Socket
Socket
Sign inDemoInstall

google-auth-library

Package Overview
Dependencies
Maintainers
2
Versions
149
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

google-auth-library - npm Package Compare versions

Comparing version 0.9.8 to 0.9.9

14

CHANGELOG.md

@@ -0,1 +1,11 @@

## 0.9.9 (10/14/2016)
### Changes
* Handle symlinks to default application credentials ([@JonathanPorta][])
* Add support for detecting project ID. ([@jmdobry][])
* Add support for array of valid audiences ([@gameleon-dev][])
* Fix devconsole links ([@mortonfox][])
* Update request ([@tbetbetbe][])
## 0.9.8 (05/10/2016)

@@ -60,1 +70,5 @@

[@jonparrot]: https://github.com/jonparrot
[@JonathanPorta]: https://github.com/JonathanPorta
[@jmdobry]: https://github.com/jmdobry
[@gameleon-dev]: https://github.com/gameleon-dev
[@mortonfox]: https://github.com/mortonfox

183

lib/auth/googleauth.js

@@ -21,2 +21,3 @@ /**

var ComputeClient = require('./computeclient.js');
var exec = require('child_process').exec;
var fs = require('fs');

@@ -106,2 +107,165 @@ var os = require('os');

/**
* Obtains the default project ID for the application..
* @param {function=} opt_callback Optional callback.
*/
GoogleAuth.prototype.getDefaultProjectId = function(opt_callback) {
var that = this;
// In implicit case, supports three environments. In order of precedence, the
// implicit environments are:
//
// * GCLOUD_PROJECT or GOOGLE_CLOUD_PROJECT environment variable
// * GOOGLE_APPLICATION_CREDENTIALS JSON file
// * Get default service project from
// ``$ gcloud beta auth application-default login``
// * Google App Engine application ID (Not implemented yet)
// * Google Compute Engine project ID (from metadata server) (Not implemented yet)
if (that._cachedProjectId) {
process.nextTick(function() {
callback(opt_callback, null, that._cachedProjectId);
});
} else {
var my_callback = function(err, projectId) {
if (!err && projectId) {
that._cachedprojectId = projectId;
}
process.nextTick(function() {
callback(opt_callback, err, projectId);
});
};
// environment variable
if (that._getProductionProjectId(my_callback)) {
return;
}
// json file
that._getFileProjectId(function(err, projectId) {
if (err || projectId) {
my_callback(err, projectId);
return;
}
// Google Cloud SDK default project id
that._getDefaultServiceProjectId(function(err, projectId) {
if (err || projectId) {
my_callback(err, projectId);
return;
}
// Get project ID from Compute Engine metadata server
that._getGCEProjectId(my_callback);
});
});
}
};
/**
* Loads the project id from environment variables.
* @param {function} _callback Callback.
* @api private
*/
GoogleAuth.prototype._getProductionProjectId = function(_callback) {
var projectId = this._getEnv('GCLOUD_PROJECT') || this._getEnv('GOOGLE_CLOUD_PROJECT');
if (projectId) {
process.nextTick(function() {
callback(_callback, null, projectId);
});
}
return projectId;
};
/**
* Loads the project id from the GOOGLE_APPLICATION_CREDENTIALS json file.
* @param {function} _callback Callback.
* @api private
*/
GoogleAuth.prototype._getFileProjectId = function(_callback) {
var that = this;
if (that._cachedCredential) {
// Try to read the project ID from the cached credentials file
process.nextTick(function() {
callback(_callback, null, that._cachedCredential.projectId);
});
return;
}
// Try to load a credentials file and read its project ID
var pathExists = that._tryGetApplicationCredentialsFromEnvironmentVariable(function(err, result) {
if (!err && result) {
callback(_callback, null, result.projectId);
return;
}
callback(_callback, err);
});
if (!pathExists) {
callback(_callback, null);
}
};
/**
* Loads the default project of the Google Cloud SDK.
* @param {function} _callback Callback.
* @api private
*/
GoogleAuth.prototype._getDefaultServiceProjectId = function(_callback) {
this._getSDKDefaultProjectId(function(err, stdout) {
var projectId;
if (!err && stdout) {
try {
projectId = JSON.parse(stdout).core.project;
} catch (err) {
projectId = null;
}
}
// Ignore any errors
callback(_callback, null, projectId);
});
};
/**
* Run the Google Cloud SDK command that prints the default project ID
* @param {function} _callback Callback.
* @api private
*/
GoogleAuth.prototype._getSDKDefaultProjectId = function(_callback) {
exec('gcloud -q config list core/project --format=json', _callback);
};
/**
* Gets the Compute Engine project ID if it can be inferred.
* Uses 169.254.169.254 for the metadata server to avoid request
* latency from DNS lookup.
* See https://cloud.google.com/compute/docs/metadata#metadataserver
* for information about this IP address. (This IP is also used for
* Amazon EC2 instances, so the metadata flavor is crucial.)
* See https://github.com/google/oauth2client/issues/93 for context about
* DNS latency.
*
* @param {function} _callback Callback.
* @api private
*/
GoogleAuth.prototype._getGCEProjectId = function(_callback) {
if (!this.transporter) {
this.transporter = new DefaultTransporter();
}
this.transporter.request({
method: 'GET',
uri: 'http://169.254.169.254/computeMetadata/v1/project/project-id',
headers: {
'Metadata-Flavor': 'Google'
}
}, function(err, body, res) {
if (err || !res || res.statusCode !== 200 || !body) {
callback(_callback, null);
return;
}
// Ignore any errors
callback(_callback, null, body);
});
};
/**
* Obtains the default service-level credentials for the application..

@@ -116,3 +280,3 @@ * @param {function=} opt_callback Optional callback.

process.nextTick(function() {
callback(opt_callback, null, that._cachedCredential);
callback(opt_callback, null, that._cachedCredential, that._cachedProjectId);
});

@@ -125,6 +289,13 @@ } else {

that._cachedCredential = result;
that.getDefaultProjectId(function(err, projectId) {
process.nextTick(function() {
// Ignore default project error
callback(opt_callback, null, result, projectId);
});
});
} else {
process.nextTick(function() {
callback(opt_callback, err, result);
});
}
process.nextTick(function() {
callback(opt_callback, err, result);
});
};

@@ -267,5 +438,9 @@ // Check for the existence of a local environment variable pointing to the

}
// Make sure there is a file at the path. lstatSync will throw if there is nothing there.
if (!error) {
try {
// Resolve path to actual file in case of symlink. Expect a thrown error if not resolvable.
filePath = fs.realpathSync(filePath);
if (!fs.lstatSync(filePath).isFile()) {

@@ -272,0 +447,0 @@ throw '';

1

lib/auth/jwtaccess.js

@@ -114,2 +114,3 @@ /**

that.key = json.private_key;
that.projectId = json.project_id;
done();

@@ -116,0 +117,0 @@ };

1

lib/auth/jwtclient.js

@@ -175,2 +175,3 @@ /**

that.key = json.private_key;
that.projectId = json.project_id;
done();

@@ -177,0 +178,0 @@ };

17

lib/auth/oauth2client.js

@@ -406,3 +406,3 @@ /**

* @param {string} idToken ID Token.
* @param {string} audience The audience to verify against the ID Token
* @param {(string|Array.<string>)} audience The audience to verify against the ID Token
* @param {function=} callback Callback supplying GoogleLogin if successful

@@ -479,3 +479,3 @@ */

* @param {array} certs The array of certs to test the jwt against.
* @param {string} requiredAudience The audience to test the jwt against.
* @param {(string|Array.<string>)} requiredAudience The audience to test the jwt against.
* @param {array} issuers The allowed issuers of the jwt (Optional).

@@ -566,5 +566,14 @@ * @param {string} maxExpiry The max expiry the certificate can be (Optional).

var aud = payload.aud;
if (aud !== requiredAudience) {
throw new Error('Wrong recipient, payload audience != requiredAudience');
var audVerified = false;
//If the requiredAudience is an array, check if it contains token audience
if(requiredAudience.constructor === Array)
{
audVerified = (requiredAudience.indexOf(aud) > -1);
}
else{
audVerified = (aud === requiredAudience);
}
if (!audVerified) {
throw new Error('Wrong recipient, payload audience != requiredAudience');
}
}

@@ -571,0 +580,0 @@

8

package.json
{
"name": "google-auth-library",
"version": "0.9.8",
"version": "0.9.9",
"author": "Google Inc.",

@@ -12,2 +12,6 @@ "description": "Google APIs Authentication Client Library for Node.js",

{
"name": "Jason Dobry",
"email": "jason.dobry@gmail.com"
},
{
"name": "Tim Emiola",

@@ -37,3 +41,3 @@ "email": "temiola@google.com"

"jws": "~3.0.0",
"request": "~2.60.0",
"request": "~2.74.0",
"string-template": "~0.2.0"

@@ -40,0 +44,0 @@ },

4

README.md

@@ -38,3 +38,3 @@ # Google APIs Node.js Client

JSON credentials for your project. Go to **APIs & Auth** > **Credentials** in
the [Google Developers Console](developer console) and select
the [Google Developers Console][devconsole] and select
**Service account** from the **Add credentials** dropdown.

@@ -52,3 +52,3 @@

enabled. Go to **APIs & Auth** > **APIs** in the
[Google Developers Console](developer console) and enable the APIs you'd like to
[Google Developers Console][devconsole] and enable the APIs you'd like to
call. For the example below, you must enable the `DNS API`.

@@ -55,0 +55,0 @@ 

.travis.yml

Sorry, the diff of this file is not supported yet

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc