Skip to content

[pull] main from google:main #34

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
pull merged 3 commits into from
Dec 12, 2025
Merged

[pull] main from google:main #34

pull merged 3 commits into from
Dec 12, 2025

Conversation

@pull
Copy link

@pull pull bot commented Dec 12, 2025
edited
Loading

See Commits and Changes for more details.

Created by pull[bot] (v2.0.0-alpha.4)

Can you help keep this open source service alive? 💖 Please sponsor : )

sully90 and others added 3 commits December 12, 2025 10:16
@sully90 @seanzhougoogle @copybara-github
feat: add token_endpoint_auth_method support to OAuth2 credentials
8782a69 
Merge #2870

## Summary

  Add `token_endpoint_auth_method` field to OAuth2Auth class to allow configuring OAuth2 token endpoint authentication methods. This enables users to specify how the client should authenticate with the authorization server's token
  endpoint.

  • Add `token_endpoint_auth_method` field to `OAuth2Auth` with default value `"client_secret_basic"`
  • Update `create_oauth2_session()` to pass the authentication method to `OAuth2Session`
  • Maintain backward compatibility with existing OAuth2 configurations

  ## Unit Tests
  Added unit test coverage with 3 new test methods:

  1. `test_create_oauth2_session_with_token_endpoint_auth_method()` - Tests explicit auth method setting (`client_secret_post`)
  2. `test_create_oauth2_session_with_default_token_endpoint_auth_method()` - Tests default behavior (`client_secret_basic`)
  3. `test_create_oauth2_session_oauth2_scheme_with_token_endpoint_auth_method()` - Tests with OAuth2 scheme using `client_secret_jwt`

  **Test Results:**
  ✅ 16/16 OAuth2 credential utility tests passed
  ✅ 240/240 auth module tests passed (no regressions)
  ✅ Tests cover both GOOGLE_AI and VERTEX variants
  ✅ Pylint score: 9.41/10

  ## Changes Made

  **src/google/adk/auth/auth_credential.py**
  - Added `token_endpoint_auth_method: Optional[str] = "client_secret_basic"` to `OAuth2Auth` class

  **src/google/adk/auth/oauth2_credential_util.py**
  - Updated `create_oauth2_session()` to pass `token_endpoint_auth_method` parameter to `OAuth2Session`

  **tests/unittests/auth/test_oauth2_credential_util.py**
  - Added 3 comprehensive test methods covering different authentication scenarios

  ## Backward Compatibility

  ✅ **Non-breaking change** - All existing OAuth2 configurations continue to work unchanged with the default `client_secret_basic` authentication method.

  ## Supported Authentication Methods

  - `client_secret_basic` (default) - Client credentials in Authorization header
  - `client_secret_post` - Client credentials in request body
  - `client_secret_jwt` - JWT with client secret
  - `private_key_jwt` - JWT with private key

Co-authored-by: Xiang (Sean) Zhou <seanzhougoogle@google.com>
COPYBARA_INTEGRATE_REVIEW=#2870 from sully90:feat/oauth2-token-endpoint-auth-method 04fe824
PiperOrigin-RevId: 843739984
@GWeale @copybara-github
fix: Add MIME type inference and default for file URIs in LiteLLM
5c4bae7 
This change ensures that file URI parts passed to LiteLLM always include a "format" field. If `mime_type` is not explicitly provided in `FileData`, the system attempts to infer it from the URI's file extension. If inference fails, a default "application/octet-stream" is used. This is necessary because LiteLLM's Vertex AI backend requires the "format" field for GCS URIs.

Close #3787

Co-authored-by: George Weale <gweale@google.com>
PiperOrigin-RevId: 843753810
@MarlzRana @xuanyang15 @copybara-github
fix: oauth refresh not triggered on token expiry
69997cd 
Merge #3767

Co-authored-by: Xuan Yang <xygoogle@google.com>
COPYBARA_INTEGRATE_REVIEW=#3767 from MarlzRana:marlzrana/fix-oauth-refresh-not-triggered-on-token-expiry 2dae391
PiperOrigin-RevId: 843756363
@pull pull bot locked and limited conversation to collaborators Dec 12, 2025
@pull pull bot added the ⤵️ pull label Dec 12, 2025
@pull pull bot merged commit 69997cd into CrazyForks:main Dec 12, 2025
4 of 8 checks passed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

⤵️ pull

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@sully90 @GWeale @MarlzRana