module Google::Auth::ExternalAccount::ExternalAccountUtils

def project_id
  return @project_id unless @project_id.nil?
  project_number = self.project_number || @workforce_pool_user_project
  # if we missing either project number or scope, we won't retrieve project_id
  return nil if project_number.nil? || @scope.nil?
  url = "#{CLOUD_RESOURCE_MANAGER}#{project_number}"
  response = connection.get url do |req|
    req.headers["Authorization"] = "Bearer #{@access_token}"
    req.headers["Content-Type"] = "application/json"
  end
  if response.status == 200
    response_data = MultiJson.load response.body, symbolize_names: true
    @project_id = response_data[:projectId]
  end
  @project_id
end