feat!: Improve error handling when signing with the IAM service

BREAKING CHANGE: The ComputeCredential and ImpersonatedCredential SignBlobAsync methods will throw a GoogleApiException instead of a HttpRequestExtension. The GoogleApiException makes the HttpResponseMessage content available, which usually includes details about the error.

Author: amanda-tarafa

Src/Support/Google.Apis.Auth.Tests/OAuth2/ImpersonatedCredentialTests.cs

@@ -206,8 +206,8 @@ public async Task SignBlobAsync()
         public async Task SignBlobAsync_Failure()
         {
             var credential = CreateImpersonatedCredentialWithErrorResponse();
-            var ex = await Assert.ThrowsAsync<HttpRequestException>(() => credential.SignBlobAsync(Encoding.ASCII.GetBytes("toSign")));
-            Assert.Equal("Response status code does not indicate success: 404 (Not Found).", ex.Message);
+            var ex = await Assert.ThrowsAsync<GoogleApiException>(() => credential.SignBlobAsync(Encoding.ASCII.GetBytes("toSign")));
+            Assert.Equal(HttpStatusCode.NotFound, ex.HttpStatusCode);
         }
 
         [Fact]

Src/Support/Google.Apis.Auth/OAuth2/Requests/RequestExtensions.cs

@@ -18,7 +18,9 @@ limitations under the License.
 using Google.Apis.Json;
 using Google.Apis.Logging;
 using Google.Apis.Requests.Parameters;
+using Google.Apis.Responses;
 using Google.Apis.Util;
+using System;
 using System.Net.Http;
 using System.Net.Http.Headers;
 using System.Text;
@@ -51,7 +53,16 @@ internal static async Task<TResponse> PostJsonAsync<TResponse>(
             this object request, HttpClient httpClient, string url, CancellationToken cancellationToken)
         {
             var response = await request.PostJsonAsync(httpClient, url, cancellationToken).ConfigureAwait(false);
-            response.EnsureSuccessStatusCode();
+            if (!response.IsSuccessStatusCode)
+            {
+                var serviceHost = new Uri(url).Host;
+                var error = await response.DeserializeErrorAsync(serviceHost, NewtonsoftJsonSerializer.Instance).ConfigureAwait(false);
+                throw new GoogleApiException(serviceHost)
+                {
+                    Error = error,
+                    HttpStatusCode = response.StatusCode
+                };
+            }
             return await NewtonsoftJsonSerializer.Instance.DeserializeAsync<TResponse>(
                 await response.Content.ReadAsStreamAsync().ConfigureAwait(false), cancellationToken).ConfigureAwait(false);
         }

Src/Support/Google.Apis/Responses/HttpResponseMessageExtensions.cs

@@ -20,7 +20,11 @@
 
 namespace Google.Apis.Responses
 {
-    internal static class HttpResponseMessageExtensions
+    /// <summary>
+    /// Extension for <see cref="HttpResponseMessage"/> to help with parasing errors as returned
+    /// by some Google services.
+    /// </summary>
+    public static class HttpResponseMessageExtensions
     {
         /// <summary>
         /// Attempts to deserialize a <see cref="RequestError"/> from the <paramref name="response"/>.
@@ -34,9 +38,9 @@ internal static class HttpResponseMessageExtensions
         /// </list>
         /// Any exception thrown while reading the <paramref name="response"/> <see cref="HttpResponseMessage.Content"/>
         /// will be bubbled up.
-        /// Otherwie this method will returned the deserialized <see cref="RequestError"/>.
+        /// Otherwie this method will return the deserialized <see cref="RequestError"/>.
         /// </remarks>
-        internal static async Task<RequestError> DeserializeErrorAsync(this HttpResponseMessage response, string name, ISerializer serializer)
+        public static async Task<RequestError> DeserializeErrorAsync(this HttpResponseMessage response, string name, ISerializer serializer)
         {
             if (response?.Content is null)
             {