class Google::Auth::ServiceAccountJwtHeaderCredentials

def initialize options = {}
  json_key_io = options[:json_key_io]
  if json_key_io
    @private_key, @issuer, @project_id, @quota_project_id, @universe_domain =
      self.class.read_json_key json_key_io
  else
    @private_key = ENV[CredentialsLoader::PRIVATE_KEY_VAR]
    @issuer = ENV[CredentialsLoader::CLIENT_EMAIL_VAR]
    @project_id = ENV[CredentialsLoader::PROJECT_ID_VAR]
    @quota_project_id = nil
    @universe_domain = nil
  end
  @universe_domain ||= "googleapis.com"
  @project_id ||= CredentialsLoader.load_gcloud_project_id
  @signing_key = OpenSSL::PKey::RSA.new @private_key
  @scope = options[:scope]
end