Asymmetry in handling keyFilename vs. credentials

[kjin]

From the google-cloud README, it's stated that google-cloud can be initialized with either a keyFilename field containing a path to a key file, or a credentials field containing that key file's contents. However, it seems like the behavior when key file is passed in through the keyFilename or the credentials field in the implementation of getAuthClient differs.

• For key files whose contents are supplied through the credentials field, either a JWTClient or UserRefreshClient is constructed when credentials.type is "service_account" or "authorized_user" respectively.
• For key files whose paths are referenced through the keyFilename field, a JWTClient is created regardless of its contents.

In the latter case, any key file with the type field as "authorized_user" will cause an error (because it doesn't have a client_email field).

Would it be appropriate to have getAuthClient read the key file when keyFilename exists, and process its contents just as it would if the key file already populated the credentials field?

[stephenplusplus]

I don't believe this library can support "authorized_user" key files, which is why we short-circuit to a JWTClient. In the case where we get an object, calling fromJSON() seemed like the right way to create a client from google-auth-library, but maybe it should always create a JWTClient and call fromJSON() on that when we receive a credentials object?

However, if all of the methods in this library can work with other *Clients from google-auth-library, then we should definitely do your idea. Do you know if authorizeRequest(), getCredentials(), and getToken() work with non-JWTClient objects?

[kjin]

My understanding of how authorization works is limited, but it doesn't seem like it's possible to get the key and email fields from a UserRefreshClient, so authorizeRequest and getCredentials wouldn't work. In which case, it seems like the library should do the first thing you proposed (always create a JWTClient and call fromJSON() on that).

[stephenplusplus]

Cool, sounds good to me. Any interest in a PR?

[kjin]

Sure - incoming!