func()

in auth/auth.go [275:305]

• 25 lines of code
• 6 McCabe index (conditional complexity)

func (c *Client) fleetWorkloadIdentity(ctx context.Context, cfg *config.MountConfig) (string, string, string, error) {
	const envVar = "GOOGLE_APPLICATION_CREDENTIALS"
	var jsonData []byte
	var err error
	if filename := os.Getenv(envVar); filename != "" {
		jsonData, err = os.ReadFile(filepath.Clean(filename))
		if err != nil {
			return "", "", "", fmt.Errorf("google: error getting credentials using %v environment variable: %v", envVar, err)
		}
	}

	// Parse jsonData as one of the other supported credentials files.
	var f credentialsFile
	if err := json.Unmarshal(jsonData, &f); err != nil {
		return "", "", "", err
	}

	if f.Type != externalAccountKey {
		return "", "", "", fmt.Errorf("google: unexpected credentials type: %v, expected: %v", f.Type, externalAccountKey)
	}

	split := strings.SplitN(f.Audience, ":", 3)
	if len(split) < 3 {
		// If the audience is not in the expected format, return the audience as the audience since this is likely a federated pool.
		return "", "", f.Audience, nil
	}
	idPool := split[1]
	idProvider := split[2]

	return idPool, idProvider, "", nil
}