updates from PR review

Author: ldetmer

…anner/connection/MutableCredentials.java …le/cloud/spanner/MutableCredentials.javagoogle-cloud-spanner/src/main/java/com/google/cloud/spanner/connection/MutableCredentials.java renamed to google-cloud-spanner/src/main/java/com/google/cloud/spanner/MutableCredentials.java google-cloud-spanner/src/main/java/com/google/cloud/spanner/connection/MutableCredentials.java renamed to google-cloud-spanner/src/main/java/com/google/cloud/spanner/MutableCredentials.java

@@ -13,13 +13,13 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-package com.google.cloud.spanner.connection;
+package com.google.cloud.spanner;
 
 import com.google.auth.CredentialTypeForMetrics;
 import com.google.auth.Credentials;
 import com.google.auth.RequestMetadataCallback;
 import com.google.auth.oauth2.ServiceAccountCredentials;
-import com.google.cloud.spanner.SpannerOptions;
+
 import java.io.IOException;
 import java.net.URI;
 import java.util.List;
@@ -33,7 +33,7 @@
  * {@link ServiceAccountCredentials} instance.
  *
  * <p>This class is intended for scenarios where an application needs to replace the underlying
- * service account credentials for a long running Spanner Client.
+ * service account credentials for a long-running Spanner Client.
  *
  * <p>All operations inherited from {@link Credentials} are forwarded to the current delegate,
  * including request metadata retrieval and token refresh. Calling {@link
@@ -45,6 +45,7 @@ public class MutableCredentials extends Credentials {
   private volatile ServiceAccountCredentials delegate;
   private final Set<String> scopes;
 
+  /** Creates a MutableCredentials instance with default spanner scopes {@link SpannerOptions.SCOPES} */
   public MutableCredentials(ServiceAccountCredentials credentials) {
     this(credentials, SpannerOptions.SCOPES);
   }

google-cloud-spanner/src/main/java/com/google/cloud/spanner/SpannerOptions.java

@@ -128,7 +128,7 @@ public class SpannerOptions extends ServiceOptions<Spanner, SpannerOptions> {
   private static final String GOOGLE_DEFAULT_UNIVERSE = "googleapis.com";
   private static final String EXPERIMENTAL_HOST_PROJECT_ID = "default";
 
-  public static final ImmutableSet<String> SCOPES =
+  static final ImmutableSet<String> SCOPES =
       ImmutableSet.of(
           "https://www.googleapis.com/auth/spanner.admin",
           "https://www.googleapis.com/auth/spanner.data");

…r/connection/MutableCredentialsTest.java …loud/spanner/MutableCredentialsTest.javagoogle-cloud-spanner/src/test/java/com/google/cloud/spanner/connection/MutableCredentialsTest.java renamed to google-cloud-spanner/src/test/java/com/google/cloud/spanner/MutableCredentialsTest.java google-cloud-spanner/src/test/java/com/google/cloud/spanner/connection/MutableCredentialsTest.java renamed to google-cloud-spanner/src/test/java/com/google/cloud/spanner/MutableCredentialsTest.java

@@ -14,7 +14,7 @@
  * limitations under the License.
  */
 
-package com.google.cloud.spanner.connection;
+package com.google.cloud.spanner;
 
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertFalse;
@@ -29,10 +29,16 @@
 import com.google.auth.CredentialTypeForMetrics;
 import com.google.auth.RequestMetadataCallback;
 import com.google.auth.oauth2.ServiceAccountCredentials;
-import com.google.cloud.spanner.SpannerOptions;
+
 import java.io.IOException;
 import java.net.URI;
-import java.util.*;
+
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
 import java.util.concurrent.Executor;
 import org.junit.Test;
 import org.junit.runner.RunWith;

google-cloud-spanner/src/test/java/com/google/cloud/spanner/connection/it/ITMutableCredentialsTest.java

@@ -16,14 +16,19 @@
 
 package com.google.cloud.spanner.connection.it;
 
-import static org.junit.Assert.*;
+
+import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.fail;
 import static org.junit.Assume.assumeTrue;
 
 import com.google.auth.oauth2.GoogleCredentials;
 import com.google.auth.oauth2.ServiceAccountCredentials;
-import com.google.cloud.spanner.*;
+
+import com.google.cloud.spanner.SerialIntegrationTest;
+import com.google.cloud.spanner.Spanner;
+import com.google.cloud.spanner.SpannerOptions;
 import com.google.cloud.spanner.admin.instance.v1.InstanceAdminClient;
-import com.google.cloud.spanner.connection.MutableCredentials;
+import com.google.cloud.spanner.MutableCredentials;
 import com.google.spanner.admin.instance.v1.ProjectName;
 import java.io.IOException;
 import java.io.InputStream;
@@ -73,15 +78,15 @@ public void testMutableCredentialsUpdateAuthorizationForRunningClient() throws I
 
     SpannerOptions options =
         SpannerOptions.newBuilder()
-            .setEmulatorHost(
-                null) // this setting is required otherwise SpannerOptions overrides credentials to
-            // NoCredentials
+            // this setting is required in the scenario SPANNER_EMULATOR_HOST is set otherwise
+            // SpannerOptions overrides credentials to NoCredentials
+            .setEmulatorHost(null)
             .setCredentials(mutableCredentials)
             .build();
 
     ProjectName projectName = ProjectName.of(options.getProjectId());
     try (Spanner spanner = options.getService();
-        InstanceAdminClient instanceAdminClient = spanner.createInstanceAdminClient()) {
+         InstanceAdminClient instanceAdminClient = spanner.createInstanceAdminClient()) {
       instanceAdminClient.listInstances(projectName);
 
       // update mutableCredentials now to use an invalid credentials

google-cloud-spanner/src/test/resources/com/google/cloud/spanner/connection/test-key-missing-permissions.json

@@ -16,15 +16,13 @@
 
 package com.example.spanner;
 
-//[START mutable_credentials]
+// [START spanner_mutable_credentials]
 
 import com.google.auth.oauth2.ServiceAccountCredentials;
 import com.google.cloud.spanner.Spanner;
 import com.google.cloud.spanner.SpannerOptions;
 import com.google.cloud.spanner.admin.database.v1.DatabaseAdminClient;
 import com.google.cloud.spanner.connection.MutableCredentials;
-import com.google.spanner.admin.database.v1.DatabaseName;
-import com.google.spanner.admin.database.v1.GetDatabaseDdlResponse;
 import java.io.FileInputStream;
 import java.io.IOException;
 import java.nio.file.Files;
@@ -33,16 +31,16 @@
 import java.nio.file.attribute.FileTime;
 import java.util.concurrent.Executors;
 import java.util.concurrent.ScheduledExecutorService;
+import java.util.concurrent.ThreadFactory;
 import java.util.concurrent.TimeUnit;
 
 public class MutableCredentialsExample {
 
-
   static void createClientWithMutableCredentials() throws IOException {
     final String credentialsPath = "location_of_service_account_credential_json";
     Path path = Paths.get(credentialsPath);
     // Use an array to hold the mutable lastModifiedTime so it can be accessed in the lambda
-    FileTime[] lastModifiedTime = new FileTime[]{ Files.getLastModifiedTime(path) };
+    FileTime[] lastModifiedTime = new FileTime[] {Files.getLastModifiedTime(path)};
 
     // 1 - create service account credentials
     ServiceAccountCredentials serviceAccountCredentials;
@@ -54,32 +52,40 @@ static void createClientWithMutableCredentials() throws IOException {
     MutableCredentials mutableCredentials = new MutableCredentials(serviceAccountCredentials);
 
     // 3 - set credentials on your SpannerOptions builder to your mutableCredentials
-    SpannerOptions options = SpannerOptions.newBuilder()
-            .setCredentials(mutableCredentials)
-            .build();
+    SpannerOptions options = SpannerOptions.newBuilder().setCredentials(mutableCredentials).build();
 
-    // 4 - include logic for when to how your mutableCredentials
+    // 4 - include logic for when/how to update your mutableCredentials
     // In this example we'll use a SchedulerExecutorService to periodically check for updates
-    ScheduledExecutorService executorService = Executors.newSingleThreadScheduledExecutor();
-    executorService.scheduleAtFixedRate(() -> {
-      try {
-        FileTime currentModifiedTime = Files.getLastModifiedTime(path);
-        if (currentModifiedTime.compareTo(lastModifiedTime[0]) > 0) {
-          lastModifiedTime[0] = currentModifiedTime;
-          try (FileInputStream is = new FileInputStream(credentialsPath)) {
-            ServiceAccountCredentials credentials = ServiceAccountCredentials.fromStream(is);
-            mutableCredentials.updateCredentials(credentials);
-            System.out.println("Credentials rotated.");
+    ThreadFactory daemonThreadFactory =
+        runnable -> {
+          Thread thread = new Thread(runnable, "spanner-mutable-credentials-rotator");
+          thread.setDaemon(true);
+          return thread;
+        };
+    ScheduledExecutorService executorService =
+        Executors.newSingleThreadScheduledExecutor(daemonThreadFactory);
+    executorService.scheduleAtFixedRate(
+        () -> {
+          try {
+            FileTime currentModifiedTime = Files.getLastModifiedTime(path);
+            if (currentModifiedTime.compareTo(lastModifiedTime[0]) > 0) {
+              lastModifiedTime[0] = currentModifiedTime;
+              try (FileInputStream is = new FileInputStream(credentialsPath)) {
+                ServiceAccountCredentials credentials = ServiceAccountCredentials.fromStream(is);
+                mutableCredentials.updateCredentials(credentials);
+              }
+            }
+          } catch (IOException e) {
+            System.err.println("Failed to check or update credentials: " + e.getMessage());
           }
-        }
-      } catch (IOException e) {
-        System.err.println("Failed to check or update credentials: " + e.getMessage());
-      }
-    }, 15, 15, TimeUnit.MINUTES);
+        },
+        15,
+        15,
+        TimeUnit.MINUTES);
 
     // 5. Use the client
     try (Spanner spanner = options.getService();
-         DatabaseAdminClient databaseAdminClient = spanner.createDatabaseAdminClient()) {
+        DatabaseAdminClient databaseAdminClient = spanner.createDatabaseAdminClient()) {
       // Perform operations...
       // long running client operations will always use the latest credentials wrapped in
       // mutableCredentials
@@ -89,4 +95,4 @@ static void createClientWithMutableCredentials() throws IOException {
     }
   }
 }
-//[END mutable_credentials]
+// [END spanner_mutable_credentials]