chore: Use json.load to read the config, instead of file.read and minor updates to docsting and indentation

agrawalradhika-cell · agrawalradhika-cell · commit 855173cb546b · 2025-10-30T08:59:59.000-07:00
Signed-off-by: Radhika Agrawal &lt;agrawalradhika@google.com&gt;
diff --git a/google/auth/transport/_mtls_helper.py b/google/auth/transport/_mtls_helper.py
@@ -408,7 +408,7 @@ def client_cert_callback():
     return crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey)
 
 def check_use_client_cert():
-  """Returns the effective value of use_client_cert to be used.
+  """Returns whether the client certificate should to be used for mTLS.
 
   Returns:
       str:
@@ -429,8 +429,9 @@ def check_use_client_cert():
     cert_path = os.getenv("GOOGLE_API_CERTIFICATE_CONFIG")
     if cert_path:
       with open(cert_path, "r") as f:
-        content = f.read()
-        if "workload" in content:
+        content = json.load(f)
+        print("content: ", content)
+        if "workload" in str(content):
           return "true"
     return "false"
   else:
diff --git a/google/auth/transport/grpc.py b/google/auth/transport/grpc.py
@@ -241,6 +241,8 @@ def my_client_cert_callback():
     Raises:
         google.auth.exceptions.MutualTLSChannelError: If mutual TLS channel
             creation failed for any reason.
+        google.auth.exceptions.ValueError: If invalid value is 
+        set for `GOOGLE_API_USE_CLIENT_CERTIFICATE`, i.e. not "true" or "false".
     """
     # Create the metadata plugin for inserting the authorization header.
     metadata_plugin = AuthMetadataPlugin(credentials, request)
@@ -256,7 +258,7 @@ def my_client_cert_callback():
 
     # If SSL credentials are not explicitly set, try client_cert_callback and ADC.
     if not ssl_credentials:
-	use_client_cert = _mtls_helper.check_use_client_cert()
+        use_client_cert = _mtls_helper.check_use_client_cert()
         if use_client_cert == "true" and client_cert_callback:
             # Use the callback if provided.
             cert, key = client_cert_callback()
@@ -293,7 +295,7 @@ class SslCredentials:
     """
 
     def __init__(self):
-	use_client_cert = _mtls_helper.check_use_client_cert()
+        use_client_cert = _mtls_helper.check_use_client_cert()
         if use_client_cert != "true":
             self._is_mtls = False
         else:
diff --git a/google/auth/transport/requests.py b/google/auth/transport/requests.py
@@ -444,8 +444,8 @@ def configure_mtls_channel(self, client_cert_callback=None):
             google.auth.exceptions.MutualTLSChannelError: If mutual TLS channel
                 creation failed for any reason.
         """
-	use_client_cert = _mtls_helper.check_use_client_cert()
-	if use_client_cert != "true":
+        use_client_cert = _mtls_helper.check_use_client_cert()
+        if use_client_cert != "true":
             self._is_mtls = False
             return
         try:
diff --git a/google/auth/transport/urllib3.py b/google/auth/transport/urllib3.py
@@ -335,8 +335,8 @@ def configure_mtls_channel(self, client_cert_callback=None):
             google.auth.exceptions.MutualTLSChannelError: If mutual TLS channel
                 creation failed for any reason.
         """
-	use_client_cert = _mtls_helper.check_use_client_cert()
-	if use_client_cert != "true":
+        use_client_cert = _mtls_helper.check_use_client_cert()
+        if use_client_cert != "true":
             return False
         try:
             import OpenSSL
