feat(Kotlin SDK): Iap kotlin sdk support

[MitchellGale]

This PR adds support for routing API requests through Identity-Aware Proxy. This is done by putting an OIDC token in the header as Proxy-Authorization: Bearer <token>. The OIDC is generated without IamCredentialsClient library

To use, users need to provide their iap_client_id and iap_service_account_email to the SDK's configuration payload.

        Map<String, String> lookerConfig = new HashMap<>();
        lookerConfig.put("base_url", "<Base_Url>");

        lookerConfig.put("kotlin_http_transport", "JAVA_NET");
        lookerConfig.put("client_id", "<Client_ID>");
        lookerConfig.put("client_secret", "<Client_Secret>");
        lookerConfig.put("iap_client_id", "<IAP_Client_ID>");
        lookerConfig.put("iap_service_account_email", "<IAP_Service_Account_Email>);
        
        ConfigurationProvider settings = ApiSettings.fromMap(lookerConfig);
        
        Transport transport = new Transport(settings);
        AuthSession session = new AuthSession(settings, transport);
        
        LookerSDK sdk = new LookerSDK(session);

iap_client_id is the OAuth client ID that was set-up when configuring the the identity-aware proxy.
iap_service_account_email is the service account that is authorized to bypass IAP.

[gemini-code-assist]

Code Review

This pull request replaces the use of the google-cloud-iamcredentials library with manual HTTP requests to the IAM API for fetching IAP tokens. The review highlights several critical issues: the current Gson version (2.8.5) is incompatible with the newly introduced JsonParser.parseString method, the fetchIapToken method lacks thread safety, and the manual construction of API requests introduces risks regarding URL encoding and JSON formatting. It is recommended to upgrade the Gson dependency, implement thread synchronization, and reconsider the use of the official SDK to ensure reliability and maintainability.

[MitchellGale]

/gemini review

[gemini-code-assist]

Code Review

This pull request replaces the Google Cloud IAM library with a manual implementation using the standard Java HttpClient and the Google Auth OAuth2 library to generate IAP tokens. It also updates the Gson dependency and introduces thread synchronization for token fetching. Feedback highlights a performance issue where configuration lookups are repeated unnecessarily when IAP is disabled, and suggests using the non-deprecated URLEncoder.encode method to avoid deprecation warnings.

[MitchellGale]

/gemini review

[gemini-code-assist]

Code Review

This pull request refactors IAP token retrieval by replacing the google-cloud-iamcredentials library with manual HTTP requests via java.net.http.HttpClient. It introduces thread-safe token fetching, a 5-minute expiration buffer, and updates the gson dependency. A potential NullPointerException was identified when accessing the Google access token, and a null-safe implementation was suggested to improve robustness.

[MitchellGale]

/gemini review

[gemini-code-assist]

Code Review

This pull request replaces the google-cloud-iamcredentials library with a manual implementation using Java's HttpClient to fetch IAP tokens. It also updates the gson dependency and introduces a synchronization mechanism and a 5-minute buffer for token expiration. Review feedback suggests using asynchronous HTTP requests to prevent blocking and implementing more specific error handling for JSON parsing to improve debuggability.

[gemini-code-assist]

The JsonParser.parseString method can throw a JsonSyntaxException if the response body is not valid JSON. While this is caught by the general catch (e: Exception) block, providing a more specific error message for JSON parsing failures would improve debuggability.