chore: Fix MDS check

Author: lqiu96

oauth2_http/java/com/google/auth/oauth2/ComputeEngineCredentials.java

@@ -222,8 +222,8 @@ private ComputeEngineCredentials(ComputeEngineCredentials.Builder builder) {
     this.bindingEnforcement = builder.getBindingEnforcement();
     this.name = GoogleCredentialsInfo.COMPUTE_ENGINE_CREDENTIALS.getCredentialName();
     try {
-      // Only do a passive check for MDS (do not make an MDS ping check during initialization)
-      if (checkStaticGceDetection(new DefaultCredentialsProvider())) {
+      if (builder.shouldCheckMDSOnInitialization
+          && shouldGetDefaultServiceAccountDuringInitialization()) {
         this.serviceAccountEmail = getDefaultServiceAccount();
         this.principal = this.serviceAccountEmail;
       }
@@ -696,6 +696,10 @@ public static Builder newBuilder() {
     return new Builder();
   }
 
+  static Builder newTestBuilder() {
+    return newBuilder().setShouldCheckMDSOnInitialization(false);
+  }
+
   /**
    * Returns the email address associated with the GCE default service account.
    *
@@ -747,6 +751,17 @@ public byte[] sign(byte[] toSign) {
     }
   }
 
+  /** This method is only intended to be called during initialization */
+  private boolean shouldGetDefaultServiceAccountDuringInitialization() throws IOException {
+    // Only check GCE is the user did not request a GCE skip via the Env Var. Otherwise, return
+    // immediately
+    if (!Boolean.parseBoolean(System.getenv(DefaultCredentialsProvider.NO_GCE_CHECK_ENV_VAR))) {
+      // Only do a passive check for MDS (do not make an MDS ping check during initialization)
+      return checkStaticGceDetection(new DefaultCredentialsProvider());
+    }
+    return false;
+  }
+
   private String getDefaultServiceAccount() throws IOException {
     HttpResponse response =
         getMetadataResponse(getServiceAccountsUrl(), RequestType.UNTRACKED, false);
@@ -788,6 +803,8 @@ public static class Builder extends GoogleCredentials.Builder {
     private GoogleAuthTransport transport;
     private BindingEnforcement bindingEnforcement;
 
+    private boolean shouldCheckMDSOnInitialization = true;
+
     protected Builder() {
       setRefreshMargin(COMPUTE_REFRESH_MARGIN);
       setExpirationMargin(COMPUTE_EXPIRATION_MARGIN);
@@ -851,6 +868,11 @@ public Builder setBindingEnforcement(BindingEnforcement bindingEnforcement) {
       return this;
     }
 
+    Builder setShouldCheckMDSOnInitialization(boolean shouldCheckMDSOnInitialization) {
+      this.shouldCheckMDSOnInitialization = shouldCheckMDSOnInitialization;
+      return this;
+    }
+
     public HttpTransportFactory getHttpTransportFactory() {
       return transportFactory;
     }