- Update to version 2.48.0
* add cryptography as required dependency (#1929)
* Support the mTLS IAM domain for Certificate based Access (#1938)
* add configurable GCE Metadata Server retries (#1488)
* honor `NO_GCE_CHECK` environment variable (#1610)
* resolve circular imports (#1942)
* removes `content-header` from AWS IMDS get request (#1934)
* detect correct auth when ADC env var is set but empty (#1374)
* replace deprecated utcfromtimestamp (#1799)
* Use `user_verification=preferred` for ReAuth WebAuthn challenge (#1798)
- Update BuildRequires, Recommends and Requires from pyproject.toml
OBS-URL: https://build.opensuse.org/request/show/1330881
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-google-auth?expand=0&rev=132
- Update to version 2.47.0
* drop `cachetools` dependency in favor of simple local implementation (#1590)
* Python 3.8 support (#1918)
- from version 2.46.0
* update urllib3 docstrings for v2 compatibility (#1903)
* Recognize workload certificate config in has_default_client_cert_source
for mTLS for Agentic Identities (#1907)
* add types to default and verify_token and Request __init__ based on comments
in the source code. (#1588)
* fix the document of secure_authorized_session (#1536)
* remove setup.cfg configuration for creating universal wheels (#1693)
* use .read() instead of .content.read() in aiohttp transport (#1899)
* raise RefreshError for missing token in impersonated credentials (#1897)
* Fix test coverage for mtls_helper (#1886)
- Drop python-google-auth-no-mock.patch, fixed upstream
- Update BuildRequires and Requires from setup.py
OBS-URL: https://build.opensuse.org/request/show/1327040
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-google-auth?expand=0&rev=62
- Update to version 2.47.0
* drop `cachetools` dependency in favor of simple local implementation (#1590)
* Python 3.8 support (#1918)
- from version 2.46.0
* update urllib3 docstrings for v2 compatibility (#1903)
* Recognize workload certificate config in has_default_client_cert_source
for mTLS for Agentic Identities (#1907)
* add types to default and verify_token and Request __init__ based on comments
in the source code. (#1588)
* fix the document of secure_authorized_session (#1536)
* remove setup.cfg configuration for creating universal wheels (#1693)
* use .read() instead of .content.read() in aiohttp transport (#1899)
* raise RefreshError for missing token in impersonated credentials (#1897)
* Fix test coverage for mtls_helper (#1886)
- Drop python-google-auth-no-mock.patch, fixed upstream
- Update BuildRequires and Requires from setup.py
OBS-URL: https://build.opensuse.org/request/show/1326763
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-google-auth?expand=0&rev=129
- Update to version 2.45.0
* Adding Agent Identity bound token support and handling certificate
mismatches with retries (#1890)
- from version 2.44.0
* MDS connections use mTLS (#1856)
* support Python 3.14 (#1822)
* add ecdsa p-384 support (#1872)
* Add shlex to correctly parse executable commands with spaces (#1855)
* Implement token revocation in STS client and add revoke() method
to ExternalAccountAuthorizedUser credentials (#1849)
* Add temporary patch to workload cert logic to accomodate Cloud Run
mis-configuration (#1880)
* Delegate workload cert and key default lookup to helper function (#1877)
* Use public refresh method for source credentials in
ImpersonatedCredentials (#1884)
- Drop pytest9.patch, merged upstream
- Refresh python-google-auth-no-mock.patch
OBS-URL: https://build.opensuse.org/request/show/1325380
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-google-auth?expand=0&rev=127
- Update to version 2.43.0
* Add public wrapper for _mtls_helper.check_use_client_cert which
enables mTLS if GOOGLE_API_USE_CLIENT_CERTIFICATE is not set,
when the MWID/X.509 cert sources detected (#1859) Add public
wrapper for check_use_client_cert which enables mTLS if
GOOGLE_API_USE_CLIENT_CERTIFICATE is not set, when the MWID/X.509
cert sources detected. Also, fix check_use_client_cert to return
boolean value.
Change #1848 added the check_use_client_cert method that helps know
if client cert should be used for mTLS connection. However, that was
in a private class, thus, created a public wrapper of the same function
so that it can be used by python Client Libraries. Also, updated
check_use_client_cert to return a boolean value instead of existing
string value for better readability and future scope.
* Enable mTLS if GOOGLE_API_USE_CLIENT_CERTIFICATE is not set, if
the MWID/X.509 cert sources detected (#1848) The Python SDK will
use a hybrid approach for mTLS enablement:
* If the GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable is set
(either true or false), the SDK will respect that setting. This is
necessary for test scenarios and users who need to explicitly control
mTLS behavior.
* If the GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable is not
set, the SDK will automatically enable mTLS only if it detects Managed
Workload Identity (MWID) or X.509 Workforce Identity Federation (WIF)
certificate sources. In other cases where the variable is not set, mTLS
will remain disabled.
** This change also adds the helper method `check_use_client_cert` and
it's unit test, which will be used for checking the criteria for setting
the mTLS to true
** This change is only for Auth-Library, other changes will be created
OBS-URL: https://build.opensuse.org/request/show/1316867
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-google-auth?expand=0&rev=123
- Update to version 2.40.1
* Disable logging response body for async logs (#1756)
- from version 2.40.0
* Add request response logging to auth (#1678)
* Correct webauthn JSON parsing to be compliant with standard. (#1658)
- from version 2.39.0
* Adds GA support for X.509 workload identity federation (#1695)
* Add impersonated SA via local ADC support for fetch_id_token (#1740)
* Add missing packaging dependency for feature requiring urllib3 (#1732)
* Add request timeout for MDS requests (#1699)
* Explicitly declare support for Python 3.13 ([#1741)
- Refresh python-google-auth-no-mock.patch
OBS-URL: https://build.opensuse.org/request/show/1278404
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-google-auth?expand=0&rev=112
- Update to version 2.34.0
* **auth:** Update get_client_ssl_credentials to support X.509 workload certs (#1558)
* Retry token request on retryable status code (#1563)
- from version 2.33.0
* Implement async `StaticCredentials` using access tokens (#1559)
* Implement base classes for credentials and request sessions (#1551)
* **metadata:** Enhance retry logic for metadata server access in _metadata.py (#1545)
* Update argument for Credentials initialization (#1557)
- Refresh patches for new version
* python-google-auth-no-mock.patch
OBS-URL: https://build.opensuse.org/request/show/1201529
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-google-auth?expand=0&rev=100
- Update to version 2.29.0
* Adds support for custom suppliers in AWS and Identity Pool credentials (#1496)
* Refactor tech debt in aws and identity pool credentials (#1501)
- from version 2.28.2
* Remove gce log for expected 404 (#1491)
- from version 2.28.1
* Typo when setting the state for the pickle deserializer. (#1479)
- from version 2.28.0
* Adding universe domain support for downscroped credentials (#1463)
* Change log level to debug for return_none_for_not_found_error (#1473)
* Make requests import conditional for gce universe domain (#1476)
- Refresh patches for new version
* python-google-auth-no-mock.patch
OBS-URL: https://build.opensuse.org/request/show/1174827
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-google-auth?expand=0&rev=92
* Add optional account association for Authorized User
credentials.
* Allow custom universe domain for gce creds
* Conditionally import requests only if no request was passed
by the caller.
- update to 2.26.2:
* Read universe_domain for external account authorized user
- update to 2.26.1:
* Ensure that refresh worker is pickle-able.
- update to 2.26.0:
* Add optional non blocking refresh for sync auth code
* Add optional non blocking refresh for sync auth code
* External account user cred universe domain support
* Guard delete statements. Add default fallback for
_use_non_blocking_refresh.
- update to 2.25.2:
* Fix user cred universe domain issue
- update to 2.25.1:
* Fix vm universe_domain bug
- update to 2.25.0:
* Add custom tls signer for ECP Provider.
* Add custom tls signer for ECP Provider.
* Add with_universe_domain
* Fixes issue where Python37DeprecationWarning cannot be
filtered
- update to 2.24.0:
* Add support for Python 3.12
* Add universe domain support for VM cred
* Modify the token refresh window
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-google-auth?expand=0&rev=84
