经过一些挖掘，部分归功于@JohnHanley，我设法使用google cloud oauth库代表一个拥有正确权限的人类用户验证了我的应用程序：

from google.cloud import secretmanager_v1beta1 as secretmanager
from google_auth_oauthlib import flow

SecretManagerAdminCreds = 'credentials.json'
LAUNCH_BROWSER = True


class SecretManagerAdmin:
    def __init__(self, project_id: str = "gcp_project_id",
                 scopes: list = ['https://www.googleapis.com/auth/cloud-platform']):
        self._scopes = scopes
        self._project_id = project_id

        appflow = flow.InstalledAppFlow.from_client_secrets_file(SecretManagerAdminCreds, scopes=self._scopes)

        if LAUNCH_BROWSER:
            appflow.run_local_server()
        else:
            appflow.run_console()

        authed_creds = appflow.credentials

        self.client = secretmanager.SecretManagerServiceClient(credentials=authed_creds)

当我创建SecretManagerAdmin类的实例时，一个浏览器会启动，并要求用户登录到google并确认应用程序的权限，然后返回第二组凭据，然后用于实例化应用程序使用的Secretmanager客户端