Skip to content

Commit

Permalink
fix(auth): return error if envvar detected file returns an error (#10431
Browse files Browse the repository at this point in the history 
)

This matches the behaviour of the old library.
  • Loading branch information
@codyoss
codyoss authored Jun 25, 2024
1 parent 7ca4fa3 commit e52b9a7
Show file tree
Hide file tree
Showing 2 changed files with 19 additions and 3 deletions.
6 changes: 4 additions & 2 deletions auth/credentials/detect.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -80,9 +80,11 @@ func DetectDefault(opts *DetectOptions) (*auth.Credentials, error) {
return readCredentialsFile(opts.CredentialsFile, opts)
}
if filename := os.Getenv(credsfile.GoogleAppCredsEnvVar); filename != "" {
if creds, err := readCredentialsFile(filename, opts); err == nil {
return creds, err
creds, err := readCredentialsFile(filename, opts)
if err != nil {
return nil, err
}
return creds, nil
}

fileName := credsfile.GetWellKnownFileName()
Expand Down
16 changes: 15 additions & 1 deletion auth/credentials/detect_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -450,6 +450,20 @@ func TestDefaultCredentials_ServiceAccountKeySelfSigned_UniverseDomain(t *testin
}
}

func TestDefaultCredentials_ServiceAccountKey_NoFile(t *testing.T) {
t.Setenv(credsfile.GoogleAppCredsEnvVar, "/a/path/that/most/certainly/does/not/exist.json")
_, err := DetectDefault(&DetectOptions{
Scopes: []string{"https://www.googleapis.com/auth/cloud-platform"},
UseSelfSignedJWT: true,
})
if err == nil {
t.Fatal("DetectDefault() = nil error, expected non-nil error")
}
if !strings.Contains(err.Error(), "no such file or directory") {
t.Fatalf("got %v, want a does not exist error", err)
}
}

func TestDefaultCredentials_ClientCredentials(t *testing.T) {
ctx := context.Background()
b, err := os.ReadFile("../internal/testdata/clientcreds_installed.json")
Expand Down Expand Up @@ -667,7 +681,7 @@ func TestDefaultCredentials_ExternalAccountAuthorizedUserKey(t *testing.T) {
}

func TestDefaultCredentials_Fails(t *testing.T) {
t.Setenv(credsfile.GoogleAppCredsEnvVar, "nothingToSeeHere")
t.Setenv(credsfile.GoogleAppCredsEnvVar, "")
t.Setenv("HOME", "nothingToSeeHere")
t.Setenv("APPDATA", "nothingToSeeHere")
allowOnGCECheck = false
Expand Down

0 comments on commit e52b9a7

Please sign in to comment.