Environment details
- OS: Any (with application default credentials installed. E.g. GCE)
- Node.js version: Any
- npm version: Any
- google-cloud-node version: Head
Steps to reproduce
- require
google-cloud
- default initialize API
- Call getSignedUrl()
Expected: should work.
Actual: get error Failed to obtain signed URL for file { SigningError: Could not get credentials without a JSON, pem, or p12 keyfile}"
I took a bit of a dive into the code. google-cloud-node is using google-auto-auth, which is correctly returning the application default credential in this environment. Both getSignedPolicy and getSignedUrl call getCredential which only works if the developer provided a p12 or json service account file. Since Application Default Credentials are preferred where available, we should have a fallback to using authClient.getToken(). This can be used to call the signBlob API, which lets you do crypto with just an access token.
Environment details
Steps to reproduce
google-cloudExpected: should work.
Actual: get error
Failed to obtain signed URL for file { SigningError: Could not get credentials without a JSON, pem, or p12 keyfile}"I took a bit of a dive into the code.
google-cloud-nodeis usinggoogle-auto-auth, which is correctly returning the application default credential in this environment. BothgetSignedPolicyandgetSignedUrlcallgetCredentialwhich only works if the developer provided a p12 or json service account file. Since Application Default Credentials are preferred where available, we should have a fallback to usingauthClient.getToken(). This can be used to call the signBlob API, which lets you do crypto with just an access token.