feat: use self-signed JWTs if alwaysUseJWTAccessWithScope is true

src/auth/baseexternalclient.ts

@@ -126,6 +126,9 @@ export abstract class BaseExternalAccountClient extends AuthClient {
   public projectNumber: string | null;
   public readonly eagerRefreshThresholdMillis: number;
   public readonly forceRefreshOnFailure: boolean;
+  public useJWTAccessAlways?: boolean;
+  public defaultServicePath?: string;
+
 
   /**
    * Instantiate a BaseExternalAccountClient instance using the provided JSON

src/auth/refreshclient.ts

@@ -27,6 +27,8 @@ export class UserRefreshClient extends OAuth2Client {
   // In a future gts release, the _propertyName rule will be lifted.
   // This is also a hard one because `this.refreshToken` is a function.
   _refreshToken?: string | null;
+  public useJWTAccessAlways?: boolean;
+  public defaultServicePath?: string;
 
   /**
    * User Refresh Token credentials.

test/test.googleauth.ts

@@ -402,6 +402,20 @@ describe('googleauth', () => {
       assert.strictEqual(json.private_key, (result as JWT).key);
     });
 
+    it.only('fromJSON should set default access variable with private key', () => {
+      auth.useJWTAccessAlways = true;
+      const json = createJwtJSON();
+      const result = auth.fromJSON(json);
+      assert.ok(result.useJWTAccessAlways);
+    });
+
+    it.only('fromJSON should set default service path with private key', () => {
+      auth.defaultServicePath = 'a/b/c';
+      const json = createJwtJSON();
+      const result = auth.fromJSON(json);
+      assert.strictEqual(result.defaultServicePath, 'a/b/c');
+    });
+
     it('fromJSON should create JWT with null scopes', () => {
       const json = createJwtJSON();
       const result = auth.fromJSON(json);