Skip to content
This repository was archived by the owner on Sep 5, 2023. It is now read-only.

Commit 2c259e7

Browse files
gcf-owl-bot[bot]gcf-owl-bot[bot]
authored
feat: add api key support (#116)
* chore: upgrade gapic-generator-java, gax-java and gapic-generator-python PiperOrigin-RevId: 423842556 Source-Link: googleapis/googleapis@a616ca0 Source-Link: https://github.com/googleapis/googleapis-gen/commit/29b938c58c1e51d019f2ee539d55dc0a3c86a905 Copy-Tag: eyJwIjoiLmdpdGh1Yi8uT3dsQm90LnlhbWwiLCJoIjoiMjliOTM4YzU4YzFlNTFkMDE5ZjJlZTUzOWQ1NWRjMGEzYzg2YTkwNSJ9 * 🦉 Updates from OwlBot See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md Co-authored-by: Owl Bot <gcf-owl-bot[bot]@users.noreply.github.com>
1 parent 566958a commit 2c259e7

File tree

6 files changed

+503
-88
lines changed

6 files changed

+503
-88
lines changed

google/cloud/dataqna_v1alpha/services/auto_suggestion_service/async_client.py

Lines changed: 37 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,7 @@
1616
from collections import OrderedDict
1717
import functools
1818
import re
19-
from typing import Dict, Sequence, Tuple, Type, Union
19+
from typing import Dict, Optional, Sequence, Tuple, Type, Union
2020
import pkg_resources
2121

2222
from google.api_core.client_options import ClientOptions
@@ -176,6 +176,42 @@ def from_service_account_file(cls, filename: str, *args, **kwargs):
176176

177177
from_service_account_json = from_service_account_file
178178

179+
@classmethod
180+
def get_mtls_endpoint_and_cert_source(
181+
cls, client_options: Optional[ClientOptions] = None
182+
):
183+
"""Return the API endpoint and client cert source for mutual TLS.
184+
185+
The client cert source is determined in the following order:
186+
(1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the
187+
client cert source is None.
188+
(2) if `client_options.client_cert_source` is provided, use the provided one; if the
189+
default client cert source exists, use the default one; otherwise the client cert
190+
source is None.
191+
192+
The API endpoint is determined in the following order:
193+
(1) if `client_options.api_endpoint` if provided, use the provided one.
194+
(2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the
195+
default mTLS endpoint; if the environment variabel is "never", use the default API
196+
endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise
197+
use the default API endpoint.
198+
199+
More details can be found at https://google.aip.dev/auth/4114.
200+
201+
Args:
202+
client_options (google.api_core.client_options.ClientOptions): Custom options for the
203+
client. Only the `api_endpoint` and `client_cert_source` properties may be used
204+
in this method.
205+
206+
Returns:
207+
Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the
208+
client cert source to use.
209+
210+
Raises:
211+
google.auth.exceptions.MutualTLSChannelError: If any errors happen.
212+
"""
213+
return AutoSuggestionServiceClient.get_mtls_endpoint_and_cert_source(client_options) # type: ignore
214+
179215
@property
180216
def transport(self) -> AutoSuggestionServiceTransport:
181217
"""Returns the transport used by the client instance.

google/cloud/dataqna_v1alpha/services/auto_suggestion_service/client.py

Lines changed: 84 additions & 43 deletions
Original file line numberDiff line numberDiff line change
@@ -290,6 +290,73 @@ def parse_common_location_path(path: str) -> Dict[str, str]:
290290
m = re.match(r"^projects/(?P<project>.+?)/locations/(?P<location>.+?)$", path)
291291
return m.groupdict() if m else {}
292292

293+
@classmethod
294+
def get_mtls_endpoint_and_cert_source(
295+
cls, client_options: Optional[client_options_lib.ClientOptions] = None
296+
):
297+
"""Return the API endpoint and client cert source for mutual TLS.
298+
299+
The client cert source is determined in the following order:
300+
(1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the
301+
client cert source is None.
302+
(2) if `client_options.client_cert_source` is provided, use the provided one; if the
303+
default client cert source exists, use the default one; otherwise the client cert
304+
source is None.
305+
306+
The API endpoint is determined in the following order:
307+
(1) if `client_options.api_endpoint` if provided, use the provided one.
308+
(2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the
309+
default mTLS endpoint; if the environment variabel is "never", use the default API
310+
endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise
311+
use the default API endpoint.
312+
313+
More details can be found at https://google.aip.dev/auth/4114.
314+
315+
Args:
316+
client_options (google.api_core.client_options.ClientOptions): Custom options for the
317+
client. Only the `api_endpoint` and `client_cert_source` properties may be used
318+
in this method.
319+
320+
Returns:
321+
Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the
322+
client cert source to use.
323+
324+
Raises:
325+
google.auth.exceptions.MutualTLSChannelError: If any errors happen.
326+
"""
327+
if client_options is None:
328+
client_options = client_options_lib.ClientOptions()
329+
use_client_cert = os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false")
330+
use_mtls_endpoint = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto")
331+
if use_client_cert not in ("true", "false"):
332+
raise ValueError(
333+
"Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`"
334+
)
335+
if use_mtls_endpoint not in ("auto", "never", "always"):
336+
raise MutualTLSChannelError(
337+
"Environment variable `GOOGLE_API_USE_MTLS_ENDPOINT` must be `never`, `auto` or `always`"
338+
)
339+
340+
# Figure out the client cert source to use.
341+
client_cert_source = None
342+
if use_client_cert == "true":
343+
if client_options.client_cert_source:
344+
client_cert_source = client_options.client_cert_source
345+
elif mtls.has_default_client_cert_source():
346+
client_cert_source = mtls.default_client_cert_source()
347+
348+
# Figure out which api endpoint to use.
349+
if client_options.api_endpoint is not None:
350+
api_endpoint = client_options.api_endpoint
351+
elif use_mtls_endpoint == "always" or (
352+
use_mtls_endpoint == "auto" and client_cert_source
353+
):
354+
api_endpoint = cls.DEFAULT_MTLS_ENDPOINT
355+
else:
356+
api_endpoint = cls.DEFAULT_ENDPOINT
357+
358+
return api_endpoint, client_cert_source
359+
293360
def __init__(
294361
self,
295362
*,
@@ -340,57 +407,22 @@ def __init__(
340407
if client_options is None:
341408
client_options = client_options_lib.ClientOptions()
342409

343-
# Create SSL credentials for mutual TLS if needed.
344-
if os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false") not in (
345-
"true",
346-
"false",
347-
):
348-
raise ValueError(
349-
"Environment variable `GOOGLE_API_USE_CLIENT_CERTIFICATE` must be either `true` or `false`"
350-
)
351-
use_client_cert = (
352-
os.getenv("GOOGLE_API_USE_CLIENT_CERTIFICATE", "false") == "true"
410+
api_endpoint, client_cert_source_func = self.get_mtls_endpoint_and_cert_source(
411+
client_options
353412
)
354413

355-
client_cert_source_func = None
356-
is_mtls = False
357-
if use_client_cert:
358-
if client_options.client_cert_source:
359-
is_mtls = True
360-
client_cert_source_func = client_options.client_cert_source
361-
else:
362-
is_mtls = mtls.has_default_client_cert_source()
363-
if is_mtls:
364-
client_cert_source_func = mtls.default_client_cert_source()
365-
else:
366-
client_cert_source_func = None
367-
368-
# Figure out which api endpoint to use.
369-
if client_options.api_endpoint is not None:
370-
api_endpoint = client_options.api_endpoint
371-
else:
372-
use_mtls_env = os.getenv("GOOGLE_API_USE_MTLS_ENDPOINT", "auto")
373-
if use_mtls_env == "never":
374-
api_endpoint = self.DEFAULT_ENDPOINT
375-
elif use_mtls_env == "always":
376-
api_endpoint = self.DEFAULT_MTLS_ENDPOINT
377-
elif use_mtls_env == "auto":
378-
if is_mtls:
379-
api_endpoint = self.DEFAULT_MTLS_ENDPOINT
380-
else:
381-
api_endpoint = self.DEFAULT_ENDPOINT
382-
else:
383-
raise MutualTLSChannelError(
384-
"Unsupported GOOGLE_API_USE_MTLS_ENDPOINT value. Accepted "
385-
"values: never, auto, always"
386-
)
414+
api_key_value = getattr(client_options, "api_key", None)
415+
if api_key_value and credentials:
416+
raise ValueError(
417+
"client_options.api_key and credentials are mutually exclusive"
418+
)
387419

388420
# Save or instantiate the transport.
389421
# Ordinarily, we provide the transport, but allowing a custom transport
390422
# instance provides an extensibility point for unusual situations.
391423
if isinstance(transport, AutoSuggestionServiceTransport):
392424
# transport is a AutoSuggestionServiceTransport instance.
393-
if credentials or client_options.credentials_file:
425+
if credentials or client_options.credentials_file or api_key_value:
394426
raise ValueError(
395427
"When providing a transport instance, "
396428
"provide its credentials directly."
@@ -402,6 +434,15 @@ def __init__(
402434
)
403435
self._transport = transport
404436
else:
437+
import google.auth._default # type: ignore
438+
439+
if api_key_value and hasattr(
440+
google.auth._default, "get_api_key_credentials"
441+
):
442+
credentials = google.auth._default.get_api_key_credentials(
443+
api_key_value
444+
)
445+
405446
Transport = type(self).get_transport_class(transport)
406447
self._transport = Transport(
407448
credentials=credentials,

google/cloud/dataqna_v1alpha/services/question_service/async_client.py

Lines changed: 37 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,7 @@
1616
from collections import OrderedDict
1717
import functools
1818
import re
19-
from typing import Dict, Sequence, Tuple, Type, Union
19+
from typing import Dict, Optional, Sequence, Tuple, Type, Union
2020
import pkg_resources
2121

2222
from google.api_core.client_options import ClientOptions
@@ -133,6 +133,42 @@ def from_service_account_file(cls, filename: str, *args, **kwargs):
133133

134134
from_service_account_json = from_service_account_file
135135

136+
@classmethod
137+
def get_mtls_endpoint_and_cert_source(
138+
cls, client_options: Optional[ClientOptions] = None
139+
):
140+
"""Return the API endpoint and client cert source for mutual TLS.
141+
142+
The client cert source is determined in the following order:
143+
(1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the
144+
client cert source is None.
145+
(2) if `client_options.client_cert_source` is provided, use the provided one; if the
146+
default client cert source exists, use the default one; otherwise the client cert
147+
source is None.
148+
149+
The API endpoint is determined in the following order:
150+
(1) if `client_options.api_endpoint` if provided, use the provided one.
151+
(2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the
152+
default mTLS endpoint; if the environment variabel is "never", use the default API
153+
endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise
154+
use the default API endpoint.
155+
156+
More details can be found at https://google.aip.dev/auth/4114.
157+
158+
Args:
159+
client_options (google.api_core.client_options.ClientOptions): Custom options for the
160+
client. Only the `api_endpoint` and `client_cert_source` properties may be used
161+
in this method.
162+
163+
Returns:
164+
Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the
165+
client cert source to use.
166+
167+
Raises:
168+
google.auth.exceptions.MutualTLSChannelError: If any errors happen.
169+
"""
170+
return QuestionServiceClient.get_mtls_endpoint_and_cert_source(client_options) # type: ignore
171+
136172
@property
137173
def transport(self) -> QuestionServiceTransport:
138174
"""Returns the transport used by the client instance.

0 commit comments

Comments
 (0)