From 897d9734bb63a418a92d396e9d1c9e7335271f1b Mon Sep 17 00:00:00 2001
From: Andrew Gerrand <adg@golang.org>
Date: Wed, 2 Sep 2015 13:39:47 +1000
Subject: [PATCH] google: set token type on returned JWTAccessToken, tweak docs

Change-Id: Id83af8110c7c89ca5ffe793149230fa3f87a6baf
Reviewed-on: https://go-review.googlesource.com/14198
Reviewed-by: Dave Day <djd@golang.org>
---
 google/jwt.go | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/google/jwt.go b/google/jwt.go
index 25d1292..804d9d0 100644
--- a/google/jwt.go
+++ b/google/jwt.go
@@ -19,6 +19,10 @@ import (
 // requests, and returns a TokenSource that does not use any OAuth2 flow but
 // instead creates a JWT and sends that as the access token.
 // The audience is typically a URL that specifies the scope of the credentials.
+//
+// Note that this is not a standard OAuth flow, but rather an
+// optimization supported by a few Google services.
+// Unless you know otherwise, you should use JWTConfigFromJSON instead.
 func JWTAccessTokenSourceFromJSON(jsonKey []byte, audience string) (oauth2.TokenSource, error) {
 	cfg, err := JWTConfigFromJSON(jsonKey)
 	if err != nil {
@@ -63,5 +67,5 @@ func (ts *jwtAccessTokenSource) Token() (*oauth2.Token, error) {
 	if err != nil {
 		return nil, fmt.Errorf("google: could not encode JWT: %v", err)
 	}
-	return &oauth2.Token{AccessToken: msg}, nil
+	return &oauth2.Token{AccessToken: msg, TokenType: "Bearer"}, nil
 }