Update dependency google-auth to v1.35.0

This MR contains the following updates:

Package	Update	Change
google-auth	minor	==1.5.1 -> ==1.35.0

---

⚠ Dependency Lookup Warnings ⚠

Warnings were logged while processing this repo. Please check the logs for more information.

---

Release Notes

googleapis/google-auth-library-python

v1.35.0

Compare Source

Features

• service account is able to use a private token endpoint (#​835) (20b817a)

Bug Fixes

• downscoping documentation bugs (#​830) (da8bb13)
• Fix missing space in error message. (#​821) (7b03988)

Documentation

• update user guide/references for downscoped creds (#​827) (d1840dc)

v1.34.0

Compare Source

Features

• support refresh callable on google.oauth2.credentials.Credentials (#​812) (ec2fb18)

Bug Fixes

• do not use the GAE APIs on gen2+ runtimes (#​807) (7f7d92d)

v1.33.1

Compare Source

Bug Fixes

• fallback to source creds expiration in downscoped tokens (#​805) (dfad661)

Reverts

• revert "feat: service account is able to use a private token endpoint (#​784)" (#​808) (d94e65c)

v1.33.0

Compare Source

Features

• define CredentialAccessBoundary classes (#​793) (d883921)
• define google.auth.downscoped.Credentials class (#​801) (2f5c3a6)
• service account is able to use a private token endpoint (#​784) (0e26409)

Bug Fixes

• fix fetch_id_token credential lookup order to match adc (#​748) (c34452e)

Documentation

• fix code block formatting in 'user-guide.rst' (#​794) (4fd84bd)

v1.32.1

Compare Source

Bug Fixes

• avoid leaking sub-session created for '_auth_request' (#​789) (2079ab5)

v1.32.0

Compare Source

Features

• allow scopes for self signed jwt (#​776) (2cfe655)

v1.31.0

Compare Source

Features

• define useful properties on google.auth.external_account.Credentials (#​770) (f97499c)

Bug Fixes

• avoid deleting items while iterating (#​772) (a5e6b65)

v1.30.2

Compare Source

Bug Fixes

• dependencies: add urllib3 and requests to aiohttp extra (#​755) (a923442)
• enforce constraints during unit tests (#​760) (1a6496a), closes #​759
• session object was never used in aiohttp request (#​700) (#​701) (09e0389)

v1.30.1

Compare Source

Bug Fixes

• allow user to customize context aware metadata path in _mtls_helper (#​754) (e697687)
• fix function name in signing error message (#​751) (e9ca25f)

v1.30.0

Compare Source

Features

• add reauth support to async user credentials for gcloud (#​738) (9e10823). This internal feature is for gcloud developers only.

v1.29.0

Compare Source

Features

• add reauth feature to user credentials for gcloud (#​727) (82293fe). This internal feature is for gcloud developers only.

Bug Fixes

• Allow multiple audiences for id_token.verify_token (#​733) (56c3946)

v1.28.1

Compare Source

Bug Fixes

• support custom alg in jwt header for signing (#​729) (0a83706)

v1.28.0

Compare Source

Features

• allow the AWS_DEFAULT_REGION environment variable (#​721) (199da47)
• expose library version at google.auth.__version (#​683) (a2cbc32)

Bug Fixes

• fix unit tests so they can work in g3 (#​714) (d80c85f)

v1.27.1

Compare Source

Bug Fixes

• ignore gcloud warning when getting project id (#​708) (3f2f3ea)
• use gcloud creds flow (#​705) (333cb76)

v1.27.0

Compare Source

Features

• workload identity federation support (#​698) (d4d7f38)

Bug Fixes

• add pyopenssl as extra dependency (#​697) (aeab5d0)

v1.26.1

Compare Source

Documentation

• fix a typo in the user guide (avaiable -> available) (#​680) (684457a)

Bug Fixes

• revert workload identity federation support (#​691)

v1.26.0

Compare Source

Features

• workload identity federation support (#​686) (5dcd2b1)

v1.25.0

Compare Source

Features

• support self-signed jwt in requests and urllib3 transports (#​679) (7a94acb)
• use self-signed jwt for service account (#​665) (bf5ce0c)

v1.24.0

Compare Source

Features

• add Python 3.9 support, drop Python 3.5 support (#​655) (6de753d), closes #​654

Bug Fixes

• avoid losing the original '_include_email' parameter in impersonated credentials (#​626) (fd9b5b1)

Documentation

• fix typo in import (#​651) (3319ea8), closes #​650

v1.23.0

Compare Source

Features

• Add custom scopes for access tokens from the metadata service (#​633) (0323cf3)

Bug Fixes

• deps: Revert "fix: pin 'aoihttp < 3.7.0dev' (#​634)" (#​632) (#​640) (b790e65)
• pin 'aoihttp < 3.7.0dev' (#​634) (05f9524)
• remove checks for ancient versions of Cryptography (#​596) (6407258), closes /github.com/googleapis/google-auth-library-python/issues/595#issuecomment-683903062

v1.22.1

Compare Source

Bug Fixes

• move aiohttp to extra as it is currently internal surface (#​619) (a924011), closes #​618

v1.22.0

Compare Source

Features

• add asyncio based auth flow (#​612) (7e15258), closes #​572

v1.21.3

Compare Source

Bug Fixes

• fix expiry for to_json() (#​589) (d0e0aba), closes /github.com/googleapis/oauth2client/blob/master/oauth2client/client.py#L55

v1.21.2

Compare Source

Bug Fixes

• migrate signBlob to iamcredentials.googleapis.com (#​600) (694d83f)

v1.21.1

Compare Source

Bug Fixes

• dummy commit to trigger a auto release (#​597) (d32f7df)

v1.21.0

Compare Source

Features

• add GOOGLE_API_USE_CLIENT_CERTIFICATE support (#​592) (c0c995f)

v1.20.1

Compare Source

Bug Fixes

• reduce refresh clock skew to 10 seconds (#​581) (42321ba)
• set Content-Type header in the request to signBlob API to avoid Invalid JSON payload error (#​439) (20f82e2)

v1.20.0

Compare Source

Features

• Add debug logging that can help with diagnosing auth lib. path (#​473) (ecd88d4)
• Show the transport exception that happened for GCE Metadata (#​474) (23919bb)
• packaging: add support for Python 3.8 (#​569) (1aad54a), closes #​568

v1.19.2

Compare Source

Bug fixes

• Revert "fix: migrate signBlob to iamcredentials.googleapis.com" (#​563) (a48b5b)

v1.19.1

Compare Source

Bug Fixes

• don't add empty quota project (#​560) (ab2be5d)

v1.19.0

Compare Source

Features

• add quota project to base credentials class (#​546) (3dda7b2)
• check 'iss' in verify_oauth2_token (#​500) (c05b8b5)

Bug Fixes

• migrate signBlob to iamcredentials.googleapis.com (#​553) (038ae1b)

Documentation

• remove 3.4 from supported versions list (#​549) (8c84d0f)

v1.18.0

Compare Source

Features

• make load_credentials_from_file a public method (#​530) (15d5fa9)

Bug Fixes

• no warning if quota_project_id is given (#​537) (f30b45a)

v1.17.2

Compare Source

Bug Fixes

• dependencies: Further restrict RSA versions (#​532) (46677a0), closes #​528

v1.17.1

Compare Source

Bug Fixes

• narrow acceptable RSA versions to maintain Python 2 compatability (#​528) (9434868)

v1.17.0

Compare Source

Features

• add quota_project_id to service accounts; add with_quota_project methods (#​519) (b12488c)

v1.16.1

Compare Source

Bug Fixes

• fix impersonated cred exception doc (#​521) (9d5a9a9)
• replace environment variable GCE_METADATA_ROOT with GCE_METADATA_HOST (#​433) (8ffb4d3), closes #​339

v1.16.0

Compare Source

Features

• add helper func to for default encrypted cert (#​514) (f282aa4)

Bug Fixes

• fix impersonated cred for gcloud (#​516) (eb7be3f)

v1.15.0

Compare Source

Features

• encrypted mtls private key support (#​496) (9dc9e9f)

Bug Fixes

• signBytes for impersonated credentials (#​506) (ca8d98a), closes #​338

v1.14.3

Compare Source

Bug Fixes

• catch exceptions.RefreshError (#​508) (3d672e9)

v1.14.2

Compare Source

Bug Fixes

• support string type response.data (#​504) (9b7228e)

v1.14.1

Compare Source

Bug Fixes

• support es256 raw format signature (#​490) (cf2c0a9)

v1.14.0

Compare Source

Features

• add default client cert source util (#​486) (ed41b49)

v1.13.1

Compare Source

Bug Fixes

• invalid expiry type (#​481) (7ae9a28)

v1.13.0

Compare Source

Features

• add access token credentials (#​476) (772dac6)
• add fetch_id_token to support id_token adc (#​469) (506c565)
• consolidate mTLS channel errors (#​480) (e83d446)
• Implement ES256 for JWT verification (#​340) (e290a3d)

v1.12.0

Compare Source

Features

• add mTLS ADC support for HTTP (#​457) (bb9215a)
• add SslCredentials class for mTLS ADC (#​448) (dafb41f)
• fetch id token from GCE metadata server (#​462) (97e7700)

Bug Fixes

• don't use threads for gRPC AuthMetadataPlugin (#​467) (ee373f8)
• make ThreadPoolExecutor a class var (#​461) (b526473)

v1.11.3

Compare Source

Bug Fixes

• fix the scopes so test can pass for a local run (#​450) (b2dd77f)
• only add IAM scope to credentials that can change scopes (#​451) (82e224b)

v1.11.2

Compare Source

Reverts

• Revert "fix: update _GOOGLE_OAUTH2_CERTS_URL (#​365)" (#​444) (901c259), closes #​365 #​444

v1.11.1

Compare Source

Bug Fixes

• compute engine id token credentials "with_target_audience" method (#​438) (bc0ec93)
• update _GOOGLE_OAUTH2_CERTS_URL (#​365) (054db75)

v1.11.0

Compare Source

Features

• add non-None default timeout to AuthorizedSession.request() (#​435) (d274a3a), closes #​434 googleapis/google-cloud-python#​10182
• distinguish transport and execution time timeouts (#​424) (52a733d), closes #​423

v1.10.2

Compare Source

Bug Fixes

• make collections import compatible across Python versions (#​419) (c5a3395), closes #​418

v1.10.1

Compare Source

Bug Fixes

• google.auth.compute_engine.metadata: add retry to google.auth.compute_engine._metadata.get() (#​398) (af29c1a), closes #​211 #​323 #​323 #​211
• always pass body of type bytes to google.auth.transport.Request (#​421) (a57a770), closes #​318

v1.10.0

Compare Source

Features

• send quota project id in x-goog-user-project for OAuth2 credentials (#​412) (32d71a5), closes #​400

v1.9.0

Compare Source

Features

• add timeout parameter to AuthorizedSession.request() (#​406) (d86d7b8)

v1.8.2

Compare Source

Bug Fixes

• revert "feat: send quota project id in x-goog-user-project header for OAuth2 credentials (#​400)" (#​407) (25ea942)

v1.8.1

Compare Source

Bug Fixes

• revert "feat: add timeout to AuthorizedSession.request() (#​397)" (#​401) (451ecbd)

v1.8.0

Compare Source

Features

• add to_json method to google.oauth2.credentials.Credentials (#​367) (bfb1f8c)
• add timeout to AuthorizedSession.request() (#​397) (381dd40)
• send quota project id in x-goog-user-project header for OAuth2 credentials (#​400) (ab3dc1e)

v1.7.2

Compare Source

Bug Fixes

• in token endpoint request, do not decode the response data if it is not encoded (#​393) (3b5d3e2)
• make gRPC auth plugin non-blocking + add default timeout value for requests transport (#​390) (0c33e9c), closes #​351

v1.7.1

Compare Source

Bug Fixes

• change 'internal_failure' condition to also use `error' field (#​387) (46bb58e)

v1.7.0

Compare Source

10-30-2019 17:11 PDT

Implementation Changes

• Add retry loop for fetching authentication token if any 'Internal Failure' occurs (#​368)
• Use cls parameter instead of class (#​341)

New Features

• Add support for impersonated_credentials.Sign, IDToken (#​348)
• Add downscoping to OAuth2 credentials (#​309)

Dependencies

• Update dependency cachetools to v3 (#​357)
• Update dependency rsa to v4 (#​358)
• Set an upper bound on dependencies version (#​352)
• Require a minimum version of setuptools (#​322)

Documentation

• Add busunkim96 as maintainer (#​373)
• Update user-guide.rst (#​337)
• Fix typo in jwt docs (#​332)
• Clarify which SA has Token Creator role (#​330)

Internal / Testing Changes

• Change 'name' to distribution name (#​379)
• Fix system tests, move to Kokoro (#​372)
• Blacken (#​375)
• Rename nox.py -> noxfile.py (#​369)
• Add initial renovate config (#​356)
• Use new pytest api to keep building with pytest 5 (#​353)

v1.6.3

Compare Source

02-15-2019 9:31 PST

Implementation Changes

• follow rfc 7515 : strip padding from JWS segments (#​324)
• Add retry to _metadata.ping() (#​323)

v1.6.2

Compare Source

12-17-2018 10:51 PST

Documentation

• Announce deprecation of Python 2.7 (#​311)
• Link all the MRs in CHANGELOG (#​307)

v1.6.1

Compare Source

11-12-2018 10:10 PST

Implementation Changes

• Automatically refresh impersonated credentials (#​304)

v1.6.0

Compare Source

11-09-2018 11:07 PST

New Features

• Add google.auth.impersonated_credentials (#​299)

Documentation

• Update link to documentation for default credentials (#​296)
• Update github issue templates (#​300)
• Remove punctuation which becomes part of the url (#​284)

Internal / Testing Changes

• Update trampoline.sh (302)
• Enable static type checking with pytype (#​298)
• Make classifiers in setup.py an array. (#​280)

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this MR and you won't be reminded about this update again.

---

• If you want to rebase/retry this MR, check this box

---

This MR has been generated by Renovate Bot.