Deprecate the GoogleCredential and CloudShellCredential classes #1258
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
googlebot
added
the
cla: yes
sduskis
approved these changes
May 17, 2019
This was referenced May 20, 2019
|
Hello @chingor13 I don't understand how to correctly replace |
|
rtyley
added a commit
to guardian/play-googleauth
that referenced
this pull request
Nov 27, 2020
This change is only related to the Google-Group-checking code in `play-googleauth`, which was using a deprecated class: The `com.google.api.client.googleapis.auth.oauth2.GoogleCredential` class in https://github.com/googleapis/google-api-java-client was deprecated in May 2019 by googleapis/google-api-java-client#1258 ...the deprecation advice recommends using the classes from the new library: https://github.com/googleapis/google-auth-library-java This commit switches to using the new `com.google.auth.oauth2.ServiceAccountCredentials` class from the `google-auth-library-oauth2-http` artifact. Given this new class, our custom `com.gu.googleauth.GoogleServiceAccount` Scala case class is no longer necessary, so has been removed, in favour of the user passing us an instance of `ServiceAccountCredentials` - which is actually easier for a user to generate! Here's an example of how you make and use an instance of the new credentials: ``` import org.apache.commons.io.Charsets.UTF_8 import org.apache.commons.io.IOUtils import com.google.auth.oauth2.ServiceAccountCredentials import com.gu.googleauth.GoogleGroupChecker val impersonatedUser: String = ... // email address of the 'impersonated' account val serviceAccountCert: String = ... // from Google Developers Console val credentials = ServiceAccountCredentials.fromStream(IOUtils.toInputStream(serviceAccountCert, UTF_8)) val groupChecker = new GoogleGroupChecker(impersonatedUser, credentials) ```
rtyley
added a commit
to guardian/play-googleauth
that referenced
this pull request
Nov 27, 2020
This change is only related to the Google-Group-checking code in `play-googleauth`, which was using a deprecated class: The `com.google.api.client.googleapis.auth.oauth2.GoogleCredential` class in https://github.com/googleapis/google-api-java-client was deprecated in May 2019 by googleapis/google-api-java-client#1258 ...the deprecation advice recommends using the classes from the new library: https://github.com/googleapis/google-auth-library-java This commit switches to using the new `com.google.auth.oauth2.ServiceAccountCredentials` class from the `google-auth-library-oauth2-http` artifact. Given this new class, our custom `com.gu.googleauth.GoogleServiceAccount` Scala case class is no longer necessary, so has been deprecated, in favour of the user passing us an instance of `ServiceAccountCredentials` - which is actually easier for a user to generate! Here's an example of how you make and use an instance of the new credentials: ``` import org.apache.commons.io.Charsets.UTF_8 import org.apache.commons.io.IOUtils import com.google.auth.oauth2.ServiceAccountCredentials import com.gu.googleauth.GoogleGroupChecker val impersonatedUser: String = ... // email address of the 'impersonated' account val serviceAccountCert: String = ... // from Google Developers Console val credentials = ServiceAccountCredentials.fromStream(IOUtils.toInputStream(serviceAccountCert, UTF_8)) val groupChecker = new GoogleGroupChecker(impersonatedUser, credentials) ```
rtyley
added a commit
to guardian/play-googleauth
that referenced
this pull request
Nov 27, 2020
This change is only related to the Google-Group-checking code in `play-googleauth`, which was using a deprecated class: The `com.google.api.client.googleapis.auth.oauth2.GoogleCredential` class in https://github.com/googleapis/google-api-java-client was deprecated in May 2019 by googleapis/google-api-java-client#1258 ...the deprecation advice recommends using the classes from the new library: https://github.com/googleapis/google-auth-library-java This commit switches to using the new `com.google.auth.oauth2.ServiceAccountCredentials` class from the `google-auth-library-oauth2-http` artifact. Given this new class, our custom `com.gu.googleauth.GoogleServiceAccount` Scala case class is no longer necessary, so has been deprecated, in favour of the user passing us an instance of `ServiceAccountCredentials` - which is actually easier for a user to generate! Here's an example of how you make and use an instance of the new credentials: ``` import org.apache.commons.io.Charsets.UTF_8 import org.apache.commons.io.IOUtils import com.google.auth.oauth2.ServiceAccountCredentials import com.gu.googleauth.GoogleGroupChecker val impersonatedUser: String = ... // email address of the 'impersonated' account val serviceAccountCert: String = ... // from Google Developers Console val credentials = ServiceAccountCredentials.fromStream(IOUtils.toInputStream(serviceAccountCert, UTF_8)) val groupChecker = new GoogleGroupChecker(impersonatedUser, credentials) ```
rtyley
added a commit
to guardian/play-googleauth
that referenced
this pull request
Nov 27, 2020
This change is only related to the Google-Group-checking code in `play-googleauth`, which was using a deprecated class: The `com.google.api.client.googleapis.auth.oauth2.GoogleCredential` class in https://github.com/googleapis/google-api-java-client was deprecated in May 2019 by googleapis/google-api-java-client#1258 ...the deprecation advice recommends using the classes from the new library: https://github.com/googleapis/google-auth-library-java This commit switches to using the new `com.google.auth.oauth2.ServiceAccountCredentials` class from the `google-auth-library-oauth2-http` artifact. Given this new class, our custom `com.gu.googleauth.GoogleServiceAccount` Scala case class is no longer necessary, so has been deprecated, in favour of the user passing us an instance of `ServiceAccountCredentials` - which is actually easier for a user to generate! Here's an example of how you make and use an instance of the new credentials: ``` import org.apache.commons.io.Charsets.UTF_8 import org.apache.commons.io.IOUtils import com.google.auth.oauth2.ServiceAccountCredentials import com.gu.googleauth.GoogleGroupChecker val impersonatedUser: String = ... // email address of the 'impersonated' account val serviceAccountCert: String = ... // from Google Developers Console val credentials = ServiceAccountCredentials.fromStream(IOUtils.toInputStream(serviceAccountCert, UTF_8)) val groupChecker = new GoogleGroupChecker(impersonatedUser, credentials) ```
rtyley
added a commit
to guardian/play-googleauth
that referenced
this pull request
Nov 28, 2020
This change is only related to the Google-Group-checking code in `play-googleauth`, which was using a deprecated class: The `com.google.api.client.googleapis.auth.oauth2.GoogleCredential` class in https://github.com/googleapis/google-api-java-client was deprecated in May 2019 by googleapis/google-api-java-client#1258 ...the deprecation advice recommends using the classes from the new library: https://github.com/googleapis/google-auth-library-java This commit switches to using the new `com.google.auth.oauth2.ServiceAccountCredentials` class from the `google-auth-library-oauth2-http` artifact. Given this new class, our custom `com.gu.googleauth.GoogleServiceAccount` Scala case class is no longer necessary, so has been deprecated, in favour of the user passing us an instance of `ServiceAccountCredentials` - which is actually easier for a user to generate! Here's an example of how you make and use an instance of the new credentials: ``` import org.apache.commons.io.Charsets.UTF_8 import org.apache.commons.io.IOUtils import com.google.auth.oauth2.ServiceAccountCredentials import com.gu.googleauth.GoogleGroupChecker val impersonatedUser: String = ... // email address of the 'impersonated' account val serviceAccountCert: String = ... // from Google Developers Console val credentials = ServiceAccountCredentials.fromStream(IOUtils.toInputStream(serviceAccountCert, UTF_8)) val groupChecker = new GoogleGroupChecker(impersonatedUser, credentials) ```
rtyley
added a commit
to guardian/play-googleauth
that referenced
this pull request
Nov 28, 2020
This change is only related to the Google-Group-checking code in `play-googleauth`, which was using a deprecated class: The `com.google.api.client.googleapis.auth.oauth2.GoogleCredential` class in https://github.com/googleapis/google-api-java-client was deprecated in May 2019 by googleapis/google-api-java-client#1258 ...the deprecation advice recommends using the classes from the new library: https://github.com/googleapis/google-auth-library-java This commit switches to using the new `com.google.auth.oauth2.ServiceAccountCredentials` class from the `google-auth-library-oauth2-http` artifact. Given this new class, our custom `com.gu.googleauth.GoogleServiceAccount` Scala case class is no longer necessary, so has been deprecated, in favour of the user passing us an instance of `ServiceAccountCredentials` - which is actually easier for a user to generate! Here's an example of how you make and use an instance of the new credentials: ``` import org.apache.commons.io.Charsets.UTF_8 import org.apache.commons.io.IOUtils import com.google.auth.oauth2.ServiceAccountCredentials import com.gu.googleauth.GoogleGroupChecker val impersonatedUser: String = ... // email address of the 'impersonated' account val serviceAccountCert: String = ... // from Google Developers Console val credentials = ServiceAccountCredentials.fromStream(IOUtils.toInputStream(serviceAccountCert, UTF_8)) val groupChecker = new GoogleGroupChecker(impersonatedUser, credentials) ```
rtyley
added a commit
to guardian/play-googleauth
that referenced
this pull request
Dec 1, 2020
This change is only related to the Google-Group-checking code in `play-googleauth`, which was using a deprecated class: The `com.google.api.client.googleapis.auth.oauth2.GoogleCredential` class in https://github.com/googleapis/google-api-java-client was deprecated in May 2019 by googleapis/google-api-java-client#1258 ...the deprecation advice recommends using the classes from the new library: https://github.com/googleapis/google-auth-library-java This commit switches to using the new `com.google.auth.oauth2.ServiceAccountCredentials` class from the `google-auth-library-oauth2-http` artifact. Given this new class, our custom `com.gu.googleauth.GoogleServiceAccount` Scala case class is no longer necessary, so has been deprecated, in favour of the user passing us an instance of `ServiceAccountCredentials` - which is actually easier for a user to generate! Here's an example of how you make and use an instance of the new credentials: ``` import org.apache.commons.io.Charsets.UTF_8 import org.apache.commons.io.IOUtils import com.google.auth.oauth2.ServiceAccountCredentials import com.gu.googleauth.GoogleGroupChecker val impersonatedUser: String = ... // email address of the 'impersonated' account val serviceAccountCert: String = ... // from Google Developers Console val credentials = ServiceAccountCredentials.fromStream(IOUtils.toInputStream(serviceAccountCert, UTF_8)) val groupChecker = new GoogleGroupChecker(impersonatedUser, credentials) ```
rtyley
added a commit
to guardian/play-googleauth
that referenced
this pull request
Dec 1, 2020
This change is only related to the Google-Group-checking code in `play-googleauth`, which was using a deprecated class: The `com.google.api.client.googleapis.auth.oauth2.GoogleCredential` class in https://github.com/googleapis/google-api-java-client was deprecated in May 2019 by googleapis/google-api-java-client#1258 ...the deprecation advice recommends using the classes from the new library: https://github.com/googleapis/google-auth-library-java This commit switches to using the new `com.google.auth.oauth2.ServiceAccountCredentials` class from the `google-auth-library-oauth2-http` artifact. Given this new class, our custom `com.gu.googleauth.GoogleServiceAccount` Scala case class is no longer necessary, so has been deprecated, in favour of the user passing us an instance of `ServiceAccountCredentials` - which is actually easier for a user to generate! Here's an example of how you make and use an instance of the new credentials: ``` import org.apache.commons.io.Charsets.UTF_8 import org.apache.commons.io.IOUtils import com.google.auth.oauth2.ServiceAccountCredentials import com.gu.googleauth.GoogleGroupChecker val impersonatedUser: String = ... // email address of the 'impersonated' account val serviceAccountCert: String = ... // from Google Developers Console val credentials = ServiceAccountCredentials.fromStream(IOUtils.toInputStream(serviceAccountCert, UTF_8)) val groupChecker = new GoogleGroupChecker(impersonatedUser, credentials) ```
rtyley
added a commit
to guardian/play-googleauth
that referenced
this pull request
Dec 1, 2020
This change is only related to the Google-Group-checking code in `play-googleauth`, which was using a deprecated class: The `com.google.api.client.googleapis.auth.oauth2.GoogleCredential` class in https://github.com/googleapis/google-api-java-client was deprecated in May 2019 by googleapis/google-api-java-client#1258 ...the deprecation advice recommends using the classes from the new library: https://github.com/googleapis/google-auth-library-java This commit switches to using the new `com.google.auth.oauth2.ServiceAccountCredentials` class from the `google-auth-library-oauth2-http` artifact. Given this new class, our custom `com.gu.googleauth.GoogleServiceAccount` Scala case class is no longer necessary, so has been deprecated, in favour of the user passing us an instance of `ServiceAccountCredentials` - which is actually easier for a user to generate! Here's an example of how you make and use an instance of the new credentials: ``` import org.apache.commons.io.Charsets.UTF_8 import org.apache.commons.io.IOUtils import com.google.auth.oauth2.ServiceAccountCredentials import com.gu.googleauth.GoogleGroupChecker val impersonatedUser: String = ... // email address of the 'impersonated' account val serviceAccountCert: String = ... // from Google Developers Console val credentials = ServiceAccountCredentials.fromStream(IOUtils.toInputStream(serviceAccountCert, UTF_8)) val groupChecker = new GoogleGroupChecker(impersonatedUser, credentials) ```
|
Hi, we're using this class like so: Wondering if this Also any suggestions on what we move the above to? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The fancy automatic credentials for Application Default Credentials and CloudShell should be handled by google-auth-library. That library provides an adapter that can be used with google-http-client.
Note that this still provides the oauth2 helpers for handling 3-legged OAuth2.