DefaultCredentials is used to preload the credentials file, to determine which type of credentials should be loaded.
Reads the input json and determines which creds class to use.
# File lib/googleauth/default_credentials.rb, line 75 def self.determine_creds_class(json_key_io) json_key = MultiJson.load(json_key_io.read) key = 'type' raise "the json is missing the '#{key}' field" unless json_key.key?(key) type = json_key[key] case type when 'service_account' [json_key, ServiceAccountCredentials] when 'authorized_user' [json_key, UserRefreshCredentials] else raise "credentials type '#{type}' is not supported" end end
override Google::Auth::CredentialsLoader#make_creds to use the class determined by loading the json.
# File lib/googleauth/default_credentials.rb, line 48 def self.make_creds(options = {}) json_key_io, scope = options.values_at(:json_key_io, :scope) if json_key_io json_key, clz = determine_creds_class(json_key_io) clz.make_creds(json_key_io: StringIO.new(MultiJson.dump(json_key)), scope: scope) else clz = read_creds clz.make_creds(scope: scope) end end
# File lib/googleauth/default_credentials.rb, line 60 def self.read_creds env_var = CredentialsLoader::ACCOUNT_TYPE_VAR type = ENV[env_var] raise "#{env_var} is undefined in env" unless type case type when 'service_account' ServiceAccountCredentials when 'authorized_user' UserRefreshCredentials else raise "credentials type '#{type}' is not supported" end end