- Notifications
You must be signed in to change notification settings - Fork345
feat: Add public wrapper for _mtls_helper.check_use_client_cert which enables mTLS if GOOGLE_API_USE_CLIENT_CERTIFICATE is not set, when the MWID/X.509 cert sources detected#1859
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.
Already on GitHub?Sign in to your account
Uh oh!
There was an error while loading.Please reload this page.
Conversation
Signed-off-by: Radhika Agrawal <agrawalradhika@google.com>
Signed-off-by: Radhika Agrawal <agrawalradhika@google.com>
Uh oh!
There was an error while loading.Please reload this page.
Uh oh!
There was an error while loading.Please reload this page.
Uh oh!
There was an error while loading.Please reload this page.
Uh oh!
There was an error while loading.Please reload this page.
Uh oh!
There was an error while loading.Please reload this page.
Uh oh!
There was an error while loading.Please reload this page.
Signed-off-by: Radhika Agrawal <agrawalradhika@google.com>
Signed-off-by: Radhika Agrawal <agrawalradhika@google.com>
nbayati left a comment
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
Overall LGTM, I just have a minor suggestion: Add a test case to verify the behavior when GOOGLE_API_USE_CLIENT_CERTIFICATE is set to a string other than "true" or "false". The current implementation correctly evaluates such cases to False, and adding an explicit test for this would make the test suite more comprehensive.
daniel-sanche left a comment
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
LGTM, but one more small comment
Uh oh!
There was an error while loading.Please reload this page.
Signed-off-by: Radhika Agrawal <agrawalradhika@google.com>
andyrzhao left a comment
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
lgtm, thanks for working on this!
1535ecc intogoogleapis:mainUh oh!
There was an error while loading.Please reload this page.
Librarian Version: v0.5.0Language Image:us-central1-docker.pkg.dev/cloud-sdk-librarian-prod/images-prod/python-librarian-generator:latest<details><summary>google-auth: 2.43.0</summary>##[2.43.0](v2.42.1...v2.43.0)(2025-11-05)### Features* Add public wrapper for _mtls_helper.check_use_client_cert whichenables mTLS if GOOGLE_API_USE_CLIENT_CERTIFICATE is not set, when theMWID/X.509 cert sources detected (#1859)([1535ecc](1535eccb))* Enable mTLS if GOOGLE_API_USE_CLIENT_CERTIFICATE is not set, if theMWID/X.509 cert sources detected (#1848)([395e405](395e405b))* onboard `google-auth` to librarian (#1838)([c503eaa](c503eaa5))</details>
Add public wrapper for check_use_client_cert which enables mTLS if GOOGLE_API_USE_CLIENT_CERTIFICATE is not set, when the MWID/X.509 cert sources detected. Also, fix check_use_client_cert to return boolean value.
Change#1848 added the check_use_client_cert method that helps know if client cert should be used for mTLS connection. However, that was in a private class, thus, created a public wrapper of the same function so that it can be used by python Client Libraries. Also, updated check_use_client_cert to return a boolean value instead of existing string value for better readability and future scope.