Skip to content

google-http-client-android 1.31+ Posix crash #906

New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom
Closed
adriancretu opened this issue Dec 7, 2019 · 1 comment · Fixed by #1070
Closed

google-http-client-android 1.31+ Posix crash #906

adriancretu opened this issue Dec 7, 2019 · 1 comment · Fixed by #1070
Assignees
@chingor13
Labels
priority: p2 Moderately-important priority. Fix may not be included in next release. 🚨 This issue needs some love. semver: patch A minor bug fix or small change. type: bug Error or flaw in code with unintended results or allowing sub-optimal usage patterns.

Comments

@adriancretu
Copy link

com.google.api.client.util.store.FileDataStoreFactory.setPermissionsToOwnerOnly

uses PosixFilePermission
This class was added only in Android API 26. Running on lower API devices results in:

Fatal Exception: java.lang.NoClassDefFoundError
Failed resolution of: Ljava/nio/file/attribute/PosixFilePermission;
com.google.api.client.util.store.FileDataStoreFactory.setPermissionsToOwnerOnly

Crash happens when trying to store OAuth credentials and doing something trivial like

new FileDataStoreFactory(filesDir)

Maybe since the package releases as "Android-compatible" this should be documented?
@yoshi-automation yoshi-automation added the triage me I really want to be triaged. label Dec 8, 2019
@chingor13 chingor13 added the type: docs Improvement to the documentation for an API. label Dec 9, 2019
@yoshi-automation yoshi-automation removed the triage me I really want to be triaged. label Dec 10, 2019
@elharo elharo added semver: patch A minor bug fix or small change. type: bug Error or flaw in code with unintended results or allowing sub-optimal usage patterns. and removed type: docs Improvement to the documentation for an API. labels Mar 13, 2020
@elharo
Copy link
Contributor

elharo commented Mar 13, 2020

This is the code. It probably needs to catch LinkageError too and possibly use reflection:

  static void setPermissionsToOwnerOnly(File file) throws IOException {
    Set permissions = new HashSet<PosixFilePermission>();
    permissions.add(PosixFilePermission.OWNER_READ);
    permissions.add(PosixFilePermission.OWNER_WRITE);
    permissions.add(PosixFilePermission.OWNER_EXECUTE);
    try {
      Files.setPosixFilePermissions(Paths.get(file.getAbsolutePath()), permissions);
    } catch (UnsupportedOperationException exception) {
      LOGGER.warning("Unable to set permissions for " + file
          + ", because you are running on a non-POSIX file system.");
    } catch (SecurityException exception) {
      // ignored
    } catch (IllegalArgumentException exception) {
      // ignored
    }
  }

@yoshi-automation yoshi-automation added 🚨 This issue needs some love. triage me I really want to be triaged. labels Mar 13, 2020
@chingor13 chingor13 added the priority: p2 Moderately-important priority. Fix may not be included in next release. label Mar 16, 2020
@yoshi-automation yoshi-automation removed 🚨 This issue needs some love. triage me I really want to be triaged. labels Mar 16, 2020
@yoshi-automation yoshi-automation added the 🚨 This issue needs some love. label Jun 4, 2020
@chingor13 chingor13 mentioned this issue Jun 26, 2020
Merged
clundin25 pushed a commit to clundin25/google-http-java-client that referenced this issue Aug 11, 2022
@lsirac @renovate-bot
@navina @TimurSadykov @Neenu1995 @hegemonic @eaball35
feat: Adds Pluggable Auth support (WIF) (googleapis#908)
c3e8d16 
* feat: Adds Pluggable Auth support to ADC  (googleapis#895)

* chore(deps): update dependency com.google.http-client:google-http-client-bom to v1.41.5 (googleapis#896)

[![WhiteSource Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [com.google.http-client:google-http-client-bom](https://github.com/googleapis/google-http-java-client) | `1.41.4` -> `1.41.5` | [![age](https://badges.renovateapi.com/packages/maven/com.google.http-client:google-http-client-bom/1.41.5/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/com.google.http-client:google-http-client-bom/1.41.5/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/com.google.http-client:google-http-client-bom/1.41.5/compatibility-slim/1.41.4)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/com.google.http-client:google-http-client-bom/1.41.5/confidence-slim/1.41.4)](https://docs.renovatebot.com/merge-confidence/) |

---

### Release Notes

<details>
<summary>googleapis/google-http-java-client</summary>

### [`v1.41.5`](https://github.com/googleapis/google-http-java-client/blob/HEAD/CHANGELOG.md#&#8203;1415-httpsgithubcomgoogleapisgoogle-http-java-clientcomparev1414v1415-2022-03-21)

[Compare Source](https://github.com/googleapis/google-http-java-client/compare/v1.41.4...v1.41.5)

</details>

---

### Configuration

📅 **Schedule**: At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, click this checkbox.

---

This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/google-auth-library-java).

* feat: Add ability to provide PrivateKey as Pkcs8 encoded string googleapis#883 (googleapis#889)

* feat: Add ability to provide PrivateKey as Pkcs8 encoded string googleapis#883

This change adds a new method `setPrivateKeyString` in `ServiceAccountCredentials.Builder` to accept Pkcs8 encoded string representation of private keys.

Co-authored-by: Timur Sadykov <stim@google.com>

* chore: fix downstream check (googleapis#898)

* fix: update branding in ExternalAccountCredentials (googleapis#893)

These changes align the Javadoc comments with the branding that Google uses externally:

+ STS -> Security Token Service
+ GCP -> Google Cloud
+ Remove references to a Google-internal token type

Thank you for opening a Pull Request! Before submitting your PR, there are a few things you can do to make sure it goes smoothly:
- [ ] Make sure to open an issue as a [bug/issue](https://github.com/googleapis/google-auth-library-java/issues/new/choose) before writing your code!  That way we can discuss the change, evaluate designs, and agree on the general idea
- [ ] Ensure the tests and linter pass: Tests are failing, but I don't think that was caused by the changes in this PR
- [ ] Code coverage does not decrease (if any source code was changed): n/a
- [ ] Appropriate docs were updated (if necessary): n/a

* feat: Adds the ExecutableHandler interface for Pluggable Auth

* feat: Adds a Pluggable Auth specific exception

* feat: Adds new PluggableAuthCredentials class that plug into ADC

* feat: Adds unit tests for PluggableAuthCredentials and ExternalAccountCredentials

* Add units tests for GoogleCredentials

* fix: update javadoc/comments

* fix: A concrete ExecutableOptions implementation is not needed

* review: javadoc changes + constants

Co-authored-by: WhiteSource Renovate <bot@renovateapp.com>
Co-authored-by: Navina Ramesh <navi.trinity@gmail.com>
Co-authored-by: Timur Sadykov <stim@google.com>
Co-authored-by: Neenu Shaji <Neenu1995@users.noreply.github.com>
Co-authored-by: Jeff Williams <jeffrey.l.williams@gmail.com>

* feat: finalizes PluggableAuth implementation (googleapis#906)

* Adds ExecutableResponse class

* Adds unit tests for ExecutableResponse

* Adds 3rd party executable handler

* Adds unit tests for PluggableAuthHandler

* Fix build issues

* don't fail on javadoc errors

* feat: Improve Pluggable Auth error handling (googleapis#912)

* feat: improves pluggable auth error handling

* cleanup

* fix: consume input stream immediately for Pluggable Auth (googleapis#915)

* feat: improves pluggable auth error handling

* cleanup

* fix: consume input stream immediately so that the spawned process will not hang if the STDOUT buffer is filled.

* fix: fix merge

* fix: review comments

* fix: refactor to keep ImpersonatedCredentials final (googleapis#917)

* fix: adds more documentation for InternalProcessBuilder and moves it to the bottom of the file

* fix: keep ImpersonatedCredentials final

* fix: make sure executor is shutdown

Co-authored-by: WhiteSource Renovate <bot@renovateapp.com>
Co-authored-by: Navina Ramesh <navi.trinity@gmail.com>
Co-authored-by: Timur Sadykov <stim@google.com>
Co-authored-by: Neenu Shaji <Neenu1995@users.noreply.github.com>
Co-authored-by: Jeff Williams <jeffrey.l.williams@gmail.com>
Co-authored-by: Emily Ball <emilyball@google.com>
clundin25 pushed a commit to clundin25/google-http-java-client that referenced this issue Aug 11, 2022
@lsirac @renovate-bot
@navina @TimurSadykov @Neenu1995 @hegemonic @eaball35
docs: updates README for Pluggable Auth (googleapis#921)
23716b8 
* feat: Adds Pluggable Auth support to ADC  (googleapis#895)

* chore(deps): update dependency com.google.http-client:google-http-client-bom to v1.41.5 (googleapis#896)

[![WhiteSource Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [com.google.http-client:google-http-client-bom](https://github.com/googleapis/google-http-java-client) | `1.41.4` -> `1.41.5` | [![age](https://badges.renovateapi.com/packages/maven/com.google.http-client:google-http-client-bom/1.41.5/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/com.google.http-client:google-http-client-bom/1.41.5/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/com.google.http-client:google-http-client-bom/1.41.5/compatibility-slim/1.41.4)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/com.google.http-client:google-http-client-bom/1.41.5/confidence-slim/1.41.4)](https://docs.renovatebot.com/merge-confidence/) |

---

### Release Notes

<details>
<summary>googleapis/google-http-java-client</summary>

### [`v1.41.5`](https://github.com/googleapis/google-http-java-client/blob/HEAD/CHANGELOG.md#&#8203;1415-httpsgithubcomgoogleapisgoogle-http-java-clientcomparev1414v1415-2022-03-21)

[Compare Source](https://github.com/googleapis/google-http-java-client/compare/v1.41.4...v1.41.5)

</details>

---

### Configuration

📅 **Schedule**: At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, click this checkbox.

---

This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/google-auth-library-java).

* feat: Add ability to provide PrivateKey as Pkcs8 encoded string googleapis#883 (googleapis#889)

* feat: Add ability to provide PrivateKey as Pkcs8 encoded string googleapis#883

This change adds a new method `setPrivateKeyString` in `ServiceAccountCredentials.Builder` to accept Pkcs8 encoded string representation of private keys.

Co-authored-by: Timur Sadykov <stim@google.com>

* chore: fix downstream check (googleapis#898)

* fix: update branding in ExternalAccountCredentials (googleapis#893)

These changes align the Javadoc comments with the branding that Google uses externally:

+ STS -> Security Token Service
+ GCP -> Google Cloud
+ Remove references to a Google-internal token type

Thank you for opening a Pull Request! Before submitting your PR, there are a few things you can do to make sure it goes smoothly:
- [ ] Make sure to open an issue as a [bug/issue](https://github.com/googleapis/google-auth-library-java/issues/new/choose) before writing your code!  That way we can discuss the change, evaluate designs, and agree on the general idea
- [ ] Ensure the tests and linter pass: Tests are failing, but I don't think that was caused by the changes in this PR
- [ ] Code coverage does not decrease (if any source code was changed): n/a
- [ ] Appropriate docs were updated (if necessary): n/a

* feat: Adds the ExecutableHandler interface for Pluggable Auth

* feat: Adds a Pluggable Auth specific exception

* feat: Adds new PluggableAuthCredentials class that plug into ADC

* feat: Adds unit tests for PluggableAuthCredentials and ExternalAccountCredentials

* Add units tests for GoogleCredentials

* fix: update javadoc/comments

* fix: A concrete ExecutableOptions implementation is not needed

* review: javadoc changes + constants

Co-authored-by: WhiteSource Renovate <bot@renovateapp.com>
Co-authored-by: Navina Ramesh <navi.trinity@gmail.com>
Co-authored-by: Timur Sadykov <stim@google.com>
Co-authored-by: Neenu Shaji <Neenu1995@users.noreply.github.com>
Co-authored-by: Jeff Williams <jeffrey.l.williams@gmail.com>

* feat: finalizes PluggableAuth implementation (googleapis#906)

* Adds ExecutableResponse class

* Adds unit tests for ExecutableResponse

* Adds 3rd party executable handler

* Adds unit tests for PluggableAuthHandler

* Fix build issues

* don't fail on javadoc errors

* feat: Improve Pluggable Auth error handling (googleapis#912)

* feat: improves pluggable auth error handling

* cleanup

* fix: consume input stream immediately for Pluggable Auth (googleapis#915)

* feat: improves pluggable auth error handling

* cleanup

* fix: consume input stream immediately so that the spawned process will not hang if the STDOUT buffer is filled.

* fix: fix merge

* fix: review comments

* fix: refactor to keep ImpersonatedCredentials final (googleapis#917)

* fix: adds more documentation for InternalProcessBuilder and moves it to the bottom of the file

* fix: keep ImpersonatedCredentials final

* feat: documents pluggable auth in README

* fix: provider

* fix: update table of contents

* fix: update

Co-authored-by: WhiteSource Renovate <bot@renovateapp.com>
Co-authored-by: Navina Ramesh <navi.trinity@gmail.com>
Co-authored-by: Timur Sadykov <stim@google.com>
Co-authored-by: Neenu Shaji <Neenu1995@users.noreply.github.com>
Co-authored-by: Jeff Williams <jeffrey.l.williams@gmail.com>
Co-authored-by: Emily Ball <emilyball@google.com>
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees

@chingor13 chingor13

Labels
priority: p2 Moderately-important priority. Fix may not be included in next release. 🚨 This issue needs some love. semver: patch A minor bug fix or small change. type: bug Error or flaw in code with unintended results or allowing sub-optimal usage patterns.
Projects
None yet
Milestone
No milestone
4 participants
@chingor13 @elharo @adriancretu @yoshi-automation