Skip to content

feat: Async X509 file Operations #2054

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Jul 15, 2025
Merged

feat: Async X509 file Operations #2054

merged 4 commits into from
Jul 15, 2025

Conversation

vverman
Copy link
Collaborator

@vverman vverman commented Jul 12, 2025

Description

Only async file reads for X509 Cert based authentication.

Testing

Added unit tests and all integration tests passing as per this testing document

Additional Information

@vverman vverman requested review from a team as code owners July 12, 2025 00:37
@generated-files-bot Generated Files Bot
Copy link

Warning: This pull request is touching the following templated files:

  • .github/workflows/ci.yaml - .github/workflows/ci.yaml (GitHub Actions) should be updated in synthtool

@product-auto-label product-auto-label bot added the size: l Pull request size is large. label Jul 12, 2025
gcf-owl-bot bot and others added 2 commits July 14, 2025 11:48
@gcf-owl-bot @vverman
chore(owlbot-nodejs): install 3.13.5 Python (googleapis#2042)
7bfe9b3 
* chore: install higher version of Python

* chore: update to python 3.15

* update lagging dependency

* fix vulnerability

* change the version

Source-Link: googleapis/synthtool@ca4c7ce
Post-Processor: gcr.io/cloud-devrel-public-resources/owlbot-nodejs:latest@sha256:6062c519ce78ee08490e7ac7330eca80f00f139ef1a241c5c2b306550b60c728

Co-authored-by: Owl Bot <gcf-owl-bot[bot]@users.noreply.github.com>
@gcf-owl-bot @leahecole @vverman
chore: add node 24 in node ci test (googleapis#2051)
60648a2 
Source-Link: googleapis/synthtool@1218bc2
Post-Processor: gcr.io/cloud-devrel-public-resources/owlbot-nodejs:latest@sha256:66c44f0ad8f6caaa4eb3fbe74f8c2b4de5a97c2b930cee069e712c447723ba95

Co-authored-by: Owl Bot <gcf-owl-bot[bot]@users.noreply.github.com>
Co-authored-by: Leah E. Cole <[email protected]>
@product-auto-label product-auto-label bot added size: m Pull request size is medium. and removed size: l Pull request size is large. labels Jul 14, 2025
@vverman vverman requested review from lsirac and nbayati July 14, 2025 19:22
nbayati
nbayati approved these changes Jul 14, 2025
View reviewed changes
Copy link

@nbayati nbayati left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!
Just one minor thing before merging: could you please fix the outstanding lint warnings from the Github checks? It looks like they are mostly related to the use of any in a few places.

@vverman vverman merged commit 455fd95 into googleapis:x509_cert_authentication Jul 15, 2025
13 checks passed
sofisl pushed a commit that referenced this pull request Jul 18, 2025
@vverman @gcf-owl-bot
@leahecole @renovate-bot
feat: X509 cert authentication (#2055)
6ac9ab4 
* feat: Implement X509 Cert Based Authentication (#2036)

* chore(owlbot-nodejs): install 3.13.5 Python (#2042)

* chore: install higher version of Python

* chore: update to python 3.15

* update lagging dependency

* fix vulnerability

* change the version

Source-Link: googleapis/synthtool@ca4c7ce
Post-Processor: gcr.io/cloud-devrel-public-resources/owlbot-nodejs:latest@sha256:6062c519ce78ee08490e7ac7330eca80f00f139ef1a241c5c2b306550b60c728

Co-authored-by: Owl Bot <gcf-owl-bot[bot]@users.noreply.github.com>

* chore(deps): upgrade sinon to 21 (#2050)

* chore(deps): upgrade sinon to 21

* specify which timers to fake

* use @feywind's util for timers

* add crucial file

* fix(deps): update dependency @googleapis/iam to v30 (#2052)

* chore: add node 24 in node ci test (#2051)

Source-Link: googleapis/synthtool@1218bc2
Post-Processor: gcr.io/cloud-devrel-public-resources/owlbot-nodejs:latest@sha256:66c44f0ad8f6caaa4eb3fbe74f8c2b4de5a97c2b930cee069e712c447723ba95

Co-authored-by: Owl Bot <gcf-owl-bot[bot]@users.noreply.github.com>
Co-authored-by: Leah E. Cole <[email protected]>

* Included initial interfaces and options for creating x509client.

* Added implementation for x509provider

* Augmented logic for well-known cert config.

* Added changes to create CertificateSubjectTokenSupplier

* Added feature to call STS endpoint with the leaf certificate as trust chain.

* Added logic to use trust chains.

* Cleaned up certificateSubjectTokenSupplier and added mtlsClientTransporter logic to IdentityPoolClients Transporter

* Added tests for certificateConfig type externalClient

* All x509 auth logic in src/auth/certificatesubjecttokensupplier.ts

* Added tests for malformed cert_config file, malfor
med certificate in trust chain.

* Added unit tests for util

---------

Co-authored-by: gcf-owl-bot[bot] <78513119+gcf-owl-bot[bot]@users.noreply.github.com>
Co-authored-by: Owl Bot <gcf-owl-bot[bot]@users.noreply.github.com>
Co-authored-by: Leah E. Cole <[email protected]>
Co-authored-by: Mend Renovate <[email protected]>

* feat: Async X509 file Operations (#2054)

* chore(owlbot-nodejs): install 3.13.5 Python (#2042)

* chore: install higher version of Python

* chore: update to python 3.15

* update lagging dependency

* fix vulnerability

* change the version

Source-Link: googleapis/synthtool@ca4c7ce
Post-Processor: gcr.io/cloud-devrel-public-resources/owlbot-nodejs:latest@sha256:6062c519ce78ee08490e7ac7330eca80f00f139ef1a241c5c2b306550b60c728

Co-authored-by: Owl Bot <gcf-owl-bot[bot]@users.noreply.github.com>

* chore: add node 24 in node ci test (#2051)

Source-Link: googleapis/synthtool@1218bc2
Post-Processor: gcr.io/cloud-devrel-public-resources/owlbot-nodejs:latest@sha256:66c44f0ad8f6caaa4eb3fbe74f8c2b4de5a97c2b930cee069e712c447723ba95

Co-authored-by: Owl Bot <gcf-owl-bot[bot]@users.noreply.github.com>
Co-authored-by: Leah E. Cole <[email protected]>

* X509 Cert Auth now does only async file reads

* Fixed any linter error in util

---------

Co-authored-by: gcf-owl-bot[bot] <78513119+gcf-owl-bot[bot]@users.noreply.github.com>
Co-authored-by: Owl Bot <gcf-owl-bot[bot]@users.noreply.github.com>
Co-authored-by: Leah E. Cole <[email protected]>

* feat: x509 async Readme Update (#2056)


* Added readme changes.

* Addressed PR comments.

* 🦉 Updates from OwlBot post-processor

See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md

* Readme changes transferred from Readme.md to readme-partials.yaml for Yoshi bot compliance

* 🦉 Updates from OwlBot post-processor

See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md

---------

Co-authored-by: gcf-owl-bot[bot] <78513119+gcf-owl-bot[bot]@users.noreply.github.com>
Co-authored-by: Owl Bot <gcf-owl-bot[bot]@users.noreply.github.com>
Co-authored-by: Leah E. Cole <[email protected]>
Co-authored-by: Mend Renovate <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lsirac lsirac lsirac approved these changes

@nbayati nbayati nbayati approved these changes

Assignees
No one assigned
Labels
size: m Pull request size is medium.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@vverman @lsirac @nbayati