feat: expose method to manually obtain ADC from gcloud CLI well-known… #1188
Conversation
TimurSadykov
added
the
kokoro:force-run
kokoro-team
removed
the
kokoro:force-run
| * @return the credentials, or null if not found | ||
| * @throws IOException if the credentials cannot be created in the current environment. | ||
| */ | ||
| public static GoogleCredentials getFromGcloudCliWellKnownFile() throws IOException { |
There was a problem hiding this comment.
Can we avoid having this?
With a path you can explicitly initialize a credential.
There was a problem hiding this comment.
We don't want to add public method here unless it has a wide use case.
There was a problem hiding this comment.
@TimurSadykov I modified the PR to expose the path only, using DefaultCredentialProvider.getWellKnownCredentialsFile().getAbsolutePath(). Our use case requires accessing a public method of this library
There was a problem hiding this comment.
@TimurSadykov If not a public method in GoogleCredentials, where would it make most sense to expose the path method?
| } | ||
|
|
||
| @VisibleForTesting | ||
| final GoogleCredentials tryGetFromWellKnownCredentialsFile(HttpTransportFactory transportFactory) |
There was a problem hiding this comment.
IIRC, we agreed on exposing the logic that returns the path, not the actual credential. This logic has some ADC-specific stuff, like printing warnings about user credentials, that you don't need.
There was a problem hiding this comment.
Seems like the getWellKnownCredentialsFile is what you need, or new method that encapsulates just the Path part of the File creation.
There was a problem hiding this comment.
I exposed a method to wrap getWellKnownCredentialsFile's path.
There was a problem hiding this comment.
You probably want to revert this change (as no longer needed) or cover it with tests... either works
…apis/google-auth-library-java into default-credential-expose
…apis/google-auth-library-java into default-credential-expose
| * @throws IOException if the credentials cannot be created in the current environment. | ||
| */ | ||
| public static String getWellKnownCredentialsPath() { | ||
| return defaultCredentialsProvider.getWellKnownCredentialsPath(); |
There was a problem hiding this comment.
This could backfire because here we rely on the fact that default credentials provider is static and always the same. This could change and if we decide to change it - this method will make things more complicated.
How about you move the logic of the getWellKnownCredentialsPath into a new public Utils class, like GoogleAuthUtils. (all the existing utils classes are internal and therefore private) IIUC the path logic is actually static. We already have some other public static methods that could be moved to the new Utils class as well.
There was a problem hiding this comment.
I created a GoogleAuthUtils with a getPath method that would use the default provider instance to resolve the path. It also has internal methods to use a test provider
| } | ||
|
|
||
| @VisibleForTesting | ||
| final GoogleCredentials tryGetFromWellKnownCredentialsFile(HttpTransportFactory transportFactory) |
There was a problem hiding this comment.
You probably want to revert this change (as no longer needed) or cover it with tests... either works
…apis/google-auth-library-java into default-credential-expose
Second attempt to fix #1181
This time using an approach validated by @TimurSadykov
It exposes a method in
GoogleCredentialsto manually obtain ADC from the well-known file (docs)