fix: enable self signed jwt for grpc (#88)

PiperOrigin-RevId: 386504689

Source-Link: googleapis/googleapis@762094a

Source-Link: https://github.com/googleapis/googleapis-gen/commit/6bfc480e1a161d5de121c2bcc3745885d33b265a

grafeas/grafeas_v1/services/grafeas/transports/base.py

@@ -97,7 +97,7 @@ def __init__(
         scopes_kwargs = self._get_scopes_kwargs(self._host, scopes)
 
         # Save the scopes.
-        self._scopes = scopes or self.AUTH_SCOPES
+        self._scopes = scopes
 
         # If no credentials are provided, then determine the appropriate
         # defaults.

grafeas/grafeas_v1/services/grafeas/transports/grpc.py

@@ -73,6 +73,7 @@ def __init__(
         client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None,
         quota_project_id: Optional[str] = None,
         client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO,
+        always_use_jwt_access: Optional[bool] = False,
     ) -> None:
         """Instantiate the transport.
 
@@ -113,6 +114,8 @@ def __init__(
                 API requests. If ``None``, then default info will be used.
                 Generally, you only need to set this if you're developing
                 your own client library.
+            always_use_jwt_access (Optional[bool]): Whether self signed JWT should
+                be used for service account credentials.
 
         Raises:
           google.auth.exceptions.MutualTLSChannelError: If mutual TLS transport
@@ -165,7 +168,7 @@ def __init__(
             scopes=scopes,
             quota_project_id=quota_project_id,
             client_info=client_info,
-            always_use_jwt_access=True,
+            always_use_jwt_access=always_use_jwt_access,
         )
 
         if not self._grpc_channel:

grafeas/grafeas_v1/services/grafeas/transports/grpc_asyncio.py

@@ -119,6 +119,7 @@ def __init__(
         client_cert_source_for_mtls: Callable[[], Tuple[bytes, bytes]] = None,
         quota_project_id=None,
         client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO,
+        always_use_jwt_access: Optional[bool] = False,
     ) -> None:
         """Instantiate the transport.
 
@@ -160,6 +161,8 @@ def __init__(
                 API requests. If ``None``, then default info will be used.
                 Generally, you only need to set this if you're developing
                 your own client library.
+            always_use_jwt_access (Optional[bool]): Whether self signed JWT should
+                be used for service account credentials.
 
         Raises:
             google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport
@@ -211,7 +214,7 @@ def __init__(
             scopes=scopes,
             quota_project_id=quota_project_id,
             client_info=client_info,
-            always_use_jwt_access=True,
+            always_use_jwt_access=always_use_jwt_access,
         )
 
         if not self._grpc_channel:

tests/unit/gapic/grafeas_v1/test_grafeas.py

@@ -3654,7 +3654,7 @@ def test_grafeas_grpc_transport_client_cert_source_for_mtls(transport_class):
             "squid.clam.whelk:443",
             credentials=cred,
             credentials_file=None,
-            scopes=(),
+            scopes=None,
             ssl_credentials=mock_ssl_channel_creds,
             quota_project_id=None,
             options=[
@@ -3738,7 +3738,7 @@ def test_grafeas_transport_channel_mtls_with_client_cert_source(transport_class)
                 "mtls.squid.clam.whelk:443",
                 credentials=cred,
                 credentials_file=None,
-                scopes=(),
+                scopes=None,
                 ssl_credentials=mock_ssl_cred,
                 quota_project_id=None,
                 options=[
@@ -3782,7 +3782,7 @@ def test_grafeas_transport_channel_mtls_with_adc(transport_class):
                 "mtls.squid.clam.whelk:443",
                 credentials=mock_cred,
                 credentials_file=None,
-                scopes=(),
+                scopes=None,
                 ssl_credentials=mock_ssl_cred,
                 quota_project_id=None,
                 options=[