* Refactor env var methods
Have the iteration return for the first match, instead of comparing
all elements and choosing the first one that matches.
* Combine file and json credentials detection
Allow an environment variable to contain either a file path
or JSON to describe the credentials.
This change matches how these variables are used in Google Cloud.
If no PATH_ENV_VARS were found Credentials.default would return an empty array.
Update each default lookup method to return nil if no match was found.
Fix call to from_default_paths method, was calling from_default_vars instead.
Add spec coverage for path, json, and default cases.
Add spec coverage for application_default case.
Fix spec coverage to check the return type from calling Credentials.default.
This version of ruby-jwt requires specification of the algorithm (see
jwt/ruby-jwt#184) for more information.
I've created a PR on signet to. That has to be merged before ruby-jwt
2.0 can be really used (see https://github.com/google/signet/pull/93).
Tested locally against ruby-jwt 2.0 and 1.5.6.
also:
* updated rubocop and applied styling
* made small test refactorings (using the expect block notation)
* made a small refactor to remove an unnecessary ``return credentials``
* bumped the version
The environment variables in the 'fails if env vars are set' test
were not actually being set because they used a nonexistent hash key
(which has the effect of unsetting the environment variable).
- ServiceAccountCredentials, ServiceAccountJwtHeaderCredentials
and UserRefreshCredentials initializers now take keyword args
via options hash.
- In `credentials_loader.rb`, refactored env var checking into
private methods
- Updated tests & added new tests.
- Fixed existing test for #from_well_known_path 'fails if
the file is invalid', where `from_env` was called instead of
`from_well_known_path`.
- Fixed rubocop errors I introduced, but two existing ones remain.
- Added entry to changelog.
- Fixed rubocop errors from code containing parallel assignments
- Updated rubocop_todo.yml to ignore parallel assignments and
trailing underscore assignments.
Currently the implementation does not verify that a 200 response is received
before attempting to parse the JSON response.
This PR updates the behaviour to fail with an authorization error, similar to
how other auth library implementations.
- if the ServiceAccountCredentials#apply is called when the scope is not set,
authentication with the equivalent ServiceAccountJwtHeaderCredentials instance
is attempted.