Allow setting authentication client for google-cloud libraries #1210
Description
PR 1207 will implement the capability to impersonate a service account. That is given a set of source credentials, the implementation will derive a new set of credentials which are eventually intended to call an underlying GCP API.
The implementation there surfaces an object which can be used to make direct REST api calls (see 28->51. However, there isn't an easy way to inject this type of a client into any existing google-cloud-* library set.
The only way to do that now is to create a placeholder client (see 57->72 and set that into a library which internally extracts the raw client fromthe placeholder/wraper object
Also, this workaround with the wrapped client will work for some google apis (eg, it will not work for Storage )
This FR is to
Construct a uniform surface to allow injecting authenticated clients into google-cloud-* libraries. Essentially, it shoud not be necessary to setup the intermediate placeholder/wrapper for the client and also the same final mechanism should work for all libraries (Storage)
Finally there are several flavors of 'clients':
which actually differ in the classes it using:
export class DownscopedClient extends AuthClient {
export class OAuth2Client extends AuthClient {
export class Impersonated extends OAuth2Client { which means the usage of these clients diverges (eg, i probably can't use a downscoped client into a google-cloud library even after this FR is done)