Use Env Var directly instead of through GoogleAuth() (#1202)

author: Tommaso Sciortino <[email protected]> 2025-06-18 17:24:46 -0700
committer: GitHub <[email protected]> 2025-06-18 17:24:46 -0700
commit: b49d55584e67d0f147fb0b7e3c9526c2e2ed5ad9 (patch)
tree: 814d8250dd4fbda7b3b0360a28e134ec7468b548 /packages/core/src/code_assist/oauth2.ts
parent: 8bc3b415c973794654d64d434949a93fb3239acb (diff)
1 files changed, 13 insertions, 3 deletions
diff --git a/packages/core/src/code_assist/oauth2.ts b/packages/core/src/code_assist/oauth2.ts
index 6527f957..3fbbd896 100644
--- a/packages/core/src/code_assist/oauth2.ts
+++ b/packages/core/src/code_assist/oauth2.ts
@@ -160,10 +160,20 @@ export function getAvailablePort(): Promise<number> {
 
 async function loadCachedCredentials(client: OAuth2Client): Promise<boolean> {
   try {
-    const creds = await fs.readFile(getCachedCredentialPath(), 'utf-8');
+    const keyFile =
+      process.env.GOOGLE_APPLICATION_CREDENTIALS || getCachedCredentialPath();
+
+    const creds = await fs.readFile(keyFile, 'utf-8');
     client.setCredentials(JSON.parse(creds));
-    // This will either return the existing token or refresh it.
-    await client.getAccessToken();
+
+    // This will verify locally that the credentials look good.
+    const { token } = await client.getAccessToken();
+    if (!token) {
+      return false;
+    }
+
+    // This will check with the server to see if it hasn't been revoked.
+    await client.getTokenInfo(token);
 
     return true;
   } catch (_) {
author	Tommaso Sciortino <[email protected]>	2025-06-18 17:24:46 -0700
committer	GitHub <[email protected]>	2025-06-18 17:24:46 -0700
commit	b49d55584e67d0f147fb0b7e3c9526c2e2ed5ad9 (patch)
tree	814d8250dd4fbda7b3b0360a28e134ec7468b548 /packages/core/src/code_assist/oauth2.ts
parent	8bc3b415c973794654d64d434949a93fb3239acb (diff)