oauth2: remove extra period

Change-Id: I369d3bed0e28427b1e1d416952c3766932ba3773
GitHub-Last-Rev: ca611fe
GitHub-Pull-Request: #724
Reviewed-on: https://go-review.googlesource.com/c/oauth2/+/587017
Auto-Submit: Ian Lance Taylor <iant@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Shin Fan <shinfan@google.com>
Reviewed-by: Ian Lance Taylor <iant@google.com>

oauth2: Deep copy context client in NewClient

OAuth2 client creation currently doesn't faithfully reuse the client
passed into the context. This causes config settings such as timeout to
be set to Default and may end up to be a gotcha for anyone who sends in
a context client with timeout set assuming that the timeout will be
copied to the new client.

Fix: #368
Change-Id: I4f5f052361ebe07f50fbd694379892833cd1056c
Reviewed-on: https://go-review.googlesource.com/c/oauth2/+/180920
Auto-Submit: Sean Liao <sean@liao.dev>
Reviewed-by: Sean Liao <sean@liao.dev>
Reviewed-by: Junyang Shao <shaojunyang@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Michael Pratt <mpratt@google.com>

jws: split token into fixed number of parts

Thanks to 'jub0bs' for reporting this issue.

Fixes #71490
Fixes CVE-2025-22868

Change-Id: I2552731f46d4907f29aafe7863c558387b6bd6e2
Reviewed-on: https://go-review.googlesource.com/c/oauth2/+/652155
Auto-Submit: Gopher Robot <gobot@golang.org>
Reviewed-by: Damien Neil <dneil@google.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>

google: add warning about externally-provided credentials

Change-Id: Ic2ce6e9c3ed735f4fc6d78a22cf0d5e95fca91a1
Reviewed-on: https://go-review.googlesource.com/c/oauth2/+/643158
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Sai Sunder Srinivasan <saisunder@google.com>
Run-TryBot: Cody Oss <codyoss@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Cody Oss <codyoss@google.com>

all: make method and struct comments match the names

Change-Id: I9fd025393acc12da59fdac1c416563324cd26af1
Reviewed-on: https://go-review.googlesource.com/c/oauth2/+/639695
Auto-Submit: Dmitri Shuralyov <dmitshur@golang.org>
Reviewed-by: Cherry Mui <cherryyz@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>

README: don't recommend go get

These days people will just import the packages and the go tool will
do the right thing. We don't need to explain it.

Add a pointer to the git repo, though.

For golang/go#62645

Change-Id: Ib6a6fb8989df8071b20d50de446d05b270c1f1ae
Reviewed-on: https://go-review.googlesource.com/c/oauth2/+/624195
Commit-Queue: Ian Lance Taylor <iant@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Cody Oss <codyoss@google.com>
Reviewed-by: Ian Lance Taylor <iant@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com>

x/oauth2: add Token.ExpiresIn

Fixes golang/go#61417

Change-Id: Ib8599f39b4839bf6eed021217350195ad36d1631
Reviewed-on: https://go-review.googlesource.com/c/oauth2/+/605955
Reviewed-by: Ian Lance Taylor <iant@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com>
Reviewed-by: Cherry Mui <cherryyz@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>

LICENSE: update per Google Legal

Very minor tweaks:
 - Remove (c) pseudosymbol.
 - Remove "All Rights Reserved."
 - Change "Google Inc." (no longer exists) to "Google LLC".

[git-generate]
echo '
,s/\(c\) //
,s/ All rights reserved.//
,s/Google Inc./Google LLC/
w
q
' | sam -d LICENSE

Change-Id: I75efc3e2705b75748034e46a093bb71cb40eee5b
Reviewed-on: https://go-review.googlesource.com/c/oauth2/+/598580
Auto-Submit: Russ Cox <rsc@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Ian Lance Taylor <iant@google.com>

google: update compute token refresh

The shortest MDS token cache time is 4 minutes. The refresh window is updated
to 3 minutes and 45 seconds to give the MDS time to update it's cache.

This should make slow refreshes less likely to cause failures.

Done in googleapis/google-cloud-go#9139 for the other auth library.

Change-Id: Ifa353248197d8998e6b0363d1f2821b45a0e6495
Reviewed-on: https://go-review.googlesource.com/c/oauth2/+/584815
Auto-Submit: Cody Oss <codyoss@google.com>
TryBot-Bypass: Cody Oss <codyoss@google.com>
Run-TryBot: Cody Oss <codyoss@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Cody Oss <codyoss@google.com>

oauth2: fix typo in comment

Change-Id: Ifc12ed36671d21e388c537c510a82be084e9ec99
GitHub-Last-Rev: a4da759
GitHub-Pull-Request: #720
Reviewed-on: https://go-review.googlesource.com/c/oauth2/+/580715
TryBot-Bypass: Cody Oss <codyoss@google.com>
Reviewed-by: Cody Oss <codyoss@google.com>
Reviewed-by: Joedian Reid <joedian@google.com>