Intermediate changes

commit_hash:f4cb1bdccfb534d71b7f461fc8f8e5656c47bfa5
author: robot-piglet <[email protected]> 2025-02-08 20:17:29 +0300
committer: robot-piglet <[email protected]> 2025-02-08 20:32:11 +0300
commit: 6b7c255668de517dff6462bd377d345d240f8a67 (patch)
tree: 1bde953b7f2b6d9e8efd72a0ceebfa0a791a024c /contrib/python/google-auth/py3/google/auth/_default.py
parent: 2309a9980fd82ba7df5a21876c790e7e4d776ded (diff)
1 files changed, 22 insertions, 0 deletions
diff --git a/contrib/python/google-auth/py3/google/auth/_default.py b/contrib/python/google-auth/py3/google/auth/_default.py
index cdc8b7a6460..1234fb25d78 100644
--- a/contrib/python/google-auth/py3/google/auth/_default.py
+++ b/contrib/python/google-auth/py3/google/auth/_default.py
@@ -85,6 +85,17 @@ def load_credentials_from_file(
     user credentials, external account credentials, or impersonated service
     account credentials.
 
+    .. warning::
+        Important: If you accept a credential configuration (credential JSON/File/Stream)
+        from an external source for authentication to Google Cloud Platform, you must
+        validate it before providing it to any Google API or client library. Providing an
+        unvalidated credential configuration to Google APIs or libraries can compromise
+        the security of your systems and data. For more information, refer to
+        `Validate credential configurations from external sources`_.
+
+        .. _Validate credential configurations from external sources:
+            https://cloud.google.com/docs/authentication/external/externally-sourced-credentials
+
     Args:
         filename (str): The full path to the credentials file.
         scopes (Optional[Sequence[str]]): The list of scopes for the credentials. If
@@ -137,6 +148,17 @@ def load_credentials_from_dict(
     user credentials, external account credentials, or impersonated service
     account credentials.
 
+    .. warning::
+        Important: If you accept a credential configuration (credential JSON/File/Stream)
+        from an external source for authentication to Google Cloud Platform, you must
+        validate it before providing it to any Google API or client library. Providing an
+        unvalidated credential configuration to Google APIs or libraries can compromise
+        the security of your systems and data. For more information, refer to
+        `Validate credential configurations from external sources`_.
+
+    .. _Validate credential configurations from external sources:
+        https://cloud.google.com/docs/authentication/external/externally-sourced-credentials
+
     Args:
         info (Dict[str, Any]): A dict object containing the credentials
         scopes (Optional[Sequence[str]]): The list of scopes for the credentials. If
author	robot-piglet <[email protected]>	2025-02-08 20:17:29 +0300
committer	robot-piglet <[email protected]>	2025-02-08 20:32:11 +0300
commit	6b7c255668de517dff6462bd377d345d240f8a67 (patch)
tree	1bde953b7f2b6d9e8efd72a0ceebfa0a791a024c /contrib/python/google-auth/py3/google/auth/_default.py
parent	2309a9980fd82ba7df5a21876c790e7e4d776ded (diff)