Skip to content

Commit

Permalink
merge main
Browse files Browse the repository at this point in the history
  • Loading branch information
alicejli committed Mar 21, 2024
2 parents 7e56a9f + 18a19d5 commit c8532d6
Show file tree
Hide file tree
Showing 13 changed files with 896 additions and 58 deletions.
4 changes: 2 additions & 2 deletions .github/.OwlBot.lock.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -13,5 +13,5 @@
# limitations under the License.
docker:
image: gcr.io/cloud-devrel-public-resources/owlbot-java:latest
digest: sha256:a6aa751984f1e905c3ae5a3aac78fc7b68210626ce91487dc7ff4f0a06f010cc
# created: 2024-01-22T14:14:20.913785597Z
digest: sha256:084ad4c60551b075846bcb2405ec1c14b0d00ec1eb5503d4dd0d2a92cdc2d3e2
# created: 2024-03-15T14:33:32.257974519Z
4 changes: 4 additions & 0 deletions .github/release-please.yml
Original file line number Diff line number Diff line change
Expand Up @@ -26,3 +26,7 @@ branches:
handleGHRelease: true
releaseType: java-backport
branch: 1.19.x
- bumpMinorPreMajor: true
handleGHRelease: true
releaseType: java-backport
branch: 1.20.x
12 changes: 12 additions & 0 deletions .github/sync-repo-settings.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -93,6 +93,18 @@ branchProtectionRules:
requiredApprovingReviewCount: 1
requiresCodeOwnerReviews: true
requiresStrictStatusChecks: true
- pattern: 1.20.x
isAdminEnforced: true
requiredStatusCheckContexts:
- dependencies (17)
- lint
- clirr
- units (8)
- units (11)
- cla/google
requiredApprovingReviewCount: 1
requiresCodeOwnerReviews: true
requiresStrictStatusChecks: true
permissionRules:
- team: Googlers
permission: pull
Expand Down
45 changes: 45 additions & 0 deletions .github/workflows/sonar.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
name: SonarCloud
on:
push:
branches:
- main
pull_request:
types: [opened, synchronize, reopened]
jobs:
build:
name: Build
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
- name: Set up JDK 17
uses: actions/setup-java@v3
with:
java-version: 17
distribution: temurin
- name: Cache SonarCloud packages
uses: actions/cache@v3
with:
path: ~/.sonar/cache
key: ${{ runner.os }}-sonar
restore-keys: ${{ runner.os }}-sonar
- name: Cache Maven packages
uses: actions/cache@v3
with:
path: ~/.m2
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-m2
- name: Build and analyze for full test coverage
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
run: |
mvn -B verify -Dcheckstyle.skip \
-DenableFullTestCoverage \
-Dsonar.coverage.jacoco.xmlReportPaths=oauth2_http/target/site/jacoco/jacoco.xml \
org.sonarsource.scanner.maven:sonar-maven-plugin:sonar \
-Pcoverage \
-Dsonar.projectKey=googleapis_google-auth-library-java \
-Dsonar.organization=googleapis \
-Dsonar.host.url=https://sonarcloud.io
2 changes: 1 addition & 1 deletion .kokoro/presubmit/graalvm-native-a.cfg
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
# Configure the docker image for kokoro-trampoline.
env_vars: {
key: "TRAMPOLINE_IMAGE"
value: "gcr.io/cloud-devrel-public-resources/graalvm_a:1.7.1"
value: "gcr.io/cloud-devrel-public-resources/graalvm_a:1.7.6"
}

env_vars: {
Expand Down
2 changes: 1 addition & 1 deletion .kokoro/presubmit/graalvm-native-b.cfg
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
# Configure the docker image for kokoro-trampoline.
env_vars: {
key: "TRAMPOLINE_IMAGE"
value: "gcr.io/cloud-devrel-public-resources/graalvm_b:1.7.1"
value: "gcr.io/cloud-devrel-public-resources/graalvm_b:1.7.6"
}

env_vars: {
Expand Down
5 changes: 4 additions & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -29,11 +29,14 @@ credentials as well as utility methods to create them and to get Application Def
* [Accessing resources from Azure](#access-resources-from-microsoft-azure)
* [Accessing resources from an OIDC identity provider](#accessing-resources-from-an-oidc-identity-provider)
* [Accessing resources using Executable-sourced credentials](#using-executable-sourced-credentials-with-oidc-and-saml)
* [Accessing resources using a custom supplier for OIDC or SAML](#using-a-custom-supplier-with-oidc-and-saml)
* [Accessing resources using a custom supplier with AWS](#using-a-custom-supplier-with-aws)
* [Configurable Token Lifetime](#configurable-token-lifetime)
* [Workforce Identity Federation](#workforce-identity-federation)
* [Accessing resources using an OIDC or SAML 2.0 identity provider](#accessing-resources-using-an-oidc-or-saml-20-identity-provider)
* [Accessing resources using external account authorized user workforce credentials](#using-external-account-authorized-user-workforce-credentials)
* [Accessing resources using Executable-sourced credentials](#using-executable-sourced-workforce-credentials-with-oidc-and-saml)
* [Accessing resources using a custom supplier for OIDC or SAML](#using-a-custom-supplier-for-workforce-credentials-with-oidc-and-saml)
* [Downscoping with Credential Access Boundaries](#downscoping-with-credential-access-boundaries)
* [Configuring a Proxy](#configuring-a-proxy)
* [Using Credentials with google-http-client](#using-credentials-with-google-http-client)
Expand Down Expand Up @@ -826,7 +829,7 @@ specified below. It must output the response to stdout.
Refer to the [using executable-sourced credentials with Workload Identity Federation](#using-executable-sourced-credentials-with-oidc-and-saml)
above for the executable response specification.

#### Using a custom supplier with OIDC and SAML
#### Using a custom supplier for workforce credentials with OIDC and SAML
A custom implementation of IdentityPoolSubjectTokenSupplier can be used while building IdentityPoolCredentials
to supply a subject token which can be exchanged for a GCP access token. The supplier must return a valid,
unexpired subject token when called by the GCP credential.
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -90,7 +90,7 @@ private class CodeChallenge {

byte[] digest = md.digest();

this.codeChallenge = Base64.getUrlEncoder().encodeToString(digest);
this.codeChallenge = Base64.getUrlEncoder().encodeToString(digest).replace("=", "");
this.codeChallengeMethod = "S256";
} catch (NoSuchAlgorithmException e) {
this.codeChallenge = codeVerifier;
Expand Down
Loading

0 comments on commit c8532d6

Please sign in to comment.