class Google::Auth::Credentials

which overrides the SCOPE constant.
This class is intended to be inherited by API-specific classes

def self.default(options = {})

this method defaults to use the application default.
previously stated locations do not contain keyfile information,
evironment variables, json environment variables, default paths. If the
Returns the default credentials checking, in this order, the path env 
def self.default(options = {})
  scope = options[:scope]
  # First try to find keyfile file from environment variables.
  client = from_path_vars scope
  # Second try to find keyfile json from environment variables.
  client ||= from_json_vars scope
  # Third try to find keyfile file from known file paths.
  client ||= from_default_paths scope
  # Finally get instantiated client from Google::Auth
  client ||= from_application_default scope
  client
end

def self.from_application_default(scope) 

def self.from_application_default(scope)
  scope ||= self::SCOPE
  client = Google::Auth.get_application_default scope
  new client
end

def self.from_default_paths(scope) 

def self.from_default_paths(scope)
  self::DEFAULT_PATHS
    .select { |p| ::File.file? p }
    .each do |file|
      return new file, scope: scope
    end
  nil
end

def self.from_json_vars(scope) 

def self.from_json_vars(scope)
  json = lambda do |v|
    unless ENV[v].nil?
      begin
        JSON.parse ENV[v]
      rescue
        nil
      end
    end
  end
  self::JSON_ENV_VARS.map(&json).compact.each do |hash|
    return new hash, scope: scope
  end
  nil
end

def self.from_path_vars(scope) 

def self.from_path_vars(scope)
  self::PATH_ENV_VARS
    .map { |v| ENV[v] }
    .compact
    .select { |p| ::File.file? p }
    .each do |file|
      return new file, scope: scope
    end
  nil
end

def client_options(options) 

def client_options(options)
  # Keyfile options have higher priority over constructor defaults
  options['token_credential_uri'] ||= self.class::TOKEN_CREDENTIAL_URI
  options['audience'] ||= self.class::AUDIENCE
  options['scope'] ||= self.class::SCOPE
  # client options for initializing signet client
  { token_credential_uri: options['token_credential_uri'],
    audience: options['audience'],
    scope: Array(options['scope']),
    issuer: options['client_email'],
    signing_key: OpenSSL::PKey::RSA.new(options['private_key']) }
end

def init_client(keyfile)

Initializes the Signet client. 
def init_client(keyfile)
  client_opts = client_options keyfile
  Signet::OAuth2::Client.new client_opts
end

def initialize(keyfile, options = {}) 

def initialize(keyfile, options = {})
  scope = options[:scope]
  verify_keyfile_provided! keyfile
  if keyfile.is_a? Signet::OAuth2::Client
    @client = keyfile
  elsif keyfile.is_a? Hash
    hash = stringify_hash_keys keyfile
    hash['scope'] ||= scope
    @client = init_client hash
  else
    verify_keyfile_exists! keyfile
    json = JSON.parse ::File.read(keyfile)
    json['scope'] ||= scope
    @client = init_client json
  end
  CredentialsLoader.warn_if_cloud_sdk_credentials @client.client_id
  @client.fetch_access_token!
end

def stringify_hash_keys(hash)

returns a new Hash with string keys instead of symbol keys. 
def stringify_hash_keys(hash)
  Hash[hash.map { |k, v| [k.to_s, v] }]
end

def verify_keyfile_exists!(keyfile)

Verify that the keyfile argument is a file. 
def verify_keyfile_exists!(keyfile)
  exists = ::File.file? keyfile
  raise "The keyfile '#{keyfile}' is not a valid file." unless exists
end

def verify_keyfile_provided!(keyfile)

Verify that the keyfile argument is provided. 
def verify_keyfile_provided!(keyfile)
  return unless keyfile.nil?
  raise 'The keyfile passed to Google::Auth::Credentials.new was nil.'
end