* Add public wrapper for _mtls_helper.check_use_client_cert which
enables mTLS if GOOGLE_API_USE_CLIENT_CERTIFICATE is not set,
when the MWID/X.509 cert sources detected (#1859) Add public
wrapper for check_use_client_cert which enables mTLS if
GOOGLE_API_USE_CLIENT_CERTIFICATE is not set, when the MWID/X.509
cert sources detected. Also, fix check_use_client_cert to return
boolean value.
Change #1848 added the check_use_client_cert method that helps know
if client cert should be used for mTLS connection. However, that was
in a private class, thus, created a public wrapper of the same function
so that it can be used by python Client Libraries. Also, updated
check_use_client_cert to return a boolean value instead of existing
string value for better readability and future scope.
* Enable mTLS if GOOGLE_API_USE_CLIENT_CERTIFICATE is not set, if
the MWID/X.509 cert sources detected (#1848) The Python SDK will
use a hybrid approach for mTLS enablement:
* If the GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable is set
(either true or false), the SDK will respect that setting. This is
necessary for test scenarios and users who need to explicitly control
mTLS behavior.
* If the GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable is not
set, the SDK will automatically enable mTLS only if it detects Managed
Workload Identity (MWID) or X.509 Workforce Identity Federation (WIF)
certificate sources. In other cases where the variable is not set, mTLS
will remain disabled.
** This change also adds the helper method `check_use_client_cert` and
it's unit test, which will be used for checking the criteria for setting
the mTLS to true
** This change is only for Auth-Library, other changes will be created
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-google-auth?expand=0&rev=123
* Suppress deprecation warning for ADC (#1815)
- from version 2.41.0
* Add support for cachetools 6.0 (#1773)
* Add trust boundary support for service accounts and impersonation. (#1778)
* Deprecating load_credentials_from_dict (58b66ec)
* Fix type error in credentials.py for python 3.7 and 3.8 (#1805)
* Update user guide to include x509 feature. (#1802)
- Refresh patches for new version
* python-google-auth-no-mock.patch
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-google-auth?expand=0&rev=119
- Update to version 2.40.1
* Disable logging response body for async logs (#1756)
- from version 2.40.0
* Add request response logging to auth (#1678)
* Correct webauthn JSON parsing to be compliant with standard. (#1658)
- from version 2.39.0
* Adds GA support for X.509 workload identity federation (#1695)
* Add impersonated SA via local ADC support for fetch_id_token (#1740)
* Add missing packaging dependency for feature requiring urllib3 (#1732)
* Add request timeout for MDS requests (#1699)
* Explicitly declare support for Python 3.13 ([#1741)
- Refresh python-google-auth-no-mock.patch
OBS-URL: https://build.opensuse.org/request/show/1278404
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-google-auth?expand=0&rev=112
* **auth:** Update get_client_ssl_credentials to support X.509 workload certs (#1558)
* Retry token request on retryable status code (#1563)
- from version 2.33.0
* Implement async `StaticCredentials` using access tokens (#1559)
* Implement base classes for credentials and request sessions (#1551)
* **metadata:** Enhance retry logic for metadata server access in _metadata.py (#1545)
* Update argument for Credentials initialization (#1557)
- Refresh patches for new version
* python-google-auth-no-mock.patch
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-google-auth?expand=0&rev=100
- Update to version 2.29.0
* Adds support for custom suppliers in AWS and Identity Pool credentials (#1496)
* Refactor tech debt in aws and identity pool credentials (#1501)
- from version 2.28.2
* Remove gce log for expected 404 (#1491)
- from version 2.28.1
* Typo when setting the state for the pickle deserializer. (#1479)
- from version 2.28.0
* Adding universe domain support for downscroped credentials (#1463)
* Change log level to debug for return_none_for_not_found_error (#1473)
* Make requests import conditional for gce universe domain (#1476)
- Refresh patches for new version
* python-google-auth-no-mock.patch
OBS-URL: https://build.opensuse.org/request/show/1174827
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-google-auth?expand=0&rev=92
* Add optional account association for Authorized User
credentials.
* Allow custom universe domain for gce creds
* Conditionally import requests only if no request was passed
by the caller.
- update to 2.26.2:
* Read universe_domain for external account authorized user
- update to 2.26.1:
* Ensure that refresh worker is pickle-able.
- update to 2.26.0:
* Add optional non blocking refresh for sync auth code
* Add optional non blocking refresh for sync auth code
* External account user cred universe domain support
* Guard delete statements. Add default fallback for
_use_non_blocking_refresh.
- update to 2.25.2:
* Fix user cred universe domain issue
- update to 2.25.1:
* Fix vm universe_domain bug
- update to 2.25.0:
* Add custom tls signer for ECP Provider.
* Add custom tls signer for ECP Provider.
* Add with_universe_domain
* Fixes issue where Python37DeprecationWarning cannot be
filtered
- update to 2.24.0:
* Add support for Python 3.12
* Add universe domain support for VM cred
* Modify the token refresh window
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-google-auth?expand=0&rev=84
