diff --git a/certbot-dns-google/certbot_dns_google/_internal/dns_google.py b/certbot-dns-google/certbot_dns_google/_internal/dns_google.py index 3128b3703..57106f1da 100644 --- a/certbot-dns-google/certbot_dns_google/_internal/dns_google.py +++ b/certbot-dns-google/certbot_dns_google/_internal/dns_google.py @@ -82,7 +82,7 @@ class _GoogleClient: scopes = ['https://www.googleapis.com/auth/ndev.clouddns.readwrite'] if account_json is not None: try: - credentials = Credentials.from_json_keyfile_name(account_json, scopes) + credentials = Credentials.from_service_account_file(account_json, scopes) with open(account_json) as account: self.project_id = json.load(account)['project_id'] except Exception as e: diff --git a/certbot-dns-google/tests/dns_google_test.py b/certbot-dns-google/tests/dns_google_test.py index cba98c03b..210a90f75 100644 --- a/certbot-dns-google/tests/dns_google_test.py +++ b/certbot-dns-google/tests/dns_google_test.py @@ -107,7 +107,7 @@ class GoogleClientTest(unittest.TestCase): return client, mock_changes @mock.patch('googleapiclient.discovery.build') - @mock.patch('googleoauth2.service_account.Credentials.from_json_keyfile_name') + @mock.patch('google.oauth2.service_account.Credentials.from_service_account_file') @mock.patch('certbot_dns_google._internal.dns_google._GoogleClient.get_project_id') def test_client_without_credentials(self, get_project_id_mock, credential_mock, unused_discovery_mock): @@ -116,7 +116,7 @@ class GoogleClientTest(unittest.TestCase): self.assertFalse(credential_mock.called) self.assertTrue(get_project_id_mock.called) - @mock.patch('googleoauth2.service_account.Credentials.from_json_keyfile_name') + @mock.patch('google.oauth2.service_account.Credentials.from_service_account_file') def test_client_bad_credentials_file(self, credential_mock): credential_mock.side_effect = ValueError('Some exception buried in google-auth') with self.assertRaises(errors.PluginError) as cm: @@ -127,7 +127,7 @@ class GoogleClientTest(unittest.TestCase): "Some exception buried in google-auth" ) - @mock.patch('googleoauth2.service_account.Credentials.from_json_keyfile_name') + @mock.patch('google.oauth2.service_account.Credentials.from_service_account_file') @mock.patch('certbot_dns_google._internal.dns_google.open', mock.mock_open(read_data='{"project_id": "' + PROJECT_ID + '"}'), create=True) @mock.patch('certbot_dns_google._internal.dns_google._GoogleClient.get_project_id') @@ -155,7 +155,7 @@ class GoogleClientTest(unittest.TestCase): managedZone=self.zone, project=PROJECT_ID) - @mock.patch('googleoauth2.service_account.Credentials.from_json_keyfile_name') + @mock.patch('google.oauth2.service_account.Credentials.from_service_account_file') @mock.patch('certbot_dns_google._internal.dns_google.open', mock.mock_open(read_data='{"project_id": "' + PROJECT_ID + '"}'), create=True) def test_add_txt_record_and_poll(self, unused_credential_mock): @@ -173,7 +173,7 @@ class GoogleClientTest(unittest.TestCase): managedZone=self.zone, project=PROJECT_ID) - @mock.patch('googleoauth2.service_account.Credentials.from_json_keyfile_name') + @mock.patch('google.oauth2.service_account.Credentials.from_service_account_file') @mock.patch('certbot_dns_google._internal.dns_google.open', mock.mock_open(read_data='{"project_id": "' + PROJECT_ID + '"}'), create=True) def test_add_txt_record_delete_old(self, unused_credential_mock): @@ -189,7 +189,7 @@ class GoogleClientTest(unittest.TestCase): self.assertTrue("sample-txt-contents" in deletions["rrdatas"]) self.assertEqual(self.record_ttl, deletions["ttl"]) - @mock.patch('googleoauth2.service_account.Credentials.from_json_keyfile_name') + @mock.patch('google.oauth2.service_account.Credentials.from_service_account_file') @mock.patch('certbot_dns_google._internal.dns_google.open', mock.mock_open(read_data='{"project_id": "' + PROJECT_ID + '"}'), create=True) def test_add_txt_record_delete_old_ttl_case(self, unused_credential_mock): @@ -206,7 +206,7 @@ class GoogleClientTest(unittest.TestCase): self.assertTrue("sample-txt-contents" in deletions["rrdatas"]) self.assertEqual(custom_ttl, deletions["ttl"]) #otherwise HTTP 412 - @mock.patch('googleoauth2.service_account.Credentials.from_json_keyfile_name') + @mock.patch('google.oauth2.service_account.Credentials.from_service_account_file') @mock.patch('certbot_dns_google._internal.dns_google.open', mock.mock_open(read_data='{"project_id": "' + PROJECT_ID + '"}'), create=True) def test_add_txt_record_noop(self, unused_credential_mock): @@ -216,7 +216,7 @@ class GoogleClientTest(unittest.TestCase): "example-txt-contents", self.record_ttl) self.assertFalse(changes.create.called) - @mock.patch('googleoauth2.service_account.Credentials.from_json_keyfile_name') + @mock.patch('google.oauth2.service_account.Credentials.from_service_account_file') @mock.patch('certbot_dns_google._internal.dns_google.open', mock.mock_open(read_data='{"project_id": "' + PROJECT_ID + '"}'), create=True) def test_add_txt_record_error_during_zone_lookup(self, unused_credential_mock): @@ -225,7 +225,7 @@ class GoogleClientTest(unittest.TestCase): self.assertRaises(errors.PluginError, client.add_txt_record, DOMAIN, self.record_name, self.record_content, self.record_ttl) - @mock.patch('googleoauth2.service_account.Credentials.from_json_keyfile_name') + @mock.patch('google.oauth2.service_account.Credentials.from_service_account_file') @mock.patch('certbot_dns_google._internal.dns_google.open', mock.mock_open(read_data='{"project_id": "' + PROJECT_ID + '"}'), create=True) def test_add_txt_record_zone_not_found(self, unused_credential_mock): @@ -235,7 +235,7 @@ class GoogleClientTest(unittest.TestCase): self.assertRaises(errors.PluginError, client.add_txt_record, DOMAIN, self.record_name, self.record_content, self.record_ttl) - @mock.patch('googleoauth2.service_account.Credentials.from_json_keyfile_name') + @mock.patch('google.oauth2.service_account.Credentials.from_service_account_file') @mock.patch('certbot_dns_google._internal.dns_google.open', mock.mock_open(read_data='{"project_id": "' + PROJECT_ID + '"}'), create=True) def test_add_txt_record_error_during_add(self, unused_credential_mock): @@ -245,7 +245,7 @@ class GoogleClientTest(unittest.TestCase): self.assertRaises(errors.PluginError, client.add_txt_record, DOMAIN, self.record_name, self.record_content, self.record_ttl) - @mock.patch('googleoauth2.service_account.Credentials.from_json_keyfile_name') + @mock.patch('google.oauth2.service_account.Credentials.from_service_account_file') @mock.patch('certbot_dns_google._internal.dns_google.open', mock.mock_open(read_data='{"project_id": "' + PROJECT_ID + '"}'), create=True) def test_del_txt_record_multi_rrdatas(self, unused_credential_mock): @@ -284,7 +284,7 @@ class GoogleClientTest(unittest.TestCase): managedZone=self.zone, project=PROJECT_ID) - @mock.patch('googleoauth2.service_account.Credentials.from_json_keyfile_name') + @mock.patch('google.oauth2.service_account.Credentials.from_service_account_file') @mock.patch('certbot_dns_google._internal.dns_google.open', mock.mock_open(read_data='{"project_id": "' + PROJECT_ID + '"}'), create=True) def test_del_txt_record_single_rrdatas(self, unused_credential_mock): @@ -313,7 +313,7 @@ class GoogleClientTest(unittest.TestCase): managedZone=self.zone, project=PROJECT_ID) - @mock.patch('googleoauth2.service_account.Credentials.from_json_keyfile_name') + @mock.patch('google.oauth2.service_account.Credentials.from_service_account_file') @mock.patch('certbot_dns_google._internal.dns_google.open', mock.mock_open(read_data='{"project_id": "' + PROJECT_ID + '"}'), create=True) def test_del_txt_record_error_during_zone_lookup(self, unused_credential_mock): @@ -321,7 +321,7 @@ class GoogleClientTest(unittest.TestCase): client.del_txt_record(DOMAIN, self.record_name, self.record_content, self.record_ttl) changes.create.assert_not_called() - @mock.patch('googleoauth2.service_account.Credentials.from_json_keyfile_name') + @mock.patch('google.oauth2.service_account.Credentials.from_service_account_file') @mock.patch('certbot_dns_google._internal.dns_google.open', mock.mock_open(read_data='{"project_id": "' + PROJECT_ID + '"}'), create=True) def test_del_txt_record_zone_not_found(self, unused_credential_mock): @@ -330,7 +330,7 @@ class GoogleClientTest(unittest.TestCase): client.del_txt_record(DOMAIN, self.record_name, self.record_content, self.record_ttl) changes.create.assert_not_called() - @mock.patch('googleoauth2.service_account.Credentials.from_json_keyfile_name') + @mock.patch('google.oauth2.service_account.Credentials.from_service_account_file') @mock.patch('certbot_dns_google._internal.dns_google.open', mock.mock_open(read_data='{"project_id": "' + PROJECT_ID + '"}'), create=True) def test_del_txt_record_error_during_delete(self, unused_credential_mock): @@ -339,7 +339,7 @@ class GoogleClientTest(unittest.TestCase): client.del_txt_record(DOMAIN, self.record_name, self.record_content, self.record_ttl) - @mock.patch('googleoauth2.service_account.Credentials.from_json_keyfile_name') + @mock.patch('google.oauth2.service_account.Credentials.from_service_account_file') @mock.patch('certbot_dns_google._internal.dns_google.open', mock.mock_open(read_data='{"project_id": "' + PROJECT_ID + '"}'), create=True) def test_get_existing_found(self, unused_credential_mock): @@ -350,7 +350,7 @@ class GoogleClientTest(unittest.TestCase): self.assertEqual(found["rrdatas"], ["\"example-txt-contents\""]) self.assertEqual(found["ttl"], 60) - @mock.patch('googleoauth2.service_account.Credentials.from_json_keyfile_name') + @mock.patch('google.oauth2.service_account.Credentials.from_service_account_file') @mock.patch('certbot_dns_google._internal.dns_google.open', mock.mock_open(read_data='{"project_id": "' + PROJECT_ID + '"}'), create=True) def test_get_existing_not_found(self, unused_credential_mock): @@ -359,7 +359,7 @@ class GoogleClientTest(unittest.TestCase): not_found = client.get_existing_txt_rrset(self.zone, "nonexistent.tld") self.assertEqual(not_found, None) - @mock.patch('googleoauth2.service_account.Credentials.from_json_keyfile_name') + @mock.patch('google.oauth2.service_account.Credentials.from_service_account_file') @mock.patch('certbot_dns_google._internal.dns_google.open', mock.mock_open(read_data='{"project_id": "' + PROJECT_ID + '"}'), create=True) def test_get_existing_with_error(self, unused_credential_mock): @@ -369,7 +369,7 @@ class GoogleClientTest(unittest.TestCase): found = client.get_existing_txt_rrset(self.zone, "_acme-challenge.example.org") self.assertEqual(found, None) - @mock.patch('googleoauth2.service_account.Credentials.from_json_keyfile_name') + @mock.patch('google.oauth2.service_account.Credentials.from_service_account_file') @mock.patch('certbot_dns_google._internal.dns_google.open', mock.mock_open(read_data='{"project_id": "' + PROJECT_ID + '"}'), create=True) def test_get_existing_fallback(self, unused_credential_mock): diff --git a/certbot/CHANGELOG.md b/certbot/CHANGELOG.md index c65ba8a30..548ed8fd4 100644 --- a/certbot/CHANGELOG.md +++ b/certbot/CHANGELOG.md @@ -10,6 +10,10 @@ Certbot adheres to [Semantic Versioning](https://semver.org/). ### Changed +certbot-dns-google now depends on google-auth rather than oauth2client + +### Changed + * We changed how dependencies are specified between Certbot packages. For this and future releases, higher level Certbot components will require that lower level components are the same version or newer. More specifically, version X @@ -509,7 +513,7 @@ More details about these changes can be found on our GitHub repo. * `--dry-run` now requests fresh authorizations every time, fixing the issue where it was prone to falsely reporting success. * Updated certbot-dns-google to depend on newer versions of - google-api-python-client and google-auth. + google-api-python-client and oauth2client. * The OS detection logic again uses distro library for Linux OSes * certbot.plugins.common.TLSSNI01 has been deprecated and will be removed in a future release. diff --git a/tools/requirements.txt b/tools/requirements.txt index 1de680f0b..2d68680dc 100644 --- a/tools/requirements.txt +++ b/tools/requirements.txt @@ -92,7 +92,6 @@ msgpack==1.0.2; python_version >= "3.6" and python_full_version < "3.0.0" and py msrest==0.6.21; python_version >= "3.6" mypy-extensions==0.4.3; python_version >= "3.6" mypy==0.812; python_version >= "3.5" -google-auth==1.32.1; python_version >= "3.6" oauthlib==3.1.1; python_version >= "3.6" and python_full_version < "3.0.0" or python_version >= "3.6" and python_full_version >= "3.4.0" packaging==20.9; python_version >= "3.6" and python_full_version < "3.0.0" and python_version < "4.0" or python_version >= "3.6" and python_version < "4.0" and python_full_version >= "3.4.0" or python_version >= "3.6" and python_full_version < "3.0.0" or python_version >= "3.6" and python_full_version >= "3.4.0" or python_version >= "3.6" and python_full_version >= "3.5.0" or python_full_version >= "3.6.0" and python_version >= "3.6" paramiko==2.7.2; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version >= "3.6" or python_version >= "3.6"