From a13caf2234b9886bd39ede0f1872895b2d8e27f7 Mon Sep 17 00:00:00 2001 From: Lawrence Qiu Date: Thu, 26 Mar 2026 03:04:12 +0000 Subject: [PATCH 1/2] chore(oauth2_http): Improve IdTokenCredentials quality and docs --- .../auth/oauth2/IdTokenCredentials.java | 37 +++++++++++++++---- 1 file changed, 30 insertions(+), 7 deletions(-) diff --git a/oauth2_http/java/com/google/auth/oauth2/IdTokenCredentials.java b/oauth2_http/java/com/google/auth/oauth2/IdTokenCredentials.java index 42bdbaa6e..4a6d86221 100644 --- a/oauth2_http/java/com/google/auth/oauth2/IdTokenCredentials.java +++ b/oauth2_http/java/com/google/auth/oauth2/IdTokenCredentials.java @@ -105,16 +105,17 @@ public class IdTokenCredentials extends OAuth2Credentials { private static final long serialVersionUID = -2133257318957588431L; - private IdTokenProvider idTokenProvider; - private String targetAudience; - private List options; + private final IdTokenProvider idTokenProvider; + private final String targetAudience; + private final List options; private IdTokenCredentials(Builder builder) { this.idTokenProvider = Preconditions.checkNotNull(builder.getIdTokenProvider()); - // target audience can't be used for UserCredentials if (!(this.idTokenProvider instanceof UserCredentials)) { this.targetAudience = Preconditions.checkNotNull(builder.getTargetAudience()); + } else { + this.targetAudience = null; } this.options = builder.getOptions(); @@ -131,7 +132,7 @@ public IdToken getIdToken() { @Override public int hashCode() { - return Objects.hash(options, targetAudience); + return Objects.hash(idTokenProvider, options, targetAudience); } @Override @@ -146,7 +147,8 @@ public boolean equals(Object obj) { } IdTokenCredentials other = (IdTokenCredentials) obj; return Objects.equals(this.idTokenProvider, other.idTokenProvider) - && Objects.equals(this.targetAudience, other.targetAudience); + && Objects.equals(this.targetAudience, other.targetAudience) + && Objects.equals(this.options, other.options); } @Override @@ -169,9 +171,15 @@ public static class Builder extends OAuth2Credentials.Builder { protected Builder() {} + /** + * Sets the provider for the ID token. + * + * @param idTokenProvider the provider for the ID token, cannot be null + * @return the builder object + */ @CanIgnoreReturnValue public Builder setIdTokenProvider(IdTokenProvider idTokenProvider) { - this.idTokenProvider = idTokenProvider; + this.idTokenProvider = Preconditions.checkNotNull(idTokenProvider); return this; } @@ -179,6 +187,15 @@ public IdTokenProvider getIdTokenProvider() { return this.idTokenProvider; } + /** + * Sets the target audience for the ID token. + * + * @param targetAudience the target audience, cannot be null for non-UserCredentials. See + * class-level Javadoc for the list of supported types (e.g., ServiceAccountCredentials, + * ComputeEngineCredentials, ImpersonatedCredentials). Should not be set for UserCredentials + * as it will be ignored. + * @return the builder object + */ @CanIgnoreReturnValue public Builder setTargetAudience(String targetAudience) { this.targetAudience = targetAudience; @@ -189,6 +206,12 @@ public String getTargetAudience() { return this.targetAudience; } + /** + * Sets the options for the ID token. + * + * @param options list of options, can be null or empty if no options are needed. + * @return the builder object + */ @CanIgnoreReturnValue public Builder setOptions(List options) { this.options = options; From 5d5a3a2b8e7c749205c9c8e393167ab610e3cdd7 Mon Sep 17 00:00:00 2001 From: Lawrence Qiu Date: Wed, 25 Mar 2026 23:40:32 -0400 Subject: [PATCH 2/2] chore: Fix lint issues --- .../com/google/auth/oauth2/IdTokenCredentials.java | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/oauth2_http/java/com/google/auth/oauth2/IdTokenCredentials.java b/oauth2_http/java/com/google/auth/oauth2/IdTokenCredentials.java index 4a6d86221..ea7d324d9 100644 --- a/oauth2_http/java/com/google/auth/oauth2/IdTokenCredentials.java +++ b/oauth2_http/java/com/google/auth/oauth2/IdTokenCredentials.java @@ -106,16 +106,15 @@ public class IdTokenCredentials extends OAuth2Credentials { private static final long serialVersionUID = -2133257318957588431L; private final IdTokenProvider idTokenProvider; - private final String targetAudience; private final List options; + private String targetAudience; private IdTokenCredentials(Builder builder) { this.idTokenProvider = Preconditions.checkNotNull(builder.getIdTokenProvider()); + // target audience can't be used for UserCredentials if (!(this.idTokenProvider instanceof UserCredentials)) { this.targetAudience = Preconditions.checkNotNull(builder.getTargetAudience()); - } else { - this.targetAudience = null; } this.options = builder.getOptions(); @@ -190,10 +189,8 @@ public IdTokenProvider getIdTokenProvider() { /** * Sets the target audience for the ID token. * - * @param targetAudience the target audience, cannot be null for non-UserCredentials. See - * class-level Javadoc for the list of supported types (e.g., ServiceAccountCredentials, - * ComputeEngineCredentials, ImpersonatedCredentials). Should not be set for UserCredentials - * as it will be ignored. + * @param targetAudience the target audience, cannot be null for non-UserCredentials. If set for + * UserCredentials, the value will be ignored. * @return the builder object */ @CanIgnoreReturnValue