feat: added system tests for the asyncIO auth changes and async id_token credentials

[anibadde]

PR # 3 for AsyncIO Auth Class changes

• Added in system tests paralleling existing regular system tests for the async implementation of the auth library and credentials
• Fixed Timeout Context Manager bug that enables connection to asynchronous resumable media implementation.
• Added in async id token credentials logic along with defaul, service account systems.
• Required for credential depending on existence/validity of service account file

[google-cla]

Thanks for your pull request. It looks like this may be your first contribution to a Google open source project (if not, look below for help). Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

📝 Please visit https://cla.developers.google.com/ to sign.

Once you've signed (or fixed any issues), please reply here with @googlebot I signed it! and we'll verify it.

---

What to do if you already signed the CLA

Individual signers

• It's possible we don't have your GitHub username or you're using a different email address on your commit. Check your existing CLA data and verify that your email is set on your git commits.

Corporate signers

• Your company has a Point of Contact who decides which employees are authorized to participate. Ask your POC to be added to the group of authorized contributors. If you don't know who your Point of Contact is, direct the Google project maintainer to go/cla#troubleshoot (Public version).
• The email used to register you as an authorized contributor must be the email used for the Git commit. Check your existing CLA data and verify that your email is set on your git commits.
• The email used to register you as an authorized contributor must also be attached to your GitHub account.

ℹ️ Googlers: Go here for more info.

[anibadde]

@googlebot I signed it!

[anibadde]

@googlebot I signed it!

[anibadde]

@googlebot I signed it!

[tritone]

Good progress! I think there's definitely some de-duplication that can happen in the nox and pytest configurations; @crwilcox might have more ideas. I'm also curious to hear other's thoughts on whether more system tests should be added.

[tritone]

Would this be the same for async?

[anibadde]

I made this specific request call sync as an async version of this would result in a substantial re-working of the compute_engine credentials classes (as the current design is not compatible with asynchronous http requests). My reasoning for this was that this authentication trace isn't used in storage, but we could open up an issue for it as a future modification to make for the auth library.

[crwilcox]

Please open a tracking bug

[anibadde]

Ok will do.

[tritone]

Is this a network op?

[anibadde]

Yes, response.data returns a stream coroutine, and therefore needs to be awaited in order to read the content of the response.

[tritone]

So it seems like this will require the data to be re-copied into system_tests_async/data as well? Could we avoid that by using the same data dir for both sets of system tests?

[anibadde]

I thought about this, since the data files aren't in the repository and are there for the user to run locally, I thought that it may make sense to leave this logic as is (without a dependency on the sync system tests) in case someone wanted to import the data files just for the async use case, similar to what I did when I was working on this and running tests locally. I think that regardless of whether we change the directory name, we would have to follow the steps in https://github.com/googleapis/google-auth-library-python/blob/master/CONTRIBUTING.rst to be able to run these tests.

I'm open to changing the directory if that would be better, but I thought it would be good to avoid the dependency in this case?

[tritone]

If these are copied from system_tests/conftest.py, could they be moved to the root conftest.py to de-duplicate?

[anibadde]

Same inter-dependency reasoning as above, open to changing if we are okay with having the dependency.

[tritone]

So I see 2 system tests in this file, and 1 for id token. Does the sync version have additional system tests that you did not copy? If so, why?

[anibadde]

The sync version also has 1 system test for id_token and 2 for service accounts, so a parallel code trace (same corresponding tests) are used here as in the sync system tests.