chore: Update ComputeEngineCredentials to retrieve the default service account when retrieving token

Author: lqiu96

oauth2_http/java/com/google/auth/oauth2/ComputeEngineCredentials.java

@@ -354,6 +354,12 @@ private String getUniverseDomainFromMetadata() throws IOException {
   /** Refresh the access token by getting it from the GCE metadata server */
   @Override
   public AccessToken refreshAccessToken() throws IOException {
+    // Retrieve the default service account email if MDS wasn't available during the constructor
+    if (serviceAccountEmail == null) {
+      serviceAccountEmail = getDefaultServiceAccount();
+      principal = serviceAccountEmail;
+    }
+
     HttpResponse response =
         getMetadataResponse(createTokenUrlWithScopes(), RequestType.ACCESS_TOKEN_REQUEST, true);
     int statusCode = response.getStatusCode();

oauth2_http/javatests/com/google/auth/oauth2/ComputeEngineCredentialsTest.java

@@ -387,6 +387,7 @@ public void create_scoped_correctMargins() {
   @Test
   public void getRequestMetadata_hasAccessToken() throws IOException {
     MockMetadataServerTransportFactory transportFactory = new MockMetadataServerTransportFactory();
+    transportFactory.transport.setServiceAccountEmail("[email protected]");
     ComputeEngineCredentials credentials =
         ComputeEngineCredentials.newBuilder().setHttpTransportFactory(transportFactory).build();
     Map<String, List<String>> metadata = credentials.getRequestMetadata(CALL_URI);
@@ -403,6 +404,7 @@ public void getRequestMetadata_hasAccessToken() throws IOException {
   public void getRequestMetadata_shouldInvalidateAccessTokenWhenScoped_newAccessTokenFromRefresh()
       throws IOException {
     MockMetadataServerTransportFactory transportFactory = new MockMetadataServerTransportFactory();
+    transportFactory.transport.setServiceAccountEmail("[email protected]");
     ComputeEngineCredentials credentials =
         ComputeEngineCredentials.newBuilder().setHttpTransportFactory(transportFactory).build();
     Map<String, List<String>> metadata = credentials.getRequestMetadata(CALL_URI);
@@ -423,6 +425,7 @@ public void getRequestMetadata_shouldInvalidateAccessTokenWhenScoped_newAccessTo
   public void getRequestMetadata_missingServiceAccount_throws() {
     MockMetadataServerTransportFactory transportFactory = new MockMetadataServerTransportFactory();
     transportFactory.transport.setStatusCode(HttpStatusCodes.STATUS_CODE_NOT_FOUND);
+    transportFactory.transport.setServiceAccountEmail("[email protected]");
     ComputeEngineCredentials credentials =
         ComputeEngineCredentials.newBuilder().setHttpTransportFactory(transportFactory).build();
     try {
@@ -440,6 +443,7 @@ public void getRequestMetadata_missingServiceAccount_throws() {
   public void getRequestMetadata_serverError_throws() {
     MockMetadataServerTransportFactory transportFactory = new MockMetadataServerTransportFactory();
     transportFactory.transport.setStatusCode(HttpStatusCodes.STATUS_CODE_SERVER_ERROR);
+    transportFactory.transport.setServiceAccountEmail("[email protected]");
     ComputeEngineCredentials credentials =
         ComputeEngineCredentials.newBuilder().setHttpTransportFactory(transportFactory).build();
     try {

oauth2_http/javatests/com/google/auth/oauth2/DefaultCredentialsProviderTest.java

@@ -305,6 +305,7 @@ public void getDefaultCredentials_appEngineSkipWorks_retrievesCloudShellCredenti
   @Test
   public void getDefaultCredentials_compute_providesToken() throws IOException {
     MockMetadataServerTransportFactory transportFactory = new MockMetadataServerTransportFactory();
+    transportFactory.transport.setServiceAccountEmail("[email protected]");
     TestDefaultCredentialsProvider testProvider = new TestDefaultCredentialsProvider();
 
     GoogleCredentials defaultCredentials = testProvider.getDefaultCredentials(transportFactory);