Introducing Socket Firewall: Free, Proactive Protection for Your Software Supply Chain.Learn More
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

@leonardodino/gtoken

Package Overview
Dependencies
Maintainers
1
Versions
3
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@leonardodino/gtoken

Node.js Google Authentication Service Account Tokens

latest
Source
npmnpm
Version
3.0.2
Version published
Maintainers
1
Created
Source

node-gtoken

NPM Version Build Status Dependency Status devDependency Status Known Vulnerabilities codecov style badge

Node.js Google Authentication Service Account Tokens

Installation

npm install @leonardodino/gtoken

or

yarn add @leonardodino/gtoken

Usage

const key = '-----BEGIN RSA PRIVATE KEY-----\nXXXXXXXXXXX...';
const { GoogleToken } = require('@leonardodino/gtoken');
const gtoken = new GoogleToken({
  email: 'my_service_account_email@developer.gserviceaccount.com',
  scope: ['https://scope1', 'https://scope2'], // or space-delimited string of scopes
  key: key
});

Options

Various options that can be set when creating initializing the gtoken object.

  • options.email or options.iss: The service account email address.
  • options.scope: An array of scope strings or space-delimited string of scopes.
  • options.sub: The email address of the user requesting delegated access.
  • options.key: The raw RSA private key value.

.getToken()

Returns the cached token or requests a new one and returns it.

gtoken.getToken(function(err, token) {
  if (err) {
    console.log(err);
    return;
  }
  console.log(token);
});

You can also use the async/await style API:

const token = await gtoken.getToken()
console.log(token);

Or use promises: or

gtoken.getToken()
  .then(token => {
    console.log(token)
  })
  .catch(e => console.error);

Properties

Various properties set on the gtoken object after call to .getToken().

  • gtoken.token: The access token.
  • gtoken.expiresAt: The expiry date as milliseconds since 1970/01/01
  • gtoken.key: The raw key value.
  • gtoken.rawToken: Most recent raw token data received from Google.

.hasExpired()

Returns true if the token has expired, or token does not exist.

gtoken.getToken(function(err, token) {
  if(token) {
    gtoken.hasExpired(); // false
  }
});

.revokeToken()

Revoke the token if set.

gtoken.revokeToken(function(err) {
  if (err) {
    console.log(err);
    return;
  }
  console.log('Token revoked!');
});

Changelog

2.0.0 -> 3.0.0

New features:

  • Fewer dependencies, code works everywhere.

Breaking changes:

  • remove support for reading files (keyFile option)
  • remove getCredentials method.
  • remove ensureEmail private method.

1.2.2 -> 2.0.0

New features:

  • API now supports callback and promise based workflows

Breaking changes:

  • GoogleToken is now a class type, and must be instantiated.
  • GoogleToken.expires_at renamed to GoogleToken.expiresAt
  • GoogleToken.raw_token renamed to GoogleToken.rawToken
  • GoogleToken.token_expires renamed to GoogleToken.tokenExpires

License

MIT

Keywords

google
service
account
api
token
auth

FAQs

Package last updated on 16 Oct 2018

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

ENISA’s 2025 Threat Landscape: AI Reshapes Cyber Attacks, from Phishing to Supply Chain Abuse

Security News

ENISA’s 2025 Threat Landscape: AI Reshapes Cyber Attacks, from Phishing to Supply Chain Abuse

ENISA’s 2025 Threat Landscape report highlights how AI is reshaping cyber attacks, driving phishing, model poisoning, and software supply chain risks.

By Sarah Gooding  -  Oct 16, 2025