From b49d55584e67d0f147fb0b7e3c9526c2e2ed5ad9 Mon Sep 17 00:00:00 2001 From: Tommaso Sciortino Date: Wed, 18 Jun 2025 17:24:46 -0700 Subject: [PATCH] Use Env Var directly instead of through GoogleAuth() (#1202) --- packages/core/src/code_assist/codeAssist.ts | 13 +------------ packages/core/src/code_assist/oauth2.ts | 16 +++++++++++++--- packages/core/src/code_assist/server.ts | 4 ++-- packages/core/src/code_assist/setup.ts | 4 ++-- 4 files changed, 18 insertions(+), 19 deletions(-) diff --git a/packages/core/src/code_assist/codeAssist.ts b/packages/core/src/code_assist/codeAssist.ts index 92b53104..4b46f8b9 100644 --- a/packages/core/src/code_assist/codeAssist.ts +++ b/packages/core/src/code_assist/codeAssist.ts @@ -4,7 +4,6 @@ * SPDX-License-Identifier: Apache-2.0 */ -import { GoogleAuth, AuthClient } from 'google-auth-library'; import { ContentGenerator } from '../core/contentGenerator.js'; import { getOauthClient } from './oauth2.js'; import { setupUser } from './setup.js'; @@ -13,17 +12,7 @@ import { CodeAssistServer, HttpOptions } from './server.js'; export async function createCodeAssistContentGenerator( httpOptions: HttpOptions, ): Promise { - const authClient = await getAuthClient(); + const authClient = await getOauthClient(); const projectId = await setupUser(authClient); return new CodeAssistServer(authClient, projectId, httpOptions); } - -async function getAuthClient(): Promise { - try { - // Try for Application Default Credentials. - return await new GoogleAuth().getClient(); - } catch (_) { - // No Application Default Credentials so try Oauth. - return await getOauthClient(); - } -} diff --git a/packages/core/src/code_assist/oauth2.ts b/packages/core/src/code_assist/oauth2.ts index 6527f957..3fbbd896 100644 --- a/packages/core/src/code_assist/oauth2.ts +++ b/packages/core/src/code_assist/oauth2.ts @@ -160,10 +160,20 @@ export function getAvailablePort(): Promise { async function loadCachedCredentials(client: OAuth2Client): Promise { try { - const creds = await fs.readFile(getCachedCredentialPath(), 'utf-8'); + const keyFile = + process.env.GOOGLE_APPLICATION_CREDENTIALS || getCachedCredentialPath(); + + const creds = await fs.readFile(keyFile, 'utf-8'); client.setCredentials(JSON.parse(creds)); - // This will either return the existing token or refresh it. - await client.getAccessToken(); + + // This will verify locally that the credentials look good. + const { token } = await client.getAccessToken(); + if (!token) { + return false; + } + + // This will check with the server to see if it hasn't been revoked. + await client.getTokenInfo(token); return true; } catch (_) { diff --git a/packages/core/src/code_assist/server.ts b/packages/core/src/code_assist/server.ts index 4f8bb643..6663eda3 100644 --- a/packages/core/src/code_assist/server.ts +++ b/packages/core/src/code_assist/server.ts @@ -4,7 +4,7 @@ * SPDX-License-Identifier: Apache-2.0 */ -import { AuthClient } from 'google-auth-library'; +import { OAuth2Client } from 'google-auth-library'; import { LoadCodeAssistResponse, LoadCodeAssistRequest, @@ -45,7 +45,7 @@ export const CODE_ASSIST_API_VERSION = 'v1internal'; export class CodeAssistServer implements ContentGenerator { constructor( - readonly auth: AuthClient, + readonly auth: OAuth2Client, readonly projectId?: string, readonly httpOptions: HttpOptions = {}, ) {} diff --git a/packages/core/src/code_assist/setup.ts b/packages/core/src/code_assist/setup.ts index cd1b7ffe..c49a5efa 100644 --- a/packages/core/src/code_assist/setup.ts +++ b/packages/core/src/code_assist/setup.ts @@ -6,14 +6,14 @@ import { ClientMetadata, OnboardUserRequest } from './types.js'; import { CodeAssistServer } from './server.js'; -import { AuthClient } from 'google-auth-library'; +import { OAuth2Client } from 'google-auth-library'; /** * * @param projectId the user's project id, if any * @returns the user's actual project id */ -export async function setupUser(authClient: AuthClient): Promise { +export async function setupUser(authClient: OAuth2Client): Promise { const projectId = process.env.GOOGLE_CLOUD_PROJECT; const caServer = new CodeAssistServer(authClient, projectId);