Changelog

1.3.0 (2021-11-10)

Features

• next release from main branch is 1.3.0 ( #780 ) ( 1149581 )

Bug Fixes

• java:java 17 dependency arguments ( #1266 ) ( #779 ) ( 9160a53 )
• service account impersonation with workforce credentials ( #770 ) ( 6449ef0 )

1.2.2 (2021-10-20)

Bug Fixes

• environment variable is "AWS_SESSION_TOKEN" and not "Token" ( #772 ) ( c8c3073 )

1.2.1 (2021-10-11)

Bug Fixes

• disabling self-signed jwt for domain wide delegation ( #754 ) ( ac70a27 )

1.2.0 (2021-09-30)

Features

• add support for Workforce Pools ( #729 ) ( 5f3fed7 )

Bug Fixes

• allow empty workforce_pool_user_project ( #752 ) ( e1cbce1 )
• timing of stale token refreshes on ComputeEngine ( #749 ) ( c813d55 )
• workforce audience ( #741 ) ( a08cacc )

1.1.0 (2021-08-17)

Features

• downscoping with credential access boundaries ( #702 ) ( aa7ede1 )

Bug Fixes

• add validation for the token URL and service account impersonation URL for Workload Identity Federation ( #717 ) ( 23cb8ef )

Documentation

• updates README for downscoping with CAB ( #716 ) ( 68bceba )

1.0.0 (2021-07-28)

⚠ BREAKING CHANGES

• updating google-auth-library-java min Java version to 1.8

Features

• GA release of google-auth-library-java (ver 1.0.0) ( #704 ) ( 3d9874f )
• updating google-auth-library-java min Java version to 1.8 ( 3d9874f )

Bug Fixes

• Add shopt -s nullglob to dependencies script ( #693 ) ( c5aa708 )
• Update dependencies.sh to not break on mac ( c5aa708 )

0.27.0 (2021-07-14)

Features

• add Id token support for UserCredentials ( #650 ) ( 5a8f467 )
• add impersonation credentials to ADC ( #613 ) ( b9823f7 )
• Adding functional tests for Service Account ( #685 ) ( dfe118c )
• allow scopes for self signed jwt ( #689 ) ( f4980c7 )

0.26.0 (2021-05-20)

Features

• add gcf-owl-bot[bot] to ignoreAuthors ( #674 ) ( 359b20f )
• added getter for credentials object in HttpCredentialsAdapter ( #658 ) ( 5a946ea )
• enable pre-emptive async oauth token refreshes ( #646 ) ( e3f4c7e )
• Returning an issuer claim on request errors ( #656 ) ( 95d70ae )

Bug Fixes

• use orginal url as audience for self signed jwt if scheme or host is null ( #642 ) ( b4e6f1a )

0.25.5 (2021-04-22)

Dependencies

• update autovalue to 1.8.1 ( #638 ) ( 62cd356 )

0.25.4 (2021-04-15)

Bug Fixes

• release scripts from issuing overlapping phases ( #634 ) ( b8d851e )
• typo ( #632 ) ( d860608 )

0.25.3 (2021-04-12)

Dependencies

• update guava patch ( #628 ) ( 8ff3207 )

0.25.2 (2021-03-18)

Bug Fixes

• follow up fix service account credentials createScopedRequired ( #605 ) ( 7ddac43 )
• support AWS_DEFAULT_REGION env var ( #599 ) ( 3d066ee )

0.25.1 (2021-03-18)

Bug Fixes

• fix service account credentials createScopedRequired ( #601 ) ( 0614482 )

0.25.0 (2021-03-16)

Features

• add self signed jwt support ( #572 ) ( efe103a )

0.24.1 (2021-02-25)

Dependencies

• update dependency com.google.http-client:google-http-client-bom to v1.39.0 ( #580 ) ( 88718b0 )

0.24.0 (2021-02-19)

Features

• add workload identity federation support ( #547 ) ( b8dde1e )

Bug Fixes

• don't log downloads ( #576 ) ( 6181030 )

Documentation

• add instructions for using workload identity federation ( #564 ) ( 2142db3 )

0.23.0 (2021-01-26)

⚠ BREAKING CHANGES

• privatize deprecated constructor (#473)

Features

• allow custom lifespan for impersonated creds ( #515 ) ( 0707ed4 )
• allow custom scopes for compute engine creds ( #514 ) ( edc8d6e )
• allow set lifetime for service account creds ( #516 ) ( 427f2d5 )
• promote IdToken and JWT features ( #538 ) ( b514fe0 )

Bug Fixes

• per google style, logger is lower case ( #529 ) ( ecfc6a2 )
• privatize deprecated constructor ( #473 ) ( 5804ff0 )
• remove deprecated methods ( #537 ) ( 427963e )
• replace non-precondition use of Preconditions ( #539 ) ( f2ab4f1 )
• switch to GSON ( #531 ) ( 1b98d5c )
• use default timeout if given 0 for ImpersonatedCredentials ( #527 ) ( ec74870 )

Dependencies

• update dependency com.google.appengine:appengine-api-1.0-sdk to v1.9.84 ( #422 ) ( b262c45 )
• update dependency com.google.guava:guava to v30.1-android ( #522 ) ( 4090d1c )

Documentation

• fix wording in jwtWithClaims Javadoc ( #536 ) ( af21727 )

0.22.2 (2020-12-11)

Bug Fixes

• quotaProjectId should be applied for cached getRequestMetadata(URI, Executor, RequestMetadataCallback) ( #509 ) ( 0a8412f )

0.22.1 (2020-11-05)

Bug Fixes

• remove 1 hour limit for impersonated token ( #490 ) ( 927e3d5 )

Dependencies

• update dependency com.google.guava:guava to v30 ( #497 ) ( 0551649 )
• update dependency com.google.http-client:google-http-client-bom to v1.38.0 ( #503 ) ( 46f20bc )

0.22.0 (2020-10-13)

Features

• add logging at FINE level for each step of ADC ( #435 ) ( 7d145b2 )

Documentation

• remove bad javadoc tags ( #478 ) ( a329c41 )

Dependencies

• update dependency com.google.http-client:google-http-client-bom to v1.37.0 ( #486 ) ( 3027fbf )

0.21.1 (2020-07-07)

Dependencies

• update google-http-client to 1.36.0 ( #447 ) ( b913d19 ), closes #446

0.21.0 (2020-06-24)

Features

• add TokenVerifier class that can verify RS256/ES256 tokens ( #420 ) ( 5014ac7 )

Dependencies

• update autovalue packages to v1.7.2 ( #429 ) ( 5758364 )
• update dependency com.google.http-client:google-http-client-bom to v1.35.0 ( #427 ) ( 5494ec0 )
• update Guava to 29.0-android ( #426 ) ( 0cd3c2e )

0.20.0 (2020-01-15)

Features

• updated JwtClaims.Builder methods to public ( #396 ) ( 9e5de14 )

Dependencies

• update guava to 28.2-android ( #389 ) ( 70bd8ff )

0.19.0 (2019-12-13)

Features

• support reading in quotaProjectId for billing ( #383 ) ( f38c3c8 )

Dependencies

• update appengine-sdk to 1.9.76 ( #366 ) ( 590883d )
• update autovalue packages to v1.7 ( #365 ) ( 42a1694 )
• update dependency com.google.appengine:appengine to v1.9.77 ( #377 ) ( c3c950e )
• update dependency com.google.http-client:google-http-client-bom to v1.33.0 ( #374 ) ( af0af50 )

Documentation

• remove outdated comment on explicit IP address ( #370 ) ( 71faa5f )
• xml syntax error in bom/README.md ( #372 ) ( ff8606a ), closes #371

0.18.0 (2019-10-09)

Bug Fixes

• make JwtClaims.newBuilder() public ( #350 ) ( 6ab8758 )
• move autovalue into annotation processor path instead of classpath ( #358 ) ( a82d348 )

Dependencies

• update Guava to 28.1 ( #353 ) ( f4f05be )

Documentation

• fix include instructions in google-auth-library-bom README ( #352 ) ( f649735 )

0.17.4 (2019-10-08)

Bug Fixes

• make JwtClaims.newBuilder() public ( #350 ) ( 6ab8758 )
• move autovalue into annotation processor path instead of classpath ( #358 ) ( a82d348 )

Dependencies

• update Guava to 28.1 ( #353 ) ( f4f05be )

Documentation

• fix include instructions in google-auth-library-bom README ( #352 ) ( f649735 )

0.17.2 (2019-09-24)

Bug Fixes

• typo in BOM dependency ( #345 ) ( a1d63bb )

0.17.1 (2019-08-22)

Bug Fixes

• allow unset/null privateKeyId for JwtCredentials ( #336 ) ( d28a6ed )

0.17.0 (2019-08-16)

Bug Fixes

• cleanup unused code and deprecation warnings ( #315 ) ( 7fd94c0 )
• Fix declared dependencies from merge issue ( #291 ) ( 35abf13 )
• throw SigningException as documented ( #316 ) ( a1ab97c )
• typo in ComputeEngineCredentials exception message ( #313 ) ( 1a16f38 )

Features

• add Automatic-Module-Name to manifest ( #326 ) ( 29f58b4 ), closes #324 #324
• add IDTokenCredential support ( #303 ) ( a87e3fd )
• add JwtCredentials with custom claims ( #290 ) ( 3f37172 )
• allow arbitrary additional claims for JwtClaims ( #331 ) ( 888c61c )
• Implement ServiceAccountSigner for ImpersonatedCredentials ( #279 ) ( 70767e3 )

Reverts

• "build: run in debug mode ( #319 )" ( #320 ) ( de79e14 )

0.16.2 (2019-06-26)

Bug Fixes

• Add metadata-flavor header to metadata server ping for compute engine ( #283 )

Dependencies

• Import http client bom for dependency management ( #268 )

Documentation

• README section for interop with google-http-client ( #275 )

0.16.1 (2019-06-06)

Dependencies

• Update dependency com.google.http-client:google-http-client to v1.30.1 ( #265 )

0.16.0 (2019-06-04)

Features

• Add google-auth-library-bom artifact ( #256 )

Dependencies

• Update dependency com.google.http-client:google-http-client to v1.30.0 ( #261 )
• Update dependency com.google.http-client:google-http-client to v1.29.2 ( #259 )
• Update dependency org.sonatype.plugins:nexus-staging-maven-plugin to v1.6.8 ( #257 )
• Update to latest app engine SDK version ( #258 )
• Update dependency org.apache.maven.plugins:maven-source-plugin to v3.1.0 ( #254 )
• Update dependency org.jacoco:jacoco-maven-plugin to v0.8.4 ( #255 )
• Update dependency org.apache.maven.plugins:maven-jar-plugin to v3.1.2 ( #252 )
• Update dependency org.apache.maven.plugins:maven-source-plugin to v2.4 ( #253 )

Documentation

• Javadoc publish kokoro job uses docpublisher ( #243 )

0.15.0 (2019-03-27)

Bug Fixes

• createScoped: make overload call implementation ( #229 )

Reverts

• Add back in deprecated methods in ServiceAccountJwtAccessCredentials ( #238 )

0.14.0 (2019-03-26)

Bug Fixes

• update default metadata url ( #230 )
• Remove deprecated methods ( #190 )
• Update Sign Blob API ( #232 )

Dependencies

• Upgrade http client to 1.29.0. ( #235 )
• update deps ( #234 )

0.13.0 (2019-01-17)

Bug Fixes

• Use OutputStream directly instead of PrintWriter ( #220 )
• Improve log output when detecting GCE ( #214 )

Features

• Overload GoogleCredentials.createScoped with variadic arguments ( #218 )

Dependencies

• Update google-http-client version, guava, and maven surefire plugin ( #221 )

0.12.0 (2018-12-19)

Bug Fixes

• Show error message in case of problems with getting access token ( #206 )
• Add note about NO_GCE_CHECK to metadata 404 error message ( #205 )

Features

• Add ImpersonatedCredentials ( #211 )
• Add option to suppress end user credentials warning. ( #207 )

Dependencies

• Update google-http-java-client dependency to 1.27.0 ( #208 )

Documentation

• README grammar fix ( #192 )
• Add unstable badge to README ( #184 )
• Update README with instructions on installing the App Engine SDK and running the tests ( #209 )

0.11.0 (2018-08-23)

Bug Fixes

• Update auth token urls (#174)

Dependencies

• Update dependencies (guava) (#170)
• Bumping google-http-client version to 1.24.1 (#171)

Documentation

• Documentation for ComputeEngineCredential signing. (#176)
• Fix README link (#169)

0.10.0 (2018-06-12)

Bug Fixes

• Read token_uri from service account JSON (#160)
• Log warning if default credentials uses a user token from gcloud sdk (#166)

Features

• Add OAuth2Credentials#refreshIfExpired() (#163)
• ComputeEngineCredentials implements ServiceAccountSigner (#141)

Documentation

• Versionless Javadocs (#164)
• Fix documentation for getAccessToken() returning cached value (#162)

0.9.1 (2018-04-09)

Features

• Add caching for JWT tokens (#151)

0.9.0 (2017-11-02)

Bug Fixes

• Fix NPE deserializing ServiceAccountCredentials (#132)

Features

• Surface cleanup (#136)
• Providing a method to remove CredentialsChangedListeners (#130)
• Implemented in-memory TokenStore and added opportunity to save user credentials into file (#129)

Documentation

• Fixes comment typos. (#131)

0.8.0 (2017-09-08)

Bug Fixes

• Extracting the project_id field from service account JSON files (#118)
• Fixing an Integer Overflow Issue (#121)
• use metadata server to get credentials for GAE 8 standard environment (#122)

Features

• Switch OAuth2 HTTP surface to use builder pattern (#123)
• Add builder pattern to AppEngine credentials (#125)

Documentation

• Fix API Documentation link rendering (#112)

0.7.1 (2017-07-14)

Bug Fixes

• Mitigate occasional failures in looking up Application Default Credentials on a Google Compute Engine (GCE) Virtual Machine (#110)

0.7.0 (2017-06-06)

Bug Fixes

• Retry HTTP errors in ServiceAccountCredentials.refreshAccessToken() to avoid propagating failures (#100 addresses #91)

Features

• Add GoogleCredentials.createDelegated() method to allow using domain-wide delegation with service accounts (#102)
• Allow bypassing App Engine credential check using environment variable, to allow Application Default Credentials to detect GCE when running on GAE Flex (#103)