1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
|
# Release History
### 1.16.2 (2026-02-26)
#### Bug Fixes
* initialize the JWT credentials without JSON roundtrip ([#564](https://github.com/googleapis/google-auth-library-ruby/issues/564))
* return response body from revoke! for logging pipeline ([#562](https://github.com/googleapis/google-auth-library-ruby/issues/562))
### 1.16.1 (2026-01-15)
#### Bug Fixes
* restore support for JSON keys missing 'type' field ([#558](https://github.com/googleapis/google-auth-library-ruby/issues/558))
### 1.16.0 (2025-11-21)
#### Features
* Add ADC support for impersonated credentials ([#547](https://github.com/googleapis/google-auth-library-ruby/issues/547))
#### Bug Fixes
* Include security warning in ExternalAccount and ImpersonatedServiceAccount credentials ([#551](https://github.com/googleapis/google-auth-library-ruby/issues/551))
### 1.15.1 (2025-10-14)
#### Bug Fixes
* Deprecate method make_creds in DefaultCredentials ([#545](https://github.com/googleapis/google-auth-library-ruby/issues/545))
### 1.15.0 (2025-08-25)
#### Features
* add typed errors to authentication library ([#533](https://github.com/googleapis/google-auth-library-ruby/issues/533))
* Support for JWT 3.x ([#542](https://github.com/googleapis/google-auth-library-ruby/issues/542))
#### Bug Fixes
* fix incorrect error and apply some code complexity refactoring ([#529](https://github.com/googleapis/google-auth-library-ruby/issues/529))
* support Pathname for cred loading ([#537](https://github.com/googleapis/google-auth-library-ruby/issues/537))
#### Documentation
* add summary documentation on credentials types and improve YARD comments
* add summary documentation on credentials types and improve YARD comments ([#530](https://github.com/googleapis/google-auth-library-ruby/issues/530))
### 1.14.0 (2025-03-14)
#### Features
* add API key credentials ([#520](https://github.com/googleapis/google-auth-library-ruby/issues/520))
* Add Bearer token credentials
* add BearerToken credentials ([#522](https://github.com/googleapis/google-auth-library-ruby/issues/522))
* Update minimum Ruby version to 3.0 ([#527](https://github.com/googleapis/google-auth-library-ruby/issues/527))
#### Bug Fixes
* Eliminated the "attribute accessor as module_function" warning ([#519](https://github.com/googleapis/google-auth-library-ruby/issues/519))
* Get the project_id from gcloud ([#479](https://github.com/googleapis/google-auth-library-ruby/issues/479))
* logger configuration in service account JWT header ([#525](https://github.com/googleapis/google-auth-library-ruby/issues/525))
### 1.13.1 (2025-01-24)
#### Bug Fixes
* Signet client subclasses no longer make the update! method private ([#516](https://github.com/googleapis/google-auth-library-ruby/issues/516))
### 1.13.0 (2025-01-22)
#### Features
* create impersonated service credentials ([#499](https://github.com/googleapis/google-auth-library-ruby/issues/499))
#### Documentation
* Include note about validating externally-provided credentials ([#512](https://github.com/googleapis/google-auth-library-ruby/issues/512))
### 1.12.2 (2024-12-19)
#### Bug Fixes
* GCECredentials lazily fetches from the metadata server to ensure a universe domain is known ([#509](https://github.com/googleapis/google-auth-library-ruby/issues/509))
### 1.12.1 (2024-12-17)
#### Bug Fixes
* Restored previous behavior where the apply! method returns the auth header ([#506](https://github.com/googleapis/google-auth-library-ruby/issues/506))
### 1.12.0 (2024-12-05)
#### Features
* provided opt-in debug logging ([#490](https://github.com/googleapis/google-auth-library-ruby/issues/490))
### 1.11.2 (2024-10-23)
#### Bug Fixes
* Temporarily disable universe domain query from GCE metadata server ([#493](https://github.com/googleapis/google-auth-library-ruby/issues/493))
* Use updated metadata path for universe-domain ([#496](https://github.com/googleapis/google-auth-library-ruby/issues/496))
### 1.11.1 (2024-10-04)
#### Bug Fixes
* Fixed parsing of expiration timestamp from ID tokens ([#492](https://github.com/googleapis/google-auth-library-ruby/issues/492))
* Use NoMethodError instead of NotImplementedError for unimplemented base class methods ([#487](https://github.com/googleapis/google-auth-library-ruby/issues/487))
### 1.11.0 (2024-02-09)
#### Features
* Deprecate the positional argument for callback_uri, and introduce keyword argument instead ([#475](https://github.com/googleapis/google-auth-library-ruby/issues/475))
### 1.10.0 (2024-02-08)
#### Features
* add PKCE to 3 Legged OAuth exchange ([#471](https://github.com/googleapis/google-auth-library-ruby/issues/471))
#### Bug Fixes
* Client library credentials provide correct self-signed JWT and external account behavior when loading from a file path or JSON data ([#474](https://github.com/googleapis/google-auth-library-ruby/issues/474))
* Prioritize universe domain specified in GCECredentials arguments over metadata-fetched value ([#472](https://github.com/googleapis/google-auth-library-ruby/issues/472))
### 1.9.2 (2024-01-25)
#### Bug Fixes
* Prevent access tokens from being fetched at service account construction in the self-signed-jwt case ([#467](https://github.com/googleapis/google-auth-library-ruby/issues/467))
### 1.9.1 (2023-12-12)
#### Bug Fixes
* update expires_in for cached metadata-retrieved tokens ([#464](https://github.com/googleapis/google-auth-library-ruby/issues/464))
### 1.9.0 (2023-12-07)
#### Features
* Include universe_domain in credentials ([#460](https://github.com/googleapis/google-auth-library-ruby/issues/460))
* Use google-cloud-env for more robust Metadata Service access ([#459](https://github.com/googleapis/google-auth-library-ruby/issues/459))
### 1.8.1 (2023-09-19)
#### Documentation
* improve ADC related error and warning messages ([#452](https://github.com/googleapis/google-auth-library-ruby/issues/452))
### 1.8.0 (2023-09-07)
#### Features
* Pass additional parameters to auhtorization url ([#447](https://github.com/googleapis/google-auth-library-ruby/issues/447))
#### Documentation
* improve ADC related error and warning messages ([#449](https://github.com/googleapis/google-auth-library-ruby/issues/449))
### 1.7.0 (2023-07-14)
#### Features
* Adding support for pluggable auth credentials ([#437](https://github.com/googleapis/google-auth-library-ruby/issues/437))
#### Documentation
* fixed iss argument and description in comments of IDTokens ([#438](https://github.com/googleapis/google-auth-library-ruby/issues/438))
### 1.6.0 (2023-06-20)
#### Features
* adding identity pool credentials ([#433](https://github.com/googleapis/google-auth-library-ruby/issues/433))
#### Documentation
* deprecation message for discontinuing command line auth flow ([#435](https://github.com/googleapis/google-auth-library-ruby/issues/435))
### 1.5.2 (2023-04-13)
#### Bug Fixes
* AWS IMDSV2 session token fetching shall call PUT method instead of GET ([#429](https://github.com/googleapis/google-auth-library-ruby/issues/429))
* GCECredentials - Allow retrieval of ID token ([#425](https://github.com/googleapis/google-auth-library-ruby/issues/425))
### 1.5.1 (2023-04-10)
#### Bug Fixes
* Remove external account config validation ([#427](https://github.com/googleapis/google-auth-library-ruby/issues/427))
### 1.5.0 (2023-03-21)
#### Features
* Add support for AWS Workload Identity Federation ([#418](https://github.com/googleapis/google-auth-library-ruby/issues/418))
### 1.4.0 (2022-12-14)
#### Features
* make new_jwt_token public in order to fetch raw token directly ([#405](https://github.com/googleapis/google-auth-library-ruby/issues/405))
### 1.3.0 (2022-10-18)
#### Features
* Use OpenSSL 3.0 compatible interfaces for IDTokens ([#397](https://github.com/googleapis/google-auth-library-ruby/issues/397))
### 1.2.0 (2022-06-23)
* Updated minimum Ruby version to 2.6
### 1.1.3 (2022-04-20)
#### Documentation
* Add README instructions for 3-Legged OAuth with a service account
### 1.1.2 (2022-02-22)
#### Bug Fixes
* Support Faraday 2
### 1.1.1 (2022-02-14)
#### Bug Fixes
* add quota_project to user refresh credentials
### 1.1.0 (2021-10-24)
#### Features
* Support short-lived tokens in Credentials
### 1.0.0 (2021-09-27)
Bumped version to 1.0.0. Releases from this point will follow semver.
* Allow dependency on future 1.x versions of signet
* Prevented gcloud from authenticating on the console when getting the gcloud project
### 0.17.1 (2021-09-01)
* Updates to gem metadata
### 0.17.0 (2021-07-30)
* Allow scopes to be self-signed into jwts
### 0.16.2 (2021-04-28)
* Stop attempting to get the project from gcloud when applying self-signed JWTs
### 0.16.1 (2021-04-01)
* Accept application/text content-type for plain idtoken response
### 0.16.0 (2021-03-04)
* Drop support for Ruby 2.4 and add support for Ruby 3.0
### 0.15.1 (2021-02-08)
* Fix crash when using a client credential without any paths or env_vars set
### 0.15.0 (2021-01-26)
* Credential parameters inherit from superclasses
* Service accounts apply a self-signed JWT if scopes are marked as default
* Retry fetch_access_token when GCE metadata server returns unexpected errors
* Support correct service account and user refresh behavior for custom credential env variables
### 0.14.0 / 2020-10-09
* Honor GCE_METADATA_HOST environment variable
* Fix errors in some environments when requesting an access token for multiple scopes
### 0.13.1 / 2020-07-30
* Support scopes when using GCE Metadata Server authentication ([@ball-hayden][])
### 0.13.0 / 2020-06-17
* Support for validating ID tokens.
* Fixed header application of ID tokens from service accounts.
### 0.12.0 / 2020-04-08
* Support for ID token credentials.
* Support reading quota_id_project from service account credentials.
### 0.11.0 / 2020-02-24
* Support Faraday 1.x.
* Allow special "postmessage" value for redirect_uri.
### 0.10.0 / 2019-10-09
Note: This release now requires Ruby 2.4 or later
* Increase metadata timeout to improve reliability in some hosting environments
* Support an environment variable to suppress Cloud SDK credentials warnings
* Make the header check case insensitive
* Set instance variables at initialization to avoid spamming warnings
* Pass "Metadata-Flavor" header to metadata server when checking for GCE
### 0.9.0 / 2019-08-05
* Restore compatibility with Ruby 2.0. This is the last release that will work on end-of-lifed versions of Ruby. The 0.10 release will require Ruby 2.4 or later.
* Update Credentials to use methods for values that are intended to be changed by users, replacing constants.
* Add retry on error for fetch_access_token
* Allow specifying custom state key-values
* Add verbosity none to gcloud command
* Make arity of WebUserAuthorizer#get_credentials compatible with the base class
### 0.8.1 / 2019-03-27
* Silence unnecessary gcloud warning
* Treat empty credentials environment variables as unset
### 0.8.0 / 2019-01-02
* Support connection options :default_connection and :connection_builder when creating credentials that need to refresh OAuth tokens. This lets clients provide connection objects with custom settings, such as proxies, needed for the client environment.
* Removed an unnecessary warning about project IDs.
### 0.7.1 / 2018-10-25
* Make load_gcloud_project_id module function.
### 0.7.0 / 2018-10-24
* Add project_id instance variable to UserRefreshCredentials, ServiceAccountCredentials, and Credentials.
### 0.6.7 / 2018-10-16
* Update memoist dependency to ~> 0.16.
### 0.6.6 / 2018-08-22
* Remove ruby version warnings.
### 0.6.5 / 2018-08-16
* Fix incorrect http verb when revoking credentials.
* Warn on EOL ruby versions.
### 0.6.4 / 2018-08-03
* Resolve issue where DefaultCredentials constant was undefined.
### 0.6.3 / 2018-08-02
* Resolve issue where token_store was being written to twice
### 0.6.2 / 2018-08-01
* Add warning when using cloud sdk credentials
### 0.6.1 / 2017-10-18
* Fix file permissions
### 0.6.0 / 2017-10-17
* Support ruby-jwt 2.0
* Add simple credentials class
### 0.5.3 / 2017-07-21
* Fix file permissions on the gem's `.rb` files.
### 0.5.2 / 2017-07-19
* Add retry mechanism when fetching access tokens in `GCECredentials` and `UserRefreshCredentials` classes.
* Update Google API OAuth2 token credential URI to v4.
### 0.5.1 / 2016-01-06
* Change header name emitted by `Client#apply` from "Authorization" to "authorization" ([@murgatroid99][])
* Fix ADC not working on some windows machines ([@vsubramani][])
### 0.5.0 / 2015-10-12
* Initial support for user credentials ([@sqrrrl][])
* Update Signet to 0.7
### 0.4.2 / 2015-08-05
* Updated UserRefreshCredentials hash to use string keys ([@haabaato][])
* Add support for a system default credentials file. ([@mr-salty][])
* Fix bug when loading credentials from ENV ([@dwilkie][])
* Relax the constraint of dependent version of multi_json ([@igrep][])
* Enables passing credentials via environment variables. ([@haabaato][])
### 0.4.1 / 2015-04-25
* Improves handling of --no-scopes GCE authorization ([@tbetbetbe][])
* Refactoring and cleanup ([@joneslee85][])
### 0.4.0 / 2015-03-25
* Adds an implementation of JWT header auth ([@tbetbetbe][])
### 0.3.0 / 2015-03-23
* makes the scope parameter's optional in all APIs. ([@tbetbetbe][])
* changes the scope parameter's position in various constructors. ([@tbetbetbe][])
[@dwilkie]: https://github.com/dwilkie
[@haabaato]: https://github.com/haabaato
[@igrep]: https://github.com/igrep
[@joneslee85]: https://github.com/joneslee85
[@mr-salty]: https://github.com/mr-salty
[@tbetbetbe]: https://github.com/tbetbetbe
[@murgatroid99]: https://github.com/murgatroid99
[@vsubramani]: https://github.com/vsubramani
[@ball-hayden]: https://github.com/ball-hayden
|
