-
Notifications
You must be signed in to change notification settings - Fork 382
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Project Id detection fails when manually providing "credentials" option #983
Comments
@matthieusieben, Thank you for submitting this pull request! This is actually a bug that we're tracking across some libraries. @bcoe, do we know how we want to tackle this bug holistically? (I think its also related to this one) |
@sofisl assuming that the project ID is baked into the credentials file @matthieusieben is providing (@matthieusieben can you confirm this?), I think we should make an effort to reproduce the bug in this repository and see if we can't figure out how to pull in the project ID appropriately. Once we fix it in this library, it will potentially address the issue in upstream libraries that depend on it (like bigquery.) |
This is what the credentials look like (real values obfuscated): {
"type": "service_account",
"project_id": "my-app-name",
"private_key_id": "dab324234...",
"private_key": "-----BEGIN PRIVATE KEY-----\nXXX==\n-----END PRIVATE KEY-----\n",
"client_email": "[email protected]",
"client_id": "765434567876543456765456",
"auth_uri": "https://accounts.google.com/o/oauth2/auth",
"token_uri": "https://oauth2.googleapis.com/token",
"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
"client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/app-access%40my-app-name.iam.gserviceaccount.com"
} |
Hey @matthieusieben, thanks for creating this issue! I'm looking into implementing this feature request, but I was wondering if you could clarify your use case for me a bit. I'm curious why you're setting your credentials file to Moreover, if you wanted to you could also do something like this:
So I guess my question here is, is there a reason you need to put the JSON credentials in the Thanks in advance! Sofia |
Actually, I want to clarify something: it seems like it is a bug that we can't find the projectId from |
My use case is pretty simple: I instantiate the |
Consider the following code: const credentials = JSON.parse(process.env.GOOGLE_APPLICATION_KEY)
const datastore = new Datastore({
credentials,
projectId: credentials['project_id']
}) It feels weird because
|
I see - thanks for clarifying! So, I'm still a bit confused about why you want to use the Would this kind of code solve your use case? (assuming
This code currently doesn't work, due to this bug. But, I feel like this is a more appropriate solution, since Let me know if this would work for you, and I can get started on working on the bug I linked above (I will re-file it under this library, since it's an auth issue). |
Hi @matthieusieben, After lots of internal discussion, I think we've come up with a plan of attack for this bug:
Given that we'll need to explore Step 1, I am going to close your corresponding PR for the time being as we haven't yet cleared up what is intentional and what is by design. But, thanks to your comment and PR, we've uncovered some inconsistencies/bugs. So thank you! |
Environment details
google-auth-library
version: 6.0.1Steps to reproduce
Current workaround:
The text was updated successfully, but these errors were encountered: