Co-authored-by: Tres Seaver <[email protected]>

* chore: updated CHANGELOG.md [ci skip]

* chore: updated setup.cfg [ci skip]

* chore: updated setup.py

Co-authored-by: release-please[bot] <55107282+release-please[bot]@users.noreply.github.com>

Migrate signBlob from iam.googleapis.com to iamcredentials.googleapis.com.

This API is deprecated and will be shutdown in one year.

This is used google.auth.iam.Signer.
Added a system_test to sanity check the implementation.

Co-authored-by: release-please[bot] <55107282+release-please[bot]@users.noreply.github.com>

* This patch for </issues/501> includes the following fixes:

- The access token is always set to `None`, so the fix involves using (the access) `token` from the saved JSON credentials file.
- For refresh needs, `expiry` also needs to be saved via `to_json()`.
    - DUMP: As `expiry` is a `datetime.datetime` object, serialize to `datetime.isoformat()` in the same [`oauth2client` format](https://github.com/googleapis/oauth2client/blob/master/oauth2client/client.py#L55) for consistency.
    - LOAD: Add code to restore `expiry` back to `datetime.datetime` object when imported.
    - LOAD: If `expiry` was unsaved, automatically set it as expired so refresh takes place.
- Minor `scopes` updates
    - DUMP: Add property for `scopes` so `to_json()` can grab it
    - LOAD: `scopes` may be saved as a string instead of a JSON array (Python list), so ensure it is Sequence[str] when imported.

* feat: asyncio http request logic and asynchronous credentials logic  (#572)

Co-authored-by: Anirudh Baddepudi <[email protected]>

Co-authored-by: release-please[bot] <55107282+release-please[bot]@users.noreply.github.com>

Fix #618. Removes aiohttp from required dependencies to lessen dependency tree for google-auth.

This will need to be looked at again as more folks use aiohttp and once the surfaces goes to public visibility.

Co-authored-by: release-please[bot] <55107282+release-please[bot]@users.noreply.github.com>

Refs #595 (comment) 

I see no point in checking whether someone is running a version of https://github.com/pyca/cryptography/ from 2014 that doesn't even compile against modern versions of OpenSSL anymore.

Part of #579 

This helper is used with '?recursive=true' in one place, and can now be used by
IDTokenCredentials for requests with query parameters to the metadata identity
end-point.

This change will allow making requests to the token end-point with '?scopes=..'
query parameters.

Working around breaking change in 3.7.0.  See:

pnuckowski/aioresponses#173

…h) (#578)

* feat(python-library): changes to docs job

* feat(python-library): changes to docs job

* migrate to Trampoline V2
* add docs-presubmit job
* create docfx yaml files and upload them to another bucket

* remove redundant envvars

* add a failing test first

* fix TemplateSyntaxError: Missing end of comment tag

* serving_path is not needed any more

* use `raw` to make jinja happy

Source-Author: Takashi Matsuo <[email protected]>
Source-Date: Thu Jul 30 12:44:02 2020 -0700
Source-Repo: googleapis/synthtool
Source-Sha: 5dfda5621df45b71b6e88544ebbb53b1a8c90214
Source-Link: googleapis/synthtool@5dfda56

* fix(python-library): add missing changes

Source-Author: Takashi Matsuo <[email protected]>
Source-Date: Thu Jul 30 18:26:35 2020 -0700
Source-Repo: googleapis/synthtool
Source-Sha: 39b527a39f5cd56d4882b3874fc08eed4756cebe
Source-Link: googleapis/synthtool@39b527a

Co-authored-by: Tres Seaver <[email protected]>

Since c05b8b5 oauth2.id_token.verify_oauth2_token handles the issuer
check itself, so remove this redundant check from the docs.

…633)

This works for App Engine, Cloud Run and Flex. On Compute Engine you
can request custom scopes, but they are ignored.

Co-authored-by: Tres Seaver <[email protected]>
Co-authored-by: Bu Sun Kim <[email protected]>

This reverts commit 05f9524.

The compatibility bug was fixed in the aioresponses package version 0.7.1 - https://pypi.org/project/aioresponses/

Fixes #632

🤖 I have created a release \*beep\* \*boop\* 
---
## [1.23.0](https://www.github.com/googleapis/google-auth-library-python/compare/v1.22.1...v1.23.0) (2020-10-29)


### Features

* Add custom scopes for access tokens from the metadata service ([#633](https://www.github.com/googleapis/google-auth-library-python/issues/633)) ([0323cf3](https://www.github.com/googleapis/google-auth-library-python/commit/0323cf390b16e8483660ac88775e8ea4e7f7702d))


### Bug Fixes

* **deps:** Revert "fix: pin 'aoihttp < 3.7.0dev' ([#634](https://www.github.com/googleapis/google-auth-library-python/issues/634))" ([#632](https://www.github.com/googleapis/google-auth-library-python/issues/632)) ([#640](https://www.github.com/googleapis/google-auth-library-python/issues/640)) ([b790e65](https://www.github.com/googleapis/google-auth-library-python/commit/b790e6535cc37591b23866027a426cde312e07c1))
* pin 'aoihttp < 3.7.0dev' ([#634](https://www.github.com/googleapis/google-auth-library-python/issues/634)) ([05f9524](https://www.github.com/googleapis/google-auth-library-python/commit/05f95246fab928fe2f445781117eeac8088497fb))
* remove checks for ancient versions of Cryptography ([#596](https://www.github.com/googleapis/google-auth-library-python/issues/596)) ([6407258](https://www.github.com/googleapis/google-auth-library-python/commit/6407258956ec42e3b722418cb7f366e5ae9272ec)), closes [/github.com//issues/595#issuecomment-683903062](https://www.github.com/googleapis//github.com/googleapis/google-auth-library-python/issues/595/issues/issuecomment-683903062)
---


This PR was generated with [Release Please](https://github.com/googleapis/release-please).

`service_acccount` -> `service_account`.

Closes #650

Clock skew was changed in #581

Closes #654.

Add constraints file to test lower bounds

…ated credentials (#626)

Co-authored-by: Tres Seaver <[email protected]>

🤖 I have created a release \*beep\* \*boop\* 
---
## [1.24.0](https://www.github.com/googleapis/google-auth-library-python/compare/v1.23.0...v1.24.0) (2020-12-11)


### Features

* add Python 3.9 support, drop Python 3.5 support ([#655](https://www.github.com/googleapis/google-auth-library-python/issues/655)) ([6de753d](https://www.github.com/googleapis/google-auth-library-python/commit/6de753d585254c813b3e6cbde27bf5466261ba10)), closes [#654](https://www.github.com/googleapis/google-auth-library-python/issues/654)


### Bug Fixes

* avoid losing the original '_include_email' parameter in impersonated credentials ([#626](https://www.github.com/googleapis/google-auth-library-python/issues/626)) ([fd9b5b1](https://www.github.com/googleapis/google-auth-library-python/commit/fd9b5b10c80950784bd37ee56e32c505acb5078d))


### Documentation

* fix typo in import ([#651](https://www.github.com/googleapis/google-auth-library-python/issues/651)) ([3319ea8](https://www.github.com/googleapis/google-auth-library-python/commit/3319ea8ae876c73a94f51237b3bbb3f5df2aef89)), closes [#650](https://www.github.com/googleapis/google-auth-library-python/issues/650)
---


This PR was generated with [Release Please](https://github.com/googleapis/release-please).

* chore(python): skip docfx in main presubmit

* fix: properly template the repo name

Source-Author: Bu Sun Kim <[email protected]>
Source-Date: Fri Jan 8 10:32:13 2021 -0700
Source-Repo: googleapis/synthtool
Source-Sha: fb53b6fb373b7c3edf4e55f3e8036bc6d73fa483
Source-Link: googleapis/synthtool@fb53b6f

Source-Author: Bu Sun Kim <[email protected]>
Source-Date: Mon Jan 11 09:43:06 2021 -0700
Source-Repo: googleapis/synthtool
Source-Sha: 16ec872dd898d7de6e1822badfac32484b5d9031
Source-Link: googleapis/synthtool@16ec872