Missing the client_email option in the $config parameter of Client.php

[dj74]

Having the json credentials file of service accounts on the file system of web servers is a security vulnerability. We would like to pass the secrets from a vault and not from a file on file system.

Basically, this could be done via passing the values through the $config parameter in the constructor. However, the client_email option is missing there, while it is needed.

So, at this moment, we can only use the setAuthConfig to load the json credentials file. Ackward: there is also the function setAuthConfigFile, which is just acting as a wrapper function of setAuthConfig. I think it should have been implemented like this:

setAuthConfigFile -> taking the path and file name of the json credentials file, read the file content and decode the file content, pass the associative array (decoded json) to setAuthConfig function. The setAuthConfig should take an associative array and set the config values. Then it would be possible to pass an associative array with the values coming from a more secure source.

I think this is how it was meant to have been implemented. So, I think the current implementation may not be according to the original design (bug?)