Important: If you accept a credential configuration (credential JSON/File/Stream) from an - * external source for authentication to Google Cloud Platform, you must validate it before - * providing it to any Google API or library. Providing an unvalidated credential configuration to - * Google APIs can compromise the security of your systems and data. For more information, refer - * to {@link documentation}. + *
Important: This method does not validate the credential configuration. A security risk holds + * when a credential configuration is accepted from a source that is not under your control and + * used without validation on your side. + * + *
If you are loading your credential configuration from an untrusted source and have not + * mitigated the risks (e.g. by validating the configuration yourself), make these changes as soon + * as possible to prevent security risks to your environment. + * + *
Regardless of the method used, it is always your responsibility to validate configurations + * received from external sources. + * + *
See the {@link documentation} + * for more details. + * + *
Returns a credential defined by a Json file.
*
* @param credentialStream the stream with the credential definition.
* @return the credential defined by the credentialStream.
* @throws IOException if the credential cannot be created from the stream.
+ * @deprecated This method is being deprecated because of a potential security risk.
+ * Please use {@link GoogleCredentials instead.
*/
@Beta
+ @Deprecated
public static GoogleCredential fromStream(InputStream credentialStream) throws IOException {
return fromStream(credentialStream, Utils.getDefaultTransport(), Utils.getDefaultJsonFactory());
}
/**
* {@link Beta}
- * Return a credential defined by a Json file.
*
- *
Important: If you accept a credential configuration (credential JSON/File/Stream) from an - * external source for authentication to Google Cloud Platform, you must validate it before - * providing it to any Google API or library. Providing an unvalidated credential configuration to - * Google APIs can compromise the security of your systems and data. For more information, refer - * to {@link documentation}. + *
Important: This method does not validate the credential configuration. A security risk holds + * when a credential configuration is accepted from a source that is not under your control and + * used without validation on your side. + * + *
If you are loading your credential configuration from an untrusted source and have not + * mitigated the risks (e.g. by validating the configuration yourself), make these changes as soon + * as possible to prevent security risks to your environment. + * + *
Regardless of the method used, it is always your responsibility to validate configurations + * received from external sources. + * + *
See the {@link documentation} + * for more details. + * + *
Returns a credential defined by a Json file. * * @param credentialStream the stream with the credential definition. - * @param transport the transport for Http calls. - * @param jsonFactory the factory for Json parsing and formatting. * @return the credential defined by the credentialStream. * @throws IOException if the credential cannot be created from the stream. + * @deprecated This method is being deprecated because of a potential security risk. + * Please use {@link GoogleCredentials instead. */ @Beta + @Deprecated public static GoogleCredential fromStream( InputStream credentialStream, HttpTransport transport, JsonFactory jsonFactory) throws IOException {