Coverage for /pythoncovmergedfiles/medio/medio/usr/local/lib/python3.11/site-packages/google/api_core/general_helpers.py: 67%

Shortcuts on this page

r m x   toggle line displays

j k   next/prev highlighted chunk

0   (zero) top of page

1   (one) first highlighted chunk

3 statements  

1# Copyright 2017 Google LLC 

2# 

3# Licensed under the Apache License, Version 2.0 (the "License"); 

4# you may not use this file except in compliance with the License. 

5# You may obtain a copy of the License at 

6# 

7# http://www.apache.org/licenses/LICENSE-2.0 

8# 

9# Unless required by applicable law or agreed to in writing, software 

10# distributed under the License is distributed on an "AS IS" BASIS, 

11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 

12# See the License for the specific language governing permissions and 

13# limitations under the License. 

14 

15# This import for backward compatibility only. 

16from functools import wraps # noqa: F401 pragma: NO COVER 

17 

18_CREDENTIALS_FILE_WARNING = """\ 

19The `credentials_file` argument is deprecated because of a potential security risk. 

20 

21The `google.auth.load_credentials_from_file` method does not validate the credential 

22configuration. The security risk occurs when a credential configuration is accepted 

23from a source that is not under your control and used without validation on your side. 

24 

25If you know that you will be loading credential configurations of a 

26specific type, it is recommended to use a credential-type-specific 

27load method. 

28 

29This will ensure that an unexpected credential type with potential for 

30malicious intent is not loaded unintentionally. You might still have to do 

31validation for certain credential types. Please follow the recommendations 

32for that method. For example, if you want to load only service accounts, 

33you can create the service account credentials explicitly: 

34 

35``` 

36from google.cloud.vision_v1 import ImageAnnotatorClient 

37from google.oauth2 import service_account 

38 

39credentials = service_account.Credentials.from_service_account_file(filename) 

40client = ImageAnnotatorClient(credentials=credentials) 

41``` 

42 

43If you are loading your credential configuration from an untrusted source and have 

44not mitigated the risks (e.g. by validating the configuration yourself), make 

45these changes as soon as possible to prevent security risks to your environment. 

46 

47Regardless of the method used, it is always your responsibility to validate 

48configurations received from external sources. 

49 

50Refer to https://cloud.google.com/docs/authentication/external/externally-sourced-credentials 

51for more details. 

52"""