fix(auth): migrate credential storage to secret: scope#5154
Draft
caohy1988 wants to merge 2 commits intogoogle:mainfrom
Draft
fix(auth): migrate credential storage to secret: scope#5154caohy1988 wants to merge 2 commits intogoogle:mainfrom
caohy1988 wants to merge 2 commits intogoogle:mainfrom
Conversation
Introduce a new `secret:` prefix for session state keys that keeps sensitive data (tokens, credentials) in process memory only — never persisted to any storage backend and never logged by BQ Agent Analytics. - Add `State.SECRET_PREFIX` constant and wire it through `extract_state_delta()` so secret keys are excluded from all persistence buckets. - Add process-local cache and lifecycle helpers on `BaseSessionService` (_apply, _trim, _seed, _restore, _evict). - Update all four session services (InMemory, Database, Sqlite, VertexAI) to seed/restore/evict secret state on create/get/delete. - Harden BQ Agent Analytics redaction: redact `secret:*` keys and detect JSON-encoded blobs containing sensitive credential keys. - Accept `secret:` as a valid prefix in instruction template injection. - 32 new tests (unit + integration across all service types). Closes google#5112 (Phase 1) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA). View this failed invocation of the CLA check for more information. For the most up to date status, view the checks section at the bottom of the pull request. |
Collaborator
|
Response from ADK Triaging Agent Hello @caohy1988, thank you for your contribution! It looks like the Contributor License Agreement (CLA) check has failed. Before we can merge this PR, you'll need to sign the CLA. You can find more information and sign the CLA at https://cla.developers.google.com/. Thanks! |
adk-bot
added
the
services
caohy1988
force-pushed
the
feat/secret-state-scope-phase2
branch
from
2b46204 to
0f7856d
Compare
Migrate existing credential writers to use the `secret:` prefix so that OAuth tokens and credentials are never persisted to session storage backends. - Change BIGQUERY_TOKEN_CACHE_KEY to "secret:bigquery_token_cache" - Update SessionStateCredentialService.save_credential and load_credential to prefix credential_key with State.SECRET_PREFIX - Backward-compatible migration: load paths try the secret-prefixed key first, then fall back to the legacy unprefixed key. On fallback hit, the value is copied to the secret: key and the legacy key is set to None so it is cleared from persistent storage on the next state delta flush. - Use key-presence check (not truthiness) so explicit None in the secret-scoped key is respected and does not revive stale legacy credentials. Depends on google#5132 (Phase 1: secret: scope infrastructure) Closes google#5112 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
caohy1988
force-pushed
the
feat/secret-state-scope-phase2
branch
from
0f7856d to
0d01bf7
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Implements Phase 2 of the RFC in #5112: migrate existing credential writers to use the
secret:prefix so that OAuth tokens and credentials are never persisted to session storage backends.This is the change that actually eliminates the credential persistence bug — Phase 1 (#5132) established the framework, this PR uses it.
BIGQUERY_TOKEN_CACHE_KEY: changed from"bigquery_token_cache"to"secret:bigquery_token_cache"SessionStateCredentialService: bothsave_credentialandload_credentialnow prefixcredential_keywithState.SECRET_PREFIX_google_credentials.py: token cache read falls back to legacy unprefixed keyBackward compatibility & migration
No re-auth required. Load paths try the
secret:-prefixed key first, then fall back to the legacy unprefixed key. On fallback hit:secret:key (process-local, non-persistent)Noneso it is cleared from persistent storage on the next state delta flushThis ensures pre-existing plaintext credentials are actively removed from session backends, not just left in place.
Key-presence checks (not truthiness) are used so that an explicit
Nonein thesecret:key is respected and does not revive stale legacy credentials.Depends on
secret:scope infrastructure) — must merge firstTest plan
SessionStateCredentialServicetests pass (10 existing + 3 new)test_load_falls_back_to_legacy_unprefixed_key— verifies fallback read + migration (secret key populated, legacy key cleared)test_secret_key_takes_precedence_over_legacy— verifies secret-prefixed key wins when both existtest_explicit_none_secret_key_not_revived_by_legacy— verifies explicitNonein secret key is not overridden by stale legacy valueCloses #5112
🤖 Generated with Claude Code