of tokens.
- * @param callbackUri URI for implementation of the OAuth2 web callback.
- * @deprecated Use {@link #newBuilder()} instead. This constructor will either be deleted or made
- * private in a later version.
- */
- @Deprecated
- public UserAuthorizer(ClientId clientId, Collection<String> scopes, TokenStore tokenStore, URI callbackUri) {
- this(clientId, scopes, tokenStore, callbackUri, null, null, null);
- }
-
/**
* Constructor with all parameters.
*
- * @param clientId Client ID to identify the OAuth2 consent prompt.
- * @param scopes OAUth2 scopes defining the user consent.
- * @param tokenStore Implementation of a component for long term storage of tokens.
- * @param callbackUri URI for implementation of the OAuth2 web callback.
+ * @param clientId Client ID to identify the OAuth2 consent prompt
+ * @param scopes OAuth2 scopes defining the user consent
+ * @param tokenStore Implementation of a component for long term storage of tokens
+ * @param callbackUri URI for implementation of the OAuth2 web callback
* @param transportFactory HTTP transport factory, creates the transport used to get access
* tokens.
- * @param tokenServerUri URI of the end point that provides tokens.
- * @param userAuthUri URI of the Web UI for user consent.
- * @deprecated Use {@link #newBuilder()} instead. This constructor will either be deleted or made
- * private in a later version.
+ * @param tokenServerUri URI of the end point that provides tokens
+ * @param userAuthUri URI of the Web UI for user consent
*/
- @Deprecated
- public UserAuthorizer(ClientId clientId, Collection<String> scopes, TokenStore tokenStore,
- URI callbackUri, HttpTransportFactory transportFactory, URI tokenServerUri, URI userAuthUri) {
+ private UserAuthorizer(ClientId clientId, Collection<String> scopes, TokenStore tokenStore,
+ URI callbackUri, HttpTransportFactory transportFactory, URI tokenServerUri, URI userAuthUri) {
this.clientId = Preconditions.checkNotNull(clientId);
this.scopes = ImmutableList.copyOf(Preconditions.checkNotNull(scopes));
this.callbackUri = (callbackUri == null) ? DEFAULT_CALLBACK_URI : callbackUri;
=====================================
oauth2_http/java/com/google/auth/oauth2/UserCredentials.java
=====================================
@@ -74,37 +74,6 @@ public class UserCredentials extends GoogleCredentials {
private transient HttpTransportFactory transportFactory;
- /**
- * Constructor with minimum information and default behavior.
- *
- * @param clientId Client ID of the credential from the console.
- * @param clientSecret Client ID of the credential from the console.
- * @param refreshToken A refresh token resulting from a OAuth2 consent flow.
- * @deprecated Use {@link #newBuilder()} instead. This constructor will either be deleted or made
- * private in a later version.
- */
- @Deprecated
- public UserCredentials(String clientId, String clientSecret, String refreshToken) {
- this(clientId, clientSecret, refreshToken, null, null, null);
- }
-
- /**
- * Constructor to allow both refresh token and initial access token for 3LO scenarios.
- *
- * @param clientId Client ID of the credential from the console.
- * @param clientSecret Client ID of the credential from the console.
- * @param refreshToken A refresh token resulting from a OAuth2 consent flow.
- * @param accessToken Initial or temporary access token.
- * @deprecated Use {@link #newBuilder()} instead. This constructor will either be deleted or made
- * private in a later version.
- */
- @Deprecated
- public UserCredentials(
- String clientId, String clientSecret, String refreshToken, AccessToken accessToken) {
- this(clientId, clientSecret, refreshToken, accessToken, null, null);
- }
-
-
/**
* Constructor with all parameters allowing custom transport and server URL.
*
@@ -114,13 +83,10 @@ public class UserCredentials extends GoogleCredentials {
* @param accessToken Initial or temporary access token.
* @param transportFactory HTTP transport factory, creates the transport used to get access
* tokens.
- * @param tokenServerUri URI of the end point that provides tokens.
- * @deprecated Use {@link #newBuilder()} instead. This constructor will either be deleted or made
- * private in a later version.
+ * @param tokenServerUri URI of the end point that provides tokens
*/
- @Deprecated
- public UserCredentials(String clientId, String clientSecret, String refreshToken,
- AccessToken accessToken, HttpTransportFactory transportFactory, URI tokenServerUri) {
+ private UserCredentials(String clientId, String clientSecret, String refreshToken,
+ AccessToken accessToken, HttpTransportFactory transportFactory, URI tokenServerUri) {
super(accessToken);
this.clientId = Preconditions.checkNotNull(clientId);
this.clientSecret = Preconditions.checkNotNull(clientSecret);
=====================================
oauth2_http/javatests/com/google/auth/oauth2/ComputeEngineCredentialsTest.java
=====================================
@@ -108,11 +108,12 @@ public class ComputeEngineCredentialsTest extends BaseSerializationTest {
}
}
+ @Test
public void getRequestMetadata_serverError_throws() {
final String accessToken = "1/MkSJoj1xsli0AccessToken_NKPY2";
MockMetadataServerTransportFactory transportFactory = new MockMetadataServerTransportFactory();
transportFactory.transport.setAccessToken(accessToken);
- transportFactory.transport.setTokenRequestStatusCode(HttpStatusCodes.STATUS_CODE_NOT_FOUND);
+ transportFactory.transport.setTokenRequestStatusCode(HttpStatusCodes.STATUS_CODE_SERVER_ERROR);
ComputeEngineCredentials credentials =
ComputeEngineCredentials.newBuilder().setHttpTransportFactory(transportFactory).build();
try {
=====================================
oauth2_http/javatests/com/google/auth/oauth2/GoogleCredentialsTest.java
=====================================
@@ -31,6 +31,7 @@
package com.google.auth.oauth2;
+import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail;
@@ -39,6 +40,7 @@ import com.google.api.client.http.HttpTransport;
import com.google.api.client.testing.http.MockHttpTransport;
import com.google.auth.TestUtils;
import com.google.auth.http.HttpTransportFactory;
+import com.google.common.collect.ImmutableList;
import org.junit.Test;
import org.junit.runner.RunWith;
@@ -53,6 +55,7 @@ import java.util.Collection;
import java.util.Collections;
import java.util.List;
import java.util.Map;
+import java.util.concurrent.atomic.AtomicReference;
/**
* Test case for {@link GoogleCredentials}.
@@ -219,6 +222,25 @@ public class GoogleCredentialsTest {
testFromStreamException(userStream, "refresh_token");
}
+ @Test
+ public void createScoped_overloadCallsImplementation() {
+ final AtomicReference<Collection<String>> called = new AtomicReference<>();
+ final GoogleCredentials expectedScopedCredentials = new GoogleCredentials();
+
+ GoogleCredentials credentials = new GoogleCredentials() {
+ @Override
+ public GoogleCredentials createScoped(Collection<String> scopes) {
+ called.set(scopes);
+ return expectedScopedCredentials;
+ }
+ };
+
+ GoogleCredentials scopedCredentials = credentials.createScoped("foo", "bar");
+
+ assertEquals(expectedScopedCredentials, scopedCredentials);
+ assertEquals(ImmutableList.of("foo", "bar"), called.get());
+ }
+
private static void testFromStreamException(InputStream stream, String expectedMessageContent) {
try {
GoogleCredentials.fromStream(stream, DUMMY_TRANSPORT_FACTORY);
=====================================
oauth2_http/javatests/com/google/auth/oauth2/MockMetadataServerTransport.java
=====================================
@@ -140,7 +140,7 @@ public class MockMetadataServerTransport extends MockHttpTransport {
// Create the JSON response
GenericJson signContents = new GenericJson();
signContents.setFactory(OAuth2Utils.JSON_FACTORY);
- signContents.put("signature", BaseEncoding.base64().encode(signature));
+ signContents.put("signedBlob", BaseEncoding.base64().encode(signature));
String signature = signContents.toPrettyString();
=====================================
oauth2_http/pom.xml
=====================================
@@ -5,7 +5,7 @@
<parent>
<groupId>com.google.auth</groupId>
<artifactId>google-auth-library-parent</artifactId>
- <version>0.12.0</version><!-- {x-version-update:google-auth-library-parent:current} -->
+ <version>0.15.0</version><!-- {x-version-update:google-auth-library-parent:current} -->
<relativePath>../pom.xml</relativePath>
</parent>
=====================================
pom.xml
=====================================
@@ -10,12 +10,12 @@
<groupId>com.google.auth</groupId>
<artifactId>google-auth-library-parent</artifactId>
- <version>0.12.0</version><!-- {x-version-update:google-auth-library-parent:current} -->
+ <version>0.15.0</version><!-- {x-version-update:google-auth-library-parent:current} -->
<packaging>pom</packaging>
<name>Google Auth Library for Java</name>
<description>Client libraries providing authentication and
authorization to enable calling Google APIs.</description>
- <url>https://github.com/google/google-auth-library-java</url>
+ <url>https://github.com/googleapis/google-auth-library-java</url>
<licenses>
<license>
@@ -44,11 +44,10 @@
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
- <java.version>1.6</java.version>
- <project.google.http.version>1.27.0</project.google.http.version>
+ <project.google.http.version>1.29.0</project.google.http.version>
<project.junit.version>4.12</project.junit.version>
- <project.guava.version>20.0</project.guava.version>
- <project.appengine.version>1.9.64</project.appengine.version>
+ <project.guava.version>27.1-android</project.guava.version>
+ <project.appengine.version>1.9.71</project.appengine.version>
</properties>
<dependencyManagement>
@@ -94,6 +93,12 @@
<version>${project.junit.version}</version>
<scope>test</scope>
</dependency>
+ <dependency>
+ <groupId>com.google.appengine</groupId>
+ <artifactId>appengine</artifactId>
+ <version>${project.appengine.version}</version>
+ <scope>test</scope>
+ </dependency>
<dependency>
<groupId>com.google.auth</groupId>
<artifactId>google-auth-library-oauth2-http</artifactId>
@@ -159,7 +164,7 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>
- <version>2.22.0</version>
+ <version>3.0.0-M3</version>
<configuration>
<reportNameSuffix>sponge_log</reportNameSuffix>
</configuration>
=====================================
versions.txt
=====================================
@@ -1,7 +1,7 @@
# Format:
# module:released-version:current-version
-google-auth-library-parent:0.12.0:0.12.0
-google-auth-library-appengine:0.12.0:0.12.0
-google-auth-library-credentials:0.12.0:0.12.0
-google-auth-library-oauth2-http:0.12.0:0.12.0
+google-auth-library-parent:0.15.0:0.15.0
+google-auth-library-appengine:0.15.0:0.15.0
+google-auth-library-credentials:0.15.0:0.15.0
+google-auth-library-oauth2-http:0.15.0:0.15.0
View it on GitLab: https://salsa.debian.org/java-team/google-auth-java/-/commit/d11120006e2fb3f1eae587af6c0ff4640dc03f8f
--
View it on GitLab: https://salsa.debian.org/java-team/google-auth-java/-/commit/d11120006e2fb3f1eae587af6c0ff4640dc03f8f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-java-commits/attachments/20200702/50229a82/attachment.html>
More information about the pkg-java-commits
mailing list