-
Notifications
You must be signed in to change notification settings - Fork 222
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: add api key credential as client library authorization type #1483
base: main
Are you sure you want to change the base?
Conversation
🤖 I detect that the PR title and the commit message differ and there's only one commit. To use the PR title for the commit history, you can use Github's automerge feature with squashing, or use -- conventional-commit-lint bot |
@@ -0,0 +1,83 @@ | |||
/* | |||
* Copyright 2015, Google Inc. All rights reserved. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think:
* Copyright 2015, Google Inc. All rights reserved. | |
* Copyright 2024, Google Inc. All rights reserved. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
thanks good catch
public static ApiKeyCredentials create(String apiKey) { | ||
return new ApiKeyCredentials(apiKey); | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do we need to check if the user passes in null or empty string ("")?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
sounds like a good idea, added. used Precondition as that's what I see in other apis, however it did force a new import, so let me know if you would prefer for me to check without using Precondition
I think the changes LGTM. I'll need to double check the authenticationType being |
FYI, Blake and I discussed refresh with Carl and he agreed no op was correct. |
*/ | ||
package com.google.auth; | ||
|
||
import com.google.api.client.util.*; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Replace all wildcard imports with explicit imports.
go/java-style#s3.3.1-wildcard-imports
Yep. I think it makes sense just wanted to confirm the behavior and I think it works as intended. I'll ask about the authenticationType with the Auth Team and once I get their input on this, I think we should be good to go. |
* Credentials class for calling Google APIs using an API key. | ||
* |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Could you add a small snippet in the javadocs (or perhaps anywhere else) explaining why this extends directly from Credentials and not GoogleCredentials/ Oauth2Credentials?
I believe the original reason is that Api Keys do not have a concept of Access Tokens, but not sure if there were additional reasons behind this.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I added it in the PR description as its seems a design decision and wouldn't be part of java docs, but happy to add there if think it would be helpful
* Credentials credentials = ApiKeyCredentials.create("your api key"); | ||
* </code></pre> | ||
*/ | ||
public class ApiKeyCredentials extends Credentials { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I suppose this class is in google-auth-library-credentials
module unlike other credential classes we have in google-auth-library-oauth2-http
module because it is not an OAuth2 credential?
Do you mind adding some context or links to the description section so that I can understand a bit more on this and for future tracking purposes? I find context and links to docs very helpful when tracking back changes in the past.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
added note in description, let me know if you think it need any additional information
Quality Gate passedIssues Measures |
Add new ApiKeyCredentials that will pass the appropriate api-key header for authorizing api requests from client libraries
Note: ApiKeyCredentials extends from the base Credential class as Api Keys are not considered oauth2 credentials since there is no access token which is required by GoogleCredentials/OAuth2Credentials. This also follows definition of oauth2 credentials as specified by Google Identity Protocols that require an access token when using Oauth 2.0 to access google APIs.