diff --git a/.github/.OwlBot.lock.yaml b/.github/.OwlBot.lock.yaml
index 0954585..e2b39f9 100644
--- a/.github/.OwlBot.lock.yaml
+++ b/.github/.OwlBot.lock.yaml
@@ -1,3 +1,3 @@
docker:
image: gcr.io/repo-automation-bots/owlbot-python:latest
- digest: sha256:df50e8d462f86d6bcb42f27ecad55bb12c404f1c65de9c6fe4c4d25120080bd6
+ digest: sha256:99d90d097e4a4710cc8658ee0b5b963f4426d0e424819787c3ac1405c9a26719
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 9267ece..09297c7 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,13 @@
# Changelog
+### [1.1.1](https://www.github.com/googleapis/python-bigquery-connection/compare/v1.1.0...v1.1.1) (2021-06-30)
+
+
+### Bug Fixes
+
+* disable always_use_jwt_access ([37f28c5](https://www.github.com/googleapis/python-bigquery-connection/commit/37f28c5112d9b8f180a8cf754d474ac74f5f92d9))
+* disable always_use_jwt_access ([#91](https://www.github.com/googleapis/python-bigquery-connection/issues/91)) ([37f28c5](https://www.github.com/googleapis/python-bigquery-connection/commit/37f28c5112d9b8f180a8cf754d474ac74f5f92d9))
+
## [1.1.0](https://www.github.com/googleapis/python-bigquery-connection/compare/v1.0.1...v1.1.0) (2021-06-23)
diff --git a/CONTRIBUTING.rst b/CONTRIBUTING.rst
index e046030..f5f434b 100644
--- a/CONTRIBUTING.rst
+++ b/CONTRIBUTING.rst
@@ -68,14 +68,12 @@ Using ``nox``
We use `nox `__ to instrument our tests.
- To test your changes, run unit tests with ``nox``::
+ $ nox -s unit
- $ nox -s unit-3.8
- $ ...
+- To run a single unit test::
-- Args to pytest can be passed through the nox command separated by a `--`. For
- example, to run a single test::
+ $ nox -s unit-3.9 -- -k
- $ nox -s unit-3.8 -- -k
.. note::
@@ -142,7 +140,7 @@ Running System Tests
- To run system tests, you can execute::
# Run all system tests
- $ nox -s system-3.8
+ $ nox -s system
# Run a single system test
$ nox -s system-3.8 -- -k
@@ -215,8 +213,8 @@ Supported versions can be found in our ``noxfile.py`` `config`_.
.. _config: https://github.com/googleapis/python-bigquery-connection/blob/master/noxfile.py
-We also explicitly decided to support Python 3 beginning with version
-3.6. Reasons for this include:
+We also explicitly decided to support Python 3 beginning with version 3.6.
+Reasons for this include:
- Encouraging use of newest versions of Python 3
- Taking the lead of `prominent`_ open-source `projects`_
diff --git a/google/cloud/bigquery_connection_v1/services/connection_service/transports/base.py b/google/cloud/bigquery_connection_v1/services/connection_service/transports/base.py
index 6b9c304..8cd1907 100644
--- a/google/cloud/bigquery_connection_v1/services/connection_service/transports/base.py
+++ b/google/cloud/bigquery_connection_v1/services/connection_service/transports/base.py
@@ -105,7 +105,7 @@ def __init__(
scopes_kwargs = self._get_scopes_kwargs(self._host, scopes)
# Save the scopes.
- self._scopes = scopes or self.AUTH_SCOPES
+ self._scopes = scopes
# If no credentials are provided, then determine the appropriate
# defaults.
diff --git a/google/cloud/bigquery_connection_v1/services/connection_service/transports/grpc.py b/google/cloud/bigquery_connection_v1/services/connection_service/transports/grpc.py
index 24d836b..d682bbe 100644
--- a/google/cloud/bigquery_connection_v1/services/connection_service/transports/grpc.py
+++ b/google/cloud/bigquery_connection_v1/services/connection_service/transports/grpc.py
@@ -61,6 +61,7 @@ def __init__(
client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None,
quota_project_id: Optional[str] = None,
client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO,
+ always_use_jwt_access: Optional[bool] = False,
) -> None:
"""Instantiate the transport.
@@ -101,6 +102,8 @@ def __init__(
API requests. If ``None``, then default info will be used.
Generally, you only need to set this if you're developing
your own client library.
+ always_use_jwt_access (Optional[bool]): Whether self signed JWT should
+ be used for service account credentials.
Raises:
google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport
@@ -153,7 +156,7 @@ def __init__(
scopes=scopes,
quota_project_id=quota_project_id,
client_info=client_info,
- always_use_jwt_access=True,
+ always_use_jwt_access=always_use_jwt_access,
)
if not self._grpc_channel:
diff --git a/google/cloud/bigquery_connection_v1/services/connection_service/transports/grpc_asyncio.py b/google/cloud/bigquery_connection_v1/services/connection_service/transports/grpc_asyncio.py
index ffbdc28..30c794e 100644
--- a/google/cloud/bigquery_connection_v1/services/connection_service/transports/grpc_asyncio.py
+++ b/google/cloud/bigquery_connection_v1/services/connection_service/transports/grpc_asyncio.py
@@ -107,6 +107,7 @@ def __init__(
client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None,
quota_project_id=None,
client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO,
+ always_use_jwt_access: Optional[bool] = False,
) -> None:
"""Instantiate the transport.
@@ -148,6 +149,8 @@ def __init__(
API requests. If ``None``, then default info will be used.
Generally, you only need to set this if you're developing
your own client library.
+ always_use_jwt_access (Optional[bool]): Whether self signed JWT should
+ be used for service account credentials.
Raises:
google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport
@@ -199,7 +202,7 @@ def __init__(
scopes=scopes,
quota_project_id=quota_project_id,
client_info=client_info,
- always_use_jwt_access=True,
+ always_use_jwt_access=always_use_jwt_access,
)
if not self._grpc_channel:
diff --git a/setup.py b/setup.py
index f72d82c..a7a4943 100644
--- a/setup.py
+++ b/setup.py
@@ -19,7 +19,7 @@
import os
import setuptools # type: ignore
-version = "1.1.0"
+version = "1.1.1"
package_root = os.path.abspath(os.path.dirname(__file__))
diff --git a/tests/unit/gapic/bigquery_connection_v1/test_connection_service.py b/tests/unit/gapic/bigquery_connection_v1/test_connection_service.py
index 3390947..ed2a172 100644
--- a/tests/unit/gapic/bigquery_connection_v1/test_connection_service.py
+++ b/tests/unit/gapic/bigquery_connection_v1/test_connection_service.py
@@ -138,7 +138,25 @@ def test_connection_service_client_service_account_always_use_jwt(client_class):
) as use_jwt:
creds = service_account.Credentials(None, None, None)
client = client_class(credentials=creds)
- use_jwt.assert_called_with(True)
+ use_jwt.assert_not_called()
+
+
+@pytest.mark.parametrize(
+ "transport_class,transport_name",
+ [
+ (transports.ConnectionServiceGrpcTransport, "grpc"),
+ (transports.ConnectionServiceGrpcAsyncIOTransport, "grpc_asyncio"),
+ ],
+)
+def test_connection_service_client_service_account_always_use_jwt_true(
+ transport_class, transport_name
+):
+ with mock.patch.object(
+ service_account.Credentials, "with_always_use_jwt_access", create=True
+ ) as use_jwt:
+ creds = service_account.Credentials(None, None, None)
+ transport = transport_class(credentials=creds, always_use_jwt_access=True)
+ use_jwt.assert_called_once_with(True)
@pytest.mark.parametrize(
@@ -2782,10 +2800,7 @@ def test_connection_service_grpc_transport_client_cert_source_for_mtls(transport
"squid.clam.whelk:443",
credentials=cred,
credentials_file=None,
- scopes=(
- "https://www.googleapis.com/auth/bigquery",
- "https://www.googleapis.com/auth/cloud-platform",
- ),
+ scopes=None,
ssl_credentials=mock_ssl_channel_creds,
quota_project_id=None,
options=[
@@ -2894,10 +2909,7 @@ def test_connection_service_transport_channel_mtls_with_client_cert_source(
"mtls.squid.clam.whelk:443",
credentials=cred,
credentials_file=None,
- scopes=(
- "https://www.googleapis.com/auth/bigquery",
- "https://www.googleapis.com/auth/cloud-platform",
- ),
+ scopes=None,
ssl_credentials=mock_ssl_cred,
quota_project_id=None,
options=[
@@ -2944,10 +2956,7 @@ def test_connection_service_transport_channel_mtls_with_adc(transport_class):
"mtls.squid.clam.whelk:443",
credentials=mock_cred,
credentials_file=None,
- scopes=(
- "https://www.googleapis.com/auth/bigquery",
- "https://www.googleapis.com/auth/cloud-platform",
- ),
+ scopes=None,
ssl_credentials=mock_ssl_cred,
quota_project_id=None,
options=[