Conversation
…entials (#1496) * feat: refactor AWS and identity pool credentials to use suppliers (#1484) * feat: refactor aws and identity pool credentials to use supplier framework * Linting * changing class types * linting * remove unused import * Fix typing * add docstring and fix casing * feat: Adds support for custom suppliers in AWS and Identity Pool credential instantiation (#1494) * feat: refactor aws and identity pool credentials to use supplier framework * Linting * changing class types * linting * remove unused import * Fix typing * add docstring and fix casing * feat: adds support for passing suppliers to credentials. * fixes merge issues and adds _has_custom_supplier method * adds _has_custom_supplier function to identity_pool * Update google/auth/external_account.py Co-authored-by: Carl Lundin <108372512+clundin25@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: Carl Lundin <108372512+clundin25@users.noreply.github.com> * Respond to comments and fix docs --------- Co-authored-by: Carl Lundin <108372512+clundin25@users.noreply.github.com> * docs: add documentation for suppliers (#1495) * docs: update docs for programmatic * add space * update user guide * update docs * Apply suggestions from code review Co-authored-by: Leo <39062083+lsirac@users.noreply.github.com> * Update docs * Add docs about context and request --------- Co-authored-by: Carl Lundin <108372512+clundin25@users.noreply.github.com> Co-authored-by: Leo <39062083+lsirac@users.noreply.github.com>
* fix: implement fixes suggested in suppliers PR * Add back elif * update const name to include unit
* fix: fix id_token iam endpoint for non-gdu service credentials * chore: address comments
* fix: makes default token_url universe aware * fix defaulting
Source-Link: googleapis/synthtool@db94845 Post-Processor: gcr.io/cloud-devrel-public-resources/owlbot-python:latest@sha256:a8a80fc6456e433df53fc2a0d72ca0345db0ddefb409f1b75b118dfd1babd952 Co-authored-by: Owl Bot <gcf-owl-bot[bot]@users.noreply.github.com> Co-authored-by: Anthonios Partheniou <partheniou@google.com>
Source-Link: googleapis/synthtool@d50980e Post-Processor: gcr.io/cloud-devrel-public-resources/owlbot-python:latest@sha256:5a4c19d17e597b92d786e569be101e636c9c2817731f80a5adec56b2aa8fe070 Co-authored-by: Owl Bot <gcf-owl-bot[bot]@users.noreply.github.com> Co-authored-by: Anthonios Partheniou <partheniou@google.com>
* chore: Add log when rapt token is acquired. * chore: Add log when rapt token is acquired.
The ECP provider can work with the Python std lib SSL library. This simplifies packaging, as cryptography can be omitted. This patch makes the code use the standard SSL library if a provider implementation is detected.
* feat: Enable webauthn handling when plugin is installed. * Minor code cleanup. * feat: Enable webauthn plugin for security keys Move key press prompt and remove TODO question. * feat: Enable webauthn plugin for security keys Fix lint and mypy errors. * feat: Enable webauthn plugin for security keys Check dict accesses for None. Remove commented out line. * feat: Enable webauthn plugin for security keys Change _urlsafe_b64recode to _unpadded_urlsafe_b64recode for clarity. * feat: Enable webauthn plugin for security keys Fix broken test and add test clauses to bring coverage to 100%. --------- Co-authored-by: arithmetic1728 <58957152+arithmetic1728@users.noreply.github.com>
🤖 I have created a release *beep* *boop* --- ## [2.30.0](https://togithub.com/googleapis/google-auth-library-python/compare/v2.29.0...v2.30.0) (2024-06-06) ### Features * Add WebAuthn plugin component to handle WebAuthn get assertion request ([#1464](https://togithub.com/googleapis/google-auth-library-python/issues/1464)) ([e25f336](https://togithub.com/googleapis/google-auth-library-python/commit/e25f336ab49c2018a222458a95ebe083e8a4eb2a)) * ECP Provider drop cryptography requirement ([#1524](https://togithub.com/googleapis/google-auth-library-python/issues/1524)) ([a821d71](https://togithub.com/googleapis/google-auth-library-python/commit/a821d719e2fc7bcdc21737fdf175d6f06aa9a56a)) * Enable webauthn plugin for security keys ([#1528](https://togithub.com/googleapis/google-auth-library-python/issues/1528)) ([e2d5e63](https://togithub.com/googleapis/google-auth-library-python/commit/e2d5e635da2cb2caf8240fb9e07fc381442a9d0c)) ### Bug Fixes * Fix id_token iam endpoint for non-gdu service credentials ([#1506](https://togithub.com/googleapis/google-auth-library-python/issues/1506)) ([93d681e](https://togithub.com/googleapis/google-auth-library-python/commit/93d681e6cfb15eb4a3efada623be8ba73b302257)) * Makes default token_url universe aware ([#1514](https://togithub.com/googleapis/google-auth-library-python/issues/1514)) ([045776e](https://togithub.com/googleapis/google-auth-library-python/commit/045776e5dfa3fb172ffaeb59bfe5c637778a5d34)) --- This PR was generated with [Release Please](https://togithub.com/googleapis/release-please). See [documentation](https://togithub.com/googleapis/release-please#release-please).
* feat: adds X509 workload cert logic * add JSON checking, and edits comments * Adds comment with more explanation * fix test coverage --------- Co-authored-by: Leo <39062083+lsirac@users.noreply.github.com>
…easier time pinning the correct OpenSSL version. (#1537) * chore: Use cryptography for the Provider as well. This is to have an easier time pinning the correct OpenSSL version.
* Added py.typed to MANIFEST.in * Moved from MANIFEST.in to py.typed per PR suggestion * chore: Refresh system test creds. * Add py.typed to MANIFEST.in --------- Co-authored-by: Carl Lundin <clundin@google.com>
* feat: adds support for X509 workload credential type * fix: PR comments * Apply suggestions from code review Co-authored-by: Leo <39062083+lsirac@users.noreply.github.com> * fix: responding to PR comments * Apply suggestions from code review Co-authored-by: Carl Lundin <108372512+clundin25@users.noreply.github.com> * renaming functions, adding comments, and removing auth_request temp var * Apply suggestions from code review Co-authored-by: Carl Lundin <108372512+clundin25@users.noreply.github.com> * chore: Update test credentials. * linting --------- Co-authored-by: Leo <39062083+lsirac@users.noreply.github.com> Co-authored-by: Carl Lundin <108372512+clundin25@users.noreply.github.com> Co-authored-by: Carl Lundin <clundin@google.com>
Source-Link: googleapis/synthtool@9ae0785 Post-Processor: gcr.io/cloud-devrel-public-resources/owlbot-python:latest@sha256:52210e0e0559f5ea8c52be148b33504022e1faef4e95fbe4b32d68022af2fa7e Co-authored-by: Owl Bot <gcf-owl-bot[bot]@users.noreply.github.com> Co-authored-by: arithmetic1728 <58957152+arithmetic1728@users.noreply.github.com>
🤖 I have created a release *beep* *boop* --- ## [2.32.0](https://togithub.com/googleapis/google-auth-library-python/compare/v2.31.0...v2.32.0) (2024-07-08) ### Features * Adds support for X509 workload credential type ([#1541](https://togithub.com/googleapis/google-auth-library-python/issues/1541)) ([1270217](https://togithub.com/googleapis/google-auth-library-python/commit/1270217556a0249b6be8824e2b6209371f24e400)) --- This PR was generated with [Release Please](https://togithub.com/googleapis/release-please). See [documentation](https://togithub.com/googleapis/release-please#release-please).
…leep (#1547) chore: No sleep on initial attempt in exponential backoff implementation It is unintuitive that the initial attempt in the exponential backoff loop sleeps. This can lead to subtle bugs in future call sites. This patch refactors the exponential backoff to begin sleeping on the 2nd iteration so requests can be done in a single for loop.
…adata.py (#1545) * fix(metadata): Use exponential backoff retry logic for GCE metadata server access
parthea
force-pushed
the
migration.google-auth-library-python.migration.2026-03-02_19-53-29.migrate
branch
from
851209c to
6e08d1f
Compare
daniel-sanche
approved these changes
Mar 3, 2026
daniel-sanche
approved these changes
Mar 3, 2026
ohmayr
approved these changes
Mar 3, 2026
parthea
deleted the
migration.google-auth-library-python.migration.2026-03-02_19-53-29.migrate
branch
parthea
removed
the
do not merge
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
See #14908.
This PR should be merged with a merge-commit, not a squash-commit, in order to preserve the git history.