Correct Answer A
B and D are wrong because it is not allowed to store security information or keys in configuration files.
C is wrong because JSON Web Token (JWT) is an open standard that defines a compact and self-contained way for securely transmitting information between parties as a JSON object.
You may sign a JWT token with a service account key and exchange the signed JWT with Google with an oAuth2 procedure.