Backport to branch(3.10) : Fix to correctly validate authentication settings

[feeblefakie]

This is an automated backport of the following:

• Original PR: Fix to correctly validate authentication settings #222
• Backported commit: 5e29f90

Please merge this PR after all checks have passed.

[gemini-code-assist]

Summary of Changes

Hello @feeblefakie, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This backported pull request refines the authentication setting validation logic within the Ledger service, ensuring that the correct configuration parameters (like private keys for digital signatures or secret keys for HMAC) are present based on the chosen authentication method and whether the Auditor is enabled. This improves the robustness of the system's security configuration and provides clearer error messages for misconfigurations.

Highlights

• Refined Authentication Validation: The Ledger service now correctly validates whether a private key is provided when digital signature authentication is enabled, and a secret key for HMAC authentication, especially when the Auditor is also enabled.
• Improved Error Messaging: An error message related to invalid authentication settings between Ledger and Auditor has been updated to be more precise, guiding users to provide a private key for digital signature authentication.
• Documentation Clarity: Javadoc comments for authentication method properties in both client and ledger configurations have been updated to explicitly state that the authentication method must be consistent across clients and servers (Ledger/Auditor).
• Updated Test Coverage: New and modified integration and unit tests ensure the refined authentication validation logic works as expected for both digital signature and HMAC methods, covering various configuration scenarios.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point in your pull request via creating an issue comment (i.e. comment on the pull request page) using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in issue comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request correctly fixes a bug in the validation of authentication settings in LedgerConfig. The logic is updated to properly check for required keys based on the selected authentication method (digital signature or HMAC), which resolves the issue. The accompanying changes to error messages, unit tests, and integration tests are thorough and accurately reflect the fix. The code is now more robust and easier to understand. The changes look good and I have no further recommendations.