Enable self-signed JWT flow for v1beta2

Documentai uses a regional host (us-documentai.googleapis.com) as the default for v1beta2 so self-signed JWT cannot be used for v1beta2.

When the host is defined as documentai.googleapis.com re-enable the self-signed JWT flow.

For more context, see this doc(specifically "Handling of Regional Endpoints as the default host")

documentai used to listus-documentai.googleapis.com as the default endpoint for all of its versions. self-signed JWT needs to always use the global endpoint as the audience.

The default endpoint was changed to documentai.googleapis.com in this commit for documentai v1 and documentai v1beta3. An update to the documentai v1beta2 protos will allow the customizations in owlbot.py to also be removed.

python-documentai/owlbot.py

Lines 39 to 60 in e1e8fce

    
               s.replace(library / "google/cloud/documentai_v1beta2/**/base.py", 
        
                   """scopes_kwargs = \{"scopes": scopes, "default_scopes": cls\.AUTH_SCOPES\}""", 
        
                   """# Documentai uses a regional host (us-documentai.googleapis.com) as the default 
        
                       # so self-signed JWT cannot be used. 
        
                       # Intentionally pass default scopes as user scopes so the auth library 
        
                       # does not use the self-signed JWT flow. 
        
                       # https://github.com/googleapis/python-documentai/issues/174 
        
                       scopes_kwargs = {"scopes": scopes or cls.AUTH_SCOPES, "default_scopes": cls.AUTH_SCOPES}""") 
        
               s.replace(library / "tests/**/documentai_v1beta2/*.py", 
        
               """(@requires_google_auth_gte_1_25_0 
        
           def test_document_.*?_service_base_transport_with_credentials_file.*?)scopes=None,""", 
        
               """\g<1>scopes=("https://www.googleapis.com/auth/cloud-platform",),""", 
        
                   flags=re.MULTILINE | re.DOTALL, 
        
                   ) 
        
               s.replace(library / "tests/**/documentai_v1beta2/*.py", 
        
               """(@requires_google_auth_gte_1_25_0 
        
           def test_document_.*?_service_auth_adc.*?)scopes=None,""", 
        
               """\g<1>scopes=("https://www.googleapis.com/auth/cloud-platform",),""", 
        
                   flags=re.MULTILINE | re.DOTALL, 
        
                   )

	s.replace(library / "google/cloud/documentai_v1beta2/**/base.py",
	"""scopes_kwargs = \{"scopes": scopes, "default_scopes": cls\.AUTH_SCOPES\}""",
	"""# Documentai uses a regional host (us-documentai.googleapis.com) as the default
	# so self-signed JWT cannot be used.
	# Intentionally pass default scopes as user scopes so the auth library
	# does not use the self-signed JWT flow.
	# https://github.com/googleapis/python-documentai/issues/174
	scopes_kwargs = {"scopes": scopes or cls.AUTH_SCOPES, "default_scopes": cls.AUTH_SCOPES}""")

	s.replace(library / "tests/*/documentai_v1beta2/.py",
	"""(@requires_google_auth_gte_1_25_0
	def test_document_.?_service_base_transport_with_credentials_file.?)scopes=None,""",
	"""\g<1>scopes=("https://www.googleapis.com/auth/cloud-platform",),""",
	flags=re.MULTILINE \| re.DOTALL,
	)

	s.replace(library / "tests/*/documentai_v1beta2/.py",
	"""(@requires_google_auth_gte_1_25_0
	def test_document_.?_service_auth_adc.?)scopes=None,""",
	"""\g<1>scopes=("https://www.googleapis.com/auth/cloud-platform",),""",
	flags=re.MULTILINE \| re.DOTALL,
	)