Authentication examples incomplete

[cguess]

When trying to understand the authentication methods, the examples should probably use a different service due to the lack of scopes required for the current examples.

This refers specifically to https://github.com/GoogleCloudPlatform/ruby-docs-samples/blob/master/auth/auth.rb (and therefore https://cloud.google.com/docs/authentication/production).

In the example the following code is presented to create the service:

  require "google/cloud/storage"

  # If you don't specify credentials when constructing the client, the client
  # library will look for credentials in the environment.
  storage = Google::Cloud::Storage.new project: project_id

  # Make an authenticated API request
  storage.buckets.each do |bucket|

What is not mentioned, is that for most of the API's, unless the scopes are properly set, this fails. I'm unsure of the CloudStorage API (perhaps scopes are not required) but for most of the other API's this seems to be the case. For instance, using the Sheets API, the following fails (assuming that the .json key files are properly stored in a ENV variable):

    service = Google::Apis::SheetsV4::SheetsService.new
    range = "Class Data!A2:E"
    response = service.get_spreadsheet_values "some_sheet_id", range

However, the following works:

    service = Google::Apis::SheetsV4::SheetsService.new
    scopes =  ["https://www.googleapis.com/auth/spreadsheets"]
    service.authorization = Google::Auth.get_application_default(scopes)
    range = "Class Data!A2:E"
    response = service.get_spreadsheet_values "some_sheet_id", range

For those coming to Google's API's without prior experience, or limited understanding of the IAM systems this could lead to a very steep learning curve.

I'd recommend changing the given examples, or at least adding further notes concerning the use of scopes in calls.