diff --git a/oauth2_http/java/com/google/auth/oauth2/DefaultCredentialsProvider.java b/oauth2_http/java/com/google/auth/oauth2/DefaultCredentialsProvider.java index b4cec3896..ad0db3727 100644 --- a/oauth2_http/java/com/google/auth/oauth2/DefaultCredentialsProvider.java +++ b/oauth2_http/java/com/google/auth/oauth2/DefaultCredentialsProvider.java @@ -87,6 +87,7 @@ class DefaultCredentialsProvider { + "SDK, you might receive a \"quota exceeded\" or \"API not enabled\" error. For " + "more information about service accounts, see " + "https://cloud.google.com/docs/authentication/."; + public static final String SUPPRESS_GCLOUD_CREDS_WARNING_ENV_VAR = "SUPPRESS_GCLOUD_CREDS_WARNING"; // These variables should only be accessed inside a synchronized block private GoogleCredentials cachedCredentials = null; @@ -211,8 +212,9 @@ private final GoogleCredentials getDefaultCredentialsUnsynchronized( } private void warnAboutProblematicCredentials(GoogleCredentials credentials) { - if (credentials instanceof UserCredentials && - ((UserCredentials)credentials).getClientId().equals(CLOUDSDK_CLIENT_ID)) { + if (credentials instanceof UserCredentials + && ((UserCredentials) credentials).getClientId().equals(CLOUDSDK_CLIENT_ID) + && !Boolean.parseBoolean(getEnv(SUPPRESS_GCLOUD_CREDS_WARNING_ENV_VAR))) { LOGGER.log(Level.WARNING, CLOUDSDK_CREDENTIALS_WARNING); } } diff --git a/oauth2_http/javatests/com/google/auth/oauth2/DefaultCredentialsProviderTest.java b/oauth2_http/javatests/com/google/auth/oauth2/DefaultCredentialsProviderTest.java index 4da117498..6fe9e9d0f 100644 --- a/oauth2_http/javatests/com/google/auth/oauth2/DefaultCredentialsProviderTest.java +++ b/oauth2_http/javatests/com/google/auth/oauth2/DefaultCredentialsProviderTest.java @@ -34,6 +34,7 @@ import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertNull; import static org.junit.Assert.assertSame; import static org.junit.Assert.assertTrue; import static org.junit.Assert.fail; @@ -465,6 +466,19 @@ public void flush() {} @Test public void getDefaultCredentials_wellKnownFile_logsGcloudWarning() throws IOException { + LogRecord message = getCredentialsAndReturnLogMessage(false); + assertNotNull(message); + assertEquals(Level.WARNING, message.getLevel()); + assertTrue(message.getMessage().contains("end user credentials from Google Cloud SDK")); + } + + @Test + public void getDefaultCredentials_wellKnownFile_suppressGcloudWarning() throws IOException { + LogRecord message = getCredentialsAndReturnLogMessage(true); + assertNull(message); + } + + private LogRecord getCredentialsAndReturnLogMessage(boolean suppressWarning) throws IOException { Logger logger = Logger.getLogger(DefaultCredentialsProvider.class.getName()); LogHandler handler = new LogHandler(); logger.addHandler(handler); @@ -477,16 +491,13 @@ public void getDefaultCredentials_wellKnownFile_logsGcloudWarning() throws IOExc File wellKnownFile = new File(cloudConfigDir, DefaultCredentialsProvider.WELL_KNOWN_CREDENTIALS_FILE); TestDefaultCredentialsProvider testProvider = new TestDefaultCredentialsProvider(); + testProvider.setEnv(DefaultCredentialsProvider.SUPPRESS_GCLOUD_CREDS_WARNING_ENV_VAR, Boolean.toString(suppressWarning)); testProvider.setProperty("os.name", "linux"); testProvider.setProperty("user.home", homeDir.getAbsolutePath()); testProvider.addFile(wellKnownFile.getAbsolutePath(), userStream); - testUserProvidesToken( testProvider, GCLOUDSDK_CLIENT_ID, USER_CLIENT_SECRET, REFRESH_TOKEN); - LogRecord message = handler.getRecord(); - assertNotNull(message); - assertEquals(Level.WARNING, message.getLevel()); - assertTrue(message.getMessage().contains("end user credentials from Google Cloud SDK")); + return handler.getRecord(); } private static File getTempDirectory() {