From b49d55584e67d0f147fb0b7e3c9526c2e2ed5ad9 Mon Sep 17 00:00:00 2001
From: Tommaso Sciortino <sciortino@gmail.com>
Date: Wed, 18 Jun 2025 17:24:46 -0700
Subject: Use Env Var directly instead of through GoogleAuth() (#1202)

---
 packages/core/src/code_assist/oauth2.ts | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

(limited to 'packages/core/src/code_assist/oauth2.ts')

diff --git a/packages/core/src/code_assist/oauth2.ts b/packages/core/src/code_assist/oauth2.ts
index 6527f957..3fbbd896 100644
--- a/packages/core/src/code_assist/oauth2.ts
+++ b/packages/core/src/code_assist/oauth2.ts
@@ -160,10 +160,20 @@ export function getAvailablePort(): Promise<number> {
 
 async function loadCachedCredentials(client: OAuth2Client): Promise<boolean> {
   try {
-    const creds = await fs.readFile(getCachedCredentialPath(), 'utf-8');
+    const keyFile =
+      process.env.GOOGLE_APPLICATION_CREDENTIALS || getCachedCredentialPath();
+
+    const creds = await fs.readFile(keyFile, 'utf-8');
     client.setCredentials(JSON.parse(creds));
-    // This will either return the existing token or refresh it.
-    await client.getAccessToken();
+
+    // This will verify locally that the credentials look good.
+    const { token } = await client.getAccessToken();
+    if (!token) {
+      return false;
+    }
+
+    // This will check with the server to see if it hasn't been revoked.
+    await client.getTokenInfo(token);
 
     return true;
   } catch (_) {
-- 
cgit v1.2.3