Add user authentication to the ADC flow.

[jneem]

According to google's docs [1], the ADC strategy is

1. env variable
2. user credentials
3. metadata server

Currently, this crate does 1 and 3; this PR inserts 2 in there.

[1] https://cloud.google.com/docs/authentication/application-default-credentials

Note that this is a breaking change, and it also breaks the test for me locally because I have user credentials configured. Presumably the CI doesn't so I guess they'll succeed there? But this isn't great so I've marked it as a draft.

[dermesser]

Great idea! Apologies for the delayed feedback. Let me know when this is ready for review.

[jneem]

Thanks for the encouragement! I'm not really sure what the best approach is, but here's one attempt.

The issue is that ApplicationDefaultCredentialsAuthenticator's behavior is dependent on the system state, which isn't really great for unit testing. So what I've done is made the instance metadata fallback into its own authenticator and just tested that. So now each of the three components can be used on their own, or you can use ApplicationDefaultCredentialsAuthenticator to automatically choose one.

One downside of this is extra breakage because of some renaming.

[rafael-arreola]

Will this feature be released soon?