From 3491cf07cfb70cc3426de98911925497b1dd2040 Mon Sep 17 00:00:00 2001 From: Tesla2000 Date: Tue, 7 Apr 2026 22:05:36 +0200 Subject: [PATCH 1/5] Added stubs for https://github.com/googleapis/google-auth-library-python --- stubs/google-auth/METADATA.toml | 2 + stubs/google-auth/google/__init__.pyi | 0 stubs/google-auth/google/auth/__init__.pyi | 13 ++ .../google/auth/_agent_identity_utils.pyi | 10 + stubs/google-auth/google/auth/_cache.pyi | 15 ++ stubs/google-auth/google/auth/_cloud_sdk.pyi | 8 + stubs/google-auth/google/auth/_constants.pyi | 3 + .../google/auth/_credentials_async.pyi | 38 ++++ .../google/auth/_credentials_base.pyi | 13 ++ stubs/google-auth/google/auth/_default.pyi | 29 +++ .../google/auth/_default_async.pyi | 15 ++ .../google/auth/_exponential_backoff.pyi | 22 ++ stubs/google-auth/google/auth/_helpers.pyi | 33 +++ stubs/google-auth/google/auth/_jwt_async.pyi | 109 ++++++++++ .../google-auth/google/auth/_oauth2client.pyi | 3 + .../google/auth/_refresh_worker.pyi | 11 + .../google/auth/_service_account_info.pyi | 14 ++ .../google-auth/google/auth/aio/__init__.pyi | 1 + .../google-auth/google/auth/aio/_helpers.pyi | 6 + .../google/auth/aio/credentials.pyi | 44 ++++ .../google/auth/aio/transport/__init__.pyi | 34 +++ .../google/auth/aio/transport/aiohttp.pyi | 31 +++ .../google/auth/aio/transport/mtls.pyi | 13 ++ .../google/auth/aio/transport/sessions.pyi | 97 +++++++++ stubs/google-auth/google/auth/api_key.pyi | 24 +++ stubs/google-auth/google/auth/app_engine.pyi | 42 ++++ stubs/google-auth/google/auth/aws.pyi | 58 +++++ .../google/auth/compute_engine/__init__.pyi | 9 + .../google/auth/compute_engine/_metadata.pyi | 31 +++ .../google/auth/compute_engine/_mtls.pyi | 53 +++++ .../auth/compute_engine/credentials.pyi | 101 +++++++++ stubs/google-auth/google/auth/credentials.pyi | 125 +++++++++++ .../google/auth/crypt/__init__.pyi | 21 ++ .../google/auth/crypt/_cryptography_rsa.pyi | 20 ++ .../google/auth/crypt/_helpers.pyi | 32 +++ .../google/auth/crypt/_python_rsa.pyi | 20 ++ stubs/google-auth/google/auth/crypt/base.pyi | 24 +++ stubs/google-auth/google/auth/crypt/es.pyi | 44 ++++ stubs/google-auth/google/auth/crypt/es256.pyi | 4 + stubs/google-auth/google/auth/crypt/rsa.pyi | 22 ++ stubs/google-auth/google/auth/downscoped.pyi | 74 +++++++ .../google/auth/environment_vars.pyi | 24 +++ stubs/google-auth/google/auth/exceptions.pyi | 33 +++ .../google/auth/external_account.pyi | 83 +++++++ .../auth/external_account_authorized_user.pyi | 81 +++++++ stubs/google-auth/google/auth/iam.pyi | 16 ++ .../google-auth/google/auth/identity_pool.pyi | 57 +++++ .../google/auth/impersonated_credentials.pyi | 96 +++++++++ stubs/google-auth/google/auth/jwt.pyi | 127 +++++++++++ stubs/google-auth/google/auth/metrics.pyi | 30 +++ stubs/google-auth/google/auth/pluggable.pyi | 33 +++ .../google/auth/transport/__init__.pyi | 29 +++ .../auth/transport/_aiohttp_requests.pyi | 63 ++++++ .../auth/transport/_custom_tls_signer.pyi | 16 ++ .../google/auth/transport/_http_client.pyi | 23 ++ .../google/auth/transport/_mtls_helper.pyi | 19 ++ .../google/auth/transport/_requests_base.pyi | 20 ++ .../google/auth/transport/grpc.pyi | 28 +++ .../google/auth/transport/mtls.pyi | 10 + .../google/auth/transport/requests.pyi | 203 ++++++++++++++++++ .../google/auth/transport/urllib3.pyi | 107 +++++++++ stubs/google-auth/google/auth/version.pyi | 1 + stubs/google-auth/google/oauth2/__init__.pyi | 6 + stubs/google-auth/google/oauth2/_client.pyi | 29 +++ .../google/oauth2/_client_async.pyi | 21 ++ .../google/oauth2/_credentials_async.pyi | 21 ++ .../google/oauth2/_id_token_async.pyi | 24 +++ .../google/oauth2/_reauth_async.pyi | 26 +++ .../google/oauth2/_service_account_async.pyi | 26 +++ .../google-auth/google/oauth2/challenges.pyi | 49 +++++ .../google-auth/google/oauth2/credentials.pyi | 97 +++++++++ .../google/oauth2/gdch_credentials.pyi | 34 +++ stubs/google-auth/google/oauth2/id_token.pyi | 28 +++ stubs/google-auth/google/oauth2/reauth.pyi | 28 +++ .../google/oauth2/service_account.pyi | 114 ++++++++++ stubs/google-auth/google/oauth2/sts.pyi | 36 ++++ stubs/google-auth/google/oauth2/utils.pyi | 31 +++ .../google/oauth2/webauthn_handler.pyi | 12 ++ .../oauth2/webauthn_handler_factory.pyi | 6 + .../google/oauth2/webauthn_types.pyi | 44 ++++ 80 files changed, 2999 insertions(+) create mode 100644 stubs/google-auth/METADATA.toml create mode 100644 stubs/google-auth/google/__init__.pyi create mode 100644 stubs/google-auth/google/auth/__init__.pyi create mode 100644 stubs/google-auth/google/auth/_agent_identity_utils.pyi create mode 100644 stubs/google-auth/google/auth/_cache.pyi create mode 100644 stubs/google-auth/google/auth/_cloud_sdk.pyi create mode 100644 stubs/google-auth/google/auth/_constants.pyi create mode 100644 stubs/google-auth/google/auth/_credentials_async.pyi create mode 100644 stubs/google-auth/google/auth/_credentials_base.pyi create mode 100644 stubs/google-auth/google/auth/_default.pyi create mode 100644 stubs/google-auth/google/auth/_default_async.pyi create mode 100644 stubs/google-auth/google/auth/_exponential_backoff.pyi create mode 100644 stubs/google-auth/google/auth/_helpers.pyi create mode 100644 stubs/google-auth/google/auth/_jwt_async.pyi create mode 100644 stubs/google-auth/google/auth/_oauth2client.pyi create mode 100644 stubs/google-auth/google/auth/_refresh_worker.pyi create mode 100644 stubs/google-auth/google/auth/_service_account_info.pyi create mode 100644 stubs/google-auth/google/auth/aio/__init__.pyi create mode 100644 stubs/google-auth/google/auth/aio/_helpers.pyi create mode 100644 stubs/google-auth/google/auth/aio/credentials.pyi create mode 100644 stubs/google-auth/google/auth/aio/transport/__init__.pyi create mode 100644 stubs/google-auth/google/auth/aio/transport/aiohttp.pyi create mode 100644 stubs/google-auth/google/auth/aio/transport/mtls.pyi create mode 100644 stubs/google-auth/google/auth/aio/transport/sessions.pyi create mode 100644 stubs/google-auth/google/auth/api_key.pyi create mode 100644 stubs/google-auth/google/auth/app_engine.pyi create mode 100644 stubs/google-auth/google/auth/aws.pyi create mode 100644 stubs/google-auth/google/auth/compute_engine/__init__.pyi create mode 100644 stubs/google-auth/google/auth/compute_engine/_metadata.pyi create mode 100644 stubs/google-auth/google/auth/compute_engine/_mtls.pyi create mode 100644 stubs/google-auth/google/auth/compute_engine/credentials.pyi create mode 100644 stubs/google-auth/google/auth/credentials.pyi create mode 100644 stubs/google-auth/google/auth/crypt/__init__.pyi create mode 100644 stubs/google-auth/google/auth/crypt/_cryptography_rsa.pyi create mode 100644 stubs/google-auth/google/auth/crypt/_helpers.pyi create mode 100644 stubs/google-auth/google/auth/crypt/_python_rsa.pyi create mode 100644 stubs/google-auth/google/auth/crypt/base.pyi create mode 100644 stubs/google-auth/google/auth/crypt/es.pyi create mode 100644 stubs/google-auth/google/auth/crypt/es256.pyi create mode 100644 stubs/google-auth/google/auth/crypt/rsa.pyi create mode 100644 stubs/google-auth/google/auth/downscoped.pyi create mode 100644 stubs/google-auth/google/auth/environment_vars.pyi create mode 100644 stubs/google-auth/google/auth/exceptions.pyi create mode 100644 stubs/google-auth/google/auth/external_account.pyi create mode 100644 stubs/google-auth/google/auth/external_account_authorized_user.pyi create mode 100644 stubs/google-auth/google/auth/iam.pyi create mode 100644 stubs/google-auth/google/auth/identity_pool.pyi create mode 100644 stubs/google-auth/google/auth/impersonated_credentials.pyi create mode 100644 stubs/google-auth/google/auth/jwt.pyi create mode 100644 stubs/google-auth/google/auth/metrics.pyi create mode 100644 stubs/google-auth/google/auth/pluggable.pyi create mode 100644 stubs/google-auth/google/auth/transport/__init__.pyi create mode 100644 stubs/google-auth/google/auth/transport/_aiohttp_requests.pyi create mode 100644 stubs/google-auth/google/auth/transport/_custom_tls_signer.pyi create mode 100644 stubs/google-auth/google/auth/transport/_http_client.pyi create mode 100644 stubs/google-auth/google/auth/transport/_mtls_helper.pyi create mode 100644 stubs/google-auth/google/auth/transport/_requests_base.pyi create mode 100644 stubs/google-auth/google/auth/transport/grpc.pyi create mode 100644 stubs/google-auth/google/auth/transport/mtls.pyi create mode 100644 stubs/google-auth/google/auth/transport/requests.pyi create mode 100644 stubs/google-auth/google/auth/transport/urllib3.pyi create mode 100644 stubs/google-auth/google/auth/version.pyi create mode 100644 stubs/google-auth/google/oauth2/__init__.pyi create mode 100644 stubs/google-auth/google/oauth2/_client.pyi create mode 100644 stubs/google-auth/google/oauth2/_client_async.pyi create mode 100644 stubs/google-auth/google/oauth2/_credentials_async.pyi create mode 100644 stubs/google-auth/google/oauth2/_id_token_async.pyi create mode 100644 stubs/google-auth/google/oauth2/_reauth_async.pyi create mode 100644 stubs/google-auth/google/oauth2/_service_account_async.pyi create mode 100644 stubs/google-auth/google/oauth2/challenges.pyi create mode 100644 stubs/google-auth/google/oauth2/credentials.pyi create mode 100644 stubs/google-auth/google/oauth2/gdch_credentials.pyi create mode 100644 stubs/google-auth/google/oauth2/id_token.pyi create mode 100644 stubs/google-auth/google/oauth2/reauth.pyi create mode 100644 stubs/google-auth/google/oauth2/service_account.pyi create mode 100644 stubs/google-auth/google/oauth2/sts.pyi create mode 100644 stubs/google-auth/google/oauth2/utils.pyi create mode 100644 stubs/google-auth/google/oauth2/webauthn_handler.pyi create mode 100644 stubs/google-auth/google/oauth2/webauthn_handler_factory.pyi create mode 100644 stubs/google-auth/google/oauth2/webauthn_types.pyi diff --git a/stubs/google-auth/METADATA.toml b/stubs/google-auth/METADATA.toml new file mode 100644 index 000000000000..91cd9791277a --- /dev/null +++ b/stubs/google-auth/METADATA.toml @@ -0,0 +1,2 @@ +version = "2.48.*" +upstream-repository = "https://github.com/googleapis/google-auth-library-python" diff --git a/stubs/google-auth/google/__init__.pyi b/stubs/google-auth/google/__init__.pyi new file mode 100644 index 000000000000..e69de29bb2d1 diff --git a/stubs/google-auth/google/auth/__init__.pyi b/stubs/google-auth/google/auth/__init__.pyi new file mode 100644 index 000000000000..afa5f4468b37 --- /dev/null +++ b/stubs/google-auth/google/auth/__init__.pyi @@ -0,0 +1,13 @@ +from google.auth._default import ( + default as default, + load_credentials_from_dict as load_credentials_from_dict, + load_credentials_from_file as load_credentials_from_file, +) + +__all__ = [ + "default", + "load_credentials_from_file", + "load_credentials_from_dict", +] + +class Python37DeprecationWarning(DeprecationWarning): ... diff --git a/stubs/google-auth/google/auth/_agent_identity_utils.pyi b/stubs/google-auth/google/auth/_agent_identity_utils.pyi new file mode 100644 index 000000000000..a4f5a5351dc2 --- /dev/null +++ b/stubs/google-auth/google/auth/_agent_identity_utils.pyi @@ -0,0 +1,10 @@ +from typing import Any, Optional + +CRYPTOGRAPHY_NOT_FOUND_ERROR: str + +def get_agent_identity_certificate_path() -> Optional[str]: ... +def get_and_parse_agent_identity_certificate() -> Optional[Any]: ... +def parse_certificate(cert_bytes: bytes) -> Any: ... +def calculate_certificate_fingerprint(cert: Any) -> str: ... +def should_request_bound_token(cert: Any) -> bool: ... +def get_cached_cert_fingerprint(cached_cert: Optional[bytes]) -> str: ... diff --git a/stubs/google-auth/google/auth/_cache.pyi b/stubs/google-auth/google/auth/_cache.pyi new file mode 100644 index 000000000000..8b3638f10de0 --- /dev/null +++ b/stubs/google-auth/google/auth/_cache.pyi @@ -0,0 +1,15 @@ +from typing import Hashable, TypeVar + +_Key = TypeVar("_Key", bound=Hashable) +_Value = TypeVar("_Value") + +class LRUCache(dict[_Key, _Value]): + maxsize: int + + def __init__(self, maxsize: int) -> None: ... + def clear(self) -> None: ... + def __getitem__(self, key: _Key) -> _Value: ... + def __setitem__(self, key: _Key, value: _Value) -> None: ... + def __delitem__(self, key: _Key) -> None: ... + def popitem(self) -> tuple[_Key, _Value]: ... + def _update(self, key: _Key) -> None: ... diff --git a/stubs/google-auth/google/auth/_cloud_sdk.pyi b/stubs/google-auth/google/auth/_cloud_sdk.pyi new file mode 100644 index 000000000000..e991271a1593 --- /dev/null +++ b/stubs/google-auth/google/auth/_cloud_sdk.pyi @@ -0,0 +1,8 @@ +from typing import Optional + +CLOUD_SDK_CLIENT_ID: str + +def get_config_path() -> str: ... +def get_application_default_credentials_path() -> str: ... +def get_project_id() -> Optional[str]: ... +def get_auth_access_token(account: Optional[str] = None) -> str: ... diff --git a/stubs/google-auth/google/auth/_constants.pyi b/stubs/google-auth/google/auth/_constants.pyi new file mode 100644 index 000000000000..1e041fd1be0e --- /dev/null +++ b/stubs/google-auth/google/auth/_constants.pyi @@ -0,0 +1,3 @@ +_SERVICE_ACCOUNT_TRUST_BOUNDARY_LOOKUP_ENDPOINT: str +_WORKFORCE_POOL_TRUST_BOUNDARY_LOOKUP_ENDPOINT: str +_WORKLOAD_IDENTITY_POOL_TRUST_BOUNDARY_LOOKUP_ENDPOINT: str diff --git a/stubs/google-auth/google/auth/_credentials_async.pyi b/stubs/google-auth/google/auth/_credentials_async.pyi new file mode 100644 index 000000000000..6c88621e8bbf --- /dev/null +++ b/stubs/google-auth/google/auth/_credentials_async.pyi @@ -0,0 +1,38 @@ +import abc +from typing import Mapping, Sequence +from google.auth import credentials +from google.auth.transport import Request as _Request + +class Credentials(credentials.Credentials, metaclass=abc.ABCMeta): + async def before_request( + self, + request: _Request, + method: str, + url: str, + headers: Mapping[str, str], + ) -> None: ... + +class CredentialsWithQuotaProject( + credentials.CredentialsWithQuotaProject, metaclass=abc.ABCMeta +): ... + +class AnonymousCredentials(credentials.AnonymousCredentials, Credentials): + ... + + async def before_request( + self, + request: _Request, + method: str, + url: str, + headers: Mapping[str, str], + ) -> None: ... + +class ReadOnlyScoped(credentials.ReadOnlyScoped, metaclass=abc.ABCMeta): ... +class Scoped(credentials.Scoped, metaclass=abc.ABCMeta): ... + +def with_scopes_if_required( + credentials: "Credentials", scopes: Sequence[str] +) -> "Credentials": ... + +class Signing(credentials.Signing, metaclass=abc.ABCMeta): + pass diff --git a/stubs/google-auth/google/auth/_credentials_base.pyi b/stubs/google-auth/google/auth/_credentials_base.pyi new file mode 100644 index 000000000000..266ed4573af5 --- /dev/null +++ b/stubs/google-auth/google/auth/_credentials_base.pyi @@ -0,0 +1,13 @@ +import abc +from _typeshed import Incomplete +from google.auth.transport import Request as _TransportRequest +from typing import Any, Coroutine + +class _BaseCredentials(metaclass=abc.ABCMeta): + token: Incomplete + + def __init__(self) -> None: ... + @abc.abstractmethod + def refresh( + self, request: _TransportRequest + ) -> None | Coroutine[Any, Any, None]: ... diff --git a/stubs/google-auth/google/auth/_default.pyi b/stubs/google-auth/google/auth/_default.pyi new file mode 100644 index 000000000000..56e97d7bab2d --- /dev/null +++ b/stubs/google-auth/google/auth/_default.pyi @@ -0,0 +1,29 @@ +from typing import TYPE_CHECKING, Any, Mapping, Optional, Sequence, Tuple + +from google.auth.credentials import Credentials as Credentials +from google.auth.transport import Request as Request + +if TYPE_CHECKING: + from google.auth.api_key import Credentials as _ApiKeyCredentials + +def load_credentials_from_file( + filename: str, + scopes: Optional[Sequence[str]] = None, + default_scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + request: Optional[Request] = None, +) -> Tuple[Credentials, Optional[str]]: ... +def load_credentials_from_dict( + info: Mapping[str, Any], + scopes: Optional[Sequence[str]] = None, + default_scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + request: Optional[Request] = None, +) -> Tuple[Credentials, Optional[str]]: ... +def get_api_key_credentials(key: str) -> "_ApiKeyCredentials": ... +def default( + scopes: Optional[Sequence[str]] = None, + request: Optional[Request] = None, + quota_project_id: Optional[str] = None, + default_scopes: Optional[Sequence[str]] = None, +) -> Tuple[Credentials, Optional[str]]: ... diff --git a/stubs/google-auth/google/auth/_default_async.pyi b/stubs/google-auth/google/auth/_default_async.pyi new file mode 100644 index 000000000000..58972aed9ebf --- /dev/null +++ b/stubs/google-auth/google/auth/_default_async.pyi @@ -0,0 +1,15 @@ +from typing import Optional, Sequence, Tuple + +from google.auth.credentials import Credentials as Credentials +from google.auth.transport import Request as _Request + +def load_credentials_from_file( + filename: str, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, +) -> Tuple[Credentials, Optional[str]]: ... +def default_async( + scopes: Optional[Sequence[str]] = None, + request: Optional[_Request] = None, + quota_project_id: Optional[str] = None, +) -> Tuple[Credentials, Optional[str]]: ... diff --git a/stubs/google-auth/google/auth/_exponential_backoff.pyi b/stubs/google-auth/google/auth/_exponential_backoff.pyi new file mode 100644 index 000000000000..bdd4de2b7361 --- /dev/null +++ b/stubs/google-auth/google/auth/_exponential_backoff.pyi @@ -0,0 +1,22 @@ +class _BaseExponentialBackoff: + def __init__( + self, + total_attempts: int = 3, + initial_wait_seconds: float = 1.0, + randomization_factor: float = 0.1, + multiplier: float = 2.0, + ) -> None: ... + @property + def total_attempts(self) -> int: ... + @property + def backoff_count(self) -> int: ... + +class ExponentialBackoff(_BaseExponentialBackoff): + def __init__(self, *args: object, **kwargs: object) -> None: ... + def __iter__(self) -> "ExponentialBackoff": ... + def __next__(self) -> int: ... + +class AsyncExponentialBackoff(_BaseExponentialBackoff): + def __init__(self, *args: object, **kwargs: object) -> None: ... + def __aiter__(self) -> "AsyncExponentialBackoff": ... + async def __anext__(self) -> int: ... diff --git a/stubs/google-auth/google/auth/_helpers.pyi b/stubs/google-auth/google/auth/_helpers.pyi new file mode 100644 index 000000000000..5a2637519c0f --- /dev/null +++ b/stubs/google-auth/google/auth/_helpers.pyi @@ -0,0 +1,33 @@ +import datetime +import logging +from typing import Any, Callable, Mapping, Optional, Sequence, Union + +REFRESH_THRESHOLD: datetime.timedelta + +def copy_docstring(source_class: type) -> Callable[[Any], Any]: ... +def parse_content_type(header_value: str) -> str: ... +def utcnow() -> datetime.datetime: ... +def utcfromtimestamp(timestamp: float) -> datetime.datetime: ... +def datetime_to_secs(value: datetime.datetime) -> int: ... +def to_bytes(value: Union[str, bytes], encoding: str = "utf-8") -> bytes: ... +def from_bytes(value: Union[str, bytes]) -> str: ... +def update_query( + url: str, params: Mapping[str, str], remove: Optional[Sequence[str]] = None +) -> str: ... +def scopes_to_string(scopes: Sequence[str]) -> str: ... +def string_to_scopes(scopes: Union[Sequence[str], str]) -> list[str]: ... +def padded_urlsafe_b64decode(value: Union[str, bytes]) -> bytes: ... +def unpadded_urlsafe_b64encode( + value: Union[str, bytes], +) -> Union[str, bytes]: ... +def get_bool_from_env(variable_name: str, default: bool = False) -> bool: ... +def is_python_3() -> bool: ... +def is_logging_enabled(logger: logging.Logger) -> bool: ... +def request_log( + logger: logging.Logger, + method: str, + url: str, + body: Optional[bytes], + headers: Mapping[str, str] | None, +) -> None: ... +def response_log(logger: logging.Logger, response: Any) -> None: ... diff --git a/stubs/google-auth/google/auth/_jwt_async.pyi b/stubs/google-auth/google/auth/_jwt_async.pyi new file mode 100644 index 000000000000..a004568d6057 --- /dev/null +++ b/stubs/google-auth/google/auth/_jwt_async.pyi @@ -0,0 +1,109 @@ +from google.auth.credentials import Signing +from typing import Any, Dict, List, Mapping, Optional, Tuple, Union +import google.auth.jwt as jwt +from google.auth import _credentials_async +from google.auth.crypt import Signer as _Signer +from google.auth.transport import Request as _Request + +_DEFAULT_TOKEN_LIFETIME_SECS: int +_DEFAULT_MAX_CACHE_SIZE: int +_ALGORITHM_TO_VERIFIER_CLASS: Dict[str, type] +_CRYPTOGRAPHY_BASED_ALGORITHMS: frozenset[str] + +def encode( + signer: _Signer, + payload: Mapping[str, str], + header: Optional[Mapping[str, str]] = None, + key_id: Optional[str] = None, +) -> bytes: ... +def _decode_jwt_segment(encoded_section: bytes) -> Mapping[str, Any]: ... +def _unverified_decode( + token: Union[str, bytes], +) -> Tuple[Mapping[str, Any], Mapping[str, Any], bytes, bytes]: ... +def decode_header(token: Union[str, bytes]) -> Mapping[str, Any]: ... +def _verify_iat_and_exp( + payload: Mapping[str, str], clock_skew_in_seconds: int = 0 +) -> None: ... +def decode( + token: str, + certs: Optional[Union[str, bytes, Mapping[str, Union[str, bytes]]]] = None, + verify: bool = True, + audience: Optional[Union[str, List[str]]] = None, + clock_skew_in_seconds: int = 0, +) -> Mapping[str, Any]: ... + +class Credentials(jwt.Credentials, _credentials_async.Credentials): + expiry: Any + + def __init__( + self, + signer: _Signer, + issuer: str, + subject: str, + audience: str, + additional_claims: Optional[Mapping[str, str]] = None, + token_lifetime: int = ..., + quota_project_id: Optional[str] = None, + ) -> None: ... + @classmethod + def _from_signer_and_info( + cls, signer: _Signer, info: Mapping[str, str], **kwargs: Any + ) -> "Credentials": ... + @classmethod + def from_service_account_info( + cls, info: Mapping[str, str], **kwargs: Any + ) -> "Credentials": ... + @classmethod + def from_service_account_file( + cls, filename: str, **kwargs: Any + ) -> "Credentials": ... + @classmethod + def from_signing_credentials( + cls, credentials: Signing, audience: str, **kwargs: Any + ) -> "Credentials": ... + def with_claims( + self, + issuer: Optional[str] = None, + subject: Optional[str] = None, + audience: Optional[str] = None, + additional_claims: Optional[Mapping[str, str]] = None, + ) -> "Credentials": ... + def with_quota_project( + self, quota_project_id: Optional[str] + ) -> "Credentials": ... + def refresh(self, request: Any) -> None: ... + def sign_bytes(self, message: bytes) -> bytes: ... + @property + def signer_email(self) -> str: ... + @property + def signer(self) -> _Signer: ... + @property + def additional_claims(self) -> Mapping[str, str]: ... + +class OnDemandCredentials( + jwt.OnDemandCredentials, _credentials_async.Credentials +): + """On-demand JWT credentials. + + Like :class:`Credentials`, this class uses a JWT as the bearer token for + authentication. However, this class does not require the audience at + construction time. Instead, it will generate a new token on-demand for + each request using the request URI as the audience. It caches tokens + so that multiple requests to the same URI do not incur the overhead + of generating a new token every time. + + This behavior is especially useful for `gRPC`_ clients. A gRPC service may + have multiple audience and gRPC clients may not know all of the audiences + required for accessing a particular service. With these credentials, + no knowledge of the audiences is required ahead of time. + + .. _grpc: http://www.grpc.io/ + """ + + async def before_request( + self, + request: _Request, + method: str, + url: str, + headers: Mapping[str, str], + ) -> None: ... diff --git a/stubs/google-auth/google/auth/_oauth2client.pyi b/stubs/google-auth/google/auth/_oauth2client.pyi new file mode 100644 index 000000000000..7a46b956e31b --- /dev/null +++ b/stubs/google-auth/google/auth/_oauth2client.pyi @@ -0,0 +1,3 @@ +from typing import Any + +def convert(credentials: Any) -> Any: ... diff --git a/stubs/google-auth/google/auth/_refresh_worker.pyi b/stubs/google-auth/google/auth/_refresh_worker.pyi new file mode 100644 index 000000000000..d2f3b317d0c5 --- /dev/null +++ b/stubs/google-auth/google/auth/_refresh_worker.pyi @@ -0,0 +1,11 @@ +import threading +from typing import Any + +class RefreshThreadManager: + def __init__(self) -> None: ... + def start_refresh(self, cred: Any, request: Any) -> bool: ... + def clear_error(self) -> None: ... + +class RefreshThread(threading.Thread): + def __init__(self, cred: Any, request: Any, **kwargs: Any) -> None: ... + def run(self) -> None: ... diff --git a/stubs/google-auth/google/auth/_service_account_info.pyi b/stubs/google-auth/google/auth/_service_account_info.pyi new file mode 100644 index 000000000000..56d01573be4f --- /dev/null +++ b/stubs/google-auth/google/auth/_service_account_info.pyi @@ -0,0 +1,14 @@ +from typing import Mapping, Optional, Sequence, Tuple + +from google.auth import crypt as _crypt + +def from_dict( + data: Mapping[str, str], + require: Optional[Sequence[str]] = None, + use_rsa_signer: bool = True, +) -> _crypt.Signer: ... +def from_filename( + filename: str, + require: Optional[Sequence[str]] = None, + use_rsa_signer: bool = True, +) -> Tuple[Mapping[str, str], _crypt.Signer]: ... diff --git a/stubs/google-auth/google/auth/aio/__init__.pyi b/stubs/google-auth/google/auth/aio/__init__.pyi new file mode 100644 index 000000000000..bda5b5a7f4cc --- /dev/null +++ b/stubs/google-auth/google/auth/aio/__init__.pyi @@ -0,0 +1 @@ +__version__: str diff --git a/stubs/google-auth/google/auth/aio/_helpers.pyi b/stubs/google-auth/google/auth/aio/_helpers.pyi new file mode 100644 index 000000000000..09ec0b96b975 --- /dev/null +++ b/stubs/google-auth/google/auth/aio/_helpers.pyi @@ -0,0 +1,6 @@ +import logging +from typing import Any + +async def response_log_async( + logger: logging.Logger, response: Any +) -> None: ... diff --git a/stubs/google-auth/google/auth/aio/credentials.pyi b/stubs/google-auth/google/auth/aio/credentials.pyi new file mode 100644 index 000000000000..feb315cc0e47 --- /dev/null +++ b/stubs/google-auth/google/auth/aio/credentials.pyi @@ -0,0 +1,44 @@ +from typing import Mapping, Optional +from _typeshed import Incomplete +from google.auth._credentials_base import _BaseCredentials +from google.auth.transport import Request as _TransportRequest + +class Credentials(_BaseCredentials): + def __init__(self) -> None: ... + async def apply( + self, headers: Mapping[str, str], token: Optional[str] = None + ) -> None: ... + async def refresh(self, request: _TransportRequest) -> None: ... + async def before_request( + self, + request: _TransportRequest, + method: str, + url: str, + headers: Mapping[str, str], + ) -> None: ... + +class StaticCredentials(Credentials): + token: Incomplete + + def __init__(self, token: str) -> None: ... + async def refresh(self, request: _TransportRequest) -> None: ... + async def before_request( + self, + request: _TransportRequest, + method: str, + url: str, + headers: Mapping[str, str], + ) -> None: ... + +class AnonymousCredentials(Credentials): + async def refresh(self, request: _TransportRequest) -> None: ... + async def apply( + self, headers: Mapping[str, str], token: Optional[str] = None + ) -> None: ... + async def before_request( + self, + request: _TransportRequest, + method: str, + url: str, + headers: Mapping[str, str], + ) -> None: ... diff --git a/stubs/google-auth/google/auth/aio/transport/__init__.pyi b/stubs/google-auth/google/auth/aio/transport/__init__.pyi new file mode 100644 index 000000000000..6417253220c4 --- /dev/null +++ b/stubs/google-auth/google/auth/aio/transport/__init__.pyi @@ -0,0 +1,34 @@ +import abc +from typing import Any, AsyncGenerator, Mapping, Optional, Sequence + +DEFAULT_RETRYABLE_STATUS_CODES: Sequence[int] +DEFAULT_MAX_RETRY_ATTEMPTS: int + +class Response(metaclass=abc.ABCMeta): + @property + @abc.abstractmethod + def status_code(self) -> int: ... + @property + @abc.abstractmethod + def headers(self) -> Mapping[str, str]: ... + @abc.abstractmethod + async def content( + self, chunk_size: int + ) -> AsyncGenerator[bytes, None]: ... + @abc.abstractmethod + async def read(self) -> bytes: ... + @abc.abstractmethod + async def close(self) -> None: ... + +class Request(metaclass=abc.ABCMeta): + @abc.abstractmethod + async def __call__( + self, + url: str, + method: str, + body: Optional[bytes], + headers: Optional[Mapping[str, str]], + timeout: float, + **kwargs: Any, + ) -> Response: ... + async def close(self) -> None: ... diff --git a/stubs/google-auth/google/auth/aio/transport/aiohttp.pyi b/stubs/google-auth/google/auth/aio/transport/aiohttp.pyi new file mode 100644 index 000000000000..89c47ff52cd3 --- /dev/null +++ b/stubs/google-auth/google/auth/aio/transport/aiohttp.pyi @@ -0,0 +1,31 @@ +from typing import Any, AsyncGenerator, Mapping, Optional, Union + +from google.auth.aio import transport + +ClientTimeout = Any + +class Response(transport.Response): + def __init__(self, response: Any) -> None: ... + @property + def status_code(self) -> int: ... + @property + def headers(self) -> Mapping[str, str]: ... + async def content( + self, chunk_size: int = 1024 + ) -> AsyncGenerator[bytes, None]: ... + async def read(self) -> bytes: ... + async def close(self) -> None: ... + +class Request(transport.Request): + def __init__(self, session: Optional[Any] = None) -> None: ... + async def __call__( + self, + url: str, + method: str = "GET", + body: Optional[bytes] = None, + headers: Optional[Mapping[str, str]] = None, + timeout: Union[float, ClientTimeout] = ..., + *args: Any, + **kwargs: Any, + ) -> transport.Response: ... + async def close(self) -> None: ... diff --git a/stubs/google-auth/google/auth/aio/transport/mtls.pyi b/stubs/google-auth/google/auth/aio/transport/mtls.pyi new file mode 100644 index 000000000000..fbc293d54694 --- /dev/null +++ b/stubs/google-auth/google/auth/aio/transport/mtls.pyi @@ -0,0 +1,13 @@ +import ssl +from typing import Callable, Optional, Tuple + +def make_client_cert_ssl_context( + cert_bytes: bytes, key_bytes: bytes, passphrase: Optional[bytes] = None +) -> ssl.SSLContext: ... +def default_client_cert_source() -> Callable[[], Tuple[bytes, bytes]]: ... +async def get_client_ssl_credentials( + certificate_config_path: Optional[str] = None, +) -> Tuple[bool, Optional[bytes], Optional[bytes], Optional[bytes]]: ... +async def get_client_cert_and_key( + client_cert_callback: Optional[Callable[[], Tuple[bytes, bytes]]] = None, +) -> Tuple[bool, Optional[bytes], Optional[bytes]]: ... diff --git a/stubs/google-auth/google/auth/aio/transport/sessions.pyi b/stubs/google-auth/google/auth/aio/transport/sessions.pyi new file mode 100644 index 000000000000..26f8106711c2 --- /dev/null +++ b/stubs/google-auth/google/auth/aio/transport/sessions.pyi @@ -0,0 +1,97 @@ +from contextlib import asynccontextmanager +from typing import ( + Any, + AsyncGenerator, + Callable, + Mapping, + Optional, + Tuple, + Union, +) + +from google.auth.aio import transport +from google.auth.aio.credentials import Credentials + +class ClientTimeout: ... + +AIOHTTP_INSTALLED: bool + +@asynccontextmanager +def timeout_guard(timeout: float) -> AsyncGenerator[Any, None]: ... + +class AsyncAuthorizedSession: + def __init__( + self, + credentials: Credentials, + auth_request: Optional[transport.Request] = None, + ) -> None: ... + async def configure_mtls_channel( + self, + client_cert_callback: Optional[ + Callable[[], Tuple[bytes, bytes]] + ] = None, + ) -> None: ... + async def request( + self, + method: str, + url: str, + data: Optional[bytes] = None, + headers: Optional[Mapping[str, str]] = None, + max_allowed_time: float = ..., + timeout: Union[float, ClientTimeout] = ..., + total_attempts: Optional[int] = ..., + **kwargs: Any, + ) -> transport.Response: ... + async def get( + self, + url: str, + data: Optional[bytes] = None, + headers: Optional[Mapping[str, str]] = None, + max_allowed_time: float = ..., + timeout: Union[float, ClientTimeout] = ..., + total_attempts: Optional[int] = ..., + **kwargs: Any, + ) -> transport.Response: ... + async def post( + self, + url: str, + data: Optional[bytes] = None, + headers: Optional[Mapping[str, str]] = None, + max_allowed_time: float = ..., + timeout: Union[float, ClientTimeout] = ..., + total_attempts: Optional[int] = ..., + **kwargs: Any, + ) -> transport.Response: ... + async def put( + self, + url: str, + data: Optional[bytes] = None, + headers: Optional[Mapping[str, str]] = None, + max_allowed_time: float = ..., + timeout: Union[float, ClientTimeout] = ..., + total_attempts: Optional[int] = ..., + **kwargs: Any, + ) -> transport.Response: ... + async def patch( + self, + url: str, + data: Optional[bytes] = None, + headers: Optional[Mapping[str, str]] = None, + max_allowed_time: float = ..., + timeout: Union[float, ClientTimeout] = ..., + total_attempts: Optional[int] = ..., + **kwargs: Any, + ) -> transport.Response: ... + async def delete( + self, + url: str, + data: Optional[bytes] = None, + headers: Optional[Mapping[str, str]] = None, + max_allowed_time: float = ..., + timeout: Union[float, ClientTimeout] = ..., + total_attempts: Optional[int] = ..., + **kwargs: Any, + ) -> transport.Response: ... + @property + def is_mtls(self) -> bool: ... + async def close(self) -> None: ... diff --git a/stubs/google-auth/google/auth/api_key.pyi b/stubs/google-auth/google/auth/api_key.pyi new file mode 100644 index 000000000000..5af477eef59d --- /dev/null +++ b/stubs/google-auth/google/auth/api_key.pyi @@ -0,0 +1,24 @@ +from typing import Mapping, Optional + +import google +from google.auth import credentials + +class Credentials(credentials.Credentials): + token: str + + def __init__(self, token: str) -> None: ... + @property + def expired(self) -> bool: ... + @property + def valid(self) -> bool: ... + def refresh(self, request: "google.auth.transport.Request") -> None: ... + def apply( + self, headers: Mapping[str, str], token: Optional[str] = None + ) -> None: ... + def before_request( + self, + request: "google.auth.transport.Request", + method: str, + url: str, + headers: Mapping[str, str], + ) -> None: ... diff --git a/stubs/google-auth/google/auth/app_engine.pyi b/stubs/google-auth/google/auth/app_engine.pyi new file mode 100644 index 000000000000..af35a578b7d2 --- /dev/null +++ b/stubs/google-auth/google/auth/app_engine.pyi @@ -0,0 +1,42 @@ +from typing import Optional, Sequence, Union +import google +from google.auth import credentials +from google.auth.crypt import base + +class Signer(base.Signer): + @property + def key_id(self) -> str: ... + def sign(self, message: Union[str, bytes]) -> bytes: ... + +def get_project_id() -> str: ... + +class Credentials( + credentials.Scoped, + credentials.Signing, + credentials.CredentialsWithQuotaProject, +): + def __init__( + self, + scopes: Optional[Sequence[str]] = None, + default_scopes: Optional[Sequence[str]] = None, + service_account_id: Optional[str] = None, + quota_project_id: Optional[str] = None, + ) -> None: ... + def refresh(self, request: "google.auth.transport.Request") -> None: ... + @property + def service_account_email(self) -> str: ... + @property + def requires_scopes(self) -> bool: ... + def with_scopes( + self, + scopes: Sequence[str], + default_scopes: Optional[Sequence[str]] = None, + ) -> "Credentials": ... + def with_quota_project( + self, quota_project_id: Optional[str] + ) -> "Credentials": ... + def sign_bytes(self, message: bytes) -> bytes: ... + @property + def signer_email(self) -> str: ... + @property + def signer(self) -> "Signer": ... diff --git a/stubs/google-auth/google/auth/aws.pyi b/stubs/google-auth/google/auth/aws.pyi new file mode 100644 index 000000000000..c7c50ed3246c --- /dev/null +++ b/stubs/google-auth/google/auth/aws.pyi @@ -0,0 +1,58 @@ +import abc +from dataclasses import dataclass +from typing import Any, Mapping, Optional + +from google.auth import external_account + +@dataclass +class AwsSecurityCredentials: + access_key_id: str + secret_access_key: str + session_token: Optional[str] = None + +class RequestSigner(object): + def __init__(self, region_name: str) -> None: ... + def get_request_options( + self, + aws_security_credentials: "AwsSecurityCredentials", + url: str, + method: str, + request_payload: str = "", + additional_headers: Optional[Mapping[str, str]] = None, + ) -> Mapping[str, str]: ... + +class AwsSecurityCredentialsSupplier(metaclass=abc.ABCMeta): + @abc.abstractmethod + def get_aws_security_credentials( + self, context: Any, request: Any + ) -> AwsSecurityCredentials: ... + @abc.abstractmethod + def get_aws_region(self, context: Any, request: Any) -> str: ... + +class _DefaultAwsSecurityCredentialsSupplier(AwsSecurityCredentialsSupplier): + def __init__(self, credential_source: Mapping[str, Any]) -> None: ... + def get_aws_security_credentials( + self, context: Any, request: Any + ) -> AwsSecurityCredentials: ... + def get_aws_region(self, context: Any, request: Any) -> str: ... + +class Credentials(external_account.Credentials, metaclass=abc.ABCMeta): + def __init__( + self, + audience: str, + subject_token_type: str, + token_url: str = "https://sts.googleapis.com/v1/token", + credential_source: Optional[Mapping[str, Any]] = None, + aws_security_credentials_supplier: Optional[ + "AwsSecurityCredentialsSupplier" + ] = None, + *args: Any, + **kwargs: Any, + ) -> None: ... + def retrieve_subject_token(self, request: Any) -> str: ... + @classmethod + def from_info( + cls, info: Mapping[str, Any], **kwargs: Any + ) -> "Credentials": ... + @classmethod + def from_file(cls, filename: str, **kwargs: Any) -> "Credentials": ... diff --git a/stubs/google-auth/google/auth/compute_engine/__init__.pyi b/stubs/google-auth/google/auth/compute_engine/__init__.pyi new file mode 100644 index 000000000000..b47554cc81cd --- /dev/null +++ b/stubs/google-auth/google/auth/compute_engine/__init__.pyi @@ -0,0 +1,9 @@ +from google.auth.compute_engine._metadata import ( + detect_gce_residency_linux as detect_gce_residency_linux, +) +from google.auth.compute_engine.credentials import ( + Credentials as Credentials, + IDTokenCredentials as IDTokenCredentials, +) + +__all__ = ["Credentials", "IDTokenCredentials", "detect_gce_residency_linux"] diff --git a/stubs/google-auth/google/auth/compute_engine/_metadata.pyi b/stubs/google-auth/google/auth/compute_engine/_metadata.pyi new file mode 100644 index 000000000000..39778243f800 --- /dev/null +++ b/stubs/google-auth/google/auth/compute_engine/_metadata.pyi @@ -0,0 +1,31 @@ +import datetime +from typing import Any, List, Mapping, Optional, Tuple, Union + +from google.auth.transport import Request as _Request + +def is_on_gce(request: _Request) -> bool: ... +def detect_gce_residency_linux() -> bool: ... +def ping( + request: _Request, timeout: int = 3, retry_count: int = 3 +) -> bool: ... +def get( + request: _Request, + path: str, + root: Optional[str] = None, + params: Optional[Mapping[str, str]] = None, + recursive: bool = False, + retry_count: int = 5, + headers: Optional[Mapping[str, str]] = None, + return_none_for_not_found_error: bool = False, + timeout: int = 3, +) -> Union[Mapping[str, Any], str]: ... +def get_project_id(request: _Request) -> Optional[str]: ... +def get_universe_domain(request: _Request) -> str: ... +def get_service_account_info( + request: _Request, service_account: str = "default" +) -> Mapping[str, Any]: ... +def get_service_account_token( + request: _Request, + service_account: str = "default", + scopes: Optional[Union[str, List[str]]] = None, +) -> Tuple[str, datetime.datetime]: ... diff --git a/stubs/google-auth/google/auth/compute_engine/_mtls.pyi b/stubs/google-auth/google/auth/compute_engine/_mtls.pyi new file mode 100644 index 000000000000..43972a01b8c6 --- /dev/null +++ b/stubs/google-auth/google/auth/compute_engine/_mtls.pyi @@ -0,0 +1,53 @@ +import enum +import ssl +from dataclasses import dataclass, field +from pathlib import Path +from typing import Any, Mapping, Optional, Tuple, Union +from requests import PreparedRequest, Response +from requests.adapters import HTTPAdapter + +@dataclass +class MdsMtlsConfig: + ca_cert_path: Path = field(default_factory=_get_mds_root_crt_path) + client_combined_cert_path: Path = field( + default_factory=_get_mds_client_combined_cert_path + ) + +class MdsMtlsMode(enum.Enum): + """MDS mTLS mode. Used to configure connection behavior when connecting to MDS. + + STRICT: Always use HTTPS/mTLS. If certificates are not found locally, an error will be returned. + NONE: Never use mTLS. Requests will use regular HTTP. + DEFAULT: Use mTLS if certificates are found locally, otherwise use regular HTTP. + """ + + STRICT = "strict" + NONE = "none" + DEFAULT = "default" + +def _get_mds_root_crt_path() -> Path: ... +def _get_mds_client_combined_cert_path() -> Path: ... +def should_use_mds_mtls( + mds_mtls_config: MdsMtlsConfig = MdsMtlsConfig(), +) -> bool: ... + +class MdsMtlsAdapter(HTTPAdapter): + ssl_context: ssl.SSLContext + + def __init__( + self, + mds_mtls_config: MdsMtlsConfig = MdsMtlsConfig(), + *args: Any, + **kwargs: Any, + ) -> None: ... + def init_poolmanager(self, *args: Any, **kwargs: Any) -> None: ... + def proxy_manager_for(self, *args: Any, **kwargs: Any) -> None: ... + def send( + self, + request: PreparedRequest, + stream: bool = ..., + timeout: float | tuple[float, float] | tuple[float, None] | None = ..., + verify: bool | str = ..., + cert: bytes | str | tuple[bytes | str, bytes | str] | None = ..., + proxies: Mapping[str, str] | None = ..., + ) -> Response: ... diff --git a/stubs/google-auth/google/auth/compute_engine/credentials.pyi b/stubs/google-auth/google/auth/compute_engine/credentials.pyi new file mode 100644 index 000000000000..68b9cf4aa330 --- /dev/null +++ b/stubs/google-auth/google/auth/compute_engine/credentials.pyi @@ -0,0 +1,101 @@ +from typing import Any, Mapping, Optional, Sequence + +import google +from _typeshed import Incomplete +from google.auth import credentials + +_TRUST_BOUNDARY_LOOKUP_ENDPOINT = "https://iamcredentials.{}/v1/projects/-/serviceAccounts/{}/allowedLocations" + +class Credentials( + credentials.Scoped, + credentials.CredentialsWithQuotaProject, + credentials.CredentialsWithUniverseDomain, + credentials.CredentialsWithTrustBoundary, +): + """Compute Engine Credentials. + + These credentials use the Google Compute Engine metadata server to obtain + OAuth 2.0 access tokens associated with the instance's service account, + and are also used for Cloud Run, Flex and App Engine (except for the Python + 2.7 runtime, which is supported only on older versions of this library). + + For more information about Compute Engine authentication, including how + to configure scopes, see the `Compute Engine authentication + documentation`_. + + .. note:: On Compute Engine the metadata server ignores requested scopes. + On Cloud Run, Flex and App Engine the server honours requested scopes. + + .. _Compute Engine authentication documentation: + https://cloud.google.com/compute/docs/authentication#using + """ + + def __init__( + self, + service_account_email: str = "default", + quota_project_id: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + default_scopes: Optional[Sequence[str]] = None, + universe_domain: Optional[str] = None, + trust_boundary: Optional[Mapping[str, str]] = None, + ) -> None: ... + @property + def service_account_email(self) -> str: ... + @property + def requires_scopes(self) -> bool: ... + @property + def universe_domain(self) -> str: ... + def get_cred_info(self) -> Optional[Mapping[str, str]]: ... + def with_quota_project( + self, quota_project_id: Optional[str] + ) -> "Credentials": ... + def with_scopes( + self, + scopes: Sequence[str], + default_scopes: Optional[Sequence[str]] = None, + ) -> "Credentials": ... + def with_universe_domain( + self, universe_domain: Optional[str] + ) -> "Credentials": ... + def with_trust_boundary( + self, trust_boundary: Mapping[str, str] + ) -> "Credentials": ... + def _build_trust_boundary_lookup_url(self) -> str: ... + def _perform_refresh_token( + self, request: "google.auth.transport.Request" + ) -> None: ... + +class IDTokenCredentials( + credentials.CredentialsWithQuotaProject, + credentials.Signing, + credentials.CredentialsWithTokenUri, +): + def __init__( + self, + request: "google.auth.transport.Request", + target_audience: Optional[str] = None, + token_uri: Optional[str] = None, + additional_claims: Optional[Mapping[str, str]] = None, + service_account_email: Optional[str] = None, + signer: Optional["google.auth.crypt.Signer"] = None, + use_metadata_identity_endpoint: bool = False, + quota_project_id: Optional[str] = None, + ) -> None: ... + def with_target_audience( + self, target_audience: str + ) -> "IDTokenCredentials": ... + def with_quota_project( + self, quota_project_id: Optional[str] + ) -> "IDTokenCredentials": ... + def with_token_uri(self, token_uri: str) -> "IDTokenCredentials": ... + token: Incomplete + expiry: Incomplete + + def refresh(self, request: "google.auth.transport.Request") -> None: ... + @property + def signer(self) -> Any: ... + def sign_bytes(self, message: bytes) -> bytes: ... + @property + def service_account_email(self) -> str: ... + @property + def signer_email(self) -> str: ... diff --git a/stubs/google-auth/google/auth/credentials.pyi b/stubs/google-auth/google/auth/credentials.pyi new file mode 100644 index 000000000000..eb9c0ec04ee7 --- /dev/null +++ b/stubs/google-auth/google/auth/credentials.pyi @@ -0,0 +1,125 @@ +import abc +from enum import Enum +from typing import Mapping, Optional, Sequence +from _typeshed import Incomplete +from google.auth._credentials_base import _BaseCredentials +from google.auth.crypt import Signer as _Signer +from google.auth.transport import Request as _TransportRequest +from typing import Any, Coroutine + +DEFAULT_UNIVERSE_DOMAIN: str +NO_OP_TRUST_BOUNDARY_LOCATIONS: list[str] +NO_OP_TRUST_BOUNDARY_ENCODED_LOCATIONS: str + +class Credentials(_BaseCredentials, metaclass=abc.ABCMeta): + expiry: Incomplete + + def __init__(self) -> None: ... + @property + def expired(self) -> bool: ... + @property + def valid(self) -> bool: ... + @property + def token_state(self) -> "TokenState": ... + @property + def quota_project_id(self) -> Optional[str]: ... + @property + def universe_domain(self) -> str: ... + def get_cred_info(self) -> Optional[Mapping[str, str]]: ... + @abc.abstractmethod + def refresh( + self, request: _TransportRequest + ) -> None | Coroutine[Any, Any, None]: ... + def apply( + self, headers: Mapping[str, str], token: Optional[str] = None + ) -> None: ... + def before_request( + self, + request: _TransportRequest, + method: str, + url: str, + headers: Mapping[str, str], + ) -> None | Coroutine[Any, Any, None]: ... + def with_non_blocking_refresh(self) -> None: ... + +class CredentialsWithQuotaProject(Credentials, metaclass=abc.ABCMeta): + def with_quota_project( + self, quota_project_id: Optional[str] + ) -> "Credentials": ... + def with_quota_project_from_environment(self) -> "Credentials": ... + +class CredentialsWithTokenUri(Credentials, metaclass=abc.ABCMeta): + def with_token_uri(self, token_uri: str) -> "Credentials": ... + +class CredentialsWithUniverseDomain(Credentials, metaclass=abc.ABCMeta): + def with_universe_domain(self, universe_domain: str) -> "Credentials": ... + +class CredentialsWithTrustBoundary(Credentials, metaclass=abc.ABCMeta): + @abc.abstractmethod + def _perform_refresh_token(self, request: _TransportRequest) -> None: ... + def with_trust_boundary( + self, trust_boundary: Mapping[str, str] + ) -> "Credentials": ... + def apply( + self, headers: Mapping[str, str], token: Optional[str] = None + ) -> None: ... + def refresh( + self, request: _TransportRequest + ) -> None | Coroutine[Any, Any, None]: ... + +class AnonymousCredentials(Credentials): + @property + def expired(self) -> bool: ... + @property + def valid(self) -> bool: ... + def refresh(self, request: _TransportRequest) -> None: ... + def apply( + self, headers: Mapping[str, str], token: Optional[str] = None + ) -> None: ... + def before_request( + self, + request: _TransportRequest, + method: str, + url: str, + headers: Mapping[str, str], + ) -> None | Coroutine[Any, Any, None]: ... + +class ReadOnlyScoped(metaclass=abc.ABCMeta): + def __init__(self) -> None: ... + @property + def scopes(self) -> Optional[Sequence[str]]: ... + @property + def default_scopes(self) -> Optional[Sequence[str]]: ... + @property + @abc.abstractmethod + def requires_scopes(self) -> bool: ... + def has_scopes(self, scopes: Sequence[str]) -> bool: ... + +class Scoped(ReadOnlyScoped, metaclass=abc.ABCMeta): + @abc.abstractmethod + def with_scopes( + self, + scopes: Sequence[str], + default_scopes: Optional[Sequence[str]] = None, + ) -> "Scoped": ... + +def with_scopes_if_required( + credentials: "Credentials", + scopes: Sequence[str], + default_scopes: Optional[Sequence[str]] = None, +) -> "Credentials": ... + +class Signing(metaclass=abc.ABCMeta): + @abc.abstractmethod + def sign_bytes(self, message: bytes) -> bytes: ... + @property + @abc.abstractmethod + def signer_email(self) -> str: ... + @property + @abc.abstractmethod + def signer(self) -> _Signer: ... + +class TokenState(Enum): + FRESH = 1 + STALE = 2 + INVALID = 3 diff --git a/stubs/google-auth/google/auth/crypt/__init__.pyi b/stubs/google-auth/google/auth/crypt/__init__.pyi new file mode 100644 index 000000000000..b0202007e9a0 --- /dev/null +++ b/stubs/google-auth/google/auth/crypt/__init__.pyi @@ -0,0 +1,21 @@ +from _typeshed import Incomplete + +__all__ = [ + "EsSigner", + "EsVerifier", + "ES256Signer", + "ES256Verifier", + "RSASigner", + "RSAVerifier", + "Signer", + "Verifier", +] + +EsSigner: Incomplete +EsVerifier: Incomplete +ES256Signer: Incomplete +ES256Verifier: Incomplete +Signer: Incomplete +Verifier: Incomplete +RSASigner: Incomplete +RSAVerifier: Incomplete diff --git a/stubs/google-auth/google/auth/crypt/_cryptography_rsa.pyi b/stubs/google-auth/google/auth/crypt/_cryptography_rsa.pyi new file mode 100644 index 000000000000..22fbe691efbc --- /dev/null +++ b/stubs/google-auth/google/auth/crypt/_cryptography_rsa.pyi @@ -0,0 +1,20 @@ +from typing import Any, Optional +from google.auth.crypt import base + +class RSAVerifier(base.Verifier): + def __init__(self, public_key: Any) -> None: ... + def verify(self, message: Any, signature: Any) -> bool: ... + @classmethod + def from_string(cls, public_key: Any) -> "RSAVerifier": ... + +class RSASigner(base.Signer, base.FromServiceAccountMixin): + def __init__( + self, private_key: Any, key_id: Optional[str] = None + ) -> None: ... + @property + def key_id(self) -> str: ... + def sign(self, message: Any) -> bytes: ... + @classmethod + def from_string( + cls, key: Any, key_id: Optional[str] = None + ) -> "RSASigner": ... diff --git a/stubs/google-auth/google/auth/crypt/_helpers.pyi b/stubs/google-auth/google/auth/crypt/_helpers.pyi new file mode 100644 index 000000000000..862577467da2 --- /dev/null +++ b/stubs/google-auth/google/auth/crypt/_helpers.pyi @@ -0,0 +1,32 @@ +"""Transport adapter for Base Requests typing stubs.""" + +import abc +from typing import Any + +_DEFAULT_TIMEOUT: int = 120 # in seconds + +class _BaseAuthorizedSession(metaclass=abc.ABCMeta): + """Base class for a Request Session with credentials. This class is intended to capture + the common logic between synchronous and asynchronous request sessions and is not intended to + be instantiated directly. + + Args: + credentials (object): The credentials to add to the request. + """ + + credentials: Any + + def __init__(self, credentials: Any) -> None: ... + @abc.abstractmethod + def request( + self, + method: str, + url: str, + data: Any = None, + headers: Any = None, + max_allowed_time: Any = None, + timeout: int = _DEFAULT_TIMEOUT, + **kwargs: Any, + ) -> Any: ... + @abc.abstractmethod + def close(self) -> None: ... diff --git a/stubs/google-auth/google/auth/crypt/_python_rsa.pyi b/stubs/google-auth/google/auth/crypt/_python_rsa.pyi new file mode 100644 index 000000000000..22fbe691efbc --- /dev/null +++ b/stubs/google-auth/google/auth/crypt/_python_rsa.pyi @@ -0,0 +1,20 @@ +from typing import Any, Optional +from google.auth.crypt import base + +class RSAVerifier(base.Verifier): + def __init__(self, public_key: Any) -> None: ... + def verify(self, message: Any, signature: Any) -> bool: ... + @classmethod + def from_string(cls, public_key: Any) -> "RSAVerifier": ... + +class RSASigner(base.Signer, base.FromServiceAccountMixin): + def __init__( + self, private_key: Any, key_id: Optional[str] = None + ) -> None: ... + @property + def key_id(self) -> str: ... + def sign(self, message: Any) -> bytes: ... + @classmethod + def from_string( + cls, key: Any, key_id: Optional[str] = None + ) -> "RSASigner": ... diff --git a/stubs/google-auth/google/auth/crypt/base.pyi b/stubs/google-auth/google/auth/crypt/base.pyi new file mode 100644 index 000000000000..f852ae98415c --- /dev/null +++ b/stubs/google-auth/google/auth/crypt/base.pyi @@ -0,0 +1,24 @@ +import abc +from typing import Mapping, Optional, Union + +class Verifier(metaclass=abc.ABCMeta): + @abc.abstractmethod + def verify( + self, message: Union[str, bytes], signature: Union[str, bytes] + ) -> bool: ... + +class Signer(metaclass=abc.ABCMeta): + @property + @abc.abstractmethod + def key_id(self) -> str: ... + @abc.abstractmethod + def sign(self, message: Union[str, bytes]) -> bytes: ... + +class FromServiceAccountMixin(metaclass=abc.ABCMeta): + @classmethod + @abc.abstractmethod + def from_string(cls, key: str, key_id: Optional[str] = None) -> Signer: ... + @classmethod + def from_service_account_info(cls, info: Mapping[str, str]) -> Signer: ... + @classmethod + def from_service_account_file(cls, filename: str) -> Signer: ... diff --git a/stubs/google-auth/google/auth/crypt/es.pyi b/stubs/google-auth/google/auth/crypt/es.pyi new file mode 100644 index 000000000000..b7a160fced75 --- /dev/null +++ b/stubs/google-auth/google/auth/crypt/es.pyi @@ -0,0 +1,44 @@ +from dataclasses import dataclass +from typing import Optional, Union +from cryptography.hazmat.primitives import hashes +from cryptography.hazmat.primitives.asymmetric import ec +from google.auth.crypt import base + +@dataclass +class _ESAttributes: + rs_size: int + sha_algo: hashes.HashAlgorithm + algorithm: str + + @classmethod + def from_key( + cls, key: Union[ec.EllipticCurvePublicKey, ec.EllipticCurvePrivateKey] + ) -> "_ESAttributes": ... + @classmethod + def from_curve(cls, curve: ec.EllipticCurve) -> "_ESAttributes": ... + +class EsVerifier(base.Verifier): + """Verifies ECDSA cryptographic signatures using public keys.""" + + def __init__(self, public_key: ec.EllipticCurvePublicKey) -> None: ... + def verify(self, message: str | bytes, signature: str | bytes) -> bool: ... + @classmethod + def from_string(cls, public_key: Union[str, bytes]) -> "EsVerifier": ... + +class EsSigner(base.Signer, base.FromServiceAccountMixin): + """Signs messages with an ECDSA private key.""" + + def __init__( + self, + private_key: ec.EllipticCurvePrivateKey, + key_id: Optional[str] = None, + ) -> None: ... + @property + def algorithm(self) -> str: ... + @property + def key_id(self) -> str: ... + def sign(self, message: str | bytes) -> bytes: ... + @classmethod + def from_string( + cls, key: Union[bytes, str], key_id: Optional[str] = None + ) -> "EsSigner": ... diff --git a/stubs/google-auth/google/auth/crypt/es256.pyi b/stubs/google-auth/google/auth/crypt/es256.pyi new file mode 100644 index 000000000000..fb4d8d5b54a6 --- /dev/null +++ b/stubs/google-auth/google/auth/crypt/es256.pyi @@ -0,0 +1,4 @@ +from google.auth.crypt.es import EsSigner, EsVerifier + +class ES256Verifier(EsVerifier): ... +class ES256Signer(EsSigner): ... diff --git a/stubs/google-auth/google/auth/crypt/rsa.pyi b/stubs/google-auth/google/auth/crypt/rsa.pyi new file mode 100644 index 000000000000..65b1949d448c --- /dev/null +++ b/stubs/google-auth/google/auth/crypt/rsa.pyi @@ -0,0 +1,22 @@ +from typing import Any, Optional +from google.auth.crypt import base + +RSA_KEY_MODULE_PREFIX: str + +class RSAVerifier(base.Verifier): + def __init__(self, public_key: Any) -> None: ... + def verify(self, message: Any, signature: Any) -> bool: ... + @classmethod + def from_string(cls, public_key: Any) -> "RSAVerifier": ... + +class RSASigner(base.Signer, base.FromServiceAccountMixin): + def __init__( + self, private_key: Any, key_id: Optional[str] = None + ) -> None: ... + @property + def key_id(self) -> str: ... + def sign(self, message: Any) -> bytes: ... + @classmethod + def from_string( + cls, key: Any, key_id: Optional[str] = None + ) -> "RSASigner": ... diff --git a/stubs/google-auth/google/auth/downscoped.pyi b/stubs/google-auth/google/auth/downscoped.pyi new file mode 100644 index 000000000000..5f4778cb7dca --- /dev/null +++ b/stubs/google-auth/google/auth/downscoped.pyi @@ -0,0 +1,74 @@ +from typing import Any, List, Mapping, Optional, Sequence, Tuple + +import google +from _typeshed import Incomplete +from google.auth import credentials + +class CredentialAccessBoundary: + def __init__(self, rules: List["AccessBoundaryRule"] = []) -> None: ... + @property + def rules(self) -> Tuple["AccessBoundaryRule", ...]: ... + @rules.setter + def rules(self, value: List["AccessBoundaryRule"]) -> None: ... + def add_rule(self, rule: "AccessBoundaryRule") -> None: ... + def to_json(self) -> Mapping[str, Any]: ... + +class AccessBoundaryRule: + def __init__( + self, + available_resource: str, + available_permissions: Sequence[str], + availability_condition: Optional["AvailabilityCondition"] = None, + ) -> None: ... + @property + def available_resource(self) -> str: ... + @available_resource.setter + def available_resource(self, value: str) -> None: ... + @property + def available_permissions(self) -> Tuple[str, ...]: ... + @available_permissions.setter + def available_permissions(self, value: Sequence[str]) -> None: ... + @property + def availability_condition(self) -> Optional["AvailabilityCondition"]: ... + @availability_condition.setter + def availability_condition( + self, value: Optional["AvailabilityCondition"] + ) -> None: ... + def to_json(self) -> Mapping[str, Any]: ... + +class AvailabilityCondition: + def __init__( + self, + expression: str, + title: Optional[str] = None, + description: Optional[str] = None, + ) -> None: ... + @property + def expression(self) -> str: ... + @expression.setter + def expression(self, value: str) -> None: ... + @property + def title(self) -> Optional[str]: ... + @title.setter + def title(self, value: Optional[str]) -> None: ... + @property + def description(self) -> Optional[str]: ... + @description.setter + def description(self, value: Optional[str]) -> None: ... + def to_json(self) -> Mapping[str, str]: ... + +class Credentials(credentials.CredentialsWithQuotaProject): + def __init__( + self, + source_credentials: "Credentials", + credential_access_boundary: "CredentialAccessBoundary", + quota_project_id: Optional[str] = None, + universe_domain: str = ..., + ) -> None: ... + token: Incomplete + expiry: Incomplete + + def refresh(self, request: "google.auth.transport.Request") -> None: ... + def with_quota_project( + self, quota_project_id: Optional[str] + ) -> "Credentials": ... diff --git a/stubs/google-auth/google/auth/environment_vars.pyi b/stubs/google-auth/google/auth/environment_vars.pyi new file mode 100644 index 000000000000..e07017cb0bc2 --- /dev/null +++ b/stubs/google-auth/google/auth/environment_vars.pyi @@ -0,0 +1,24 @@ +PROJECT: str +LEGACY_PROJECT: str +GOOGLE_CLOUD_QUOTA_PROJECT: str +CREDENTIALS: str +CLOUD_SDK_CONFIG_DIR: str +GCE_METADATA_HOST: str +GCE_METADATA_ROOT: str +GCE_METADATA_IP: str +GCE_METADATA_TIMEOUT: str +GCE_METADATA_DETECT_RETRIES: str +NO_GCE_CHECK: str +GCE_METADATA_MTLS_MODE: str +GOOGLE_API_USE_CLIENT_CERTIFICATE: str +LEGACY_APPENGINE_RUNTIME: str +AWS_ACCESS_KEY_ID: str +AWS_SECRET_ACCESS_KEY: str +AWS_SESSION_TOKEN: str +AWS_REGION: str +AWS_DEFAULT_REGION: str +GOOGLE_AUTH_TRUST_BOUNDARY_ENABLED: str +GOOGLE_API_CERTIFICATE_CONFIG: str +CLOUD_SDK_CONTEXT_AWARE_USE_CLIENT_CERTIFICATE: str +CLOUDSDK_CONTEXT_AWARE_CERTIFICATE_CONFIG_FILE_PATH: str +GOOGLE_API_PREVENT_AGENT_TOKEN_SHARING_FOR_GCP_SERVICES: str diff --git a/stubs/google-auth/google/auth/exceptions.pyi b/stubs/google-auth/google/auth/exceptions.pyi new file mode 100644 index 000000000000..2b0b9b64d212 --- /dev/null +++ b/stubs/google-auth/google/auth/exceptions.pyi @@ -0,0 +1,33 @@ +from typing import Optional + +class GoogleAuthError(Exception): + def __init__(self, *args: object, **kwargs: object) -> None: ... + @property + def retryable(self) -> bool: ... + +class TransportError(GoogleAuthError): ... +class RefreshError(GoogleAuthError): ... +class UserAccessTokenError(GoogleAuthError): ... +class DefaultCredentialsError(GoogleAuthError): ... +class MutualTLSChannelError(GoogleAuthError): ... + +class ClientCertError(GoogleAuthError): + @property + def retryable(self) -> bool: ... + +class OAuthError(GoogleAuthError): ... + +class ReauthFailError(RefreshError): + def __init__( + self, message: Optional[str] = None, **kwargs: object + ) -> None: ... + +class ReauthSamlChallengeFailError(ReauthFailError): ... +class MalformedError(DefaultCredentialsError, ValueError): ... +class InvalidResource(DefaultCredentialsError, ValueError): ... +class InvalidOperation(DefaultCredentialsError, ValueError): ... +class InvalidValue(DefaultCredentialsError, ValueError): ... +class InvalidType(DefaultCredentialsError, TypeError): ... +class OSError(DefaultCredentialsError, EnvironmentError): ... +class TimeoutError(GoogleAuthError): ... +class ResponseError(GoogleAuthError): ... diff --git a/stubs/google-auth/google/auth/external_account.pyi b/stubs/google-auth/google/auth/external_account.pyi new file mode 100644 index 000000000000..1116eb20777a --- /dev/null +++ b/stubs/google-auth/google/auth/external_account.pyi @@ -0,0 +1,83 @@ +import abc +from dataclasses import dataclass +from typing import Any, Mapping, Optional, Sequence + +import google +from google.auth import credentials + +@dataclass +class SupplierContext: + subject_token_type: str + audience: str + +class Credentials( + credentials.Scoped, + credentials.CredentialsWithQuotaProject, + credentials.CredentialsWithTokenUri, + credentials.CredentialsWithTrustBoundary, + metaclass=abc.ABCMeta, +): + """Base class for external account credentials.""" + + def __init__( + self, + audience: str, + subject_token_type: str, + token_url: str, + credential_source: Mapping[str, Any], + service_account_impersonation_url: Optional[str] = None, + service_account_impersonation_options: Optional[ + Mapping[str, str] + ] = None, + client_id: Optional[str] = None, + client_secret: Optional[str] = None, + token_info_url: Optional[str] = None, + quota_project_id: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + default_scopes: Optional[Sequence[str]] = None, + workforce_pool_user_project: Optional[str] = None, + universe_domain: str = credentials.DEFAULT_UNIVERSE_DOMAIN, + trust_boundary: Optional[Mapping[str, str]] = None, + ) -> None: ... + @property + def info(self) -> Mapping[str, Any]: ... + @property + def service_account_email(self) -> Optional[str]: ... + @property + def is_user(self) -> bool: ... + @property + def is_workforce_pool(self) -> bool: ... + @property + def requires_scopes(self) -> bool: ... + @property + def project_number(self) -> Optional[str]: ... + @property + def token_info_url(self) -> Optional[str]: ... + def get_cred_info(self) -> Optional[Mapping[str, str]]: ... + def with_scopes( + self, + scopes: Sequence[str], + default_scopes: Optional[Sequence[str]] = None, + ) -> "Credentials": ... + @abc.abstractmethod + def retrieve_subject_token( + self, request: "google.auth.transport.Request" + ) -> str: ... + def get_project_id( + self, request: "google.auth.transport.Request" + ) -> Optional[str]: ... + def refresh(self, request: "google.auth.transport.Request") -> None: ... + def with_quota_project( + self, quota_project_id: Optional[str] + ) -> "Credentials": ... + def with_token_uri(self, token_uri: str) -> "Credentials": ... + def with_universe_domain(self, universe_domain: str) -> "Credentials": ... + def with_trust_boundary( + self, trust_boundary: Optional[Mapping[str, str]] + ) -> "Credentials": ... + @classmethod + def from_info( + cls, info: Mapping[str, Any], **kwargs: Any + ) -> "Credentials": ... + @classmethod + def from_file(cls, filename: str, **kwargs: Any) -> "Credentials": ... diff --git a/stubs/google-auth/google/auth/external_account_authorized_user.pyi b/stubs/google-auth/google/auth/external_account_authorized_user.pyi new file mode 100644 index 000000000000..7e04daf0bb59 --- /dev/null +++ b/stubs/google-auth/google/auth/external_account_authorized_user.pyi @@ -0,0 +1,81 @@ +import datetime +from typing import Any, Mapping, Optional, Sequence + +import google +from _typeshed import Incomplete +from google.auth import credentials + +class Credentials( + credentials.CredentialsWithQuotaProject, + credentials.ReadOnlyScoped, + credentials.CredentialsWithTokenUri, + credentials.CredentialsWithTrustBoundary, +): + token: Incomplete + expiry: Optional[datetime.datetime] + + def __init__( + self, + token: Optional[str] = None, + expiry: Optional[datetime.datetime] = None, + refresh_token: Optional[str] = None, + audience: Optional[str] = None, + client_id: Optional[str] = None, + client_secret: Optional[str] = None, + token_url: Optional[str] = None, + token_info_url: Optional[str] = None, + revoke_url: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + universe_domain: str = ..., + trust_boundary: Optional[Mapping[str, str]] = None, + ) -> None: ... + @property + def info(self) -> Mapping[str, object]: ... + def constructor_args(self) -> Mapping[str, object]: ... + @property + def scopes(self) -> Optional[Sequence[str]]: ... + @property + def requires_scopes(self) -> bool: ... + @property + def client_id(self) -> Optional[str]: ... + @property + def client_secret(self) -> Optional[str]: ... + @property + def audience(self) -> Optional[str]: ... + @property + def refresh_token(self) -> Optional[str]: ... + @property + def token_url(self) -> Optional[str]: ... + @property + def token_info_url(self) -> Optional[str]: ... + @property + def revoke_url(self) -> Optional[str]: ... + @property + def is_user(self) -> bool: ... + @property + def can_refresh(self) -> bool: ... + def get_project_id( + self, request: Optional["google.auth.transport.Request"] = None + ) -> Optional[str]: ... + def to_json(self, strip: Optional[Sequence[str]] = None) -> str: ... + def revoke(self, request: "google.auth.transport.Request") -> None: ... + def get_cred_info(self) -> Optional[Mapping[str, str]]: ... + def with_quota_project( + self, quota_project_id: Optional[str] + ) -> "Credentials": ... + def with_token_uri(self, token_uri: str) -> "Credentials": ... + def with_universe_domain(self, universe_domain: str) -> "Credentials": ... + def with_trust_boundary( + self, trust_boundary: Mapping[str, str] + ) -> "Credentials": ... + @classmethod + def from_info( + cls, info: Mapping[str, Any], **kwargs: Any + ) -> "Credentials": ... + @classmethod + def from_file(cls, filename: str, **kwargs: Any) -> "Credentials": ... + def _build_trust_boundary_lookup_url(self) -> str: ... + def _perform_refresh_token( + self, request: "google.auth.transport.Request" + ) -> None: ... diff --git a/stubs/google-auth/google/auth/iam.pyi b/stubs/google-auth/google/auth/iam.pyi new file mode 100644 index 000000000000..25e7b947deb5 --- /dev/null +++ b/stubs/google-auth/google/auth/iam.pyi @@ -0,0 +1,16 @@ +import google +from google.auth import credentials +from google.auth.crypt import base + +IAM_RETRY_CODES: set[int] + +class Signer(base.Signer): + def __init__( + self, + request: "google.auth.transport.Request", + credentials: credentials.Credentials, + service_account_email: str, + ) -> None: ... + @property + def key_id(self) -> str: ... + def sign(self, message: str | bytes) -> bytes: ... diff --git a/stubs/google-auth/google/auth/identity_pool.pyi b/stubs/google-auth/google/auth/identity_pool.pyi new file mode 100644 index 000000000000..01325b17b16e --- /dev/null +++ b/stubs/google-auth/google/auth/identity_pool.pyi @@ -0,0 +1,57 @@ +import abc +from typing import Any, Mapping, NamedTuple, Optional + +from google.auth import external_account + +class SubjectTokenSupplier(metaclass=abc.ABCMeta): + @abc.abstractmethod + def get_subject_token(self, context: Any, request: Any) -> str: ... + +class _TokenContent(NamedTuple): + content: str + location: str + +class _FileSupplier(SubjectTokenSupplier): + def __init__( + self, + path: str, + format_type: str, + subject_token_field_name: Optional[str], + ) -> None: ... + def get_subject_token(self, context: Any, request: Any) -> str: ... + +class _UrlSupplier(SubjectTokenSupplier): + def __init__( + self, + url: str, + format_type: str, + subject_token_field_name: Optional[str], + headers: Optional[Mapping[str, str]], + ) -> None: ... + def get_subject_token(self, context: Any, request: Any) -> str: ... + +class _X509Supplier(SubjectTokenSupplier): + def __init__( + self, trust_chain_path: Optional[str], leaf_cert_callback: Any + ) -> None: ... + def get_subject_token(self, context: Any, request: Any) -> str: ... + +class Credentials(external_account.Credentials, metaclass=abc.ABCMeta): + def __init__( + self, + audience: str, + subject_token_type: str, + token_url: str = "https://sts.googleapis.com/v1/token", + credential_source: Optional[Mapping[str, Any]] = None, + subject_token_supplier: Optional[SubjectTokenSupplier] = None, + *args: Any, + **kwargs: Any, + ) -> None: ... + def retrieve_subject_token(self, request: Any) -> str: ... + @classmethod + def from_info( + cls, info: Mapping[str, Any], **kwargs: Any + ) -> "Credentials": ... + @classmethod + def from_file(cls, filename: str, **kwargs: Any) -> "Credentials": ... + def refresh(self, request: Any) -> None: ... diff --git a/stubs/google-auth/google/auth/impersonated_credentials.pyi b/stubs/google-auth/google/auth/impersonated_credentials.pyi new file mode 100644 index 000000000000..552a11c6d3b1 --- /dev/null +++ b/stubs/google-auth/google/auth/impersonated_credentials.pyi @@ -0,0 +1,96 @@ +from typing import Any, Mapping, Optional, Sequence + +import google +from _typeshed import Incomplete +from google.auth import credentials + +class Credentials( + credentials.Scoped, + credentials.CredentialsWithQuotaProject, + credentials.Signing, + credentials.CredentialsWithTrustBoundary, +): + token: Incomplete + expiry: Incomplete + + def __init__( + self, + source_credentials: credentials.Credentials, + target_principal: str, + target_scopes: Sequence[str], + delegates: Optional[Sequence[str]] = None, + subject: Optional[str] = None, + lifetime: int = ..., + quota_project_id: Optional[str] = None, + iam_endpoint_override: Optional[str] = None, + trust_boundary: Optional[Mapping[str, str]] = None, + ) -> None: ... + def sign_bytes(self, message: bytes) -> bytes: ... + @property + def signer_email(self) -> str: ... + @property + def service_account_email(self) -> str: ... + @property + def signer(self) -> Any: ... + @property + def requires_scopes(self) -> bool: ... + def get_cred_info(self) -> Optional[Mapping[str, str]]: ... + def with_trust_boundary( + self, trust_boundary: Mapping[str, str] + ) -> "Credentials": ... + def with_quota_project( + self, quota_project_id: Optional[str] + ) -> "Credentials": ... + def with_scopes( + self, + scopes: Sequence[str], + default_scopes: Optional[Sequence[str]] = None, + ) -> "Credentials": ... + @classmethod + def from_impersonated_service_account_info( + cls: type["Credentials"], + info: Mapping[str, Any], + scopes: Optional[Sequence[str]] = None, + ) -> "Credentials": ... + def _build_trust_boundary_lookup_url(self) -> str: ... + def _perform_refresh_token( + self, request: "google.auth.transport.Request" + ) -> None: ... + +class IDTokenCredentials( + credentials.CredentialsWithQuotaProject, + credentials.Signing, + credentials.CredentialsWithTokenUri, +): + def __init__( + self, + target_credentials: credentials.Credentials, + target_audience: Optional[str] = None, + include_email: bool = False, + quota_project_id: Optional[str] = None, + ) -> None: ... + def from_credentials( + self, + target_credentials: credentials.Credentials, + target_audience: Optional[str] = None, + ) -> "IDTokenCredentials": ... + def with_target_audience( + self, target_audience: str + ) -> "IDTokenCredentials": ... + def with_include_email( + self, include_email: bool + ) -> "IDTokenCredentials": ... + def with_quota_project( + self, quota_project_id: Optional[str] + ) -> "IDTokenCredentials": ... + token: Incomplete + expiry: Incomplete + + def refresh(self, request: "google.auth.transport.Request") -> None: ... + @property + def signer(self) -> Any: ... + def sign_bytes(self, message: bytes) -> bytes: ... + @property + def service_account_email(self) -> str: ... + @property + def signer_email(self) -> str: ... diff --git a/stubs/google-auth/google/auth/jwt.pyi b/stubs/google-auth/google/auth/jwt.pyi new file mode 100644 index 000000000000..08385fe77636 --- /dev/null +++ b/stubs/google-auth/google/auth/jwt.pyi @@ -0,0 +1,127 @@ +from typing import Any, Dict, List, Mapping, Optional, Tuple, Union +from google.auth import credentials as _credentials +from google.auth.crypt import Signer as _Signer +from typing import Coroutine + +_DEFAULT_TOKEN_LIFETIME_SECS: int +_DEFAULT_MAX_CACHE_SIZE: int +_ALGORITHM_TO_VERIFIER_CLASS: Dict[str, type] +_CRYPTOGRAPHY_BASED_ALGORITHMS: frozenset[str] + +def encode( + signer: _Signer, + payload: Mapping[str, str], + header: Optional[Mapping[str, str]] = None, + key_id: Optional[str] = None, +) -> bytes: ... +def _decode_jwt_segment(encoded_section: bytes) -> Mapping[str, object]: ... +def _unverified_decode( + token: Union[str, bytes], +) -> Tuple[Mapping[str, object], Mapping[str, object], bytes, bytes]: ... +def decode_header(token: Union[str, bytes]) -> Mapping[str, object]: ... +def _verify_iat_and_exp( + payload: Mapping[str, str], clock_skew_in_seconds: int = 0 +) -> None: ... +def decode( + token: str, + certs: Optional[Union[str, bytes, Mapping[str, Union[str, bytes]]]] = None, + verify: bool = True, + audience: Optional[Union[str, List[str]]] = None, + clock_skew_in_seconds: int = 0, +) -> Mapping[str, str]: ... + +class Credentials( + _credentials.Signing, _credentials.CredentialsWithQuotaProject +): + expiry: Any + + def __init__( + self, + signer: _Signer, + issuer: str, + subject: str, + audience: str, + additional_claims: Optional[Mapping[str, str]] = None, + token_lifetime: int = ..., + quota_project_id: Optional[str] = None, + ) -> None: ... + @classmethod + def _from_signer_and_info( + cls, signer: _Signer, info: Mapping[str, str], **kwargs: Any + ) -> "Credentials": ... + @classmethod + def from_service_account_info( + cls, info: Mapping[str, str], **kwargs: Any + ) -> "Credentials": ... + @classmethod + def from_service_account_file( + cls, filename: str, **kwargs: Any + ) -> "Credentials": ... + @classmethod + def from_signing_credentials( + cls, credentials: "_credentials.Signing", audience: str, **kwargs: Any + ) -> "Credentials": ... + def with_claims( + self, + issuer: Optional[str] = None, + subject: Optional[str] = None, + audience: Optional[str] = None, + additional_claims: Optional[Mapping[str, str]] = None, + ) -> "Credentials": ... + def with_quota_project( + self, quota_project_id: Optional[str] + ) -> "Credentials": ... + def refresh(self, request: Any) -> None: ... + def sign_bytes(self, message: bytes) -> bytes: ... + @property + def signer_email(self) -> str: ... + @property + def signer(self) -> _Signer: ... + @property + def additional_claims(self) -> Mapping[str, str]: ... + +class OnDemandCredentials( + _credentials.Signing, _credentials.CredentialsWithQuotaProject +): + def __init__( + self, + signer: _Signer, + issuer: str, + subject: str, + additional_claims: Optional[Mapping[str, str]] = None, + token_lifetime: int = ..., + max_cache_size: int = ..., + quota_project_id: Optional[str] = None, + ) -> None: ... + @classmethod + def from_service_account_info( + cls, info: Mapping[str, str], **kwargs: Any + ) -> "OnDemandCredentials": ... + @classmethod + def from_service_account_file( + cls, filename: str, **kwargs: Any + ) -> "OnDemandCredentials": ... + @classmethod + def from_signing_credentials( + cls, credentials: "_credentials.Signing", **kwargs: Any + ) -> "OnDemandCredentials": ... + def with_claims( + self, + issuer: Optional[str] = None, + subject: Optional[str] = None, + additional_claims: Optional[Mapping[str, str]] = None, + ) -> "OnDemandCredentials": ... + def with_quota_project( + self, quota_project_id: Optional[str] + ) -> "OnDemandCredentials": ... + @property + def valid(self) -> bool: ... + def refresh(self, request: Any) -> None: ... + def before_request( + self, request: Any, method: str, url: str, headers: Mapping[str, str] + ) -> None | Coroutine[Any, Any, None]: ... + def sign_bytes(self, message: bytes) -> bytes: ... + @property + def signer_email(self) -> str: ... + @property + def signer(self) -> _Signer: ... diff --git a/stubs/google-auth/google/auth/metrics.pyi b/stubs/google-auth/google/auth/metrics.pyi new file mode 100644 index 000000000000..5570c6fe8dc1 --- /dev/null +++ b/stubs/google-auth/google/auth/metrics.pyi @@ -0,0 +1,30 @@ +from typing import Mapping, Optional + +API_CLIENT_HEADER: str +BYOID_HEADER_SECTION: str +REQUEST_TYPE_ACCESS_TOKEN: str +REQUEST_TYPE_ID_TOKEN: str +REQUEST_TYPE_MDS_PING: str +REQUEST_TYPE_REAUTH_START: str +REQUEST_TYPE_REAUTH_CONTINUE: str +CRED_TYPE_USER: str +CRED_TYPE_SA_ASSERTION: str +CRED_TYPE_SA_JWT: str +CRED_TYPE_SA_MDS: str +CRED_TYPE_SA_IMPERSONATE: str + +def python_and_auth_lib_version() -> str: ... +def token_request_access_token_mds() -> str: ... +def token_request_id_token_mds() -> str: ... +def token_request_access_token_impersonate() -> str: ... +def token_request_id_token_impersonate() -> str: ... +def token_request_access_token_sa_assertion() -> str: ... +def token_request_id_token_sa_assertion() -> str: ... +def token_request_user() -> str: ... +def mds_ping() -> str: ... +def reauth_start() -> str: ... +def reauth_continue() -> str: ... +def byoid_metrics_header(metrics_options: Mapping[str, str]) -> str: ... +def add_metric_header( + headers: Mapping[str, str], metric_header_value: Optional[str] +) -> None: ... diff --git a/stubs/google-auth/google/auth/pluggable.pyi b/stubs/google-auth/google/auth/pluggable.pyi new file mode 100644 index 000000000000..55492538e703 --- /dev/null +++ b/stubs/google-auth/google/auth/pluggable.pyi @@ -0,0 +1,33 @@ +import abc +from typing import Any, Mapping, Optional +from google.auth import external_account + +EXECUTABLE_SUPPORTED_MAX_VERSION: int +EXECUTABLE_TIMEOUT_MILLIS_DEFAULT: int +EXECUTABLE_TIMEOUT_MILLIS_LOWER_BOUND: int +EXECUTABLE_TIMEOUT_MILLIS_UPPER_BOUND: int +EXECUTABLE_INTERACTIVE_TIMEOUT_MILLIS_LOWER_BOUND: int +EXECUTABLE_INTERACTIVE_TIMEOUT_MILLIS_UPPER_BOUND: int + +class Credentials(external_account.Credentials, metaclass=abc.ABCMeta): + interactive: bool + + def __init__( + self, + audience: str, + subject_token_type: str, + token_url: str, + credential_source: Optional[Mapping[str, Any]] = None, + *args: Any, + **kwargs: Any, + ) -> None: ... + def retrieve_subject_token(self, request: Any) -> Any: ... + def revoke(self, request: Any) -> None: ... + @property + def external_account_id(self) -> Optional[str]: ... + @classmethod + def from_info( + cls, info: Mapping[str, Any], **kwargs: Any + ) -> "Credentials": ... + @classmethod + def from_file(cls, filename: str, **kwargs: Any) -> "Credentials": ... diff --git a/stubs/google-auth/google/auth/transport/__init__.pyi b/stubs/google-auth/google/auth/transport/__init__.pyi new file mode 100644 index 000000000000..fae560999e93 --- /dev/null +++ b/stubs/google-auth/google/auth/transport/__init__.pyi @@ -0,0 +1,29 @@ +import abc +from typing import Any, Mapping, Optional, Sequence + +DEFAULT_RETRYABLE_STATUS_CODES: Sequence[int] +DEFAULT_REFRESH_STATUS_CODES: Sequence[int] +DEFAULT_MAX_REFRESH_ATTEMPTS: int + +class Response(metaclass=abc.ABCMeta): + @property + @abc.abstractmethod + def status(self) -> int: ... + @property + @abc.abstractmethod + def headers(self) -> Mapping[str, str]: ... + @property + @abc.abstractmethod + def data(self) -> bytes: ... + +class Request(metaclass=abc.ABCMeta): + @abc.abstractmethod + def __call__( + self, + url: str, + method: str = "GET", + body: Optional[bytes] = None, + headers: Optional[Mapping[str, str]] = None, + timeout: Optional[float] = None, + **kwargs: Any, + ) -> Response: ... diff --git a/stubs/google-auth/google/auth/transport/_aiohttp_requests.pyi b/stubs/google-auth/google/auth/transport/_aiohttp_requests.pyi new file mode 100644 index 000000000000..25eb35233068 --- /dev/null +++ b/stubs/google-auth/google/auth/transport/_aiohttp_requests.pyi @@ -0,0 +1,63 @@ +from typing import Any, Mapping, Optional, Sequence + +from google.auth import transport +from google.auth.transport import Response + +class _CombinedResponse(transport.Response): + def __init__(self, response: Any) -> None: ... + @property + def status(self) -> int: ... + @property + def headers(self) -> Mapping[str, str]: ... + @property + def data(self) -> bytes: ... + async def raw_content(self) -> bytes: ... + async def content(self) -> bytes: ... + +class _Response(transport.Response): + def __init__(self, response: Any) -> None: ... + @property + def status(self) -> int: ... + @property + def headers(self) -> Mapping[str, str]: ... + @property + def data(self) -> bytes: ... + +class Request(transport.Request): + session: Any + + def __init__(self, session: Optional[Any] = None) -> None: ... + def __call__( + self, + url: str, + method: str = "GET", + body: Optional[bytes] = None, + headers: Optional[Mapping[str, str]] = None, + timeout: Optional[float] = None, + **kwargs: Any, + ) -> Response: ... + +class AuthorizedSession: + credentials: Any + + def __init__( + self, + credentials: Any, + refresh_status_codes: Sequence[int] = ..., + max_refresh_attempts: int = ..., + refresh_timeout: Optional[float] = None, + auth_request: Optional[Request] = None, + auto_decompress: bool = False, + **kwargs: Any, + ) -> None: ... + async def request( + self, + method: str, + url: str, + data: Any = None, + headers: Optional[Mapping[str, str]] = None, + max_allowed_time: Optional[float] = None, + timeout: Optional[float] = None, + auto_decompress: bool = False, + **kwargs: Any, + ) -> _Response: ... diff --git a/stubs/google-auth/google/auth/transport/_custom_tls_signer.pyi b/stubs/google-auth/google/auth/transport/_custom_tls_signer.pyi new file mode 100644 index 000000000000..3bc218f5d180 --- /dev/null +++ b/stubs/google-auth/google/auth/transport/_custom_tls_signer.pyi @@ -0,0 +1,16 @@ +from _typeshed import Incomplete + +SIGN_CALLBACK_CTYPE: Incomplete + +def load_offload_lib(offload_lib_path: str) -> object: ... +def load_signer_lib(signer_lib_path: str) -> object: ... +def load_provider_lib(provider_lib_path: str) -> object: ... +def get_sign_callback(signer_lib: object, config_file_path: str) -> object: ... +def get_cert(signer_lib: object, config_file_path: str) -> bytes: ... + +class CustomTlsSigner: + def __init__(self, enterprise_cert_file_path: str) -> None: ... + def load_libraries(self) -> None: ... + def set_up_custom_key(self) -> None: ... + def should_use_provider(self) -> bool: ... + def attach_to_ssl_context(self, ctx: object) -> None: ... diff --git a/stubs/google-auth/google/auth/transport/_http_client.pyi b/stubs/google-auth/google/auth/transport/_http_client.pyi new file mode 100644 index 000000000000..e11c153941f5 --- /dev/null +++ b/stubs/google-auth/google/auth/transport/_http_client.pyi @@ -0,0 +1,23 @@ +from typing import Any, Mapping, Optional + +from google.auth import transport + +class Response(transport.Response): + def __init__(self, response: Any) -> None: ... + @property + def status(self) -> int: ... + @property + def headers(self) -> Mapping[str, str]: ... + @property + def data(self) -> bytes: ... + +class Request(transport.Request): + def __call__( + self, + url: str, + method: str = "GET", + body: Optional[bytes] = None, + headers: Optional[Mapping[str, str]] = None, + timeout: Optional[float] = None, + **kwargs: Any, + ) -> "Response": ... diff --git a/stubs/google-auth/google/auth/transport/_mtls_helper.pyi b/stubs/google-auth/google/auth/transport/_mtls_helper.pyi new file mode 100644 index 000000000000..0956c9f485ff --- /dev/null +++ b/stubs/google-auth/google/auth/transport/_mtls_helper.pyi @@ -0,0 +1,19 @@ +from typing import Callable, Optional, Tuple + +CONTEXT_AWARE_METADATA_PATH: str +CERTIFICATE_CONFIGURATION_DEFAULT_PATH: str + +def get_client_ssl_credentials( + generate_encrypted_key: bool = False, + context_aware_metadata_path: str = CONTEXT_AWARE_METADATA_PATH, + certificate_config_path: Optional[str] = None, +) -> Tuple[bool, Optional[bytes], Optional[bytes], Optional[bytes]]: ... +def get_client_cert_and_key( + client_cert_callback: Optional[Callable[[], Tuple[bytes, bytes]]] = None, +) -> Tuple[bool, Optional[bytes], Optional[bytes]]: ... +def decrypt_private_key(key: bytes, passphrase: Optional[bytes]) -> bytes: ... +def check_use_client_cert() -> bool: ... +def check_parameters_for_unauthorized_response( + cached_cert: Optional[bytes], +) -> Tuple[bytes, bytes, Optional[str], str]: ... +def call_client_cert_callback() -> Tuple[bytes, bytes]: ... diff --git a/stubs/google-auth/google/auth/transport/_requests_base.pyi b/stubs/google-auth/google/auth/transport/_requests_base.pyi new file mode 100644 index 000000000000..e5bafbcaa6ef --- /dev/null +++ b/stubs/google-auth/google/auth/transport/_requests_base.pyi @@ -0,0 +1,20 @@ +import abc +from typing import Any, Optional + +class _BaseAuthorizedSession(metaclass=abc.ABCMeta): + credentials: Any + + def __init__(self, credentials: Any) -> None: ... + @abc.abstractmethod + def request( + self, + method: str, + url: str, + data: Any = None, + headers: Any = None, + max_allowed_time: Any = None, + timeout: Optional[float] = None, + **kwargs: Any, + ) -> Any: ... + @abc.abstractmethod + def close(self) -> None: ... diff --git a/stubs/google-auth/google/auth/transport/grpc.pyi b/stubs/google-auth/google/auth/transport/grpc.pyi new file mode 100644 index 000000000000..ce68858d7fae --- /dev/null +++ b/stubs/google-auth/google/auth/transport/grpc.pyi @@ -0,0 +1,28 @@ +from typing import Any, Optional + +import grpc + +class AuthMetadataPlugin(grpc.AuthMetadataPlugin): + def __init__( + self, + credentials: Any, + request: Any, + default_host: Optional[str] = None, + ) -> None: ... + def __call__(self, context: Any, callback: Any) -> None: ... + +def secure_authorized_channel( + credentials: Any, + request: Any, + target: str, + ssl_credentials: Any = ..., + client_cert_callback: Any = ..., + **kwargs: Any, +) -> grpc.Channel: ... + +class SslCredentials: + def __init__(self) -> None: ... + @property + def ssl_credentials(self) -> Any: ... + @property + def is_mtls(self) -> bool: ... diff --git a/stubs/google-auth/google/auth/transport/mtls.pyi b/stubs/google-auth/google/auth/transport/mtls.pyi new file mode 100644 index 000000000000..3a1d75407e1a --- /dev/null +++ b/stubs/google-auth/google/auth/transport/mtls.pyi @@ -0,0 +1,10 @@ +from typing import Callable + +def has_default_client_cert_source( + include_context_aware: bool = True, +) -> bool: ... +def default_client_cert_source() -> Callable[[], tuple[bytes, bytes]]: ... +def default_client_encrypted_cert_source( + cert_path: str, key_path: str +) -> Callable[[], tuple[str, str, bytes]]: ... +def should_use_client_cert() -> bool: ... diff --git a/stubs/google-auth/google/auth/transport/requests.pyi b/stubs/google-auth/google/auth/transport/requests.pyi new file mode 100644 index 000000000000..f6e5f4883703 --- /dev/null +++ b/stubs/google-auth/google/auth/transport/requests.pyi @@ -0,0 +1,203 @@ +import types +from typing import ( + Any, + Callable, + Iterable, + Mapping, + MutableMapping, + Optional, + Sequence, + Type, +) + +import requests +import requests.adapters +from _typeshed import SupportsItems, SupportsRead +from google.auth import transport +from requests import Response +from requests import Response as _RequestsResponse +from requests.auth import AuthBase +from requests.sessions import PreparedRequest, RequestsCookieJar + +class _Response(transport.Response): + def __init__(self, response: _RequestsResponse) -> None: ... + @property + def status(self) -> int: ... + @property + def headers(self) -> Mapping[str, str]: ... + @property + def data(self) -> bytes: ... + +class TimeoutGuard: + remaining_timeout: Any + + def __init__( + self, + timeout: Any, + timeout_error_type: Type[Exception] = requests.exceptions.Timeout, + ) -> None: ... + def __enter__(self) -> "TimeoutGuard": ... + def __exit__( + self, + exc_type: Type[BaseException] | None, + exc_value: BaseException | None, + traceback: types.TracebackType | None, + ) -> None: ... + +class Request(transport.Request): + session: Optional[requests.Session] + + def __init__(self, session: Optional[requests.Session] = None) -> None: ... + def __del__(self) -> None: ... + def __call__( + self, + url: str, + method: str = "GET", + body: Optional[bytes] = None, + headers: Optional[Mapping[str, str]] = None, + timeout: Optional[float] = None, + **kwargs: Any, + ) -> _Response: ... + +class _MutualTlsAdapter(requests.adapters.HTTPAdapter): + def __init__(self, cert: bytes, key: bytes) -> None: ... + def init_poolmanager(self, *args: Any, **kwargs: Any) -> None: ... + def proxy_manager_for(self, *args: Any, **kwargs: Any) -> Any: ... + +class _MutualTlsOffloadAdapter(requests.adapters.HTTPAdapter): + signer: Any + + def __init__(self, enterprise_cert_file_path: str) -> None: ... + def init_poolmanager(self, *args: Any, **kwargs: Any) -> None: ... + def proxy_manager_for(self, *args: Any, **kwargs: Any) -> Any: ... + +class AuthorizedSession(requests.Session): + credentials: Any + + def __init__( + self, + credentials: Any, + refresh_status_codes: Sequence[int] = ..., + max_refresh_attempts: int = ..., + refresh_timeout: Optional[float] = None, + auth_request: Optional[Request] = None, + default_host: Optional[str] = None, + ) -> None: ... + def configure_mtls_channel( + self, client_cert_callback: Optional[Any] = None + ) -> None: ... + def request( + self, + method: str | bytes, + url: str | bytes, + params: ( + SupportsItems[ + str | bytes | int | float, + str + | bytes + | int + | float + | Iterable[str | bytes | int | float] + | None, + ] + | tuple[ + str | bytes | int | float, + str + | bytes + | int + | float + | Iterable[str | bytes | int | float] + | None, + ] + | Iterable[ + tuple[ + str | bytes | int | float, + str + | bytes + | int + | float + | Iterable[str | bytes | int | float] + | None, + ] + ] + | str + | bytes + | None + ) = ..., + data: ( + Iterable[bytes] + | str + | bytes + | SupportsRead[str | bytes] + | list[tuple[Any, Any]] + | tuple[tuple[Any, Any], ...] + | Mapping[Any, Any] + | None + ) = ..., + headers: Mapping[str, str | bytes | None] | None = ..., + cookies: RequestsCookieJar | MutableMapping[str, str] | None = ..., + files: ( + Mapping[ + str, + SupportsRead[str | bytes] + | str + | bytes + | tuple[str | None, SupportsRead[str | bytes] | str | bytes] + | tuple[ + str | None, SupportsRead[str | bytes] | str | bytes, str + ] + | tuple[ + str | None, + SupportsRead[str | bytes] | str | bytes, + str, + Mapping[str, str], + ], + ] + | Iterable[ + tuple[ + str, + SupportsRead[str | bytes] + | str + | bytes + | tuple[ + str | None, SupportsRead[str | bytes] | str | bytes + ] + | tuple[ + str | None, + SupportsRead[str | bytes] | str | bytes, + str, + ] + | tuple[ + str | None, + SupportsRead[str | bytes] | str | bytes, + str, + Mapping[str, str], + ], + ] + ] + | None + ) = ..., + auth: ( + tuple[str, str] + | AuthBase + | Callable[[PreparedRequest], PreparedRequest] + | None + ) = ..., + timeout: float | tuple[float | None, float | None] | None = ..., + allow_redirects: bool = ..., + proxies: MutableMapping[str, str] | None = ..., + hooks: ( + Mapping[ + str, + Iterable[Callable[[Response], Any]] + | Callable[[Response], Any], + ] + | None + ) = ..., + stream: bool | None = ..., + verify: bool | str | None = ..., + cert: str | tuple[str, str] | None = ..., + json: Any | None = ..., + ) -> Response: ... + @property + def is_mtls(self) -> bool: ... diff --git a/stubs/google-auth/google/auth/transport/urllib3.pyi b/stubs/google-auth/google/auth/transport/urllib3.pyi new file mode 100644 index 000000000000..1dddf1388f47 --- /dev/null +++ b/stubs/google-auth/google/auth/transport/urllib3.pyi @@ -0,0 +1,107 @@ +import types +from typing import Any, Callable, Mapping, Optional, Sequence, Tuple + +import requests +from google.auth import transport + +class _RequestMethodsBase: ... + +RequestMethods = _RequestMethodsBase +_LOGGER: Any = None + +class _Response(transport.Response): + """urllib3 transport response adapter. + + Args: + response (urllib3.response.HTTPResponse): The raw urllib3 response. + """ + + def __init__(self, response: Any) -> None: ... + @property + def status(self) -> int: ... + @property + def headers(self) -> Mapping[str, str]: ... + @property + def data(self) -> bytes: ... + +class TimeoutGuard: + remaining_timeout: Any + + def __init__( + self, + timeout: Any, + timeout_error_type: type[Exception] = requests.exceptions.Timeout, + ) -> None: ... + def __enter__(self) -> "TimeoutGuard": ... + def __exit__( + self, + exc_type: type[BaseException] | None, + exc_value: BaseException | None, + traceback: types.TracebackType | None, + ) -> None: ... + +class Request(transport.Request): + http: Any + + def __init__(self, http: Optional[Any] = None) -> None: ... + def __del__(self) -> None: ... + def __call__( + self, + url: str, + method: str = "GET", + body: Optional[bytes] = None, + headers: Optional[Mapping[str, str]] = None, + timeout: Optional[float] = None, + **kwargs: Any, + ) -> _Response: ... + +class _MutualTlsAdapter(requests.adapters.HTTPAdapter): + def __init__(self, cert: bytes, key: bytes) -> None: ... + def init_poolmanager(self, *args: Any, **kwargs: Any) -> None: ... + def proxy_manager_for(self, *args: Any, **kwargs: Any) -> Any: ... + +class _MutualTlsOffloadAdapter(requests.adapters.HTTPAdapter): + signer: Any + + def __init__(self, enterprise_cert_file_path: str) -> None: ... + def init_poolmanager(self, *args: Any, **kwargs: Any) -> None: ... + def proxy_manager_for(self, *args: Any, **kwargs: Any) -> Any: ... + +class AuthorizedHttp(RequestMethods): + http: Any + credentials: Any + + def __init__( + self, + credentials: Any, + http: Optional[Any] = None, + refresh_status_codes: Sequence[int] = ..., + max_refresh_attempts: int = ..., + default_host: Optional[str] = None, + ) -> None: ... + def configure_mtls_channel( + self, + client_cert_callback: Optional[ + Callable[[], Tuple[bytes, bytes]] + ] = ..., + ) -> bool: ... + def urlopen( + self, + method: str, + url: str, + body: Any = None, + headers: Any = None, + **kwargs: Any, + ) -> _Response: ... + def __enter__(self) -> Any: ... + def __exit__( + self, + exc_type: type[BaseException] | None, + exc_val: BaseException | None, + exc_tb: types.TracebackType | None, + ) -> None: ... + def __del__(self) -> None: ... + @property + def headers(self) -> Mapping[str, str]: ... + @headers.setter + def headers(self, value: Mapping[str, str]) -> None: ... diff --git a/stubs/google-auth/google/auth/version.pyi b/stubs/google-auth/google/auth/version.pyi new file mode 100644 index 000000000000..bda5b5a7f4cc --- /dev/null +++ b/stubs/google-auth/google/auth/version.pyi @@ -0,0 +1 @@ +__version__: str diff --git a/stubs/google-auth/google/oauth2/__init__.pyi b/stubs/google-auth/google/oauth2/__init__.pyi new file mode 100644 index 000000000000..939a5de79058 --- /dev/null +++ b/stubs/google-auth/google/oauth2/__init__.pyi @@ -0,0 +1,6 @@ +class Python37DeprecationWarning(DeprecationWarning): # pragma: NO COVER + """Deprecation warning raised when Python 3.7 runtime is detected. + Python 3.7 support will be dropped after January 1, 2024. + """ + +eol_message: str diff --git a/stubs/google-auth/google/oauth2/_client.pyi b/stubs/google-auth/google/oauth2/_client.pyi new file mode 100644 index 000000000000..cd2777bbaf2b --- /dev/null +++ b/stubs/google-auth/google/oauth2/_client.pyi @@ -0,0 +1,29 @@ +import datetime +from typing import Mapping, Optional, Sequence, Tuple + +from google.auth.transport import Request + +def jwt_grant( + request: Request, token_uri: str, assertion: str, can_retry: bool = True +) -> Tuple[str, Optional[datetime.datetime], Mapping[str, str]]: ... +def call_iam_generate_id_token_endpoint( + request: Request, + iam_id_token_endpoint: str, + signer_email: str, + audience: str, + access_token: str, + universe_domain: str = ..., +) -> Tuple[str, datetime.datetime]: ... +def id_token_jwt_grant( + request: Request, token_uri: str, assertion: str, can_retry: bool = True +) -> Tuple[str, Optional[datetime.datetime], Mapping[str, str]]: ... +def refresh_grant( + request: Request, + token_uri: str, + refresh_token: str, + client_id: str, + client_secret: str, + scopes: Optional[Sequence[str]] = None, + rapt_token: Optional[str] = None, + can_retry: bool = True, +) -> Tuple[str, str, Optional[datetime.datetime], Mapping[str, str]]: ... diff --git a/stubs/google-auth/google/oauth2/_client_async.pyi b/stubs/google-auth/google/oauth2/_client_async.pyi new file mode 100644 index 000000000000..5d2da056a08f --- /dev/null +++ b/stubs/google-auth/google/oauth2/_client_async.pyi @@ -0,0 +1,21 @@ +from datetime import datetime +from typing import Mapping, Optional, Sequence, Tuple + +from google.auth.transport import Request + +async def jwt_grant( + request: Request, token_uri: str, assertion: str, can_retry: bool = True +) -> Tuple[str, Optional[datetime], Mapping[str, str]]: ... +async def id_token_jwt_grant( + request: Request, token_uri: str, assertion: str, can_retry: bool = True +) -> Tuple[str, Optional[datetime], Mapping[str, str]]: ... +async def refresh_grant( + request: Request, + token_uri: str, + refresh_token: str, + client_id: str, + client_secret: str, + scopes: Optional[Sequence[str]] = None, + rapt_token: Optional[str] = None, + can_retry: bool = True, +) -> Tuple[str, Optional[str], Optional[datetime], Mapping[str, str]]: ... diff --git a/stubs/google-auth/google/oauth2/_credentials_async.pyi b/stubs/google-auth/google/oauth2/_credentials_async.pyi new file mode 100644 index 000000000000..642ec06655b8 --- /dev/null +++ b/stubs/google-auth/google/oauth2/_credentials_async.pyi @@ -0,0 +1,21 @@ +from typing import Mapping +from _typeshed import Incomplete +from google.auth.transport import Request as _Request +from google.oauth2 import credentials as oauth2_credentials + +class Credentials(oauth2_credentials.Credentials): + token: Incomplete + expiry: Incomplete + + async def refresh(self, request: _Request) -> None: ... + async def before_request( + self, + request: _Request, + method: str, + url: str, + headers: Mapping[str, str], + ) -> None: ... + +class UserAccessTokenCredentials( + oauth2_credentials.UserAccessTokenCredentials +): ... diff --git a/stubs/google-auth/google/oauth2/_id_token_async.pyi b/stubs/google-auth/google/oauth2/_id_token_async.pyi new file mode 100644 index 000000000000..a6efcfac9ce2 --- /dev/null +++ b/stubs/google-auth/google/oauth2/_id_token_async.pyi @@ -0,0 +1,24 @@ +from typing import Any, Mapping, Optional, Sequence, Union + +from google.auth.transport import Request as _Request + +async def verify_token( + id_token: Union[str, bytes], + request: _Request, + audience: Optional[Union[str, Sequence[str]]] = None, + certs_url: str = "https://www.googleapis.com/oauth2/v1/certs", + clock_skew_in_seconds: int = 0, +) -> Mapping[str, Any]: ... +async def verify_oauth2_token( + id_token: Union[str, bytes], + request: _Request, + audience: Optional[Union[str, Sequence[str]]] = None, + clock_skew_in_seconds: int = 0, +) -> Mapping[str, Any]: ... +async def verify_firebase_token( + id_token: Union[str, bytes], + request: _Request, + audience: Optional[Union[str, Sequence[str]]] = None, + clock_skew_in_seconds: int = 0, +) -> Mapping[str, Any]: ... +async def fetch_id_token(request: _Request, audience: str) -> str: ... diff --git a/stubs/google-auth/google/oauth2/_reauth_async.pyi b/stubs/google-auth/google/oauth2/_reauth_async.pyi new file mode 100644 index 000000000000..9b21cad42b15 --- /dev/null +++ b/stubs/google-auth/google/oauth2/_reauth_async.pyi @@ -0,0 +1,26 @@ +import datetime +from typing import Mapping, Optional, Sequence, Tuple + +from google.auth.transport import Request as _Request + +def is_interactive() -> bool: ... +def get_rapt_token( + request: _Request, + client_id: str, + client_secret: str, + refresh_token: str, + token_uri: str, + scopes: Optional[Sequence[str]] = None, +) -> str: ... +def refresh_grant( + request: _Request, + token_uri: str, + refresh_token: str, + client_id: str, + client_secret: str, + scopes: Optional[Sequence[str]] = None, + rapt_token: Optional[str] = None, + enable_reauth_refresh: bool = False, +) -> Tuple[ + str, Optional[str], Optional[datetime.datetime], Mapping[str, str], str +]: ... diff --git a/stubs/google-auth/google/oauth2/_service_account_async.pyi b/stubs/google-auth/google/oauth2/_service_account_async.pyi new file mode 100644 index 000000000000..7d68e08e60e5 --- /dev/null +++ b/stubs/google-auth/google/oauth2/_service_account_async.pyi @@ -0,0 +1,26 @@ +import abc +from _typeshed import Incomplete +from google.auth import _credentials_async as credentials_async +from google.auth.transport import Request as _Request +from google.oauth2 import service_account + +class Credentials( + service_account.Credentials, + credentials_async.Scoped, + credentials_async.Credentials, + metaclass=abc.ABCMeta, +): + token: Incomplete + expiry: Incomplete + + async def refresh(self, request: _Request) -> None: ... + +class IDTokenCredentials( + service_account.IDTokenCredentials, + credentials_async.Signing, + credentials_async.Credentials, +): + token: Incomplete + expiry: Incomplete + + async def refresh(self, request: _Request) -> None: ... diff --git a/stubs/google-auth/google/oauth2/challenges.pyi b/stubs/google-auth/google/oauth2/challenges.pyi new file mode 100644 index 000000000000..d6957abde1e3 --- /dev/null +++ b/stubs/google-auth/google/oauth2/challenges.pyi @@ -0,0 +1,49 @@ +import abc +from typing import Dict, Mapping, Optional + +REAUTH_ORIGIN: str +SAML_CHALLENGE_MESSAGE: str +WEBAUTHN_TIMEOUT_MS: int + +def get_user_password(text: str) -> str: ... + +class ReauthChallenge(metaclass=abc.ABCMeta): + @property + @abc.abstractmethod + def name(self) -> str: ... + @property + @abc.abstractmethod + def is_locally_eligible(self) -> bool: ... + @abc.abstractmethod + def obtain_challenge_input( + self, metadata: Mapping[str, object] + ) -> Optional[Dict[str, object]]: ... + +class PasswordChallenge(ReauthChallenge): + @property + def name(self) -> str: ... + @property + def is_locally_eligible(self) -> bool: ... + def obtain_challenge_input( + self, unused_metadata: Mapping[str, object] + ) -> Optional[Dict[str, object]]: ... + +class SecurityKeyChallenge(ReauthChallenge): + @property + def name(self) -> str: ... + @property + def is_locally_eligible(self) -> bool: ... + def obtain_challenge_input( + self, metadata: Mapping[str, object] + ) -> Optional[Dict[str, object]]: ... + +class SamlChallenge(ReauthChallenge): + @property + def name(self) -> str: ... + @property + def is_locally_eligible(self) -> bool: ... + def obtain_challenge_input( + self, metadata: Mapping[str, object] + ) -> Optional[Dict[str, object]]: ... + +AVAILABLE_CHALLENGES: Dict[str, ReauthChallenge] diff --git a/stubs/google-auth/google/oauth2/credentials.pyi b/stubs/google-auth/google/oauth2/credentials.pyi new file mode 100644 index 000000000000..311835a2437e --- /dev/null +++ b/stubs/google-auth/google/oauth2/credentials.pyi @@ -0,0 +1,97 @@ +import datetime +from typing import Any, Mapping, Optional, Sequence +import google +from google.auth import credentials +from typing import Coroutine + +class Credentials( + credentials.ReadOnlyScoped, credentials.CredentialsWithQuotaProject +): + token: Optional[str] + expiry: Optional[datetime.datetime] + + def __init__( + self, + token: Optional[str], + refresh_token: Optional[str] = None, + id_token: Optional[str] = None, + token_uri: Optional[str] = None, + client_id: Optional[str] = None, + client_secret: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + default_scopes: Optional[Sequence[str]] = None, + quota_project_id: Optional[str] = None, + expiry: Optional[datetime.datetime] = None, + rapt_token: Optional[str] = None, + refresh_handler: Optional[Any] = None, + enable_reauth_refresh: bool = False, + granted_scopes: Optional[Sequence[str]] = None, + trust_boundary: Optional[Mapping[str, str]] = None, + universe_domain: Optional[str] = None, + account: Optional[str] = "", + ) -> None: ... + @property + def refresh_token(self) -> Optional[str]: ... + @property + def scopes(self) -> Optional[Sequence[str]]: ... + @property + def granted_scopes(self) -> Optional[Sequence[str]]: ... + @property + def token_uri(self) -> Optional[str]: ... + @property + def id_token(self) -> Optional[str]: ... + @property + def client_id(self) -> Optional[str]: ... + @property + def client_secret(self) -> Optional[str]: ... + @property + def requires_scopes(self) -> bool: ... + @property + def rapt_token(self) -> Optional[str]: ... + @property + def refresh_handler(self) -> Optional[Any]: ... + @refresh_handler.setter + def refresh_handler(self, value: Optional[Any]) -> None: ... + @property + def account(self) -> str: ... + def get_cred_info(self) -> Optional[Mapping[str, str]]: ... + def with_quota_project( + self, quota_project_id: Optional[str] + ) -> "Credentials": ... + def with_token_uri(self, token_uri: str) -> "Credentials": ... + def with_account(self, account: str) -> "Credentials": ... + def with_universe_domain(self, universe_domain: str) -> "Credentials": ... + def refresh( + self, request: "google.auth.transport.Request" + ) -> None | Coroutine[Any, Any, None]: ... + @classmethod + def from_authorized_user_info( + cls, info: Mapping[str, str], scopes: Optional[Sequence[str]] = None + ) -> "Credentials": ... + @classmethod + def from_authorized_user_file( + cls, filename: str, scopes: Optional[Sequence[str]] = None + ) -> "Credentials": ... + def to_json(self, strip: Optional[Sequence[str]] = None) -> str: ... + +class UserAccessTokenCredentials(credentials.CredentialsWithQuotaProject): + def __init__( + self, + account: Optional[str] = None, + quota_project_id: Optional[str] = None, + ) -> None: ... + def with_account(self, account: str) -> "UserAccessTokenCredentials": ... + def with_quota_project( + self, quota_project_id: Optional[str] + ) -> "UserAccessTokenCredentials": ... + token: Optional[str] + expiry: Optional[datetime.datetime] + + def refresh(self, request: "google.auth.transport.Request") -> None: ... + def before_request( + self, + request: "google.auth.transport.Request", + method: str, + url: str, + headers: Mapping[str, str], + ) -> None: ... diff --git a/stubs/google-auth/google/oauth2/gdch_credentials.pyi b/stubs/google-auth/google/oauth2/gdch_credentials.pyi new file mode 100644 index 000000000000..d3dd7d40f9b0 --- /dev/null +++ b/stubs/google-auth/google/oauth2/gdch_credentials.pyi @@ -0,0 +1,34 @@ +from typing import Any, Mapping, Optional + +import google +from _typeshed import Incomplete +from google.auth import credentials +from google.auth.crypt import Signer as _Signer + +TOKEN_EXCHANGE_TYPE: str +ACCESS_TOKEN_TOKEN_TYPE: str +SERVICE_ACCOUNT_TOKEN_TYPE: str +JWT_LIFETIME: Incomplete + +class ServiceAccountCredentials(credentials.Credentials): + def __init__( + self, + signer: _Signer, + service_identity_name: str, + project: str, + audience: Optional[str], + token_uri: str, + ca_cert_path: Optional[str], + ) -> None: ... + @classmethod + def from_service_account_info( + cls, info: Mapping[str, str], **kwargs: Any + ) -> "ServiceAccountCredentials": ... + @classmethod + def from_service_account_file( + cls, filename: str, **kwargs: Any + ) -> "ServiceAccountCredentials": ... + def refresh(self, request: "google.auth.transport.Request") -> None: ... + def with_gdch_audience( + self, audience: str + ) -> "ServiceAccountCredentials": ... diff --git a/stubs/google-auth/google/oauth2/id_token.pyi b/stubs/google-auth/google/oauth2/id_token.pyi new file mode 100644 index 000000000000..4c94da3d7b2d --- /dev/null +++ b/stubs/google-auth/google/oauth2/id_token.pyi @@ -0,0 +1,28 @@ +from typing import Any, Mapping, Optional, Sequence, Union + +from google.auth import credentials as _credentials +from google.auth import transport as transport + +def verify_token( + id_token: Union[str, bytes], + request: transport.Request, + audience: Optional[Union[str, Sequence[str]]] = None, + certs_url: str = "https://www.googleapis.com/oauth2/v1/certs", + clock_skew_in_seconds: int = 0, +) -> Mapping[str, Any]: ... +def verify_oauth2_token( + id_token: Union[str, bytes], + request: transport.Request, + audience: Optional[Union[str, Sequence[str]]] = None, + clock_skew_in_seconds: int = 0, +) -> Mapping[str, Any]: ... +def verify_firebase_token( + id_token: Union[str, bytes], + request: transport.Request, + audience: Optional[Union[str, Sequence[str]]] = None, + clock_skew_in_seconds: int = 0, +) -> Mapping[str, Any]: ... +def fetch_id_token_credentials( + audience: str, request: Optional[transport.Request] = None +) -> _credentials.Credentials: ... +def fetch_id_token(request: transport.Request, audience: str) -> str: ... diff --git a/stubs/google-auth/google/oauth2/reauth.pyi b/stubs/google-auth/google/oauth2/reauth.pyi new file mode 100644 index 000000000000..08c35c7d3577 --- /dev/null +++ b/stubs/google-auth/google/oauth2/reauth.pyi @@ -0,0 +1,28 @@ +import datetime +from typing import Mapping, Optional, Sequence, Tuple + +from google.auth.transport import Request as _Request + +RUN_CHALLENGE_RETRY_LIMIT: int + +def is_interactive() -> bool: ... +def get_rapt_token( + request: _Request, + client_id: str, + client_secret: str, + refresh_token: str, + token_uri: str, + scopes: Optional[Sequence[str]] = None, +) -> str: ... +def refresh_grant( + request: _Request, + token_uri: str, + refresh_token: str, + client_id: str, + client_secret: str, + scopes: Optional[Sequence[str]] = None, + rapt_token: Optional[str] = None, + enable_reauth_refresh: bool = False, +) -> Tuple[ + str, Optional[str], Optional[datetime.datetime], Mapping[str, str], str +]: ... diff --git a/stubs/google-auth/google/oauth2/service_account.pyi b/stubs/google-auth/google/oauth2/service_account.pyi new file mode 100644 index 000000000000..27a4699049b9 --- /dev/null +++ b/stubs/google-auth/google/oauth2/service_account.pyi @@ -0,0 +1,114 @@ +import abc +import datetime +from typing import Any, Mapping, Optional, Sequence +import google +from google.auth import credentials +from typing import Coroutine + +class Credentials( + credentials.Signing, + credentials.Scoped, + credentials.CredentialsWithQuotaProject, + credentials.CredentialsWithTokenUri, + credentials.CredentialsWithTrustBoundary, + metaclass=abc.ABCMeta, +): + def __init__( + self, + signer: "google.auth.crypt.Signer", + service_account_email: str, + token_uri: str, + scopes: Optional[Sequence[str]] = None, + default_scopes: Optional[Sequence[str]] = None, + subject: Optional[str] = None, + project_id: Optional[str] = None, + quota_project_id: Optional[str] = None, + additional_claims: Optional[Mapping[str, str]] = None, + always_use_jwt_access: bool = False, + universe_domain: Optional[str] = None, + trust_boundary: Optional[Mapping[str, str]] = None, + ) -> None: ... + @classmethod + def from_service_account_info( + cls, info: Mapping[str, str], **kwargs: Any + ) -> "Credentials": ... + @classmethod + def from_service_account_file( + cls, filename: str, **kwargs: Any + ) -> "Credentials": ... + @property + def service_account_email(self) -> str: ... + @property + def project_id(self) -> Optional[str]: ... + @property + def requires_scopes(self) -> bool: ... + def with_scopes( + self, + scopes: Sequence[str], + default_scopes: Optional[Sequence[str]] = None, + ) -> "Credentials": ... + def with_always_use_jwt_access( + self, always_use_jwt_access: bool + ) -> "Credentials": ... + def with_universe_domain(self, universe_domain: str) -> "Credentials": ... + def with_subject(self, subject: str) -> "Credentials": ... + def with_claims( + self, additional_claims: Mapping[str, str] + ) -> "Credentials": ... + def with_quota_project( + self, quota_project_id: Optional[str] + ) -> "Credentials": ... + def with_token_uri(self, token_uri: str) -> "Credentials": ... + def with_trust_boundary( + self, trust_boundary: Mapping[str, str] + ) -> "Credentials": ... + def sign_bytes(self, message: bytes) -> bytes: ... + @property + def signer(self) -> "google.auth.crypt.Signer": ... + @property + def signer_email(self) -> str: ... + def get_cred_info(self) -> Optional[Mapping[str, str]]: ... + +class IDTokenCredentials( + credentials.Signing, + credentials.CredentialsWithQuotaProject, + credentials.CredentialsWithTokenUri, +): + def __init__( + self, + signer: "google.auth.crypt.Signer", + service_account_email: str, + token_uri: str, + target_audience: str, + additional_claims: Optional[Mapping[str, str]] = None, + quota_project_id: Optional[str] = None, + universe_domain: Optional[str] = None, + ) -> None: ... + @classmethod + def from_service_account_info( + cls, info: Mapping[str, str], **kwargs: Any + ) -> "IDTokenCredentials": ... + @classmethod + def from_service_account_file( + cls, filename: str, **kwargs: Any + ) -> "IDTokenCredentials": ... + def with_target_audience( + self, target_audience: str + ) -> "IDTokenCredentials": ... + def with_quota_project( + self, quota_project_id: Optional[str] + ) -> "IDTokenCredentials": ... + def with_token_uri(self, token_uri: str) -> "IDTokenCredentials": ... + token: Optional[str] + expiry: Optional[datetime.datetime] + + def refresh( + self, request: "google.auth.transport.Request" + ) -> None | Coroutine[Any, Any, None]: ... + @property + def service_account_email(self) -> str: ... + def sign_bytes(self, message: bytes) -> bytes: ... + @property + def signer(self) -> "google.auth.crypt.Signer": ... + @property + def signer_email(self) -> str: ... diff --git a/stubs/google-auth/google/oauth2/sts.pyi b/stubs/google-auth/google/oauth2/sts.pyi new file mode 100644 index 000000000000..1c48fb187911 --- /dev/null +++ b/stubs/google-auth/google/oauth2/sts.pyi @@ -0,0 +1,36 @@ +from typing import Mapping, Optional, Sequence + +from google.auth.transport import Request as _Request +from google.oauth2 import utils + +class Client(utils.OAuthClientAuthHandler): + def __init__( + self, + token_exchange_endpoint: str, + client_authentication: Optional[utils.ClientAuthentication] = None, + ) -> None: ... + def exchange_token( + self, + request: _Request, + grant_type: str, + subject_token: str, + subject_token_type: str, + resource: Optional[str] = None, + audience: Optional[str] = None, + scopes: Optional[Sequence[str]] = None, + requested_token_type: Optional[str] = None, + actor_token: Optional[str] = None, + actor_token_type: Optional[str] = None, + additional_options: Optional[Mapping[str, str]] = None, + additional_headers: Optional[Mapping[str, str]] = None, + ) -> Mapping[str, str]: ... + def refresh_token( + self, request: _Request, refresh_token: str + ) -> Mapping[str, str]: ... + def revoke_token( + self, + request: _Request, + token: str, + token_type_hint: str, + revoke_url: str, + ) -> Mapping[str, str]: ... diff --git a/stubs/google-auth/google/oauth2/utils.pyi b/stubs/google-auth/google/oauth2/utils.pyi new file mode 100644 index 000000000000..e35c1780a83b --- /dev/null +++ b/stubs/google-auth/google/oauth2/utils.pyi @@ -0,0 +1,31 @@ +import abc +import enum +from typing import Mapping, Optional + +class ClientAuthType(enum.Enum): + basic = 1 + request_body = 2 + +class ClientAuthentication: + client_auth_type: ClientAuthType + client_id: str + client_secret: Optional[str] + def __init__( + self, + client_auth_type: ClientAuthType, + client_id: str, + client_secret: Optional[str] = None, + ) -> None: ... + +class OAuthClientAuthHandler(metaclass=abc.ABCMeta): + def __init__( + self, client_authentication: Optional["ClientAuthentication"] = None + ) -> None: ... + def apply_client_authentication_options( + self, + headers: Mapping[str, str], + request_body: Optional[Mapping[str, str]] = None, + bearer_token: Optional[str] = None, + ) -> None: ... + +def handle_error_response(response_body: str) -> None: ... diff --git a/stubs/google-auth/google/oauth2/webauthn_handler.pyi b/stubs/google-auth/google/oauth2/webauthn_handler.pyi new file mode 100644 index 000000000000..4649734d8951 --- /dev/null +++ b/stubs/google-auth/google/oauth2/webauthn_handler.pyi @@ -0,0 +1,12 @@ +import abc +from google.oauth2.webauthn_types import GetRequest as GetRequest, GetResponse + +class WebAuthnHandler(abc.ABC, metaclass=abc.ABCMeta): + @abc.abstractmethod + def is_available(self) -> bool: ... + @abc.abstractmethod + def get(self, get_request: GetRequest) -> GetResponse: ... + +class PluginHandler(WebAuthnHandler): + def is_available(self) -> bool: ... + def get(self, get_request: GetRequest) -> GetResponse: ... diff --git a/stubs/google-auth/google/oauth2/webauthn_handler_factory.pyi b/stubs/google-auth/google/oauth2/webauthn_handler_factory.pyi new file mode 100644 index 000000000000..bc0599dfb37d --- /dev/null +++ b/stubs/google-auth/google/oauth2/webauthn_handler_factory.pyi @@ -0,0 +1,6 @@ +from google.oauth2.webauthn_handler import WebAuthnHandler as WebAuthnHandler + +class WebauthnHandlerFactory: + handlers: list[WebAuthnHandler] + def __init__(self) -> None: ... + def get_handler(self) -> WebAuthnHandler | None: ... diff --git a/stubs/google-auth/google/oauth2/webauthn_types.pyi b/stubs/google-auth/google/oauth2/webauthn_types.pyi new file mode 100644 index 000000000000..38abfb4b46e5 --- /dev/null +++ b/stubs/google-auth/google/oauth2/webauthn_types.pyi @@ -0,0 +1,44 @@ +from dataclasses import dataclass +from typing import Dict, List, Optional + +@dataclass(frozen=True) +class PublicKeyCredentialDescriptor: + id: str + transports: Optional[List[str]] = None + + def to_dict(self) -> Dict[str, object]: ... + +@dataclass +class AuthenticationExtensionsClientInputs: + appid: Optional[str] = None + + def to_dict(self) -> Dict[str, object]: ... + +@dataclass +class GetRequest: + origin: str + rpid: str + challenge: str + timeout_ms: Optional[int] = None + allow_credentials: Optional[List[PublicKeyCredentialDescriptor]] = None + user_verification: Optional[str] = None + extensions: Optional[AuthenticationExtensionsClientInputs] = None + + def to_json(self) -> str: ... + +@dataclass(frozen=True) +class AuthenticatorAssertionResponse: + client_data_json: str + authenticator_data: str + signature: str + user_handle: Optional[str] = None + +@dataclass(frozen=True) +class GetResponse: + id: str + response: AuthenticatorAssertionResponse + authenticator_attachment: Optional[str] = None + client_extension_results: Optional[Dict[str, object]] = None + + @staticmethod + def from_json(json_str: str) -> "GetResponse": ... From 1a99c2b2511c39c51afc29a540d798d0abb5aa6b Mon Sep 17 00:00:00 2001 From: "pre-commit-ci[bot]" <66853113+pre-commit-ci[bot]@users.noreply.github.com> Date: Tue, 7 Apr 2026 20:29:37 +0000 Subject: [PATCH 2/5] [pre-commit.ci] auto fixes from pre-commit.com hooks --- stubs/google-auth/google/auth/__init__.pyi | 6 +- .../google/auth/_agent_identity_utils.pyi | 8 +- stubs/google-auth/google/auth/_cloud_sdk.pyi | 6 +- .../google/auth/_credentials_async.pyi | 30 +---- .../google/auth/_credentials_base.pyi | 7 +- stubs/google-auth/google/auth/_default.pyi | 34 ++--- .../google/auth/_default_async.pyi | 14 +- .../google/auth/_exponential_backoff.pyi | 4 +- stubs/google-auth/google/auth/_helpers.pyi | 26 ++-- stubs/google-auth/google/auth/_jwt_async.pyi | 73 ++++------ .../google/auth/_service_account_info.pyi | 14 +- .../google-auth/google/auth/aio/_helpers.pyi | 4 +- .../google/auth/aio/credentials.pyi | 35 +---- .../google/auth/aio/transport/__init__.pyi | 14 +- .../google/auth/aio/transport/aiohttp.pyi | 14 +- .../google/auth/aio/transport/mtls.pyi | 16 +-- .../google/auth/aio/transport/sessions.pyi | 73 ++++------ stubs/google-auth/google/auth/api_key.pyi | 14 +- stubs/google-auth/google/auth/app_engine.pyi | 33 ++--- stubs/google-auth/google/auth/aws.pyi | 30 ++--- .../google/auth/compute_engine/__init__.pyi | 9 +- .../google/auth/compute_engine/_metadata.pyi | 26 ++-- .../google/auth/compute_engine/_mtls.pyi | 22 +-- .../auth/compute_engine/credentials.pyi | 70 ++++------ stubs/google-auth/google/auth/credentials.pyi | 74 ++++------- .../google/auth/crypt/__init__.pyi | 11 +- .../google/auth/crypt/_cryptography_rsa.pyi | 13 +- .../google/auth/crypt/_python_rsa.pyi | 13 +- stubs/google-auth/google/auth/crypt/base.pyi | 10 +- stubs/google-auth/google/auth/crypt/es.pyi | 20 +-- stubs/google-auth/google/auth/crypt/rsa.pyi | 13 +- stubs/google-auth/google/auth/downscoped.pyi | 49 +++---- stubs/google-auth/google/auth/exceptions.pyi | 6 +- .../google/auth/external_account.pyi | 66 ++++----- .../auth/external_account_authorized_user.pyi | 78 +++++------ stubs/google-auth/google/auth/iam.pyi | 5 +- .../google-auth/google/auth/identity_pool.pyi | 29 ++-- .../google/auth/impersonated_credentials.pyi | 75 ++++------- stubs/google-auth/google/auth/jwt.pyi | 94 +++++-------- stubs/google-auth/google/auth/metrics.pyi | 6 +- stubs/google-auth/google/auth/pluggable.pyi | 13 +- .../google/auth/transport/__init__.pyi | 8 +- .../auth/transport/_aiohttp_requests.pyi | 20 +-- .../google/auth/transport/_http_client.pyi | 10 +- .../google/auth/transport/_mtls_helper.pyi | 18 ++- .../google/auth/transport/_requests_base.pyi | 4 +- .../google/auth/transport/grpc.pyi | 16 +-- .../google/auth/transport/mtls.pyi | 8 +- .../google/auth/transport/requests.pyi | 125 ++++-------------- .../google/auth/transport/urllib3.pyi | 48 ++----- stubs/google-auth/google/oauth2/_client.pyi | 21 ++- .../google/oauth2/_client_async.pyi | 12 +- .../google/oauth2/_credentials_async.pyi | 15 +-- .../google/oauth2/_id_token_async.pyi | 16 +-- .../google/oauth2/_reauth_async.pyi | 17 +-- .../google/oauth2/_service_account_async.pyi | 14 +- .../google-auth/google/oauth2/challenges.pyi | 20 +-- .../google-auth/google/oauth2/credentials.pyi | 114 +++++++--------- .../google/oauth2/gdch_credentials.pyi | 22 ++- stubs/google-auth/google/oauth2/id_token.pyi | 23 +--- stubs/google-auth/google/oauth2/reauth.pyi | 17 +-- .../google/oauth2/service_account.pyi | 106 ++++++--------- stubs/google-auth/google/oauth2/sts.pyi | 36 ++--- stubs/google-auth/google/oauth2/utils.pyi | 20 +-- .../google/oauth2/webauthn_handler.pyi | 1 + .../google/oauth2/webauthn_types.pyi | 25 ++-- 66 files changed, 644 insertions(+), 1249 deletions(-) diff --git a/stubs/google-auth/google/auth/__init__.pyi b/stubs/google-auth/google/auth/__init__.pyi index afa5f4468b37..b9b174e2897b 100644 --- a/stubs/google-auth/google/auth/__init__.pyi +++ b/stubs/google-auth/google/auth/__init__.pyi @@ -4,10 +4,6 @@ from google.auth._default import ( load_credentials_from_file as load_credentials_from_file, ) -__all__ = [ - "default", - "load_credentials_from_file", - "load_credentials_from_dict", -] +__all__ = ["default", "load_credentials_from_file", "load_credentials_from_dict"] class Python37DeprecationWarning(DeprecationWarning): ... diff --git a/stubs/google-auth/google/auth/_agent_identity_utils.pyi b/stubs/google-auth/google/auth/_agent_identity_utils.pyi index a4f5a5351dc2..9715580220db 100644 --- a/stubs/google-auth/google/auth/_agent_identity_utils.pyi +++ b/stubs/google-auth/google/auth/_agent_identity_utils.pyi @@ -1,10 +1,10 @@ -from typing import Any, Optional +from typing import Any CRYPTOGRAPHY_NOT_FOUND_ERROR: str -def get_agent_identity_certificate_path() -> Optional[str]: ... -def get_and_parse_agent_identity_certificate() -> Optional[Any]: ... +def get_agent_identity_certificate_path() -> str | None: ... +def get_and_parse_agent_identity_certificate() -> Any | None: ... def parse_certificate(cert_bytes: bytes) -> Any: ... def calculate_certificate_fingerprint(cert: Any) -> str: ... def should_request_bound_token(cert: Any) -> bool: ... -def get_cached_cert_fingerprint(cached_cert: Optional[bytes]) -> str: ... +def get_cached_cert_fingerprint(cached_cert: bytes | None) -> str: ... diff --git a/stubs/google-auth/google/auth/_cloud_sdk.pyi b/stubs/google-auth/google/auth/_cloud_sdk.pyi index e991271a1593..45cf0a3e3b70 100644 --- a/stubs/google-auth/google/auth/_cloud_sdk.pyi +++ b/stubs/google-auth/google/auth/_cloud_sdk.pyi @@ -1,8 +1,6 @@ -from typing import Optional - CLOUD_SDK_CLIENT_ID: str def get_config_path() -> str: ... def get_application_default_credentials_path() -> str: ... -def get_project_id() -> Optional[str]: ... -def get_auth_access_token(account: Optional[str] = None) -> str: ... +def get_project_id() -> str | None: ... +def get_auth_access_token(account: str | None = None) -> str: ... diff --git a/stubs/google-auth/google/auth/_credentials_async.pyi b/stubs/google-auth/google/auth/_credentials_async.pyi index 6c88621e8bbf..bb434f8cedba 100644 --- a/stubs/google-auth/google/auth/_credentials_async.pyi +++ b/stubs/google-auth/google/auth/_credentials_async.pyi @@ -1,38 +1,20 @@ import abc from typing import Mapping, Sequence + from google.auth import credentials from google.auth.transport import Request as _Request class Credentials(credentials.Credentials, metaclass=abc.ABCMeta): - async def before_request( - self, - request: _Request, - method: str, - url: str, - headers: Mapping[str, str], - ) -> None: ... + async def before_request(self, request: _Request, method: str, url: str, headers: Mapping[str, str]) -> None: ... -class CredentialsWithQuotaProject( - credentials.CredentialsWithQuotaProject, metaclass=abc.ABCMeta -): ... +class CredentialsWithQuotaProject(credentials.CredentialsWithQuotaProject, metaclass=abc.ABCMeta): ... class AnonymousCredentials(credentials.AnonymousCredentials, Credentials): - ... - - async def before_request( - self, - request: _Request, - method: str, - url: str, - headers: Mapping[str, str], - ) -> None: ... + async def before_request(self, request: _Request, method: str, url: str, headers: Mapping[str, str]) -> None: ... class ReadOnlyScoped(credentials.ReadOnlyScoped, metaclass=abc.ABCMeta): ... class Scoped(credentials.Scoped, metaclass=abc.ABCMeta): ... -def with_scopes_if_required( - credentials: "Credentials", scopes: Sequence[str] -) -> "Credentials": ... +def with_scopes_if_required(credentials: Credentials, scopes: Sequence[str]) -> Credentials: ... -class Signing(credentials.Signing, metaclass=abc.ABCMeta): - pass +class Signing(credentials.Signing, metaclass=abc.ABCMeta): ... diff --git a/stubs/google-auth/google/auth/_credentials_base.pyi b/stubs/google-auth/google/auth/_credentials_base.pyi index 266ed4573af5..502a92d7e497 100644 --- a/stubs/google-auth/google/auth/_credentials_base.pyi +++ b/stubs/google-auth/google/auth/_credentials_base.pyi @@ -1,13 +1,12 @@ import abc from _typeshed import Incomplete -from google.auth.transport import Request as _TransportRequest from typing import Any, Coroutine +from google.auth.transport import Request as _TransportRequest + class _BaseCredentials(metaclass=abc.ABCMeta): token: Incomplete def __init__(self) -> None: ... @abc.abstractmethod - def refresh( - self, request: _TransportRequest - ) -> None | Coroutine[Any, Any, None]: ... + def refresh(self, request: _TransportRequest) -> None | Coroutine[Any, Any, None]: ... diff --git a/stubs/google-auth/google/auth/_default.pyi b/stubs/google-auth/google/auth/_default.pyi index 56e97d7bab2d..08b805aa4e2c 100644 --- a/stubs/google-auth/google/auth/_default.pyi +++ b/stubs/google-auth/google/auth/_default.pyi @@ -1,4 +1,4 @@ -from typing import TYPE_CHECKING, Any, Mapping, Optional, Sequence, Tuple +from typing import TYPE_CHECKING, Any, Mapping, Sequence from google.auth.credentials import Credentials as Credentials from google.auth.transport import Request as Request @@ -8,22 +8,22 @@ if TYPE_CHECKING: def load_credentials_from_file( filename: str, - scopes: Optional[Sequence[str]] = None, - default_scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - request: Optional[Request] = None, -) -> Tuple[Credentials, Optional[str]]: ... + scopes: Sequence[str] | None = None, + default_scopes: Sequence[str] | None = None, + quota_project_id: str | None = None, + request: Request | None = None, +) -> tuple[Credentials, str | None]: ... def load_credentials_from_dict( info: Mapping[str, Any], - scopes: Optional[Sequence[str]] = None, - default_scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - request: Optional[Request] = None, -) -> Tuple[Credentials, Optional[str]]: ... -def get_api_key_credentials(key: str) -> "_ApiKeyCredentials": ... + scopes: Sequence[str] | None = None, + default_scopes: Sequence[str] | None = None, + quota_project_id: str | None = None, + request: Request | None = None, +) -> tuple[Credentials, str | None]: ... +def get_api_key_credentials(key: str) -> _ApiKeyCredentials: ... def default( - scopes: Optional[Sequence[str]] = None, - request: Optional[Request] = None, - quota_project_id: Optional[str] = None, - default_scopes: Optional[Sequence[str]] = None, -) -> Tuple[Credentials, Optional[str]]: ... + scopes: Sequence[str] | None = None, + request: Request | None = None, + quota_project_id: str | None = None, + default_scopes: Sequence[str] | None = None, +) -> tuple[Credentials, str | None]: ... diff --git a/stubs/google-auth/google/auth/_default_async.pyi b/stubs/google-auth/google/auth/_default_async.pyi index 58972aed9ebf..80ad214ea79f 100644 --- a/stubs/google-auth/google/auth/_default_async.pyi +++ b/stubs/google-auth/google/auth/_default_async.pyi @@ -1,15 +1,11 @@ -from typing import Optional, Sequence, Tuple +from typing import Sequence from google.auth.credentials import Credentials as Credentials from google.auth.transport import Request as _Request def load_credentials_from_file( - filename: str, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, -) -> Tuple[Credentials, Optional[str]]: ... + filename: str, scopes: Sequence[str] | None = None, quota_project_id: str | None = None +) -> tuple[Credentials, str | None]: ... def default_async( - scopes: Optional[Sequence[str]] = None, - request: Optional[_Request] = None, - quota_project_id: Optional[str] = None, -) -> Tuple[Credentials, Optional[str]]: ... + scopes: Sequence[str] | None = None, request: _Request | None = None, quota_project_id: str | None = None +) -> tuple[Credentials, str | None]: ... diff --git a/stubs/google-auth/google/auth/_exponential_backoff.pyi b/stubs/google-auth/google/auth/_exponential_backoff.pyi index bdd4de2b7361..e15bebae5b89 100644 --- a/stubs/google-auth/google/auth/_exponential_backoff.pyi +++ b/stubs/google-auth/google/auth/_exponential_backoff.pyi @@ -13,10 +13,10 @@ class _BaseExponentialBackoff: class ExponentialBackoff(_BaseExponentialBackoff): def __init__(self, *args: object, **kwargs: object) -> None: ... - def __iter__(self) -> "ExponentialBackoff": ... + def __iter__(self) -> ExponentialBackoff: ... def __next__(self) -> int: ... class AsyncExponentialBackoff(_BaseExponentialBackoff): def __init__(self, *args: object, **kwargs: object) -> None: ... - def __aiter__(self) -> "AsyncExponentialBackoff": ... + def __aiter__(self) -> AsyncExponentialBackoff: ... async def __anext__(self) -> int: ... diff --git a/stubs/google-auth/google/auth/_helpers.pyi b/stubs/google-auth/google/auth/_helpers.pyi index 5a2637519c0f..c4707aabf189 100644 --- a/stubs/google-auth/google/auth/_helpers.pyi +++ b/stubs/google-auth/google/auth/_helpers.pyi @@ -1,6 +1,6 @@ import datetime import logging -from typing import Any, Callable, Mapping, Optional, Sequence, Union +from typing import Any, Callable, Mapping, Sequence REFRESH_THRESHOLD: datetime.timedelta @@ -9,25 +9,15 @@ def parse_content_type(header_value: str) -> str: ... def utcnow() -> datetime.datetime: ... def utcfromtimestamp(timestamp: float) -> datetime.datetime: ... def datetime_to_secs(value: datetime.datetime) -> int: ... -def to_bytes(value: Union[str, bytes], encoding: str = "utf-8") -> bytes: ... -def from_bytes(value: Union[str, bytes]) -> str: ... -def update_query( - url: str, params: Mapping[str, str], remove: Optional[Sequence[str]] = None -) -> str: ... +def to_bytes(value: str | bytes, encoding: str = "utf-8") -> bytes: ... +def from_bytes(value: str | bytes) -> str: ... +def update_query(url: str, params: Mapping[str, str], remove: Sequence[str] | None = None) -> str: ... def scopes_to_string(scopes: Sequence[str]) -> str: ... -def string_to_scopes(scopes: Union[Sequence[str], str]) -> list[str]: ... -def padded_urlsafe_b64decode(value: Union[str, bytes]) -> bytes: ... -def unpadded_urlsafe_b64encode( - value: Union[str, bytes], -) -> Union[str, bytes]: ... +def string_to_scopes(scopes: Sequence[str] | str) -> list[str]: ... +def padded_urlsafe_b64decode(value: str | bytes) -> bytes: ... +def unpadded_urlsafe_b64encode(value: str | bytes) -> str | bytes: ... def get_bool_from_env(variable_name: str, default: bool = False) -> bool: ... def is_python_3() -> bool: ... def is_logging_enabled(logger: logging.Logger) -> bool: ... -def request_log( - logger: logging.Logger, - method: str, - url: str, - body: Optional[bytes], - headers: Mapping[str, str] | None, -) -> None: ... +def request_log(logger: logging.Logger, method: str, url: str, body: bytes | None, headers: Mapping[str, str] | None) -> None: ... def response_log(logger: logging.Logger, response: Any) -> None: ... diff --git a/stubs/google-auth/google/auth/_jwt_async.pyi b/stubs/google-auth/google/auth/_jwt_async.pyi index a004568d6057..0328e2d7f1b7 100644 --- a/stubs/google-auth/google/auth/_jwt_async.pyi +++ b/stubs/google-auth/google/auth/_jwt_async.pyi @@ -1,34 +1,27 @@ +from typing import Any, Mapping + +from google.auth import _credentials_async, jwt from google.auth.credentials import Signing -from typing import Any, Dict, List, Mapping, Optional, Tuple, Union -import google.auth.jwt as jwt -from google.auth import _credentials_async from google.auth.crypt import Signer as _Signer from google.auth.transport import Request as _Request _DEFAULT_TOKEN_LIFETIME_SECS: int _DEFAULT_MAX_CACHE_SIZE: int -_ALGORITHM_TO_VERIFIER_CLASS: Dict[str, type] +_ALGORITHM_TO_VERIFIER_CLASS: dict[str, type] _CRYPTOGRAPHY_BASED_ALGORITHMS: frozenset[str] def encode( - signer: _Signer, - payload: Mapping[str, str], - header: Optional[Mapping[str, str]] = None, - key_id: Optional[str] = None, + signer: _Signer, payload: Mapping[str, str], header: Mapping[str, str] | None = None, key_id: str | None = None ) -> bytes: ... def _decode_jwt_segment(encoded_section: bytes) -> Mapping[str, Any]: ... -def _unverified_decode( - token: Union[str, bytes], -) -> Tuple[Mapping[str, Any], Mapping[str, Any], bytes, bytes]: ... -def decode_header(token: Union[str, bytes]) -> Mapping[str, Any]: ... -def _verify_iat_and_exp( - payload: Mapping[str, str], clock_skew_in_seconds: int = 0 -) -> None: ... +def _unverified_decode(token: str | bytes) -> tuple[Mapping[str, Any], Mapping[str, Any], bytes, bytes]: ... +def decode_header(token: str | bytes) -> Mapping[str, Any]: ... +def _verify_iat_and_exp(payload: Mapping[str, str], clock_skew_in_seconds: int = 0) -> None: ... def decode( token: str, - certs: Optional[Union[str, bytes, Mapping[str, Union[str, bytes]]]] = None, + certs: str | bytes | Mapping[str, str | bytes] | None = None, verify: bool = True, - audience: Optional[Union[str, List[str]]] = None, + audience: str | list[str] | None = None, clock_skew_in_seconds: int = 0, ) -> Mapping[str, Any]: ... @@ -41,36 +34,26 @@ class Credentials(jwt.Credentials, _credentials_async.Credentials): issuer: str, subject: str, audience: str, - additional_claims: Optional[Mapping[str, str]] = None, + additional_claims: Mapping[str, str] | None = None, token_lifetime: int = ..., - quota_project_id: Optional[str] = None, + quota_project_id: str | None = None, ) -> None: ... @classmethod - def _from_signer_and_info( - cls, signer: _Signer, info: Mapping[str, str], **kwargs: Any - ) -> "Credentials": ... + def _from_signer_and_info(cls, signer: _Signer, info: Mapping[str, str], **kwargs: Any) -> Credentials: ... @classmethod - def from_service_account_info( - cls, info: Mapping[str, str], **kwargs: Any - ) -> "Credentials": ... + def from_service_account_info(cls, info: Mapping[str, str], **kwargs: Any) -> Credentials: ... @classmethod - def from_service_account_file( - cls, filename: str, **kwargs: Any - ) -> "Credentials": ... + def from_service_account_file(cls, filename: str, **kwargs: Any) -> Credentials: ... @classmethod - def from_signing_credentials( - cls, credentials: Signing, audience: str, **kwargs: Any - ) -> "Credentials": ... + def from_signing_credentials(cls, credentials: Signing, audience: str, **kwargs: Any) -> Credentials: ... def with_claims( self, - issuer: Optional[str] = None, - subject: Optional[str] = None, - audience: Optional[str] = None, - additional_claims: Optional[Mapping[str, str]] = None, - ) -> "Credentials": ... - def with_quota_project( - self, quota_project_id: Optional[str] - ) -> "Credentials": ... + issuer: str | None = None, + subject: str | None = None, + audience: str | None = None, + additional_claims: Mapping[str, str] | None = None, + ) -> Credentials: ... + def with_quota_project(self, quota_project_id: str | None) -> Credentials: ... def refresh(self, request: Any) -> None: ... def sign_bytes(self, message: bytes) -> bytes: ... @property @@ -80,9 +63,7 @@ class Credentials(jwt.Credentials, _credentials_async.Credentials): @property def additional_claims(self) -> Mapping[str, str]: ... -class OnDemandCredentials( - jwt.OnDemandCredentials, _credentials_async.Credentials -): +class OnDemandCredentials(jwt.OnDemandCredentials, _credentials_async.Credentials): """On-demand JWT credentials. Like :class:`Credentials`, this class uses a JWT as the bearer token for @@ -100,10 +81,4 @@ class OnDemandCredentials( .. _grpc: http://www.grpc.io/ """ - async def before_request( - self, - request: _Request, - method: str, - url: str, - headers: Mapping[str, str], - ) -> None: ... + async def before_request(self, request: _Request, method: str, url: str, headers: Mapping[str, str]) -> None: ... diff --git a/stubs/google-auth/google/auth/_service_account_info.pyi b/stubs/google-auth/google/auth/_service_account_info.pyi index 56d01573be4f..a426dfa94d4d 100644 --- a/stubs/google-auth/google/auth/_service_account_info.pyi +++ b/stubs/google-auth/google/auth/_service_account_info.pyi @@ -1,14 +1,8 @@ -from typing import Mapping, Optional, Sequence, Tuple +from typing import Mapping, Sequence from google.auth import crypt as _crypt -def from_dict( - data: Mapping[str, str], - require: Optional[Sequence[str]] = None, - use_rsa_signer: bool = True, -) -> _crypt.Signer: ... +def from_dict(data: Mapping[str, str], require: Sequence[str] | None = None, use_rsa_signer: bool = True) -> _crypt.Signer: ... def from_filename( - filename: str, - require: Optional[Sequence[str]] = None, - use_rsa_signer: bool = True, -) -> Tuple[Mapping[str, str], _crypt.Signer]: ... + filename: str, require: Sequence[str] | None = None, use_rsa_signer: bool = True +) -> tuple[Mapping[str, str], _crypt.Signer]: ... diff --git a/stubs/google-auth/google/auth/aio/_helpers.pyi b/stubs/google-auth/google/auth/aio/_helpers.pyi index 09ec0b96b975..672ac9f8952f 100644 --- a/stubs/google-auth/google/auth/aio/_helpers.pyi +++ b/stubs/google-auth/google/auth/aio/_helpers.pyi @@ -1,6 +1,4 @@ import logging from typing import Any -async def response_log_async( - logger: logging.Logger, response: Any -) -> None: ... +async def response_log_async(logger: logging.Logger, response: Any) -> None: ... diff --git a/stubs/google-auth/google/auth/aio/credentials.pyi b/stubs/google-auth/google/auth/aio/credentials.pyi index feb315cc0e47..41f617b847c3 100644 --- a/stubs/google-auth/google/auth/aio/credentials.pyi +++ b/stubs/google-auth/google/auth/aio/credentials.pyi @@ -1,44 +1,23 @@ -from typing import Mapping, Optional from _typeshed import Incomplete +from typing import Mapping + from google.auth._credentials_base import _BaseCredentials from google.auth.transport import Request as _TransportRequest class Credentials(_BaseCredentials): def __init__(self) -> None: ... - async def apply( - self, headers: Mapping[str, str], token: Optional[str] = None - ) -> None: ... + async def apply(self, headers: Mapping[str, str], token: str | None = None) -> None: ... async def refresh(self, request: _TransportRequest) -> None: ... - async def before_request( - self, - request: _TransportRequest, - method: str, - url: str, - headers: Mapping[str, str], - ) -> None: ... + async def before_request(self, request: _TransportRequest, method: str, url: str, headers: Mapping[str, str]) -> None: ... class StaticCredentials(Credentials): token: Incomplete def __init__(self, token: str) -> None: ... async def refresh(self, request: _TransportRequest) -> None: ... - async def before_request( - self, - request: _TransportRequest, - method: str, - url: str, - headers: Mapping[str, str], - ) -> None: ... + async def before_request(self, request: _TransportRequest, method: str, url: str, headers: Mapping[str, str]) -> None: ... class AnonymousCredentials(Credentials): async def refresh(self, request: _TransportRequest) -> None: ... - async def apply( - self, headers: Mapping[str, str], token: Optional[str] = None - ) -> None: ... - async def before_request( - self, - request: _TransportRequest, - method: str, - url: str, - headers: Mapping[str, str], - ) -> None: ... + async def apply(self, headers: Mapping[str, str], token: str | None = None) -> None: ... + async def before_request(self, request: _TransportRequest, method: str, url: str, headers: Mapping[str, str]) -> None: ... diff --git a/stubs/google-auth/google/auth/aio/transport/__init__.pyi b/stubs/google-auth/google/auth/aio/transport/__init__.pyi index 6417253220c4..1197e226a62e 100644 --- a/stubs/google-auth/google/auth/aio/transport/__init__.pyi +++ b/stubs/google-auth/google/auth/aio/transport/__init__.pyi @@ -1,5 +1,5 @@ import abc -from typing import Any, AsyncGenerator, Mapping, Optional, Sequence +from typing import Any, AsyncGenerator, Mapping, Sequence DEFAULT_RETRYABLE_STATUS_CODES: Sequence[int] DEFAULT_MAX_RETRY_ATTEMPTS: int @@ -12,9 +12,7 @@ class Response(metaclass=abc.ABCMeta): @abc.abstractmethod def headers(self) -> Mapping[str, str]: ... @abc.abstractmethod - async def content( - self, chunk_size: int - ) -> AsyncGenerator[bytes, None]: ... + async def content(self, chunk_size: int) -> AsyncGenerator[bytes]: ... @abc.abstractmethod async def read(self) -> bytes: ... @abc.abstractmethod @@ -23,12 +21,6 @@ class Response(metaclass=abc.ABCMeta): class Request(metaclass=abc.ABCMeta): @abc.abstractmethod async def __call__( - self, - url: str, - method: str, - body: Optional[bytes], - headers: Optional[Mapping[str, str]], - timeout: float, - **kwargs: Any, + self, url: str, method: str, body: bytes | None, headers: Mapping[str, str] | None, timeout: float, **kwargs: Any ) -> Response: ... async def close(self) -> None: ... diff --git a/stubs/google-auth/google/auth/aio/transport/aiohttp.pyi b/stubs/google-auth/google/auth/aio/transport/aiohttp.pyi index 89c47ff52cd3..2bedc42f6519 100644 --- a/stubs/google-auth/google/auth/aio/transport/aiohttp.pyi +++ b/stubs/google-auth/google/auth/aio/transport/aiohttp.pyi @@ -1,4 +1,4 @@ -from typing import Any, AsyncGenerator, Mapping, Optional, Union +from typing import Any, AsyncGenerator, Mapping from google.auth.aio import transport @@ -10,21 +10,19 @@ class Response(transport.Response): def status_code(self) -> int: ... @property def headers(self) -> Mapping[str, str]: ... - async def content( - self, chunk_size: int = 1024 - ) -> AsyncGenerator[bytes, None]: ... + async def content(self, chunk_size: int = 1024) -> AsyncGenerator[bytes]: ... async def read(self) -> bytes: ... async def close(self) -> None: ... class Request(transport.Request): - def __init__(self, session: Optional[Any] = None) -> None: ... + def __init__(self, session: Any | None = None) -> None: ... async def __call__( self, url: str, method: str = "GET", - body: Optional[bytes] = None, - headers: Optional[Mapping[str, str]] = None, - timeout: Union[float, ClientTimeout] = ..., + body: bytes | None = None, + headers: Mapping[str, str] | None = None, + timeout: float | ClientTimeout = ..., *args: Any, **kwargs: Any, ) -> transport.Response: ... diff --git a/stubs/google-auth/google/auth/aio/transport/mtls.pyi b/stubs/google-auth/google/auth/aio/transport/mtls.pyi index fbc293d54694..156572e84eae 100644 --- a/stubs/google-auth/google/auth/aio/transport/mtls.pyi +++ b/stubs/google-auth/google/auth/aio/transport/mtls.pyi @@ -1,13 +1,11 @@ import ssl -from typing import Callable, Optional, Tuple +from typing import Callable -def make_client_cert_ssl_context( - cert_bytes: bytes, key_bytes: bytes, passphrase: Optional[bytes] = None -) -> ssl.SSLContext: ... -def default_client_cert_source() -> Callable[[], Tuple[bytes, bytes]]: ... +def make_client_cert_ssl_context(cert_bytes: bytes, key_bytes: bytes, passphrase: bytes | None = None) -> ssl.SSLContext: ... +def default_client_cert_source() -> Callable[[], tuple[bytes, bytes]]: ... async def get_client_ssl_credentials( - certificate_config_path: Optional[str] = None, -) -> Tuple[bool, Optional[bytes], Optional[bytes], Optional[bytes]]: ... + certificate_config_path: str | None = None, +) -> tuple[bool, bytes | None, bytes | None, bytes | None]: ... async def get_client_cert_and_key( - client_cert_callback: Optional[Callable[[], Tuple[bytes, bytes]]] = None, -) -> Tuple[bool, Optional[bytes], Optional[bytes]]: ... + client_cert_callback: Callable[[], tuple[bytes, bytes]] | None = None, +) -> tuple[bool, bytes | None, bytes | None]: ... diff --git a/stubs/google-auth/google/auth/aio/transport/sessions.pyi b/stubs/google-auth/google/auth/aio/transport/sessions.pyi index 26f8106711c2..4b9801489686 100644 --- a/stubs/google-auth/google/auth/aio/transport/sessions.pyi +++ b/stubs/google-auth/google/auth/aio/transport/sessions.pyi @@ -1,13 +1,5 @@ from contextlib import asynccontextmanager -from typing import ( - Any, - AsyncGenerator, - Callable, - Mapping, - Optional, - Tuple, - Union, -) +from typing import Any, AsyncGenerator, Callable, Mapping from google.auth.aio import transport from google.auth.aio.credentials import Credentials @@ -17,79 +9,70 @@ class ClientTimeout: ... AIOHTTP_INSTALLED: bool @asynccontextmanager -def timeout_guard(timeout: float) -> AsyncGenerator[Any, None]: ... +def timeout_guard(timeout: float) -> AsyncGenerator[Any]: ... class AsyncAuthorizedSession: - def __init__( - self, - credentials: Credentials, - auth_request: Optional[transport.Request] = None, - ) -> None: ... - async def configure_mtls_channel( - self, - client_cert_callback: Optional[ - Callable[[], Tuple[bytes, bytes]] - ] = None, - ) -> None: ... + def __init__(self, credentials: Credentials, auth_request: transport.Request | None = None) -> None: ... + async def configure_mtls_channel(self, client_cert_callback: Callable[[], tuple[bytes, bytes]] | None = None) -> None: ... async def request( self, method: str, url: str, - data: Optional[bytes] = None, - headers: Optional[Mapping[str, str]] = None, + data: bytes | None = None, + headers: Mapping[str, str] | None = None, max_allowed_time: float = ..., - timeout: Union[float, ClientTimeout] = ..., - total_attempts: Optional[int] = ..., + timeout: float | ClientTimeout = ..., + total_attempts: int | None = ..., **kwargs: Any, ) -> transport.Response: ... async def get( self, url: str, - data: Optional[bytes] = None, - headers: Optional[Mapping[str, str]] = None, + data: bytes | None = None, + headers: Mapping[str, str] | None = None, max_allowed_time: float = ..., - timeout: Union[float, ClientTimeout] = ..., - total_attempts: Optional[int] = ..., + timeout: float | ClientTimeout = ..., + total_attempts: int | None = ..., **kwargs: Any, ) -> transport.Response: ... async def post( self, url: str, - data: Optional[bytes] = None, - headers: Optional[Mapping[str, str]] = None, + data: bytes | None = None, + headers: Mapping[str, str] | None = None, max_allowed_time: float = ..., - timeout: Union[float, ClientTimeout] = ..., - total_attempts: Optional[int] = ..., + timeout: float | ClientTimeout = ..., + total_attempts: int | None = ..., **kwargs: Any, ) -> transport.Response: ... async def put( self, url: str, - data: Optional[bytes] = None, - headers: Optional[Mapping[str, str]] = None, + data: bytes | None = None, + headers: Mapping[str, str] | None = None, max_allowed_time: float = ..., - timeout: Union[float, ClientTimeout] = ..., - total_attempts: Optional[int] = ..., + timeout: float | ClientTimeout = ..., + total_attempts: int | None = ..., **kwargs: Any, ) -> transport.Response: ... async def patch( self, url: str, - data: Optional[bytes] = None, - headers: Optional[Mapping[str, str]] = None, + data: bytes | None = None, + headers: Mapping[str, str] | None = None, max_allowed_time: float = ..., - timeout: Union[float, ClientTimeout] = ..., - total_attempts: Optional[int] = ..., + timeout: float | ClientTimeout = ..., + total_attempts: int | None = ..., **kwargs: Any, ) -> transport.Response: ... async def delete( self, url: str, - data: Optional[bytes] = None, - headers: Optional[Mapping[str, str]] = None, + data: bytes | None = None, + headers: Mapping[str, str] | None = None, max_allowed_time: float = ..., - timeout: Union[float, ClientTimeout] = ..., - total_attempts: Optional[int] = ..., + timeout: float | ClientTimeout = ..., + total_attempts: int | None = ..., **kwargs: Any, ) -> transport.Response: ... @property diff --git a/stubs/google-auth/google/auth/api_key.pyi b/stubs/google-auth/google/auth/api_key.pyi index 5af477eef59d..66f1efc6155d 100644 --- a/stubs/google-auth/google/auth/api_key.pyi +++ b/stubs/google-auth/google/auth/api_key.pyi @@ -1,4 +1,4 @@ -from typing import Mapping, Optional +from typing import Mapping import google from google.auth import credentials @@ -11,14 +11,8 @@ class Credentials(credentials.Credentials): def expired(self) -> bool: ... @property def valid(self) -> bool: ... - def refresh(self, request: "google.auth.transport.Request") -> None: ... - def apply( - self, headers: Mapping[str, str], token: Optional[str] = None - ) -> None: ... + def refresh(self, request: google.auth.transport.Request) -> None: ... + def apply(self, headers: Mapping[str, str], token: str | None = None) -> None: ... def before_request( - self, - request: "google.auth.transport.Request", - method: str, - url: str, - headers: Mapping[str, str], + self, request: google.auth.transport.Request, method: str, url: str, headers: Mapping[str, str] ) -> None: ... diff --git a/stubs/google-auth/google/auth/app_engine.pyi b/stubs/google-auth/google/auth/app_engine.pyi index af35a578b7d2..c44e2a94b879 100644 --- a/stubs/google-auth/google/auth/app_engine.pyi +++ b/stubs/google-auth/google/auth/app_engine.pyi @@ -1,4 +1,5 @@ -from typing import Optional, Sequence, Union +from typing import Sequence + import google from google.auth import credentials from google.auth.crypt import base @@ -6,37 +7,27 @@ from google.auth.crypt import base class Signer(base.Signer): @property def key_id(self) -> str: ... - def sign(self, message: Union[str, bytes]) -> bytes: ... + def sign(self, message: str | bytes) -> bytes: ... def get_project_id() -> str: ... -class Credentials( - credentials.Scoped, - credentials.Signing, - credentials.CredentialsWithQuotaProject, -): +class Credentials(credentials.Scoped, credentials.Signing, credentials.CredentialsWithQuotaProject): def __init__( self, - scopes: Optional[Sequence[str]] = None, - default_scopes: Optional[Sequence[str]] = None, - service_account_id: Optional[str] = None, - quota_project_id: Optional[str] = None, + scopes: Sequence[str] | None = None, + default_scopes: Sequence[str] | None = None, + service_account_id: str | None = None, + quota_project_id: str | None = None, ) -> None: ... - def refresh(self, request: "google.auth.transport.Request") -> None: ... + def refresh(self, request: google.auth.transport.Request) -> None: ... @property def service_account_email(self) -> str: ... @property def requires_scopes(self) -> bool: ... - def with_scopes( - self, - scopes: Sequence[str], - default_scopes: Optional[Sequence[str]] = None, - ) -> "Credentials": ... - def with_quota_project( - self, quota_project_id: Optional[str] - ) -> "Credentials": ... + def with_scopes(self, scopes: Sequence[str], default_scopes: Sequence[str] | None = None) -> Credentials: ... + def with_quota_project(self, quota_project_id: str | None) -> Credentials: ... def sign_bytes(self, message: bytes) -> bytes: ... @property def signer_email(self) -> str: ... @property - def signer(self) -> "Signer": ... + def signer(self) -> Signer: ... diff --git a/stubs/google-auth/google/auth/aws.pyi b/stubs/google-auth/google/auth/aws.pyi index c7c50ed3246c..164f74137839 100644 --- a/stubs/google-auth/google/auth/aws.pyi +++ b/stubs/google-auth/google/auth/aws.pyi @@ -1,6 +1,6 @@ import abc from dataclasses import dataclass -from typing import Any, Mapping, Optional +from typing import Any, Mapping from google.auth import external_account @@ -8,32 +8,28 @@ from google.auth import external_account class AwsSecurityCredentials: access_key_id: str secret_access_key: str - session_token: Optional[str] = None + session_token: str | None = None -class RequestSigner(object): +class RequestSigner: def __init__(self, region_name: str) -> None: ... def get_request_options( self, - aws_security_credentials: "AwsSecurityCredentials", + aws_security_credentials: AwsSecurityCredentials, url: str, method: str, request_payload: str = "", - additional_headers: Optional[Mapping[str, str]] = None, + additional_headers: Mapping[str, str] | None = None, ) -> Mapping[str, str]: ... class AwsSecurityCredentialsSupplier(metaclass=abc.ABCMeta): @abc.abstractmethod - def get_aws_security_credentials( - self, context: Any, request: Any - ) -> AwsSecurityCredentials: ... + def get_aws_security_credentials(self, context: Any, request: Any) -> AwsSecurityCredentials: ... @abc.abstractmethod def get_aws_region(self, context: Any, request: Any) -> str: ... class _DefaultAwsSecurityCredentialsSupplier(AwsSecurityCredentialsSupplier): def __init__(self, credential_source: Mapping[str, Any]) -> None: ... - def get_aws_security_credentials( - self, context: Any, request: Any - ) -> AwsSecurityCredentials: ... + def get_aws_security_credentials(self, context: Any, request: Any) -> AwsSecurityCredentials: ... def get_aws_region(self, context: Any, request: Any) -> str: ... class Credentials(external_account.Credentials, metaclass=abc.ABCMeta): @@ -42,17 +38,13 @@ class Credentials(external_account.Credentials, metaclass=abc.ABCMeta): audience: str, subject_token_type: str, token_url: str = "https://sts.googleapis.com/v1/token", - credential_source: Optional[Mapping[str, Any]] = None, - aws_security_credentials_supplier: Optional[ - "AwsSecurityCredentialsSupplier" - ] = None, + credential_source: Mapping[str, Any] | None = None, + aws_security_credentials_supplier: AwsSecurityCredentialsSupplier | None = None, *args: Any, **kwargs: Any, ) -> None: ... def retrieve_subject_token(self, request: Any) -> str: ... @classmethod - def from_info( - cls, info: Mapping[str, Any], **kwargs: Any - ) -> "Credentials": ... + def from_info(cls, info: Mapping[str, Any], **kwargs: Any) -> Credentials: ... @classmethod - def from_file(cls, filename: str, **kwargs: Any) -> "Credentials": ... + def from_file(cls, filename: str, **kwargs: Any) -> Credentials: ... diff --git a/stubs/google-auth/google/auth/compute_engine/__init__.pyi b/stubs/google-auth/google/auth/compute_engine/__init__.pyi index b47554cc81cd..802fc05fc37a 100644 --- a/stubs/google-auth/google/auth/compute_engine/__init__.pyi +++ b/stubs/google-auth/google/auth/compute_engine/__init__.pyi @@ -1,9 +1,4 @@ -from google.auth.compute_engine._metadata import ( - detect_gce_residency_linux as detect_gce_residency_linux, -) -from google.auth.compute_engine.credentials import ( - Credentials as Credentials, - IDTokenCredentials as IDTokenCredentials, -) +from google.auth.compute_engine._metadata import detect_gce_residency_linux as detect_gce_residency_linux +from google.auth.compute_engine.credentials import Credentials as Credentials, IDTokenCredentials as IDTokenCredentials __all__ = ["Credentials", "IDTokenCredentials", "detect_gce_residency_linux"] diff --git a/stubs/google-auth/google/auth/compute_engine/_metadata.pyi b/stubs/google-auth/google/auth/compute_engine/_metadata.pyi index 39778243f800..3e8228e746f4 100644 --- a/stubs/google-auth/google/auth/compute_engine/_metadata.pyi +++ b/stubs/google-auth/google/auth/compute_engine/_metadata.pyi @@ -1,31 +1,25 @@ import datetime -from typing import Any, List, Mapping, Optional, Tuple, Union +from typing import Any, Mapping from google.auth.transport import Request as _Request def is_on_gce(request: _Request) -> bool: ... def detect_gce_residency_linux() -> bool: ... -def ping( - request: _Request, timeout: int = 3, retry_count: int = 3 -) -> bool: ... +def ping(request: _Request, timeout: int = 3, retry_count: int = 3) -> bool: ... def get( request: _Request, path: str, - root: Optional[str] = None, - params: Optional[Mapping[str, str]] = None, + root: str | None = None, + params: Mapping[str, str] | None = None, recursive: bool = False, retry_count: int = 5, - headers: Optional[Mapping[str, str]] = None, + headers: Mapping[str, str] | None = None, return_none_for_not_found_error: bool = False, timeout: int = 3, -) -> Union[Mapping[str, Any], str]: ... -def get_project_id(request: _Request) -> Optional[str]: ... +) -> Mapping[str, Any] | str: ... +def get_project_id(request: _Request) -> str | None: ... def get_universe_domain(request: _Request) -> str: ... -def get_service_account_info( - request: _Request, service_account: str = "default" -) -> Mapping[str, Any]: ... +def get_service_account_info(request: _Request, service_account: str = "default") -> Mapping[str, Any]: ... def get_service_account_token( - request: _Request, - service_account: str = "default", - scopes: Optional[Union[str, List[str]]] = None, -) -> Tuple[str, datetime.datetime]: ... + request: _Request, service_account: str = "default", scopes: str | list[str] | None = None +) -> tuple[str, datetime.datetime]: ... diff --git a/stubs/google-auth/google/auth/compute_engine/_mtls.pyi b/stubs/google-auth/google/auth/compute_engine/_mtls.pyi index 43972a01b8c6..ee88dd850c95 100644 --- a/stubs/google-auth/google/auth/compute_engine/_mtls.pyi +++ b/stubs/google-auth/google/auth/compute_engine/_mtls.pyi @@ -1,17 +1,16 @@ import enum import ssl -from dataclasses import dataclass, field +from dataclasses import dataclass from pathlib import Path -from typing import Any, Mapping, Optional, Tuple, Union +from typing import Any, Mapping + from requests import PreparedRequest, Response from requests.adapters import HTTPAdapter @dataclass class MdsMtlsConfig: - ca_cert_path: Path = field(default_factory=_get_mds_root_crt_path) - client_combined_cert_path: Path = field( - default_factory=_get_mds_client_combined_cert_path - ) + ca_cert_path: Path = ... + client_combined_cert_path: Path = ... class MdsMtlsMode(enum.Enum): """MDS mTLS mode. Used to configure connection behavior when connecting to MDS. @@ -27,19 +26,12 @@ class MdsMtlsMode(enum.Enum): def _get_mds_root_crt_path() -> Path: ... def _get_mds_client_combined_cert_path() -> Path: ... -def should_use_mds_mtls( - mds_mtls_config: MdsMtlsConfig = MdsMtlsConfig(), -) -> bool: ... +def should_use_mds_mtls(mds_mtls_config: MdsMtlsConfig = MdsMtlsConfig()) -> bool: ... class MdsMtlsAdapter(HTTPAdapter): ssl_context: ssl.SSLContext - def __init__( - self, - mds_mtls_config: MdsMtlsConfig = MdsMtlsConfig(), - *args: Any, - **kwargs: Any, - ) -> None: ... + def __init__(self, mds_mtls_config: MdsMtlsConfig = MdsMtlsConfig(), *args: Any, **kwargs: Any) -> None: ... def init_poolmanager(self, *args: Any, **kwargs: Any) -> None: ... def proxy_manager_for(self, *args: Any, **kwargs: Any) -> None: ... def send( diff --git a/stubs/google-auth/google/auth/compute_engine/credentials.pyi b/stubs/google-auth/google/auth/compute_engine/credentials.pyi index 68b9cf4aa330..5345ab382bba 100644 --- a/stubs/google-auth/google/auth/compute_engine/credentials.pyi +++ b/stubs/google-auth/google/auth/compute_engine/credentials.pyi @@ -1,7 +1,7 @@ -from typing import Any, Mapping, Optional, Sequence +from _typeshed import Incomplete +from typing import Any, Mapping, Sequence import google -from _typeshed import Incomplete from google.auth import credentials _TRUST_BOUNDARY_LOOKUP_ENDPOINT = "https://iamcredentials.{}/v1/projects/-/serviceAccounts/{}/allowedLocations" @@ -33,11 +33,11 @@ class Credentials( def __init__( self, service_account_email: str = "default", - quota_project_id: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - default_scopes: Optional[Sequence[str]] = None, - universe_domain: Optional[str] = None, - trust_boundary: Optional[Mapping[str, str]] = None, + quota_project_id: str | None = None, + scopes: Sequence[str] | None = None, + default_scopes: Sequence[str] | None = None, + universe_domain: str | None = None, + trust_boundary: Mapping[str, str] | None = None, ) -> None: ... @property def service_account_email(self) -> str: ... @@ -45,53 +45,33 @@ class Credentials( def requires_scopes(self) -> bool: ... @property def universe_domain(self) -> str: ... - def get_cred_info(self) -> Optional[Mapping[str, str]]: ... - def with_quota_project( - self, quota_project_id: Optional[str] - ) -> "Credentials": ... - def with_scopes( - self, - scopes: Sequence[str], - default_scopes: Optional[Sequence[str]] = None, - ) -> "Credentials": ... - def with_universe_domain( - self, universe_domain: Optional[str] - ) -> "Credentials": ... - def with_trust_boundary( - self, trust_boundary: Mapping[str, str] - ) -> "Credentials": ... + def get_cred_info(self) -> Mapping[str, str] | None: ... + def with_quota_project(self, quota_project_id: str | None) -> Credentials: ... + def with_scopes(self, scopes: Sequence[str], default_scopes: Sequence[str] | None = None) -> Credentials: ... + def with_universe_domain(self, universe_domain: str | None) -> Credentials: ... + def with_trust_boundary(self, trust_boundary: Mapping[str, str]) -> Credentials: ... def _build_trust_boundary_lookup_url(self) -> str: ... - def _perform_refresh_token( - self, request: "google.auth.transport.Request" - ) -> None: ... + def _perform_refresh_token(self, request: google.auth.transport.Request) -> None: ... -class IDTokenCredentials( - credentials.CredentialsWithQuotaProject, - credentials.Signing, - credentials.CredentialsWithTokenUri, -): +class IDTokenCredentials(credentials.CredentialsWithQuotaProject, credentials.Signing, credentials.CredentialsWithTokenUri): def __init__( self, - request: "google.auth.transport.Request", - target_audience: Optional[str] = None, - token_uri: Optional[str] = None, - additional_claims: Optional[Mapping[str, str]] = None, - service_account_email: Optional[str] = None, - signer: Optional["google.auth.crypt.Signer"] = None, + request: google.auth.transport.Request, + target_audience: str | None = None, + token_uri: str | None = None, + additional_claims: Mapping[str, str] | None = None, + service_account_email: str | None = None, + signer: google.auth.crypt.Signer | None = None, use_metadata_identity_endpoint: bool = False, - quota_project_id: Optional[str] = None, + quota_project_id: str | None = None, ) -> None: ... - def with_target_audience( - self, target_audience: str - ) -> "IDTokenCredentials": ... - def with_quota_project( - self, quota_project_id: Optional[str] - ) -> "IDTokenCredentials": ... - def with_token_uri(self, token_uri: str) -> "IDTokenCredentials": ... + def with_target_audience(self, target_audience: str) -> IDTokenCredentials: ... + def with_quota_project(self, quota_project_id: str | None) -> IDTokenCredentials: ... + def with_token_uri(self, token_uri: str) -> IDTokenCredentials: ... token: Incomplete expiry: Incomplete - def refresh(self, request: "google.auth.transport.Request") -> None: ... + def refresh(self, request: google.auth.transport.Request) -> None: ... @property def signer(self) -> Any: ... def sign_bytes(self, message: bytes) -> bytes: ... diff --git a/stubs/google-auth/google/auth/credentials.pyi b/stubs/google-auth/google/auth/credentials.pyi index eb9c0ec04ee7..2eba333b698f 100644 --- a/stubs/google-auth/google/auth/credentials.pyi +++ b/stubs/google-auth/google/auth/credentials.pyi @@ -1,11 +1,11 @@ import abc -from enum import Enum -from typing import Mapping, Optional, Sequence from _typeshed import Incomplete +from enum import Enum +from typing import Any, Coroutine, Mapping, Sequence + from google.auth._credentials_base import _BaseCredentials from google.auth.crypt import Signer as _Signer from google.auth.transport import Request as _TransportRequest -from typing import Any, Coroutine DEFAULT_UNIVERSE_DOMAIN: str NO_OP_TRUST_BOUNDARY_LOCATIONS: list[str] @@ -20,52 +20,36 @@ class Credentials(_BaseCredentials, metaclass=abc.ABCMeta): @property def valid(self) -> bool: ... @property - def token_state(self) -> "TokenState": ... + def token_state(self) -> TokenState: ... @property - def quota_project_id(self) -> Optional[str]: ... + def quota_project_id(self) -> str | None: ... @property def universe_domain(self) -> str: ... - def get_cred_info(self) -> Optional[Mapping[str, str]]: ... + def get_cred_info(self) -> Mapping[str, str] | None: ... @abc.abstractmethod - def refresh( - self, request: _TransportRequest - ) -> None | Coroutine[Any, Any, None]: ... - def apply( - self, headers: Mapping[str, str], token: Optional[str] = None - ) -> None: ... + def refresh(self, request: _TransportRequest) -> None | Coroutine[Any, Any, None]: ... + def apply(self, headers: Mapping[str, str], token: str | None = None) -> None: ... def before_request( - self, - request: _TransportRequest, - method: str, - url: str, - headers: Mapping[str, str], + self, request: _TransportRequest, method: str, url: str, headers: Mapping[str, str] ) -> None | Coroutine[Any, Any, None]: ... def with_non_blocking_refresh(self) -> None: ... class CredentialsWithQuotaProject(Credentials, metaclass=abc.ABCMeta): - def with_quota_project( - self, quota_project_id: Optional[str] - ) -> "Credentials": ... - def with_quota_project_from_environment(self) -> "Credentials": ... + def with_quota_project(self, quota_project_id: str | None) -> Credentials: ... + def with_quota_project_from_environment(self) -> Credentials: ... class CredentialsWithTokenUri(Credentials, metaclass=abc.ABCMeta): - def with_token_uri(self, token_uri: str) -> "Credentials": ... + def with_token_uri(self, token_uri: str) -> Credentials: ... class CredentialsWithUniverseDomain(Credentials, metaclass=abc.ABCMeta): - def with_universe_domain(self, universe_domain: str) -> "Credentials": ... + def with_universe_domain(self, universe_domain: str) -> Credentials: ... class CredentialsWithTrustBoundary(Credentials, metaclass=abc.ABCMeta): @abc.abstractmethod def _perform_refresh_token(self, request: _TransportRequest) -> None: ... - def with_trust_boundary( - self, trust_boundary: Mapping[str, str] - ) -> "Credentials": ... - def apply( - self, headers: Mapping[str, str], token: Optional[str] = None - ) -> None: ... - def refresh( - self, request: _TransportRequest - ) -> None | Coroutine[Any, Any, None]: ... + def with_trust_boundary(self, trust_boundary: Mapping[str, str]) -> Credentials: ... + def apply(self, headers: Mapping[str, str], token: str | None = None) -> None: ... + def refresh(self, request: _TransportRequest) -> None | Coroutine[Any, Any, None]: ... class AnonymousCredentials(Credentials): @property @@ -73,23 +57,17 @@ class AnonymousCredentials(Credentials): @property def valid(self) -> bool: ... def refresh(self, request: _TransportRequest) -> None: ... - def apply( - self, headers: Mapping[str, str], token: Optional[str] = None - ) -> None: ... + def apply(self, headers: Mapping[str, str], token: str | None = None) -> None: ... def before_request( - self, - request: _TransportRequest, - method: str, - url: str, - headers: Mapping[str, str], + self, request: _TransportRequest, method: str, url: str, headers: Mapping[str, str] ) -> None | Coroutine[Any, Any, None]: ... class ReadOnlyScoped(metaclass=abc.ABCMeta): def __init__(self) -> None: ... @property - def scopes(self) -> Optional[Sequence[str]]: ... + def scopes(self) -> Sequence[str] | None: ... @property - def default_scopes(self) -> Optional[Sequence[str]]: ... + def default_scopes(self) -> Sequence[str] | None: ... @property @abc.abstractmethod def requires_scopes(self) -> bool: ... @@ -97,17 +75,11 @@ class ReadOnlyScoped(metaclass=abc.ABCMeta): class Scoped(ReadOnlyScoped, metaclass=abc.ABCMeta): @abc.abstractmethod - def with_scopes( - self, - scopes: Sequence[str], - default_scopes: Optional[Sequence[str]] = None, - ) -> "Scoped": ... + def with_scopes(self, scopes: Sequence[str], default_scopes: Sequence[str] | None = None) -> Scoped: ... def with_scopes_if_required( - credentials: "Credentials", - scopes: Sequence[str], - default_scopes: Optional[Sequence[str]] = None, -) -> "Credentials": ... + credentials: Credentials, scopes: Sequence[str], default_scopes: Sequence[str] | None = None +) -> Credentials: ... class Signing(metaclass=abc.ABCMeta): @abc.abstractmethod diff --git a/stubs/google-auth/google/auth/crypt/__init__.pyi b/stubs/google-auth/google/auth/crypt/__init__.pyi index b0202007e9a0..5df5573c49ca 100644 --- a/stubs/google-auth/google/auth/crypt/__init__.pyi +++ b/stubs/google-auth/google/auth/crypt/__init__.pyi @@ -1,15 +1,6 @@ from _typeshed import Incomplete -__all__ = [ - "EsSigner", - "EsVerifier", - "ES256Signer", - "ES256Verifier", - "RSASigner", - "RSAVerifier", - "Signer", - "Verifier", -] +__all__ = ["EsSigner", "EsVerifier", "ES256Signer", "ES256Verifier", "RSASigner", "RSAVerifier", "Signer", "Verifier"] EsSigner: Incomplete EsVerifier: Incomplete diff --git a/stubs/google-auth/google/auth/crypt/_cryptography_rsa.pyi b/stubs/google-auth/google/auth/crypt/_cryptography_rsa.pyi index 22fbe691efbc..3715adc2dd19 100644 --- a/stubs/google-auth/google/auth/crypt/_cryptography_rsa.pyi +++ b/stubs/google-auth/google/auth/crypt/_cryptography_rsa.pyi @@ -1,20 +1,17 @@ -from typing import Any, Optional +from typing import Any + from google.auth.crypt import base class RSAVerifier(base.Verifier): def __init__(self, public_key: Any) -> None: ... def verify(self, message: Any, signature: Any) -> bool: ... @classmethod - def from_string(cls, public_key: Any) -> "RSAVerifier": ... + def from_string(cls, public_key: Any) -> RSAVerifier: ... class RSASigner(base.Signer, base.FromServiceAccountMixin): - def __init__( - self, private_key: Any, key_id: Optional[str] = None - ) -> None: ... + def __init__(self, private_key: Any, key_id: str | None = None) -> None: ... @property def key_id(self) -> str: ... def sign(self, message: Any) -> bytes: ... @classmethod - def from_string( - cls, key: Any, key_id: Optional[str] = None - ) -> "RSASigner": ... + def from_string(cls, key: Any, key_id: str | None = None) -> RSASigner: ... diff --git a/stubs/google-auth/google/auth/crypt/_python_rsa.pyi b/stubs/google-auth/google/auth/crypt/_python_rsa.pyi index 22fbe691efbc..3715adc2dd19 100644 --- a/stubs/google-auth/google/auth/crypt/_python_rsa.pyi +++ b/stubs/google-auth/google/auth/crypt/_python_rsa.pyi @@ -1,20 +1,17 @@ -from typing import Any, Optional +from typing import Any + from google.auth.crypt import base class RSAVerifier(base.Verifier): def __init__(self, public_key: Any) -> None: ... def verify(self, message: Any, signature: Any) -> bool: ... @classmethod - def from_string(cls, public_key: Any) -> "RSAVerifier": ... + def from_string(cls, public_key: Any) -> RSAVerifier: ... class RSASigner(base.Signer, base.FromServiceAccountMixin): - def __init__( - self, private_key: Any, key_id: Optional[str] = None - ) -> None: ... + def __init__(self, private_key: Any, key_id: str | None = None) -> None: ... @property def key_id(self) -> str: ... def sign(self, message: Any) -> bytes: ... @classmethod - def from_string( - cls, key: Any, key_id: Optional[str] = None - ) -> "RSASigner": ... + def from_string(cls, key: Any, key_id: str | None = None) -> RSASigner: ... diff --git a/stubs/google-auth/google/auth/crypt/base.pyi b/stubs/google-auth/google/auth/crypt/base.pyi index f852ae98415c..6b89c6314041 100644 --- a/stubs/google-auth/google/auth/crypt/base.pyi +++ b/stubs/google-auth/google/auth/crypt/base.pyi @@ -1,23 +1,21 @@ import abc -from typing import Mapping, Optional, Union +from typing import Mapping class Verifier(metaclass=abc.ABCMeta): @abc.abstractmethod - def verify( - self, message: Union[str, bytes], signature: Union[str, bytes] - ) -> bool: ... + def verify(self, message: str | bytes, signature: str | bytes) -> bool: ... class Signer(metaclass=abc.ABCMeta): @property @abc.abstractmethod def key_id(self) -> str: ... @abc.abstractmethod - def sign(self, message: Union[str, bytes]) -> bytes: ... + def sign(self, message: str | bytes) -> bytes: ... class FromServiceAccountMixin(metaclass=abc.ABCMeta): @classmethod @abc.abstractmethod - def from_string(cls, key: str, key_id: Optional[str] = None) -> Signer: ... + def from_string(cls, key: str, key_id: str | None = None) -> Signer: ... @classmethod def from_service_account_info(cls, info: Mapping[str, str]) -> Signer: ... @classmethod diff --git a/stubs/google-auth/google/auth/crypt/es.pyi b/stubs/google-auth/google/auth/crypt/es.pyi index b7a160fced75..f4e29b3542f1 100644 --- a/stubs/google-auth/google/auth/crypt/es.pyi +++ b/stubs/google-auth/google/auth/crypt/es.pyi @@ -1,5 +1,5 @@ from dataclasses import dataclass -from typing import Optional, Union + from cryptography.hazmat.primitives import hashes from cryptography.hazmat.primitives.asymmetric import ec from google.auth.crypt import base @@ -11,11 +11,9 @@ class _ESAttributes: algorithm: str @classmethod - def from_key( - cls, key: Union[ec.EllipticCurvePublicKey, ec.EllipticCurvePrivateKey] - ) -> "_ESAttributes": ... + def from_key(cls, key: ec.EllipticCurvePublicKey | ec.EllipticCurvePrivateKey) -> _ESAttributes: ... @classmethod - def from_curve(cls, curve: ec.EllipticCurve) -> "_ESAttributes": ... + def from_curve(cls, curve: ec.EllipticCurve) -> _ESAttributes: ... class EsVerifier(base.Verifier): """Verifies ECDSA cryptographic signatures using public keys.""" @@ -23,22 +21,16 @@ class EsVerifier(base.Verifier): def __init__(self, public_key: ec.EllipticCurvePublicKey) -> None: ... def verify(self, message: str | bytes, signature: str | bytes) -> bool: ... @classmethod - def from_string(cls, public_key: Union[str, bytes]) -> "EsVerifier": ... + def from_string(cls, public_key: str | bytes) -> EsVerifier: ... class EsSigner(base.Signer, base.FromServiceAccountMixin): """Signs messages with an ECDSA private key.""" - def __init__( - self, - private_key: ec.EllipticCurvePrivateKey, - key_id: Optional[str] = None, - ) -> None: ... + def __init__(self, private_key: ec.EllipticCurvePrivateKey, key_id: str | None = None) -> None: ... @property def algorithm(self) -> str: ... @property def key_id(self) -> str: ... def sign(self, message: str | bytes) -> bytes: ... @classmethod - def from_string( - cls, key: Union[bytes, str], key_id: Optional[str] = None - ) -> "EsSigner": ... + def from_string(cls, key: bytes | str, key_id: str | None = None) -> EsSigner: ... diff --git a/stubs/google-auth/google/auth/crypt/rsa.pyi b/stubs/google-auth/google/auth/crypt/rsa.pyi index 65b1949d448c..226002bc6985 100644 --- a/stubs/google-auth/google/auth/crypt/rsa.pyi +++ b/stubs/google-auth/google/auth/crypt/rsa.pyi @@ -1,4 +1,5 @@ -from typing import Any, Optional +from typing import Any + from google.auth.crypt import base RSA_KEY_MODULE_PREFIX: str @@ -7,16 +8,12 @@ class RSAVerifier(base.Verifier): def __init__(self, public_key: Any) -> None: ... def verify(self, message: Any, signature: Any) -> bool: ... @classmethod - def from_string(cls, public_key: Any) -> "RSAVerifier": ... + def from_string(cls, public_key: Any) -> RSAVerifier: ... class RSASigner(base.Signer, base.FromServiceAccountMixin): - def __init__( - self, private_key: Any, key_id: Optional[str] = None - ) -> None: ... + def __init__(self, private_key: Any, key_id: str | None = None) -> None: ... @property def key_id(self) -> str: ... def sign(self, message: Any) -> bytes: ... @classmethod - def from_string( - cls, key: Any, key_id: Optional[str] = None - ) -> "RSASigner": ... + def from_string(cls, key: Any, key_id: str | None = None) -> RSASigner: ... diff --git a/stubs/google-auth/google/auth/downscoped.pyi b/stubs/google-auth/google/auth/downscoped.pyi index 5f4778cb7dca..4866c4b81925 100644 --- a/stubs/google-auth/google/auth/downscoped.pyi +++ b/stubs/google-auth/google/auth/downscoped.pyi @@ -1,16 +1,16 @@ -from typing import Any, List, Mapping, Optional, Sequence, Tuple +from _typeshed import Incomplete +from typing import Any, Mapping, Sequence import google -from _typeshed import Incomplete from google.auth import credentials class CredentialAccessBoundary: - def __init__(self, rules: List["AccessBoundaryRule"] = []) -> None: ... + def __init__(self, rules: list[AccessBoundaryRule] = []) -> None: ... @property - def rules(self) -> Tuple["AccessBoundaryRule", ...]: ... + def rules(self) -> tuple[AccessBoundaryRule, ...]: ... @rules.setter - def rules(self, value: List["AccessBoundaryRule"]) -> None: ... - def add_rule(self, rule: "AccessBoundaryRule") -> None: ... + def rules(self, value: list[AccessBoundaryRule]) -> None: ... + def add_rule(self, rule: AccessBoundaryRule) -> None: ... def to_json(self) -> Mapping[str, Any]: ... class AccessBoundaryRule: @@ -18,57 +18,48 @@ class AccessBoundaryRule: self, available_resource: str, available_permissions: Sequence[str], - availability_condition: Optional["AvailabilityCondition"] = None, + availability_condition: AvailabilityCondition | None = None, ) -> None: ... @property def available_resource(self) -> str: ... @available_resource.setter def available_resource(self, value: str) -> None: ... @property - def available_permissions(self) -> Tuple[str, ...]: ... + def available_permissions(self) -> tuple[str, ...]: ... @available_permissions.setter def available_permissions(self, value: Sequence[str]) -> None: ... @property - def availability_condition(self) -> Optional["AvailabilityCondition"]: ... + def availability_condition(self) -> AvailabilityCondition | None: ... @availability_condition.setter - def availability_condition( - self, value: Optional["AvailabilityCondition"] - ) -> None: ... + def availability_condition(self, value: AvailabilityCondition | None) -> None: ... def to_json(self) -> Mapping[str, Any]: ... class AvailabilityCondition: - def __init__( - self, - expression: str, - title: Optional[str] = None, - description: Optional[str] = None, - ) -> None: ... + def __init__(self, expression: str, title: str | None = None, description: str | None = None) -> None: ... @property def expression(self) -> str: ... @expression.setter def expression(self, value: str) -> None: ... @property - def title(self) -> Optional[str]: ... + def title(self) -> str | None: ... @title.setter - def title(self, value: Optional[str]) -> None: ... + def title(self, value: str | None) -> None: ... @property - def description(self) -> Optional[str]: ... + def description(self) -> str | None: ... @description.setter - def description(self, value: Optional[str]) -> None: ... + def description(self, value: str | None) -> None: ... def to_json(self) -> Mapping[str, str]: ... class Credentials(credentials.CredentialsWithQuotaProject): def __init__( self, - source_credentials: "Credentials", - credential_access_boundary: "CredentialAccessBoundary", - quota_project_id: Optional[str] = None, + source_credentials: Credentials, + credential_access_boundary: CredentialAccessBoundary, + quota_project_id: str | None = None, universe_domain: str = ..., ) -> None: ... token: Incomplete expiry: Incomplete - def refresh(self, request: "google.auth.transport.Request") -> None: ... - def with_quota_project( - self, quota_project_id: Optional[str] - ) -> "Credentials": ... + def refresh(self, request: google.auth.transport.Request) -> None: ... + def with_quota_project(self, quota_project_id: str | None) -> Credentials: ... diff --git a/stubs/google-auth/google/auth/exceptions.pyi b/stubs/google-auth/google/auth/exceptions.pyi index 2b0b9b64d212..175caa5cb9b1 100644 --- a/stubs/google-auth/google/auth/exceptions.pyi +++ b/stubs/google-auth/google/auth/exceptions.pyi @@ -1,5 +1,3 @@ -from typing import Optional - class GoogleAuthError(Exception): def __init__(self, *args: object, **kwargs: object) -> None: ... @property @@ -18,9 +16,7 @@ class ClientCertError(GoogleAuthError): class OAuthError(GoogleAuthError): ... class ReauthFailError(RefreshError): - def __init__( - self, message: Optional[str] = None, **kwargs: object - ) -> None: ... + def __init__(self, message: str | None = None, **kwargs: object) -> None: ... class ReauthSamlChallengeFailError(ReauthFailError): ... class MalformedError(DefaultCredentialsError, ValueError): ... diff --git a/stubs/google-auth/google/auth/external_account.pyi b/stubs/google-auth/google/auth/external_account.pyi index 1116eb20777a..5a50515f02dc 100644 --- a/stubs/google-auth/google/auth/external_account.pyi +++ b/stubs/google-auth/google/auth/external_account.pyi @@ -1,6 +1,6 @@ import abc from dataclasses import dataclass -from typing import Any, Mapping, Optional, Sequence +from typing import Any, Mapping, Sequence import google from google.auth import credentials @@ -25,24 +25,22 @@ class Credentials( subject_token_type: str, token_url: str, credential_source: Mapping[str, Any], - service_account_impersonation_url: Optional[str] = None, - service_account_impersonation_options: Optional[ - Mapping[str, str] - ] = None, - client_id: Optional[str] = None, - client_secret: Optional[str] = None, - token_info_url: Optional[str] = None, - quota_project_id: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - default_scopes: Optional[Sequence[str]] = None, - workforce_pool_user_project: Optional[str] = None, + service_account_impersonation_url: str | None = None, + service_account_impersonation_options: Mapping[str, str] | None = None, + client_id: str | None = None, + client_secret: str | None = None, + token_info_url: str | None = None, + quota_project_id: str | None = None, + scopes: Sequence[str] | None = None, + default_scopes: Sequence[str] | None = None, + workforce_pool_user_project: str | None = None, universe_domain: str = credentials.DEFAULT_UNIVERSE_DOMAIN, - trust_boundary: Optional[Mapping[str, str]] = None, + trust_boundary: Mapping[str, str] | None = None, ) -> None: ... @property def info(self) -> Mapping[str, Any]: ... @property - def service_account_email(self) -> Optional[str]: ... + def service_account_email(self) -> str | None: ... @property def is_user(self) -> bool: ... @property @@ -50,34 +48,20 @@ class Credentials( @property def requires_scopes(self) -> bool: ... @property - def project_number(self) -> Optional[str]: ... + def project_number(self) -> str | None: ... @property - def token_info_url(self) -> Optional[str]: ... - def get_cred_info(self) -> Optional[Mapping[str, str]]: ... - def with_scopes( - self, - scopes: Sequence[str], - default_scopes: Optional[Sequence[str]] = None, - ) -> "Credentials": ... + def token_info_url(self) -> str | None: ... + def get_cred_info(self) -> Mapping[str, str] | None: ... + def with_scopes(self, scopes: Sequence[str], default_scopes: Sequence[str] | None = None) -> Credentials: ... @abc.abstractmethod - def retrieve_subject_token( - self, request: "google.auth.transport.Request" - ) -> str: ... - def get_project_id( - self, request: "google.auth.transport.Request" - ) -> Optional[str]: ... - def refresh(self, request: "google.auth.transport.Request") -> None: ... - def with_quota_project( - self, quota_project_id: Optional[str] - ) -> "Credentials": ... - def with_token_uri(self, token_uri: str) -> "Credentials": ... - def with_universe_domain(self, universe_domain: str) -> "Credentials": ... - def with_trust_boundary( - self, trust_boundary: Optional[Mapping[str, str]] - ) -> "Credentials": ... + def retrieve_subject_token(self, request: google.auth.transport.Request) -> str: ... + def get_project_id(self, request: google.auth.transport.Request) -> str | None: ... + def refresh(self, request: google.auth.transport.Request) -> None: ... + def with_quota_project(self, quota_project_id: str | None) -> Credentials: ... + def with_token_uri(self, token_uri: str) -> Credentials: ... + def with_universe_domain(self, universe_domain: str) -> Credentials: ... + def with_trust_boundary(self, trust_boundary: Mapping[str, str] | None) -> Credentials: ... @classmethod - def from_info( - cls, info: Mapping[str, Any], **kwargs: Any - ) -> "Credentials": ... + def from_info(cls, info: Mapping[str, Any], **kwargs: Any) -> Credentials: ... @classmethod - def from_file(cls, filename: str, **kwargs: Any) -> "Credentials": ... + def from_file(cls, filename: str, **kwargs: Any) -> Credentials: ... diff --git a/stubs/google-auth/google/auth/external_account_authorized_user.pyi b/stubs/google-auth/google/auth/external_account_authorized_user.pyi index 7e04daf0bb59..a4d545ffcd5f 100644 --- a/stubs/google-auth/google/auth/external_account_authorized_user.pyi +++ b/stubs/google-auth/google/auth/external_account_authorized_user.pyi @@ -1,8 +1,8 @@ import datetime -from typing import Any, Mapping, Optional, Sequence +from _typeshed import Incomplete +from typing import Any, Mapping, Sequence import google -from _typeshed import Incomplete from google.auth import credentials class Credentials( @@ -12,70 +12,60 @@ class Credentials( credentials.CredentialsWithTrustBoundary, ): token: Incomplete - expiry: Optional[datetime.datetime] + expiry: datetime.datetime | None def __init__( self, - token: Optional[str] = None, - expiry: Optional[datetime.datetime] = None, - refresh_token: Optional[str] = None, - audience: Optional[str] = None, - client_id: Optional[str] = None, - client_secret: Optional[str] = None, - token_url: Optional[str] = None, - token_info_url: Optional[str] = None, - revoke_url: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, + token: str | None = None, + expiry: datetime.datetime | None = None, + refresh_token: str | None = None, + audience: str | None = None, + client_id: str | None = None, + client_secret: str | None = None, + token_url: str | None = None, + token_info_url: str | None = None, + revoke_url: str | None = None, + scopes: Sequence[str] | None = None, + quota_project_id: str | None = None, universe_domain: str = ..., - trust_boundary: Optional[Mapping[str, str]] = None, + trust_boundary: Mapping[str, str] | None = None, ) -> None: ... @property def info(self) -> Mapping[str, object]: ... def constructor_args(self) -> Mapping[str, object]: ... @property - def scopes(self) -> Optional[Sequence[str]]: ... + def scopes(self) -> Sequence[str] | None: ... @property def requires_scopes(self) -> bool: ... @property - def client_id(self) -> Optional[str]: ... + def client_id(self) -> str | None: ... @property - def client_secret(self) -> Optional[str]: ... + def client_secret(self) -> str | None: ... @property - def audience(self) -> Optional[str]: ... + def audience(self) -> str | None: ... @property - def refresh_token(self) -> Optional[str]: ... + def refresh_token(self) -> str | None: ... @property - def token_url(self) -> Optional[str]: ... + def token_url(self) -> str | None: ... @property - def token_info_url(self) -> Optional[str]: ... + def token_info_url(self) -> str | None: ... @property - def revoke_url(self) -> Optional[str]: ... + def revoke_url(self) -> str | None: ... @property def is_user(self) -> bool: ... @property def can_refresh(self) -> bool: ... - def get_project_id( - self, request: Optional["google.auth.transport.Request"] = None - ) -> Optional[str]: ... - def to_json(self, strip: Optional[Sequence[str]] = None) -> str: ... - def revoke(self, request: "google.auth.transport.Request") -> None: ... - def get_cred_info(self) -> Optional[Mapping[str, str]]: ... - def with_quota_project( - self, quota_project_id: Optional[str] - ) -> "Credentials": ... - def with_token_uri(self, token_uri: str) -> "Credentials": ... - def with_universe_domain(self, universe_domain: str) -> "Credentials": ... - def with_trust_boundary( - self, trust_boundary: Mapping[str, str] - ) -> "Credentials": ... + def get_project_id(self, request: google.auth.transport.Request | None = None) -> str | None: ... + def to_json(self, strip: Sequence[str] | None = None) -> str: ... + def revoke(self, request: google.auth.transport.Request) -> None: ... + def get_cred_info(self) -> Mapping[str, str] | None: ... + def with_quota_project(self, quota_project_id: str | None) -> Credentials: ... + def with_token_uri(self, token_uri: str) -> Credentials: ... + def with_universe_domain(self, universe_domain: str) -> Credentials: ... + def with_trust_boundary(self, trust_boundary: Mapping[str, str]) -> Credentials: ... @classmethod - def from_info( - cls, info: Mapping[str, Any], **kwargs: Any - ) -> "Credentials": ... + def from_info(cls, info: Mapping[str, Any], **kwargs: Any) -> Credentials: ... @classmethod - def from_file(cls, filename: str, **kwargs: Any) -> "Credentials": ... + def from_file(cls, filename: str, **kwargs: Any) -> Credentials: ... def _build_trust_boundary_lookup_url(self) -> str: ... - def _perform_refresh_token( - self, request: "google.auth.transport.Request" - ) -> None: ... + def _perform_refresh_token(self, request: google.auth.transport.Request) -> None: ... diff --git a/stubs/google-auth/google/auth/iam.pyi b/stubs/google-auth/google/auth/iam.pyi index 25e7b947deb5..feb72963d6ee 100644 --- a/stubs/google-auth/google/auth/iam.pyi +++ b/stubs/google-auth/google/auth/iam.pyi @@ -6,10 +6,7 @@ IAM_RETRY_CODES: set[int] class Signer(base.Signer): def __init__( - self, - request: "google.auth.transport.Request", - credentials: credentials.Credentials, - service_account_email: str, + self, request: google.auth.transport.Request, credentials: credentials.Credentials, service_account_email: str ) -> None: ... @property def key_id(self) -> str: ... diff --git a/stubs/google-auth/google/auth/identity_pool.pyi b/stubs/google-auth/google/auth/identity_pool.pyi index 01325b17b16e..23f162640858 100644 --- a/stubs/google-auth/google/auth/identity_pool.pyi +++ b/stubs/google-auth/google/auth/identity_pool.pyi @@ -1,5 +1,5 @@ import abc -from typing import Any, Mapping, NamedTuple, Optional +from typing import Any, Mapping, NamedTuple from google.auth import external_account @@ -12,28 +12,17 @@ class _TokenContent(NamedTuple): location: str class _FileSupplier(SubjectTokenSupplier): - def __init__( - self, - path: str, - format_type: str, - subject_token_field_name: Optional[str], - ) -> None: ... + def __init__(self, path: str, format_type: str, subject_token_field_name: str | None) -> None: ... def get_subject_token(self, context: Any, request: Any) -> str: ... class _UrlSupplier(SubjectTokenSupplier): def __init__( - self, - url: str, - format_type: str, - subject_token_field_name: Optional[str], - headers: Optional[Mapping[str, str]], + self, url: str, format_type: str, subject_token_field_name: str | None, headers: Mapping[str, str] | None ) -> None: ... def get_subject_token(self, context: Any, request: Any) -> str: ... class _X509Supplier(SubjectTokenSupplier): - def __init__( - self, trust_chain_path: Optional[str], leaf_cert_callback: Any - ) -> None: ... + def __init__(self, trust_chain_path: str | None, leaf_cert_callback: Any) -> None: ... def get_subject_token(self, context: Any, request: Any) -> str: ... class Credentials(external_account.Credentials, metaclass=abc.ABCMeta): @@ -42,16 +31,14 @@ class Credentials(external_account.Credentials, metaclass=abc.ABCMeta): audience: str, subject_token_type: str, token_url: str = "https://sts.googleapis.com/v1/token", - credential_source: Optional[Mapping[str, Any]] = None, - subject_token_supplier: Optional[SubjectTokenSupplier] = None, + credential_source: Mapping[str, Any] | None = None, + subject_token_supplier: SubjectTokenSupplier | None = None, *args: Any, **kwargs: Any, ) -> None: ... def retrieve_subject_token(self, request: Any) -> str: ... @classmethod - def from_info( - cls, info: Mapping[str, Any], **kwargs: Any - ) -> "Credentials": ... + def from_info(cls, info: Mapping[str, Any], **kwargs: Any) -> Credentials: ... @classmethod - def from_file(cls, filename: str, **kwargs: Any) -> "Credentials": ... + def from_file(cls, filename: str, **kwargs: Any) -> Credentials: ... def refresh(self, request: Any) -> None: ... diff --git a/stubs/google-auth/google/auth/impersonated_credentials.pyi b/stubs/google-auth/google/auth/impersonated_credentials.pyi index 552a11c6d3b1..fc2010c03144 100644 --- a/stubs/google-auth/google/auth/impersonated_credentials.pyi +++ b/stubs/google-auth/google/auth/impersonated_credentials.pyi @@ -1,14 +1,11 @@ -from typing import Any, Mapping, Optional, Sequence +from _typeshed import Incomplete +from typing import Any, Mapping, Sequence import google -from _typeshed import Incomplete from google.auth import credentials class Credentials( - credentials.Scoped, - credentials.CredentialsWithQuotaProject, - credentials.Signing, - credentials.CredentialsWithTrustBoundary, + credentials.Scoped, credentials.CredentialsWithQuotaProject, credentials.Signing, credentials.CredentialsWithTrustBoundary ): token: Incomplete expiry: Incomplete @@ -18,12 +15,12 @@ class Credentials( source_credentials: credentials.Credentials, target_principal: str, target_scopes: Sequence[str], - delegates: Optional[Sequence[str]] = None, - subject: Optional[str] = None, + delegates: Sequence[str] | None = None, + subject: str | None = None, lifetime: int = ..., - quota_project_id: Optional[str] = None, - iam_endpoint_override: Optional[str] = None, - trust_boundary: Optional[Mapping[str, str]] = None, + quota_project_id: str | None = None, + iam_endpoint_override: str | None = None, + trust_boundary: Mapping[str, str] | None = None, ) -> None: ... def sign_bytes(self, message: bytes) -> bytes: ... @property @@ -34,59 +31,35 @@ class Credentials( def signer(self) -> Any: ... @property def requires_scopes(self) -> bool: ... - def get_cred_info(self) -> Optional[Mapping[str, str]]: ... - def with_trust_boundary( - self, trust_boundary: Mapping[str, str] - ) -> "Credentials": ... - def with_quota_project( - self, quota_project_id: Optional[str] - ) -> "Credentials": ... - def with_scopes( - self, - scopes: Sequence[str], - default_scopes: Optional[Sequence[str]] = None, - ) -> "Credentials": ... + def get_cred_info(self) -> Mapping[str, str] | None: ... + def with_trust_boundary(self, trust_boundary: Mapping[str, str]) -> Credentials: ... + def with_quota_project(self, quota_project_id: str | None) -> Credentials: ... + def with_scopes(self, scopes: Sequence[str], default_scopes: Sequence[str] | None = None) -> Credentials: ... @classmethod def from_impersonated_service_account_info( - cls: type["Credentials"], - info: Mapping[str, Any], - scopes: Optional[Sequence[str]] = None, - ) -> "Credentials": ... + cls: type[Credentials], info: Mapping[str, Any], scopes: Sequence[str] | None = None + ) -> Credentials: ... def _build_trust_boundary_lookup_url(self) -> str: ... - def _perform_refresh_token( - self, request: "google.auth.transport.Request" - ) -> None: ... + def _perform_refresh_token(self, request: google.auth.transport.Request) -> None: ... -class IDTokenCredentials( - credentials.CredentialsWithQuotaProject, - credentials.Signing, - credentials.CredentialsWithTokenUri, -): +class IDTokenCredentials(credentials.CredentialsWithQuotaProject, credentials.Signing, credentials.CredentialsWithTokenUri): def __init__( self, target_credentials: credentials.Credentials, - target_audience: Optional[str] = None, + target_audience: str | None = None, include_email: bool = False, - quota_project_id: Optional[str] = None, + quota_project_id: str | None = None, ) -> None: ... def from_credentials( - self, - target_credentials: credentials.Credentials, - target_audience: Optional[str] = None, - ) -> "IDTokenCredentials": ... - def with_target_audience( - self, target_audience: str - ) -> "IDTokenCredentials": ... - def with_include_email( - self, include_email: bool - ) -> "IDTokenCredentials": ... - def with_quota_project( - self, quota_project_id: Optional[str] - ) -> "IDTokenCredentials": ... + self, target_credentials: credentials.Credentials, target_audience: str | None = None + ) -> IDTokenCredentials: ... + def with_target_audience(self, target_audience: str) -> IDTokenCredentials: ... + def with_include_email(self, include_email: bool) -> IDTokenCredentials: ... + def with_quota_project(self, quota_project_id: str | None) -> IDTokenCredentials: ... token: Incomplete expiry: Incomplete - def refresh(self, request: "google.auth.transport.Request") -> None: ... + def refresh(self, request: google.auth.transport.Request) -> None: ... @property def signer(self) -> Any: ... def sign_bytes(self, message: bytes) -> bytes: ... diff --git a/stubs/google-auth/google/auth/jwt.pyi b/stubs/google-auth/google/auth/jwt.pyi index 08385fe77636..9ac2fe363ffc 100644 --- a/stubs/google-auth/google/auth/jwt.pyi +++ b/stubs/google-auth/google/auth/jwt.pyi @@ -1,38 +1,29 @@ -from typing import Any, Dict, List, Mapping, Optional, Tuple, Union +from typing import Any, Coroutine, Mapping + from google.auth import credentials as _credentials from google.auth.crypt import Signer as _Signer -from typing import Coroutine _DEFAULT_TOKEN_LIFETIME_SECS: int _DEFAULT_MAX_CACHE_SIZE: int -_ALGORITHM_TO_VERIFIER_CLASS: Dict[str, type] +_ALGORITHM_TO_VERIFIER_CLASS: dict[str, type] _CRYPTOGRAPHY_BASED_ALGORITHMS: frozenset[str] def encode( - signer: _Signer, - payload: Mapping[str, str], - header: Optional[Mapping[str, str]] = None, - key_id: Optional[str] = None, + signer: _Signer, payload: Mapping[str, str], header: Mapping[str, str] | None = None, key_id: str | None = None ) -> bytes: ... def _decode_jwt_segment(encoded_section: bytes) -> Mapping[str, object]: ... -def _unverified_decode( - token: Union[str, bytes], -) -> Tuple[Mapping[str, object], Mapping[str, object], bytes, bytes]: ... -def decode_header(token: Union[str, bytes]) -> Mapping[str, object]: ... -def _verify_iat_and_exp( - payload: Mapping[str, str], clock_skew_in_seconds: int = 0 -) -> None: ... +def _unverified_decode(token: str | bytes) -> tuple[Mapping[str, object], Mapping[str, object], bytes, bytes]: ... +def decode_header(token: str | bytes) -> Mapping[str, object]: ... +def _verify_iat_and_exp(payload: Mapping[str, str], clock_skew_in_seconds: int = 0) -> None: ... def decode( token: str, - certs: Optional[Union[str, bytes, Mapping[str, Union[str, bytes]]]] = None, + certs: str | bytes | Mapping[str, str | bytes] | None = None, verify: bool = True, - audience: Optional[Union[str, List[str]]] = None, + audience: str | list[str] | None = None, clock_skew_in_seconds: int = 0, ) -> Mapping[str, str]: ... -class Credentials( - _credentials.Signing, _credentials.CredentialsWithQuotaProject -): +class Credentials(_credentials.Signing, _credentials.CredentialsWithQuotaProject): expiry: Any def __init__( @@ -41,36 +32,26 @@ class Credentials( issuer: str, subject: str, audience: str, - additional_claims: Optional[Mapping[str, str]] = None, + additional_claims: Mapping[str, str] | None = None, token_lifetime: int = ..., - quota_project_id: Optional[str] = None, + quota_project_id: str | None = None, ) -> None: ... @classmethod - def _from_signer_and_info( - cls, signer: _Signer, info: Mapping[str, str], **kwargs: Any - ) -> "Credentials": ... + def _from_signer_and_info(cls, signer: _Signer, info: Mapping[str, str], **kwargs: Any) -> Credentials: ... @classmethod - def from_service_account_info( - cls, info: Mapping[str, str], **kwargs: Any - ) -> "Credentials": ... + def from_service_account_info(cls, info: Mapping[str, str], **kwargs: Any) -> Credentials: ... @classmethod - def from_service_account_file( - cls, filename: str, **kwargs: Any - ) -> "Credentials": ... + def from_service_account_file(cls, filename: str, **kwargs: Any) -> Credentials: ... @classmethod - def from_signing_credentials( - cls, credentials: "_credentials.Signing", audience: str, **kwargs: Any - ) -> "Credentials": ... + def from_signing_credentials(cls, credentials: _credentials.Signing, audience: str, **kwargs: Any) -> Credentials: ... def with_claims( self, - issuer: Optional[str] = None, - subject: Optional[str] = None, - audience: Optional[str] = None, - additional_claims: Optional[Mapping[str, str]] = None, - ) -> "Credentials": ... - def with_quota_project( - self, quota_project_id: Optional[str] - ) -> "Credentials": ... + issuer: str | None = None, + subject: str | None = None, + audience: str | None = None, + additional_claims: Mapping[str, str] | None = None, + ) -> Credentials: ... + def with_quota_project(self, quota_project_id: str | None) -> Credentials: ... def refresh(self, request: Any) -> None: ... def sign_bytes(self, message: bytes) -> bytes: ... @property @@ -80,40 +61,27 @@ class Credentials( @property def additional_claims(self) -> Mapping[str, str]: ... -class OnDemandCredentials( - _credentials.Signing, _credentials.CredentialsWithQuotaProject -): +class OnDemandCredentials(_credentials.Signing, _credentials.CredentialsWithQuotaProject): def __init__( self, signer: _Signer, issuer: str, subject: str, - additional_claims: Optional[Mapping[str, str]] = None, + additional_claims: Mapping[str, str] | None = None, token_lifetime: int = ..., max_cache_size: int = ..., - quota_project_id: Optional[str] = None, + quota_project_id: str | None = None, ) -> None: ... @classmethod - def from_service_account_info( - cls, info: Mapping[str, str], **kwargs: Any - ) -> "OnDemandCredentials": ... + def from_service_account_info(cls, info: Mapping[str, str], **kwargs: Any) -> OnDemandCredentials: ... @classmethod - def from_service_account_file( - cls, filename: str, **kwargs: Any - ) -> "OnDemandCredentials": ... + def from_service_account_file(cls, filename: str, **kwargs: Any) -> OnDemandCredentials: ... @classmethod - def from_signing_credentials( - cls, credentials: "_credentials.Signing", **kwargs: Any - ) -> "OnDemandCredentials": ... + def from_signing_credentials(cls, credentials: _credentials.Signing, **kwargs: Any) -> OnDemandCredentials: ... def with_claims( - self, - issuer: Optional[str] = None, - subject: Optional[str] = None, - additional_claims: Optional[Mapping[str, str]] = None, - ) -> "OnDemandCredentials": ... - def with_quota_project( - self, quota_project_id: Optional[str] - ) -> "OnDemandCredentials": ... + self, issuer: str | None = None, subject: str | None = None, additional_claims: Mapping[str, str] | None = None + ) -> OnDemandCredentials: ... + def with_quota_project(self, quota_project_id: str | None) -> OnDemandCredentials: ... @property def valid(self) -> bool: ... def refresh(self, request: Any) -> None: ... diff --git a/stubs/google-auth/google/auth/metrics.pyi b/stubs/google-auth/google/auth/metrics.pyi index 5570c6fe8dc1..820353dac60d 100644 --- a/stubs/google-auth/google/auth/metrics.pyi +++ b/stubs/google-auth/google/auth/metrics.pyi @@ -1,4 +1,4 @@ -from typing import Mapping, Optional +from typing import Mapping API_CLIENT_HEADER: str BYOID_HEADER_SECTION: str @@ -25,6 +25,4 @@ def mds_ping() -> str: ... def reauth_start() -> str: ... def reauth_continue() -> str: ... def byoid_metrics_header(metrics_options: Mapping[str, str]) -> str: ... -def add_metric_header( - headers: Mapping[str, str], metric_header_value: Optional[str] -) -> None: ... +def add_metric_header(headers: Mapping[str, str], metric_header_value: str | None) -> None: ... diff --git a/stubs/google-auth/google/auth/pluggable.pyi b/stubs/google-auth/google/auth/pluggable.pyi index 55492538e703..8f92f9f64dcc 100644 --- a/stubs/google-auth/google/auth/pluggable.pyi +++ b/stubs/google-auth/google/auth/pluggable.pyi @@ -1,5 +1,6 @@ import abc -from typing import Any, Mapping, Optional +from typing import Any, Mapping + from google.auth import external_account EXECUTABLE_SUPPORTED_MAX_VERSION: int @@ -17,17 +18,15 @@ class Credentials(external_account.Credentials, metaclass=abc.ABCMeta): audience: str, subject_token_type: str, token_url: str, - credential_source: Optional[Mapping[str, Any]] = None, + credential_source: Mapping[str, Any] | None = None, *args: Any, **kwargs: Any, ) -> None: ... def retrieve_subject_token(self, request: Any) -> Any: ... def revoke(self, request: Any) -> None: ... @property - def external_account_id(self) -> Optional[str]: ... + def external_account_id(self) -> str | None: ... @classmethod - def from_info( - cls, info: Mapping[str, Any], **kwargs: Any - ) -> "Credentials": ... + def from_info(cls, info: Mapping[str, Any], **kwargs: Any) -> Credentials: ... @classmethod - def from_file(cls, filename: str, **kwargs: Any) -> "Credentials": ... + def from_file(cls, filename: str, **kwargs: Any) -> Credentials: ... diff --git a/stubs/google-auth/google/auth/transport/__init__.pyi b/stubs/google-auth/google/auth/transport/__init__.pyi index fae560999e93..ebbe6b4b3aee 100644 --- a/stubs/google-auth/google/auth/transport/__init__.pyi +++ b/stubs/google-auth/google/auth/transport/__init__.pyi @@ -1,5 +1,5 @@ import abc -from typing import Any, Mapping, Optional, Sequence +from typing import Any, Mapping, Sequence DEFAULT_RETRYABLE_STATUS_CODES: Sequence[int] DEFAULT_REFRESH_STATUS_CODES: Sequence[int] @@ -22,8 +22,8 @@ class Request(metaclass=abc.ABCMeta): self, url: str, method: str = "GET", - body: Optional[bytes] = None, - headers: Optional[Mapping[str, str]] = None, - timeout: Optional[float] = None, + body: bytes | None = None, + headers: Mapping[str, str] | None = None, + timeout: float | None = None, **kwargs: Any, ) -> Response: ... diff --git a/stubs/google-auth/google/auth/transport/_aiohttp_requests.pyi b/stubs/google-auth/google/auth/transport/_aiohttp_requests.pyi index 25eb35233068..f05881e2786d 100644 --- a/stubs/google-auth/google/auth/transport/_aiohttp_requests.pyi +++ b/stubs/google-auth/google/auth/transport/_aiohttp_requests.pyi @@ -1,4 +1,4 @@ -from typing import Any, Mapping, Optional, Sequence +from typing import Any, Mapping, Sequence from google.auth import transport from google.auth.transport import Response @@ -26,14 +26,14 @@ class _Response(transport.Response): class Request(transport.Request): session: Any - def __init__(self, session: Optional[Any] = None) -> None: ... + def __init__(self, session: Any | None = None) -> None: ... def __call__( self, url: str, method: str = "GET", - body: Optional[bytes] = None, - headers: Optional[Mapping[str, str]] = None, - timeout: Optional[float] = None, + body: bytes | None = None, + headers: Mapping[str, str] | None = None, + timeout: float | None = None, **kwargs: Any, ) -> Response: ... @@ -45,8 +45,8 @@ class AuthorizedSession: credentials: Any, refresh_status_codes: Sequence[int] = ..., max_refresh_attempts: int = ..., - refresh_timeout: Optional[float] = None, - auth_request: Optional[Request] = None, + refresh_timeout: float | None = None, + auth_request: Request | None = None, auto_decompress: bool = False, **kwargs: Any, ) -> None: ... @@ -55,9 +55,9 @@ class AuthorizedSession: method: str, url: str, data: Any = None, - headers: Optional[Mapping[str, str]] = None, - max_allowed_time: Optional[float] = None, - timeout: Optional[float] = None, + headers: Mapping[str, str] | None = None, + max_allowed_time: float | None = None, + timeout: float | None = None, auto_decompress: bool = False, **kwargs: Any, ) -> _Response: ... diff --git a/stubs/google-auth/google/auth/transport/_http_client.pyi b/stubs/google-auth/google/auth/transport/_http_client.pyi index e11c153941f5..f01e368ae433 100644 --- a/stubs/google-auth/google/auth/transport/_http_client.pyi +++ b/stubs/google-auth/google/auth/transport/_http_client.pyi @@ -1,4 +1,4 @@ -from typing import Any, Mapping, Optional +from typing import Any, Mapping from google.auth import transport @@ -16,8 +16,8 @@ class Request(transport.Request): self, url: str, method: str = "GET", - body: Optional[bytes] = None, - headers: Optional[Mapping[str, str]] = None, - timeout: Optional[float] = None, + body: bytes | None = None, + headers: Mapping[str, str] | None = None, + timeout: float | None = None, **kwargs: Any, - ) -> "Response": ... + ) -> Response: ... diff --git a/stubs/google-auth/google/auth/transport/_mtls_helper.pyi b/stubs/google-auth/google/auth/transport/_mtls_helper.pyi index 0956c9f485ff..90cc388f8356 100644 --- a/stubs/google-auth/google/auth/transport/_mtls_helper.pyi +++ b/stubs/google-auth/google/auth/transport/_mtls_helper.pyi @@ -1,4 +1,4 @@ -from typing import Callable, Optional, Tuple +from typing import Callable CONTEXT_AWARE_METADATA_PATH: str CERTIFICATE_CONFIGURATION_DEFAULT_PATH: str @@ -6,14 +6,12 @@ CERTIFICATE_CONFIGURATION_DEFAULT_PATH: str def get_client_ssl_credentials( generate_encrypted_key: bool = False, context_aware_metadata_path: str = CONTEXT_AWARE_METADATA_PATH, - certificate_config_path: Optional[str] = None, -) -> Tuple[bool, Optional[bytes], Optional[bytes], Optional[bytes]]: ... + certificate_config_path: str | None = None, +) -> tuple[bool, bytes | None, bytes | None, bytes | None]: ... def get_client_cert_and_key( - client_cert_callback: Optional[Callable[[], Tuple[bytes, bytes]]] = None, -) -> Tuple[bool, Optional[bytes], Optional[bytes]]: ... -def decrypt_private_key(key: bytes, passphrase: Optional[bytes]) -> bytes: ... + client_cert_callback: Callable[[], tuple[bytes, bytes]] | None = None, +) -> tuple[bool, bytes | None, bytes | None]: ... +def decrypt_private_key(key: bytes, passphrase: bytes | None) -> bytes: ... def check_use_client_cert() -> bool: ... -def check_parameters_for_unauthorized_response( - cached_cert: Optional[bytes], -) -> Tuple[bytes, bytes, Optional[str], str]: ... -def call_client_cert_callback() -> Tuple[bytes, bytes]: ... +def check_parameters_for_unauthorized_response(cached_cert: bytes | None) -> tuple[bytes, bytes, str | None, str]: ... +def call_client_cert_callback() -> tuple[bytes, bytes]: ... diff --git a/stubs/google-auth/google/auth/transport/_requests_base.pyi b/stubs/google-auth/google/auth/transport/_requests_base.pyi index e5bafbcaa6ef..d44374f34b42 100644 --- a/stubs/google-auth/google/auth/transport/_requests_base.pyi +++ b/stubs/google-auth/google/auth/transport/_requests_base.pyi @@ -1,5 +1,5 @@ import abc -from typing import Any, Optional +from typing import Any class _BaseAuthorizedSession(metaclass=abc.ABCMeta): credentials: Any @@ -13,7 +13,7 @@ class _BaseAuthorizedSession(metaclass=abc.ABCMeta): data: Any = None, headers: Any = None, max_allowed_time: Any = None, - timeout: Optional[float] = None, + timeout: float | None = None, **kwargs: Any, ) -> Any: ... @abc.abstractmethod diff --git a/stubs/google-auth/google/auth/transport/grpc.pyi b/stubs/google-auth/google/auth/transport/grpc.pyi index ce68858d7fae..b7324906271f 100644 --- a/stubs/google-auth/google/auth/transport/grpc.pyi +++ b/stubs/google-auth/google/auth/transport/grpc.pyi @@ -1,23 +1,13 @@ -from typing import Any, Optional +from typing import Any import grpc class AuthMetadataPlugin(grpc.AuthMetadataPlugin): - def __init__( - self, - credentials: Any, - request: Any, - default_host: Optional[str] = None, - ) -> None: ... + def __init__(self, credentials: Any, request: Any, default_host: str | None = None) -> None: ... def __call__(self, context: Any, callback: Any) -> None: ... def secure_authorized_channel( - credentials: Any, - request: Any, - target: str, - ssl_credentials: Any = ..., - client_cert_callback: Any = ..., - **kwargs: Any, + credentials: Any, request: Any, target: str, ssl_credentials: Any = ..., client_cert_callback: Any = ..., **kwargs: Any ) -> grpc.Channel: ... class SslCredentials: diff --git a/stubs/google-auth/google/auth/transport/mtls.pyi b/stubs/google-auth/google/auth/transport/mtls.pyi index 3a1d75407e1a..3fc8dc18fee5 100644 --- a/stubs/google-auth/google/auth/transport/mtls.pyi +++ b/stubs/google-auth/google/auth/transport/mtls.pyi @@ -1,10 +1,6 @@ from typing import Callable -def has_default_client_cert_source( - include_context_aware: bool = True, -) -> bool: ... +def has_default_client_cert_source(include_context_aware: bool = True) -> bool: ... def default_client_cert_source() -> Callable[[], tuple[bytes, bytes]]: ... -def default_client_encrypted_cert_source( - cert_path: str, key_path: str -) -> Callable[[], tuple[str, str, bytes]]: ... +def default_client_encrypted_cert_source(cert_path: str, key_path: str) -> Callable[[], tuple[str, str, bytes]]: ... def should_use_client_cert() -> bool: ... diff --git a/stubs/google-auth/google/auth/transport/requests.pyi b/stubs/google-auth/google/auth/transport/requests.pyi index f6e5f4883703..71bc343b00fc 100644 --- a/stubs/google-auth/google/auth/transport/requests.pyi +++ b/stubs/google-auth/google/auth/transport/requests.pyi @@ -1,21 +1,11 @@ import types -from typing import ( - Any, - Callable, - Iterable, - Mapping, - MutableMapping, - Optional, - Sequence, - Type, -) +from _typeshed import SupportsItems, SupportsRead +from typing import Any, Callable, Iterable, Mapping, MutableMapping, Sequence import requests import requests.adapters -from _typeshed import SupportsItems, SupportsRead from google.auth import transport -from requests import Response -from requests import Response as _RequestsResponse +from requests import Response, Response as _RequestsResponse from requests.auth import AuthBase from requests.sessions import PreparedRequest, RequestsCookieJar @@ -31,31 +21,24 @@ class _Response(transport.Response): class TimeoutGuard: remaining_timeout: Any - def __init__( - self, - timeout: Any, - timeout_error_type: Type[Exception] = requests.exceptions.Timeout, - ) -> None: ... - def __enter__(self) -> "TimeoutGuard": ... + def __init__(self, timeout: Any, timeout_error_type: type[Exception] = requests.exceptions.Timeout) -> None: ... + def __enter__(self) -> TimeoutGuard: ... def __exit__( - self, - exc_type: Type[BaseException] | None, - exc_value: BaseException | None, - traceback: types.TracebackType | None, + self, exc_type: type[BaseException] | None, exc_value: BaseException | None, traceback: types.TracebackType | None ) -> None: ... class Request(transport.Request): - session: Optional[requests.Session] + session: requests.Session | None - def __init__(self, session: Optional[requests.Session] = None) -> None: ... + def __init__(self, session: requests.Session | None = None) -> None: ... def __del__(self) -> None: ... def __call__( self, url: str, method: str = "GET", - body: Optional[bytes] = None, - headers: Optional[Mapping[str, str]] = None, - timeout: Optional[float] = None, + body: bytes | None = None, + headers: Mapping[str, str] | None = None, + timeout: float | None = None, **kwargs: Any, ) -> _Response: ... @@ -79,47 +62,19 @@ class AuthorizedSession(requests.Session): credentials: Any, refresh_status_codes: Sequence[int] = ..., max_refresh_attempts: int = ..., - refresh_timeout: Optional[float] = None, - auth_request: Optional[Request] = None, - default_host: Optional[str] = None, - ) -> None: ... - def configure_mtls_channel( - self, client_cert_callback: Optional[Any] = None + refresh_timeout: float | None = None, + auth_request: Request | None = None, + default_host: str | None = None, ) -> None: ... + def configure_mtls_channel(self, client_cert_callback: Any | None = None) -> None: ... def request( self, method: str | bytes, url: str | bytes, params: ( - SupportsItems[ - str | bytes | int | float, - str - | bytes - | int - | float - | Iterable[str | bytes | int | float] - | None, - ] - | tuple[ - str | bytes | int | float, - str - | bytes - | int - | float - | Iterable[str | bytes | int | float] - | None, - ] - | Iterable[ - tuple[ - str | bytes | int | float, - str - | bytes - | int - | float - | Iterable[str | bytes | int | float] - | None, - ] - ] + SupportsItems[str | bytes | int | float, str | bytes | int | float | Iterable[str | bytes | int | float] | None] + | tuple[str | bytes | int | float, str | bytes | int | float | Iterable[str | bytes | int | float] | None] + | Iterable[tuple[str | bytes | int | float, str | bytes | int | float | Iterable[str | bytes | int | float] | None]] | str | bytes | None @@ -143,15 +98,8 @@ class AuthorizedSession(requests.Session): | str | bytes | tuple[str | None, SupportsRead[str | bytes] | str | bytes] - | tuple[ - str | None, SupportsRead[str | bytes] | str | bytes, str - ] - | tuple[ - str | None, - SupportsRead[str | bytes] | str | bytes, - str, - Mapping[str, str], - ], + | tuple[str | None, SupportsRead[str | bytes] | str | bytes, str] + | tuple[str | None, SupportsRead[str | bytes] | str | bytes, str, Mapping[str, str]], ] | Iterable[ tuple[ @@ -159,41 +107,18 @@ class AuthorizedSession(requests.Session): SupportsRead[str | bytes] | str | bytes - | tuple[ - str | None, SupportsRead[str | bytes] | str | bytes - ] - | tuple[ - str | None, - SupportsRead[str | bytes] | str | bytes, - str, - ] - | tuple[ - str | None, - SupportsRead[str | bytes] | str | bytes, - str, - Mapping[str, str], - ], + | tuple[str | None, SupportsRead[str | bytes] | str | bytes] + | tuple[str | None, SupportsRead[str | bytes] | str | bytes, str] + | tuple[str | None, SupportsRead[str | bytes] | str | bytes, str, Mapping[str, str]], ] ] | None ) = ..., - auth: ( - tuple[str, str] - | AuthBase - | Callable[[PreparedRequest], PreparedRequest] - | None - ) = ..., + auth: tuple[str, str] | AuthBase | Callable[[PreparedRequest], PreparedRequest] | None = ..., timeout: float | tuple[float | None, float | None] | None = ..., allow_redirects: bool = ..., proxies: MutableMapping[str, str] | None = ..., - hooks: ( - Mapping[ - str, - Iterable[Callable[[Response], Any]] - | Callable[[Response], Any], - ] - | None - ) = ..., + hooks: Mapping[str, Iterable[Callable[[Response], Any]] | Callable[[Response], Any]] | None = ..., stream: bool | None = ..., verify: bool | str | None = ..., cert: str | tuple[str, str] | None = ..., diff --git a/stubs/google-auth/google/auth/transport/urllib3.pyi b/stubs/google-auth/google/auth/transport/urllib3.pyi index 1dddf1388f47..052204c5f99d 100644 --- a/stubs/google-auth/google/auth/transport/urllib3.pyi +++ b/stubs/google-auth/google/auth/transport/urllib3.pyi @@ -1,5 +1,5 @@ import types -from typing import Any, Callable, Mapping, Optional, Sequence, Tuple +from typing import Any, Callable, Mapping, Sequence import requests from google.auth import transport @@ -27,31 +27,24 @@ class _Response(transport.Response): class TimeoutGuard: remaining_timeout: Any - def __init__( - self, - timeout: Any, - timeout_error_type: type[Exception] = requests.exceptions.Timeout, - ) -> None: ... - def __enter__(self) -> "TimeoutGuard": ... + def __init__(self, timeout: Any, timeout_error_type: type[Exception] = requests.exceptions.Timeout) -> None: ... + def __enter__(self) -> TimeoutGuard: ... def __exit__( - self, - exc_type: type[BaseException] | None, - exc_value: BaseException | None, - traceback: types.TracebackType | None, + self, exc_type: type[BaseException] | None, exc_value: BaseException | None, traceback: types.TracebackType | None ) -> None: ... class Request(transport.Request): http: Any - def __init__(self, http: Optional[Any] = None) -> None: ... + def __init__(self, http: Any | None = None) -> None: ... def __del__(self) -> None: ... def __call__( self, url: str, method: str = "GET", - body: Optional[bytes] = None, - headers: Optional[Mapping[str, str]] = None, - timeout: Optional[float] = None, + body: bytes | None = None, + headers: Mapping[str, str] | None = None, + timeout: float | None = None, **kwargs: Any, ) -> _Response: ... @@ -74,31 +67,16 @@ class AuthorizedHttp(RequestMethods): def __init__( self, credentials: Any, - http: Optional[Any] = None, + http: Any | None = None, refresh_status_codes: Sequence[int] = ..., max_refresh_attempts: int = ..., - default_host: Optional[str] = None, + default_host: str | None = None, ) -> None: ... - def configure_mtls_channel( - self, - client_cert_callback: Optional[ - Callable[[], Tuple[bytes, bytes]] - ] = ..., - ) -> bool: ... - def urlopen( - self, - method: str, - url: str, - body: Any = None, - headers: Any = None, - **kwargs: Any, - ) -> _Response: ... + def configure_mtls_channel(self, client_cert_callback: Callable[[], tuple[bytes, bytes]] | None = ...) -> bool: ... + def urlopen(self, method: str, url: str, body: Any = None, headers: Any = None, **kwargs: Any) -> _Response: ... def __enter__(self) -> Any: ... def __exit__( - self, - exc_type: type[BaseException] | None, - exc_val: BaseException | None, - exc_tb: types.TracebackType | None, + self, exc_type: type[BaseException] | None, exc_val: BaseException | None, exc_tb: types.TracebackType | None ) -> None: ... def __del__(self) -> None: ... @property diff --git a/stubs/google-auth/google/oauth2/_client.pyi b/stubs/google-auth/google/oauth2/_client.pyi index cd2777bbaf2b..d7f0762a4c7c 100644 --- a/stubs/google-auth/google/oauth2/_client.pyi +++ b/stubs/google-auth/google/oauth2/_client.pyi @@ -1,29 +1,24 @@ import datetime -from typing import Mapping, Optional, Sequence, Tuple +from typing import Mapping, Sequence from google.auth.transport import Request def jwt_grant( request: Request, token_uri: str, assertion: str, can_retry: bool = True -) -> Tuple[str, Optional[datetime.datetime], Mapping[str, str]]: ... +) -> tuple[str, datetime.datetime | None, Mapping[str, str]]: ... def call_iam_generate_id_token_endpoint( - request: Request, - iam_id_token_endpoint: str, - signer_email: str, - audience: str, - access_token: str, - universe_domain: str = ..., -) -> Tuple[str, datetime.datetime]: ... + request: Request, iam_id_token_endpoint: str, signer_email: str, audience: str, access_token: str, universe_domain: str = ... +) -> tuple[str, datetime.datetime]: ... def id_token_jwt_grant( request: Request, token_uri: str, assertion: str, can_retry: bool = True -) -> Tuple[str, Optional[datetime.datetime], Mapping[str, str]]: ... +) -> tuple[str, datetime.datetime | None, Mapping[str, str]]: ... def refresh_grant( request: Request, token_uri: str, refresh_token: str, client_id: str, client_secret: str, - scopes: Optional[Sequence[str]] = None, - rapt_token: Optional[str] = None, + scopes: Sequence[str] | None = None, + rapt_token: str | None = None, can_retry: bool = True, -) -> Tuple[str, str, Optional[datetime.datetime], Mapping[str, str]]: ... +) -> tuple[str, str, datetime.datetime | None, Mapping[str, str]]: ... diff --git a/stubs/google-auth/google/oauth2/_client_async.pyi b/stubs/google-auth/google/oauth2/_client_async.pyi index 5d2da056a08f..a9a0a7e95d4f 100644 --- a/stubs/google-auth/google/oauth2/_client_async.pyi +++ b/stubs/google-auth/google/oauth2/_client_async.pyi @@ -1,21 +1,21 @@ from datetime import datetime -from typing import Mapping, Optional, Sequence, Tuple +from typing import Mapping, Sequence from google.auth.transport import Request async def jwt_grant( request: Request, token_uri: str, assertion: str, can_retry: bool = True -) -> Tuple[str, Optional[datetime], Mapping[str, str]]: ... +) -> tuple[str, datetime | None, Mapping[str, str]]: ... async def id_token_jwt_grant( request: Request, token_uri: str, assertion: str, can_retry: bool = True -) -> Tuple[str, Optional[datetime], Mapping[str, str]]: ... +) -> tuple[str, datetime | None, Mapping[str, str]]: ... async def refresh_grant( request: Request, token_uri: str, refresh_token: str, client_id: str, client_secret: str, - scopes: Optional[Sequence[str]] = None, - rapt_token: Optional[str] = None, + scopes: Sequence[str] | None = None, + rapt_token: str | None = None, can_retry: bool = True, -) -> Tuple[str, Optional[str], Optional[datetime], Mapping[str, str]]: ... +) -> tuple[str, str | None, datetime | None, Mapping[str, str]]: ... diff --git a/stubs/google-auth/google/oauth2/_credentials_async.pyi b/stubs/google-auth/google/oauth2/_credentials_async.pyi index 642ec06655b8..c06190659859 100644 --- a/stubs/google-auth/google/oauth2/_credentials_async.pyi +++ b/stubs/google-auth/google/oauth2/_credentials_async.pyi @@ -1,5 +1,6 @@ -from typing import Mapping from _typeshed import Incomplete +from typing import Mapping + from google.auth.transport import Request as _Request from google.oauth2 import credentials as oauth2_credentials @@ -8,14 +9,6 @@ class Credentials(oauth2_credentials.Credentials): expiry: Incomplete async def refresh(self, request: _Request) -> None: ... - async def before_request( - self, - request: _Request, - method: str, - url: str, - headers: Mapping[str, str], - ) -> None: ... + async def before_request(self, request: _Request, method: str, url: str, headers: Mapping[str, str]) -> None: ... -class UserAccessTokenCredentials( - oauth2_credentials.UserAccessTokenCredentials -): ... +class UserAccessTokenCredentials(oauth2_credentials.UserAccessTokenCredentials): ... diff --git a/stubs/google-auth/google/oauth2/_id_token_async.pyi b/stubs/google-auth/google/oauth2/_id_token_async.pyi index a6efcfac9ce2..101b62f062cd 100644 --- a/stubs/google-auth/google/oauth2/_id_token_async.pyi +++ b/stubs/google-auth/google/oauth2/_id_token_async.pyi @@ -1,24 +1,18 @@ -from typing import Any, Mapping, Optional, Sequence, Union +from typing import Any, Mapping, Sequence from google.auth.transport import Request as _Request async def verify_token( - id_token: Union[str, bytes], + id_token: str | bytes, request: _Request, - audience: Optional[Union[str, Sequence[str]]] = None, + audience: str | Sequence[str] | None = None, certs_url: str = "https://www.googleapis.com/oauth2/v1/certs", clock_skew_in_seconds: int = 0, ) -> Mapping[str, Any]: ... async def verify_oauth2_token( - id_token: Union[str, bytes], - request: _Request, - audience: Optional[Union[str, Sequence[str]]] = None, - clock_skew_in_seconds: int = 0, + id_token: str | bytes, request: _Request, audience: str | Sequence[str] | None = None, clock_skew_in_seconds: int = 0 ) -> Mapping[str, Any]: ... async def verify_firebase_token( - id_token: Union[str, bytes], - request: _Request, - audience: Optional[Union[str, Sequence[str]]] = None, - clock_skew_in_seconds: int = 0, + id_token: str | bytes, request: _Request, audience: str | Sequence[str] | None = None, clock_skew_in_seconds: int = 0 ) -> Mapping[str, Any]: ... async def fetch_id_token(request: _Request, audience: str) -> str: ... diff --git a/stubs/google-auth/google/oauth2/_reauth_async.pyi b/stubs/google-auth/google/oauth2/_reauth_async.pyi index 9b21cad42b15..4c5b27cedaf6 100644 --- a/stubs/google-auth/google/oauth2/_reauth_async.pyi +++ b/stubs/google-auth/google/oauth2/_reauth_async.pyi @@ -1,16 +1,11 @@ import datetime -from typing import Mapping, Optional, Sequence, Tuple +from typing import Mapping, Sequence from google.auth.transport import Request as _Request def is_interactive() -> bool: ... def get_rapt_token( - request: _Request, - client_id: str, - client_secret: str, - refresh_token: str, - token_uri: str, - scopes: Optional[Sequence[str]] = None, + request: _Request, client_id: str, client_secret: str, refresh_token: str, token_uri: str, scopes: Sequence[str] | None = None ) -> str: ... def refresh_grant( request: _Request, @@ -18,9 +13,7 @@ def refresh_grant( refresh_token: str, client_id: str, client_secret: str, - scopes: Optional[Sequence[str]] = None, - rapt_token: Optional[str] = None, + scopes: Sequence[str] | None = None, + rapt_token: str | None = None, enable_reauth_refresh: bool = False, -) -> Tuple[ - str, Optional[str], Optional[datetime.datetime], Mapping[str, str], str -]: ... +) -> tuple[str, str | None, datetime.datetime | None, Mapping[str, str], str]: ... diff --git a/stubs/google-auth/google/oauth2/_service_account_async.pyi b/stubs/google-auth/google/oauth2/_service_account_async.pyi index 7d68e08e60e5..01304a5e2b06 100644 --- a/stubs/google-auth/google/oauth2/_service_account_async.pyi +++ b/stubs/google-auth/google/oauth2/_service_account_async.pyi @@ -1,25 +1,17 @@ import abc from _typeshed import Incomplete + from google.auth import _credentials_async as credentials_async from google.auth.transport import Request as _Request from google.oauth2 import service_account -class Credentials( - service_account.Credentials, - credentials_async.Scoped, - credentials_async.Credentials, - metaclass=abc.ABCMeta, -): +class Credentials(service_account.Credentials, credentials_async.Scoped, credentials_async.Credentials, metaclass=abc.ABCMeta): token: Incomplete expiry: Incomplete async def refresh(self, request: _Request) -> None: ... -class IDTokenCredentials( - service_account.IDTokenCredentials, - credentials_async.Signing, - credentials_async.Credentials, -): +class IDTokenCredentials(service_account.IDTokenCredentials, credentials_async.Signing, credentials_async.Credentials): token: Incomplete expiry: Incomplete diff --git a/stubs/google-auth/google/oauth2/challenges.pyi b/stubs/google-auth/google/oauth2/challenges.pyi index d6957abde1e3..3fbe475c9c16 100644 --- a/stubs/google-auth/google/oauth2/challenges.pyi +++ b/stubs/google-auth/google/oauth2/challenges.pyi @@ -1,5 +1,5 @@ import abc -from typing import Dict, Mapping, Optional +from typing import Mapping REAUTH_ORIGIN: str SAML_CHALLENGE_MESSAGE: str @@ -15,35 +15,27 @@ class ReauthChallenge(metaclass=abc.ABCMeta): @abc.abstractmethod def is_locally_eligible(self) -> bool: ... @abc.abstractmethod - def obtain_challenge_input( - self, metadata: Mapping[str, object] - ) -> Optional[Dict[str, object]]: ... + def obtain_challenge_input(self, metadata: Mapping[str, object]) -> dict[str, object] | None: ... class PasswordChallenge(ReauthChallenge): @property def name(self) -> str: ... @property def is_locally_eligible(self) -> bool: ... - def obtain_challenge_input( - self, unused_metadata: Mapping[str, object] - ) -> Optional[Dict[str, object]]: ... + def obtain_challenge_input(self, unused_metadata: Mapping[str, object]) -> dict[str, object] | None: ... class SecurityKeyChallenge(ReauthChallenge): @property def name(self) -> str: ... @property def is_locally_eligible(self) -> bool: ... - def obtain_challenge_input( - self, metadata: Mapping[str, object] - ) -> Optional[Dict[str, object]]: ... + def obtain_challenge_input(self, metadata: Mapping[str, object]) -> dict[str, object] | None: ... class SamlChallenge(ReauthChallenge): @property def name(self) -> str: ... @property def is_locally_eligible(self) -> bool: ... - def obtain_challenge_input( - self, metadata: Mapping[str, object] - ) -> Optional[Dict[str, object]]: ... + def obtain_challenge_input(self, metadata: Mapping[str, object]) -> dict[str, object] | None: ... -AVAILABLE_CHALLENGES: Dict[str, ReauthChallenge] +AVAILABLE_CHALLENGES: dict[str, ReauthChallenge] diff --git a/stubs/google-auth/google/oauth2/credentials.pyi b/stubs/google-auth/google/oauth2/credentials.pyi index 311835a2437e..88254e3b8f76 100644 --- a/stubs/google-auth/google/oauth2/credentials.pyi +++ b/stubs/google-auth/google/oauth2/credentials.pyi @@ -1,97 +1,77 @@ import datetime -from typing import Any, Mapping, Optional, Sequence +from typing import Any, Coroutine, Mapping, Sequence + import google from google.auth import credentials -from typing import Coroutine -class Credentials( - credentials.ReadOnlyScoped, credentials.CredentialsWithQuotaProject -): - token: Optional[str] - expiry: Optional[datetime.datetime] +class Credentials(credentials.ReadOnlyScoped, credentials.CredentialsWithQuotaProject): + token: str | None + expiry: datetime.datetime | None def __init__( self, - token: Optional[str], - refresh_token: Optional[str] = None, - id_token: Optional[str] = None, - token_uri: Optional[str] = None, - client_id: Optional[str] = None, - client_secret: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - default_scopes: Optional[Sequence[str]] = None, - quota_project_id: Optional[str] = None, - expiry: Optional[datetime.datetime] = None, - rapt_token: Optional[str] = None, - refresh_handler: Optional[Any] = None, + token: str | None, + refresh_token: str | None = None, + id_token: str | None = None, + token_uri: str | None = None, + client_id: str | None = None, + client_secret: str | None = None, + scopes: Sequence[str] | None = None, + default_scopes: Sequence[str] | None = None, + quota_project_id: str | None = None, + expiry: datetime.datetime | None = None, + rapt_token: str | None = None, + refresh_handler: Any | None = None, enable_reauth_refresh: bool = False, - granted_scopes: Optional[Sequence[str]] = None, - trust_boundary: Optional[Mapping[str, str]] = None, - universe_domain: Optional[str] = None, - account: Optional[str] = "", + granted_scopes: Sequence[str] | None = None, + trust_boundary: Mapping[str, str] | None = None, + universe_domain: str | None = None, + account: str | None = "", ) -> None: ... @property - def refresh_token(self) -> Optional[str]: ... + def refresh_token(self) -> str | None: ... @property - def scopes(self) -> Optional[Sequence[str]]: ... + def scopes(self) -> Sequence[str] | None: ... @property - def granted_scopes(self) -> Optional[Sequence[str]]: ... + def granted_scopes(self) -> Sequence[str] | None: ... @property - def token_uri(self) -> Optional[str]: ... + def token_uri(self) -> str | None: ... @property - def id_token(self) -> Optional[str]: ... + def id_token(self) -> str | None: ... @property - def client_id(self) -> Optional[str]: ... + def client_id(self) -> str | None: ... @property - def client_secret(self) -> Optional[str]: ... + def client_secret(self) -> str | None: ... @property def requires_scopes(self) -> bool: ... @property - def rapt_token(self) -> Optional[str]: ... + def rapt_token(self) -> str | None: ... @property - def refresh_handler(self) -> Optional[Any]: ... + def refresh_handler(self) -> Any | None: ... @refresh_handler.setter - def refresh_handler(self, value: Optional[Any]) -> None: ... + def refresh_handler(self, value: Any | None) -> None: ... @property def account(self) -> str: ... - def get_cred_info(self) -> Optional[Mapping[str, str]]: ... - def with_quota_project( - self, quota_project_id: Optional[str] - ) -> "Credentials": ... - def with_token_uri(self, token_uri: str) -> "Credentials": ... - def with_account(self, account: str) -> "Credentials": ... - def with_universe_domain(self, universe_domain: str) -> "Credentials": ... - def refresh( - self, request: "google.auth.transport.Request" - ) -> None | Coroutine[Any, Any, None]: ... + def get_cred_info(self) -> Mapping[str, str] | None: ... + def with_quota_project(self, quota_project_id: str | None) -> Credentials: ... + def with_token_uri(self, token_uri: str) -> Credentials: ... + def with_account(self, account: str) -> Credentials: ... + def with_universe_domain(self, universe_domain: str) -> Credentials: ... + def refresh(self, request: google.auth.transport.Request) -> None | Coroutine[Any, Any, None]: ... @classmethod - def from_authorized_user_info( - cls, info: Mapping[str, str], scopes: Optional[Sequence[str]] = None - ) -> "Credentials": ... + def from_authorized_user_info(cls, info: Mapping[str, str], scopes: Sequence[str] | None = None) -> Credentials: ... @classmethod - def from_authorized_user_file( - cls, filename: str, scopes: Optional[Sequence[str]] = None - ) -> "Credentials": ... - def to_json(self, strip: Optional[Sequence[str]] = None) -> str: ... + def from_authorized_user_file(cls, filename: str, scopes: Sequence[str] | None = None) -> Credentials: ... + def to_json(self, strip: Sequence[str] | None = None) -> str: ... class UserAccessTokenCredentials(credentials.CredentialsWithQuotaProject): - def __init__( - self, - account: Optional[str] = None, - quota_project_id: Optional[str] = None, - ) -> None: ... - def with_account(self, account: str) -> "UserAccessTokenCredentials": ... - def with_quota_project( - self, quota_project_id: Optional[str] - ) -> "UserAccessTokenCredentials": ... - token: Optional[str] - expiry: Optional[datetime.datetime] + def __init__(self, account: str | None = None, quota_project_id: str | None = None) -> None: ... + def with_account(self, account: str) -> UserAccessTokenCredentials: ... + def with_quota_project(self, quota_project_id: str | None) -> UserAccessTokenCredentials: ... + token: str | None + expiry: datetime.datetime | None - def refresh(self, request: "google.auth.transport.Request") -> None: ... + def refresh(self, request: google.auth.transport.Request) -> None: ... def before_request( - self, - request: "google.auth.transport.Request", - method: str, - url: str, - headers: Mapping[str, str], + self, request: google.auth.transport.Request, method: str, url: str, headers: Mapping[str, str] ) -> None: ... diff --git a/stubs/google-auth/google/oauth2/gdch_credentials.pyi b/stubs/google-auth/google/oauth2/gdch_credentials.pyi index d3dd7d40f9b0..127246a55bb7 100644 --- a/stubs/google-auth/google/oauth2/gdch_credentials.pyi +++ b/stubs/google-auth/google/oauth2/gdch_credentials.pyi @@ -1,7 +1,7 @@ -from typing import Any, Mapping, Optional +from _typeshed import Incomplete +from typing import Any, Mapping import google -from _typeshed import Incomplete from google.auth import credentials from google.auth.crypt import Signer as _Signer @@ -16,19 +16,13 @@ class ServiceAccountCredentials(credentials.Credentials): signer: _Signer, service_identity_name: str, project: str, - audience: Optional[str], + audience: str | None, token_uri: str, - ca_cert_path: Optional[str], + ca_cert_path: str | None, ) -> None: ... @classmethod - def from_service_account_info( - cls, info: Mapping[str, str], **kwargs: Any - ) -> "ServiceAccountCredentials": ... + def from_service_account_info(cls, info: Mapping[str, str], **kwargs: Any) -> ServiceAccountCredentials: ... @classmethod - def from_service_account_file( - cls, filename: str, **kwargs: Any - ) -> "ServiceAccountCredentials": ... - def refresh(self, request: "google.auth.transport.Request") -> None: ... - def with_gdch_audience( - self, audience: str - ) -> "ServiceAccountCredentials": ... + def from_service_account_file(cls, filename: str, **kwargs: Any) -> ServiceAccountCredentials: ... + def refresh(self, request: google.auth.transport.Request) -> None: ... + def with_gdch_audience(self, audience: str) -> ServiceAccountCredentials: ... diff --git a/stubs/google-auth/google/oauth2/id_token.pyi b/stubs/google-auth/google/oauth2/id_token.pyi index 4c94da3d7b2d..70dc630d8358 100644 --- a/stubs/google-auth/google/oauth2/id_token.pyi +++ b/stubs/google-auth/google/oauth2/id_token.pyi @@ -1,28 +1,19 @@ -from typing import Any, Mapping, Optional, Sequence, Union +from typing import Any, Mapping, Sequence -from google.auth import credentials as _credentials -from google.auth import transport as transport +from google.auth import credentials as _credentials, transport as transport def verify_token( - id_token: Union[str, bytes], + id_token: str | bytes, request: transport.Request, - audience: Optional[Union[str, Sequence[str]]] = None, + audience: str | Sequence[str] | None = None, certs_url: str = "https://www.googleapis.com/oauth2/v1/certs", clock_skew_in_seconds: int = 0, ) -> Mapping[str, Any]: ... def verify_oauth2_token( - id_token: Union[str, bytes], - request: transport.Request, - audience: Optional[Union[str, Sequence[str]]] = None, - clock_skew_in_seconds: int = 0, + id_token: str | bytes, request: transport.Request, audience: str | Sequence[str] | None = None, clock_skew_in_seconds: int = 0 ) -> Mapping[str, Any]: ... def verify_firebase_token( - id_token: Union[str, bytes], - request: transport.Request, - audience: Optional[Union[str, Sequence[str]]] = None, - clock_skew_in_seconds: int = 0, + id_token: str | bytes, request: transport.Request, audience: str | Sequence[str] | None = None, clock_skew_in_seconds: int = 0 ) -> Mapping[str, Any]: ... -def fetch_id_token_credentials( - audience: str, request: Optional[transport.Request] = None -) -> _credentials.Credentials: ... +def fetch_id_token_credentials(audience: str, request: transport.Request | None = None) -> _credentials.Credentials: ... def fetch_id_token(request: transport.Request, audience: str) -> str: ... diff --git a/stubs/google-auth/google/oauth2/reauth.pyi b/stubs/google-auth/google/oauth2/reauth.pyi index 08c35c7d3577..1407f2fddc7a 100644 --- a/stubs/google-auth/google/oauth2/reauth.pyi +++ b/stubs/google-auth/google/oauth2/reauth.pyi @@ -1,5 +1,5 @@ import datetime -from typing import Mapping, Optional, Sequence, Tuple +from typing import Mapping, Sequence from google.auth.transport import Request as _Request @@ -7,12 +7,7 @@ RUN_CHALLENGE_RETRY_LIMIT: int def is_interactive() -> bool: ... def get_rapt_token( - request: _Request, - client_id: str, - client_secret: str, - refresh_token: str, - token_uri: str, - scopes: Optional[Sequence[str]] = None, + request: _Request, client_id: str, client_secret: str, refresh_token: str, token_uri: str, scopes: Sequence[str] | None = None ) -> str: ... def refresh_grant( request: _Request, @@ -20,9 +15,7 @@ def refresh_grant( refresh_token: str, client_id: str, client_secret: str, - scopes: Optional[Sequence[str]] = None, - rapt_token: Optional[str] = None, + scopes: Sequence[str] | None = None, + rapt_token: str | None = None, enable_reauth_refresh: bool = False, -) -> Tuple[ - str, Optional[str], Optional[datetime.datetime], Mapping[str, str], str -]: ... +) -> tuple[str, str | None, datetime.datetime | None, Mapping[str, str], str]: ... diff --git a/stubs/google-auth/google/oauth2/service_account.pyi b/stubs/google-auth/google/oauth2/service_account.pyi index 27a4699049b9..2ce83438611e 100644 --- a/stubs/google-auth/google/oauth2/service_account.pyi +++ b/stubs/google-auth/google/oauth2/service_account.pyi @@ -1,9 +1,9 @@ import abc import datetime -from typing import Any, Mapping, Optional, Sequence +from typing import Any, Coroutine, Mapping, Sequence + import google from google.auth import credentials -from typing import Coroutine class Credentials( credentials.Signing, @@ -15,100 +15,70 @@ class Credentials( ): def __init__( self, - signer: "google.auth.crypt.Signer", + signer: google.auth.crypt.Signer, service_account_email: str, token_uri: str, - scopes: Optional[Sequence[str]] = None, - default_scopes: Optional[Sequence[str]] = None, - subject: Optional[str] = None, - project_id: Optional[str] = None, - quota_project_id: Optional[str] = None, - additional_claims: Optional[Mapping[str, str]] = None, + scopes: Sequence[str] | None = None, + default_scopes: Sequence[str] | None = None, + subject: str | None = None, + project_id: str | None = None, + quota_project_id: str | None = None, + additional_claims: Mapping[str, str] | None = None, always_use_jwt_access: bool = False, - universe_domain: Optional[str] = None, - trust_boundary: Optional[Mapping[str, str]] = None, + universe_domain: str | None = None, + trust_boundary: Mapping[str, str] | None = None, ) -> None: ... @classmethod - def from_service_account_info( - cls, info: Mapping[str, str], **kwargs: Any - ) -> "Credentials": ... + def from_service_account_info(cls, info: Mapping[str, str], **kwargs: Any) -> Credentials: ... @classmethod - def from_service_account_file( - cls, filename: str, **kwargs: Any - ) -> "Credentials": ... + def from_service_account_file(cls, filename: str, **kwargs: Any) -> Credentials: ... @property def service_account_email(self) -> str: ... @property - def project_id(self) -> Optional[str]: ... + def project_id(self) -> str | None: ... @property def requires_scopes(self) -> bool: ... - def with_scopes( - self, - scopes: Sequence[str], - default_scopes: Optional[Sequence[str]] = None, - ) -> "Credentials": ... - def with_always_use_jwt_access( - self, always_use_jwt_access: bool - ) -> "Credentials": ... - def with_universe_domain(self, universe_domain: str) -> "Credentials": ... - def with_subject(self, subject: str) -> "Credentials": ... - def with_claims( - self, additional_claims: Mapping[str, str] - ) -> "Credentials": ... - def with_quota_project( - self, quota_project_id: Optional[str] - ) -> "Credentials": ... - def with_token_uri(self, token_uri: str) -> "Credentials": ... - def with_trust_boundary( - self, trust_boundary: Mapping[str, str] - ) -> "Credentials": ... + def with_scopes(self, scopes: Sequence[str], default_scopes: Sequence[str] | None = None) -> Credentials: ... + def with_always_use_jwt_access(self, always_use_jwt_access: bool) -> Credentials: ... + def with_universe_domain(self, universe_domain: str) -> Credentials: ... + def with_subject(self, subject: str) -> Credentials: ... + def with_claims(self, additional_claims: Mapping[str, str]) -> Credentials: ... + def with_quota_project(self, quota_project_id: str | None) -> Credentials: ... + def with_token_uri(self, token_uri: str) -> Credentials: ... + def with_trust_boundary(self, trust_boundary: Mapping[str, str]) -> Credentials: ... def sign_bytes(self, message: bytes) -> bytes: ... @property - def signer(self) -> "google.auth.crypt.Signer": ... + def signer(self) -> google.auth.crypt.Signer: ... @property def signer_email(self) -> str: ... - def get_cred_info(self) -> Optional[Mapping[str, str]]: ... + def get_cred_info(self) -> Mapping[str, str] | None: ... -class IDTokenCredentials( - credentials.Signing, - credentials.CredentialsWithQuotaProject, - credentials.CredentialsWithTokenUri, -): +class IDTokenCredentials(credentials.Signing, credentials.CredentialsWithQuotaProject, credentials.CredentialsWithTokenUri): def __init__( self, - signer: "google.auth.crypt.Signer", + signer: google.auth.crypt.Signer, service_account_email: str, token_uri: str, target_audience: str, - additional_claims: Optional[Mapping[str, str]] = None, - quota_project_id: Optional[str] = None, - universe_domain: Optional[str] = None, + additional_claims: Mapping[str, str] | None = None, + quota_project_id: str | None = None, + universe_domain: str | None = None, ) -> None: ... @classmethod - def from_service_account_info( - cls, info: Mapping[str, str], **kwargs: Any - ) -> "IDTokenCredentials": ... + def from_service_account_info(cls, info: Mapping[str, str], **kwargs: Any) -> IDTokenCredentials: ... @classmethod - def from_service_account_file( - cls, filename: str, **kwargs: Any - ) -> "IDTokenCredentials": ... - def with_target_audience( - self, target_audience: str - ) -> "IDTokenCredentials": ... - def with_quota_project( - self, quota_project_id: Optional[str] - ) -> "IDTokenCredentials": ... - def with_token_uri(self, token_uri: str) -> "IDTokenCredentials": ... - token: Optional[str] - expiry: Optional[datetime.datetime] + def from_service_account_file(cls, filename: str, **kwargs: Any) -> IDTokenCredentials: ... + def with_target_audience(self, target_audience: str) -> IDTokenCredentials: ... + def with_quota_project(self, quota_project_id: str | None) -> IDTokenCredentials: ... + def with_token_uri(self, token_uri: str) -> IDTokenCredentials: ... + token: str | None + expiry: datetime.datetime | None - def refresh( - self, request: "google.auth.transport.Request" - ) -> None | Coroutine[Any, Any, None]: ... + def refresh(self, request: google.auth.transport.Request) -> None | Coroutine[Any, Any, None]: ... @property def service_account_email(self) -> str: ... def sign_bytes(self, message: bytes) -> bytes: ... @property - def signer(self) -> "google.auth.crypt.Signer": ... + def signer(self) -> google.auth.crypt.Signer: ... @property def signer_email(self) -> str: ... diff --git a/stubs/google-auth/google/oauth2/sts.pyi b/stubs/google-auth/google/oauth2/sts.pyi index 1c48fb187911..8a800a1c3e4f 100644 --- a/stubs/google-auth/google/oauth2/sts.pyi +++ b/stubs/google-auth/google/oauth2/sts.pyi @@ -1,36 +1,24 @@ -from typing import Mapping, Optional, Sequence +from typing import Mapping, Sequence from google.auth.transport import Request as _Request from google.oauth2 import utils class Client(utils.OAuthClientAuthHandler): - def __init__( - self, - token_exchange_endpoint: str, - client_authentication: Optional[utils.ClientAuthentication] = None, - ) -> None: ... + def __init__(self, token_exchange_endpoint: str, client_authentication: utils.ClientAuthentication | None = None) -> None: ... def exchange_token( self, request: _Request, grant_type: str, subject_token: str, subject_token_type: str, - resource: Optional[str] = None, - audience: Optional[str] = None, - scopes: Optional[Sequence[str]] = None, - requested_token_type: Optional[str] = None, - actor_token: Optional[str] = None, - actor_token_type: Optional[str] = None, - additional_options: Optional[Mapping[str, str]] = None, - additional_headers: Optional[Mapping[str, str]] = None, - ) -> Mapping[str, str]: ... - def refresh_token( - self, request: _Request, refresh_token: str - ) -> Mapping[str, str]: ... - def revoke_token( - self, - request: _Request, - token: str, - token_type_hint: str, - revoke_url: str, + resource: str | None = None, + audience: str | None = None, + scopes: Sequence[str] | None = None, + requested_token_type: str | None = None, + actor_token: str | None = None, + actor_token_type: str | None = None, + additional_options: Mapping[str, str] | None = None, + additional_headers: Mapping[str, str] | None = None, ) -> Mapping[str, str]: ... + def refresh_token(self, request: _Request, refresh_token: str) -> Mapping[str, str]: ... + def revoke_token(self, request: _Request, token: str, token_type_hint: str, revoke_url: str) -> Mapping[str, str]: ... diff --git a/stubs/google-auth/google/oauth2/utils.pyi b/stubs/google-auth/google/oauth2/utils.pyi index e35c1780a83b..3385e3fc5193 100644 --- a/stubs/google-auth/google/oauth2/utils.pyi +++ b/stubs/google-auth/google/oauth2/utils.pyi @@ -1,6 +1,6 @@ import abc import enum -from typing import Mapping, Optional +from typing import Mapping class ClientAuthType(enum.Enum): basic = 1 @@ -9,23 +9,13 @@ class ClientAuthType(enum.Enum): class ClientAuthentication: client_auth_type: ClientAuthType client_id: str - client_secret: Optional[str] - def __init__( - self, - client_auth_type: ClientAuthType, - client_id: str, - client_secret: Optional[str] = None, - ) -> None: ... + client_secret: str | None + def __init__(self, client_auth_type: ClientAuthType, client_id: str, client_secret: str | None = None) -> None: ... class OAuthClientAuthHandler(metaclass=abc.ABCMeta): - def __init__( - self, client_authentication: Optional["ClientAuthentication"] = None - ) -> None: ... + def __init__(self, client_authentication: ClientAuthentication | None = None) -> None: ... def apply_client_authentication_options( - self, - headers: Mapping[str, str], - request_body: Optional[Mapping[str, str]] = None, - bearer_token: Optional[str] = None, + self, headers: Mapping[str, str], request_body: Mapping[str, str] | None = None, bearer_token: str | None = None ) -> None: ... def handle_error_response(response_body: str) -> None: ... diff --git a/stubs/google-auth/google/oauth2/webauthn_handler.pyi b/stubs/google-auth/google/oauth2/webauthn_handler.pyi index 4649734d8951..69f3d27f56be 100644 --- a/stubs/google-auth/google/oauth2/webauthn_handler.pyi +++ b/stubs/google-auth/google/oauth2/webauthn_handler.pyi @@ -1,4 +1,5 @@ import abc + from google.oauth2.webauthn_types import GetRequest as GetRequest, GetResponse class WebAuthnHandler(abc.ABC, metaclass=abc.ABCMeta): diff --git a/stubs/google-auth/google/oauth2/webauthn_types.pyi b/stubs/google-auth/google/oauth2/webauthn_types.pyi index 38abfb4b46e5..551b1af99974 100644 --- a/stubs/google-auth/google/oauth2/webauthn_types.pyi +++ b/stubs/google-auth/google/oauth2/webauthn_types.pyi @@ -1,28 +1,27 @@ from dataclasses import dataclass -from typing import Dict, List, Optional @dataclass(frozen=True) class PublicKeyCredentialDescriptor: id: str - transports: Optional[List[str]] = None + transports: list[str] | None = None - def to_dict(self) -> Dict[str, object]: ... + def to_dict(self) -> dict[str, object]: ... @dataclass class AuthenticationExtensionsClientInputs: - appid: Optional[str] = None + appid: str | None = None - def to_dict(self) -> Dict[str, object]: ... + def to_dict(self) -> dict[str, object]: ... @dataclass class GetRequest: origin: str rpid: str challenge: str - timeout_ms: Optional[int] = None - allow_credentials: Optional[List[PublicKeyCredentialDescriptor]] = None - user_verification: Optional[str] = None - extensions: Optional[AuthenticationExtensionsClientInputs] = None + timeout_ms: int | None = None + allow_credentials: list[PublicKeyCredentialDescriptor] | None = None + user_verification: str | None = None + extensions: AuthenticationExtensionsClientInputs | None = None def to_json(self) -> str: ... @@ -31,14 +30,14 @@ class AuthenticatorAssertionResponse: client_data_json: str authenticator_data: str signature: str - user_handle: Optional[str] = None + user_handle: str | None = None @dataclass(frozen=True) class GetResponse: id: str response: AuthenticatorAssertionResponse - authenticator_attachment: Optional[str] = None - client_extension_results: Optional[Dict[str, object]] = None + authenticator_attachment: str | None = None + client_extension_results: dict[str, object] | None = None @staticmethod - def from_json(json_str: str) -> "GetResponse": ... + def from_json(json_str: str) -> GetResponse: ... From e05badbd4188d28b0b8e24fd347d86794b12c93e Mon Sep 17 00:00:00 2001 From: Tesla2000 Date: Tue, 7 Apr 2026 22:35:19 +0200 Subject: [PATCH 3/5] Added dependencies --- stubs/google-auth/METADATA.toml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/stubs/google-auth/METADATA.toml b/stubs/google-auth/METADATA.toml index 91cd9791277a..64bc7d2c3868 100644 --- a/stubs/google-auth/METADATA.toml +++ b/stubs/google-auth/METADATA.toml @@ -1,2 +1,7 @@ version = "2.48.*" upstream-repository = "https://github.com/googleapis/google-auth-library-python" +dependencies = [ + "types-requests", + "types-grpcio", + "cryptography", +] From 61e6b4b4c74a83ca6840c458bf4430b955905bfc Mon Sep 17 00:00:00 2001 From: Tesla2000 Date: Thu, 9 Apr 2026 21:17:18 +0200 Subject: [PATCH 4/5] Fixed pyright errors --- stubs/google-auth/google/auth/api_key.pyi | 2 ++ stubs/google-auth/google/auth/app_engine.pyi | 2 ++ stubs/google-auth/google/auth/compute_engine/credentials.pyi | 3 +++ stubs/google-auth/google/auth/downscoped.pyi | 2 ++ stubs/google-auth/google/auth/external_account.pyi | 2 ++ .../google/auth/external_account_authorized_user.pyi | 2 ++ stubs/google-auth/google/auth/iam.pyi | 2 ++ stubs/google-auth/google/auth/impersonated_credentials.pyi | 2 ++ stubs/google-auth/google/auth/transport/urllib3.pyi | 1 + stubs/google-auth/google/oauth2/credentials.pyi | 2 ++ stubs/google-auth/google/oauth2/gdch_credentials.pyi | 2 ++ stubs/google-auth/google/oauth2/service_account.pyi | 3 +++ 12 files changed, 25 insertions(+) diff --git a/stubs/google-auth/google/auth/api_key.pyi b/stubs/google-auth/google/auth/api_key.pyi index 66f1efc6155d..90a20e0275c0 100644 --- a/stubs/google-auth/google/auth/api_key.pyi +++ b/stubs/google-auth/google/auth/api_key.pyi @@ -1,3 +1,5 @@ +import google.auth.transport +import google.auth from typing import Mapping import google diff --git a/stubs/google-auth/google/auth/app_engine.pyi b/stubs/google-auth/google/auth/app_engine.pyi index c44e2a94b879..604cd2ebb567 100644 --- a/stubs/google-auth/google/auth/app_engine.pyi +++ b/stubs/google-auth/google/auth/app_engine.pyi @@ -1,3 +1,5 @@ +import google.auth.transport +import google.auth from typing import Sequence import google diff --git a/stubs/google-auth/google/auth/compute_engine/credentials.pyi b/stubs/google-auth/google/auth/compute_engine/credentials.pyi index 5345ab382bba..afee5c37e8d0 100644 --- a/stubs/google-auth/google/auth/compute_engine/credentials.pyi +++ b/stubs/google-auth/google/auth/compute_engine/credentials.pyi @@ -1,3 +1,6 @@ +import google.auth.transport +import google.auth.crypt +import google.auth from _typeshed import Incomplete from typing import Any, Mapping, Sequence diff --git a/stubs/google-auth/google/auth/downscoped.pyi b/stubs/google-auth/google/auth/downscoped.pyi index 4866c4b81925..7865a991c9c5 100644 --- a/stubs/google-auth/google/auth/downscoped.pyi +++ b/stubs/google-auth/google/auth/downscoped.pyi @@ -1,3 +1,5 @@ +import google.auth.transport +import google.auth from _typeshed import Incomplete from typing import Any, Mapping, Sequence diff --git a/stubs/google-auth/google/auth/external_account.pyi b/stubs/google-auth/google/auth/external_account.pyi index 5a50515f02dc..bb43dc6051b4 100644 --- a/stubs/google-auth/google/auth/external_account.pyi +++ b/stubs/google-auth/google/auth/external_account.pyi @@ -1,3 +1,5 @@ +import google.auth.transport +import google.auth import abc from dataclasses import dataclass from typing import Any, Mapping, Sequence diff --git a/stubs/google-auth/google/auth/external_account_authorized_user.pyi b/stubs/google-auth/google/auth/external_account_authorized_user.pyi index a4d545ffcd5f..0233b74145ac 100644 --- a/stubs/google-auth/google/auth/external_account_authorized_user.pyi +++ b/stubs/google-auth/google/auth/external_account_authorized_user.pyi @@ -1,3 +1,5 @@ +import google.auth.transport +import google.auth import datetime from _typeshed import Incomplete from typing import Any, Mapping, Sequence diff --git a/stubs/google-auth/google/auth/iam.pyi b/stubs/google-auth/google/auth/iam.pyi index feb72963d6ee..efd2cf6ff491 100644 --- a/stubs/google-auth/google/auth/iam.pyi +++ b/stubs/google-auth/google/auth/iam.pyi @@ -1,3 +1,5 @@ +import google.auth.transport +import google.auth import google from google.auth import credentials from google.auth.crypt import base diff --git a/stubs/google-auth/google/auth/impersonated_credentials.pyi b/stubs/google-auth/google/auth/impersonated_credentials.pyi index fc2010c03144..c24e47ff7e56 100644 --- a/stubs/google-auth/google/auth/impersonated_credentials.pyi +++ b/stubs/google-auth/google/auth/impersonated_credentials.pyi @@ -1,3 +1,5 @@ +import google.auth.transport +import google.auth from _typeshed import Incomplete from typing import Any, Mapping, Sequence diff --git a/stubs/google-auth/google/auth/transport/urllib3.pyi b/stubs/google-auth/google/auth/transport/urllib3.pyi index 052204c5f99d..2f5c07179db4 100644 --- a/stubs/google-auth/google/auth/transport/urllib3.pyi +++ b/stubs/google-auth/google/auth/transport/urllib3.pyi @@ -1,3 +1,4 @@ +import requests.adapters import types from typing import Any, Callable, Mapping, Sequence diff --git a/stubs/google-auth/google/oauth2/credentials.pyi b/stubs/google-auth/google/oauth2/credentials.pyi index 88254e3b8f76..7942f4854765 100644 --- a/stubs/google-auth/google/oauth2/credentials.pyi +++ b/stubs/google-auth/google/oauth2/credentials.pyi @@ -1,3 +1,5 @@ +import google.auth.transport +import google.auth import datetime from typing import Any, Coroutine, Mapping, Sequence diff --git a/stubs/google-auth/google/oauth2/gdch_credentials.pyi b/stubs/google-auth/google/oauth2/gdch_credentials.pyi index 127246a55bb7..d4e2a2f93c83 100644 --- a/stubs/google-auth/google/oauth2/gdch_credentials.pyi +++ b/stubs/google-auth/google/oauth2/gdch_credentials.pyi @@ -1,3 +1,5 @@ +import google.auth.transport +import google.auth from _typeshed import Incomplete from typing import Any, Mapping diff --git a/stubs/google-auth/google/oauth2/service_account.pyi b/stubs/google-auth/google/oauth2/service_account.pyi index 2ce83438611e..a90038703bfb 100644 --- a/stubs/google-auth/google/oauth2/service_account.pyi +++ b/stubs/google-auth/google/oauth2/service_account.pyi @@ -1,3 +1,6 @@ +import google.auth.crypt +import google.auth.transport +import google.auth import abc import datetime from typing import Any, Coroutine, Mapping, Sequence From fe07283a1b677c3ec196ad63e7829040bd611076 Mon Sep 17 00:00:00 2001 From: "pre-commit-ci[bot]" <66853113+pre-commit-ci[bot]@users.noreply.github.com> Date: Thu, 9 Apr 2026 19:19:48 +0000 Subject: [PATCH 5/5] [pre-commit.ci] auto fixes from pre-commit.com hooks --- stubs/google-auth/google/auth/api_key.pyi | 4 ++-- stubs/google-auth/google/auth/app_engine.pyi | 4 ++-- .../google-auth/google/auth/compute_engine/credentials.pyi | 6 +++--- stubs/google-auth/google/auth/downscoped.pyi | 4 ++-- stubs/google-auth/google/auth/external_account.pyi | 4 ++-- .../google/auth/external_account_authorized_user.pyi | 4 ++-- stubs/google-auth/google/auth/iam.pyi | 4 ++-- stubs/google-auth/google/auth/impersonated_credentials.pyi | 4 ++-- stubs/google-auth/google/auth/transport/urllib3.pyi | 2 +- stubs/google-auth/google/oauth2/credentials.pyi | 4 ++-- stubs/google-auth/google/oauth2/gdch_credentials.pyi | 4 ++-- stubs/google-auth/google/oauth2/service_account.pyi | 6 +++--- 12 files changed, 25 insertions(+), 25 deletions(-) diff --git a/stubs/google-auth/google/auth/api_key.pyi b/stubs/google-auth/google/auth/api_key.pyi index 90a20e0275c0..91bd9bb00da1 100644 --- a/stubs/google-auth/google/auth/api_key.pyi +++ b/stubs/google-auth/google/auth/api_key.pyi @@ -1,8 +1,8 @@ -import google.auth.transport -import google.auth from typing import Mapping import google +import google.auth +import google.auth.transport from google.auth import credentials class Credentials(credentials.Credentials): diff --git a/stubs/google-auth/google/auth/app_engine.pyi b/stubs/google-auth/google/auth/app_engine.pyi index 604cd2ebb567..91daa741452c 100644 --- a/stubs/google-auth/google/auth/app_engine.pyi +++ b/stubs/google-auth/google/auth/app_engine.pyi @@ -1,8 +1,8 @@ -import google.auth.transport -import google.auth from typing import Sequence import google +import google.auth +import google.auth.transport from google.auth import credentials from google.auth.crypt import base diff --git a/stubs/google-auth/google/auth/compute_engine/credentials.pyi b/stubs/google-auth/google/auth/compute_engine/credentials.pyi index afee5c37e8d0..cedf93424ad8 100644 --- a/stubs/google-auth/google/auth/compute_engine/credentials.pyi +++ b/stubs/google-auth/google/auth/compute_engine/credentials.pyi @@ -1,10 +1,10 @@ -import google.auth.transport -import google.auth.crypt -import google.auth from _typeshed import Incomplete from typing import Any, Mapping, Sequence import google +import google.auth +import google.auth.crypt +import google.auth.transport from google.auth import credentials _TRUST_BOUNDARY_LOOKUP_ENDPOINT = "https://iamcredentials.{}/v1/projects/-/serviceAccounts/{}/allowedLocations" diff --git a/stubs/google-auth/google/auth/downscoped.pyi b/stubs/google-auth/google/auth/downscoped.pyi index 7865a991c9c5..9a082a305bc3 100644 --- a/stubs/google-auth/google/auth/downscoped.pyi +++ b/stubs/google-auth/google/auth/downscoped.pyi @@ -1,9 +1,9 @@ -import google.auth.transport -import google.auth from _typeshed import Incomplete from typing import Any, Mapping, Sequence import google +import google.auth +import google.auth.transport from google.auth import credentials class CredentialAccessBoundary: diff --git a/stubs/google-auth/google/auth/external_account.pyi b/stubs/google-auth/google/auth/external_account.pyi index bb43dc6051b4..5f7058409c12 100644 --- a/stubs/google-auth/google/auth/external_account.pyi +++ b/stubs/google-auth/google/auth/external_account.pyi @@ -1,10 +1,10 @@ -import google.auth.transport -import google.auth import abc from dataclasses import dataclass from typing import Any, Mapping, Sequence import google +import google.auth +import google.auth.transport from google.auth import credentials @dataclass diff --git a/stubs/google-auth/google/auth/external_account_authorized_user.pyi b/stubs/google-auth/google/auth/external_account_authorized_user.pyi index 0233b74145ac..e115b5172d7d 100644 --- a/stubs/google-auth/google/auth/external_account_authorized_user.pyi +++ b/stubs/google-auth/google/auth/external_account_authorized_user.pyi @@ -1,10 +1,10 @@ -import google.auth.transport -import google.auth import datetime from _typeshed import Incomplete from typing import Any, Mapping, Sequence import google +import google.auth +import google.auth.transport from google.auth import credentials class Credentials( diff --git a/stubs/google-auth/google/auth/iam.pyi b/stubs/google-auth/google/auth/iam.pyi index efd2cf6ff491..9fef723bdd05 100644 --- a/stubs/google-auth/google/auth/iam.pyi +++ b/stubs/google-auth/google/auth/iam.pyi @@ -1,6 +1,6 @@ -import google.auth.transport -import google.auth import google +import google.auth +import google.auth.transport from google.auth import credentials from google.auth.crypt import base diff --git a/stubs/google-auth/google/auth/impersonated_credentials.pyi b/stubs/google-auth/google/auth/impersonated_credentials.pyi index c24e47ff7e56..0b6ec98fc913 100644 --- a/stubs/google-auth/google/auth/impersonated_credentials.pyi +++ b/stubs/google-auth/google/auth/impersonated_credentials.pyi @@ -1,9 +1,9 @@ -import google.auth.transport -import google.auth from _typeshed import Incomplete from typing import Any, Mapping, Sequence import google +import google.auth +import google.auth.transport from google.auth import credentials class Credentials( diff --git a/stubs/google-auth/google/auth/transport/urllib3.pyi b/stubs/google-auth/google/auth/transport/urllib3.pyi index 2f5c07179db4..2621ac5d5cb1 100644 --- a/stubs/google-auth/google/auth/transport/urllib3.pyi +++ b/stubs/google-auth/google/auth/transport/urllib3.pyi @@ -1,8 +1,8 @@ -import requests.adapters import types from typing import Any, Callable, Mapping, Sequence import requests +import requests.adapters from google.auth import transport class _RequestMethodsBase: ... diff --git a/stubs/google-auth/google/oauth2/credentials.pyi b/stubs/google-auth/google/oauth2/credentials.pyi index 7942f4854765..d33ea0cea65c 100644 --- a/stubs/google-auth/google/oauth2/credentials.pyi +++ b/stubs/google-auth/google/oauth2/credentials.pyi @@ -1,9 +1,9 @@ -import google.auth.transport -import google.auth import datetime from typing import Any, Coroutine, Mapping, Sequence import google +import google.auth +import google.auth.transport from google.auth import credentials class Credentials(credentials.ReadOnlyScoped, credentials.CredentialsWithQuotaProject): diff --git a/stubs/google-auth/google/oauth2/gdch_credentials.pyi b/stubs/google-auth/google/oauth2/gdch_credentials.pyi index d4e2a2f93c83..e6200ad33706 100644 --- a/stubs/google-auth/google/oauth2/gdch_credentials.pyi +++ b/stubs/google-auth/google/oauth2/gdch_credentials.pyi @@ -1,9 +1,9 @@ -import google.auth.transport -import google.auth from _typeshed import Incomplete from typing import Any, Mapping import google +import google.auth +import google.auth.transport from google.auth import credentials from google.auth.crypt import Signer as _Signer diff --git a/stubs/google-auth/google/oauth2/service_account.pyi b/stubs/google-auth/google/oauth2/service_account.pyi index a90038703bfb..8bbbe3a3e617 100644 --- a/stubs/google-auth/google/oauth2/service_account.pyi +++ b/stubs/google-auth/google/oauth2/service_account.pyi @@ -1,11 +1,11 @@ -import google.auth.crypt -import google.auth.transport -import google.auth import abc import datetime from typing import Any, Coroutine, Mapping, Sequence import google +import google.auth +import google.auth.crypt +import google.auth.transport from google.auth import credentials class Credentials(