google-auth-library - npm Package Compare versions

Comparing version 7.9.2 to 7.10.0

build/src/auth/baseexternalclient.d.ts

		@@ -33,2 +33,3 @@ import { GaxiosOptions, GaxiosPromise, GaxiosResponse } from 'gaxios';
		quota_project_id?: string;
		workforce_pool_user_project?: string;
		}
		@@ -86,2 +87,4 @@ /**
		private readonly stsCredential;
		private readonly clientAuth?;
		private readonly workforcePoolUserProject?;
		projectId: string \| null;
		@@ -145,4 +148,5 @@ projectNumber: string \| null;
		* @return A promise that resolves with the project ID corresponding to the
		* current workload identity pool. When not determinable, this resolves with
		* null.
		* current workload identity pool or current workforce pool if
		* determinable. For workforce pool credential, it returns the project ID
		* corresponding to the workforcePoolUserProject.
		* This is introduced to match the current pattern of using the Auth
		@@ -149,0 +153,0 @@ * library:

build/src/auth/baseexternalclient.js

		@@ -48,2 +48,4 @@ "use strict";
		exports.CLOUD_RESOURCE_MANAGER = 'https://cloudresourcemanager.googleapis.com/v1/projects/';
		/** The workforce audience pattern. */
		const WORKFORCE_AUDIENCE_PATTERN = '//iam.googleapis.com/locations/[^/]+/workforcePools/[^/]+/providers/.+';
		/**
		@@ -74,3 +76,3 @@ * Base external account client. This is used to instantiate AuthClients for
		}
		const clientAuth = options.client_id
		this.clientAuth = options.client_id
		? {
		@@ -85,3 +87,3 @@ confidentialClientType: 'basic',
		}
		this.stsCredential = new sts.StsCredentials(options.token_url, clientAuth);
		this.stsCredential = new sts.StsCredentials(options.token_url, this.clientAuth);
		// Default OAuth scope. This could be overridden via public property.
		@@ -93,2 +95,9 @@ this.scopes = [DEFAULT_OAUTH_SCOPE];
		this.quotaProjectId = options.quota_project_id;
		this.workforcePoolUserProject = options.workforce_pool_user_project;
		const workforceAudiencePattern = new RegExp(WORKFORCE_AUDIENCE_PATTERN);
		if (this.workforcePoolUserProject &&
		!this.audience.match(workforceAudiencePattern)) {
		throw new Error('workforcePoolUserProject should not be set for non-workforce pool ' +
		'credentials.');
		}
		if (typeof options.service_account_impersonation_url !== 'undefined' &&
		@@ -179,4 +188,5 @@ !this.validateGoogleAPIsUrl('iamcredentials', options.service_account_impersonation_url)) {
		* @return A promise that resolves with the project ID corresponding to the
		* current workload identity pool. When not determinable, this resolves with
		* null.
		* current workload identity pool or current workforce pool if
		* determinable. For workforce pool credential, it returns the project ID
		* corresponding to the workforcePoolUserProject.
		* This is introduced to match the current pattern of using the Auth
		@@ -193,2 +203,3 @@ * library:
		async getProjectId() {
		const projectNumber = this.projectNumber \|\| this.workforcePoolUserProject;
		if (this.projectId) {
		@@ -198,3 +209,3 @@ // Return previously determined project ID.
		}
		else if (this.projectNumber) {
		else if (projectNumber) {
		// Preferable not to use request() to avoid retrial policies.
		@@ -204,3 +215,3 @@ const headers = await this.getRequestHeaders();
		headers,
		url: `${exports.CLOUD_RESOURCE_MANAGER}${this.projectNumber}`,
		url: `${exports.CLOUD_RESOURCE_MANAGER}${projectNumber}`,
		responseType: 'json',
		@@ -288,3 +299,8 @@ });
		// Exchange the external credentials for a GCP access token.
		const stsResponse = await this.stsCredential.exchangeToken(stsCredentialsOptions);
		// Client auth is prioritized over passing the workforcePoolUserProject
		// parameter for STS token exchange.
		const additionalOptions = !this.clientAuth && this.workforcePoolUserProject
		? { userProject: this.workforcePoolUserProject }
		: undefined;
		const stsResponse = await this.stsCredential.exchangeToken(stsCredentialsOptions, undefined, additionalOptions);
		if (this.serviceAccountImpersonationUrl) {
		@@ -291,0 +307,0 @@ this.cachedAccessToken = await this.getImpersonatedAccessToken(stsResponse.access_token);

build/src/auth/identitypoolclient.d.ts

		@@ -35,3 +35,4 @@ import { BaseExternalAccountClient, BaseExternalAccountClientOptions } from './baseexternalclient';
		* An error is thrown if the credential is not a valid file-sourced or
		* url-sourced credential.
		* url-sourced credential or a workforce pool user project is provided
		* with a non workforce audience.
		* @param options The external account options object typically loaded
		@@ -38,0 +39,0 @@ * from the external account JSON credential file.

build/src/auth/identitypoolclient.js

		@@ -37,3 +37,4 @@ "use strict";
		* An error is thrown if the credential is not a valid file-sourced or
		* url-sourced credential.
		* url-sourced credential or a workforce pool user project is provided
		* with a non workforce audience.
		* @param options The external account options object typically loaded
		@@ -40,0 +41,0 @@ * from the external account JSON credential file.

CHANGELOG.md

		@@ -7,2 +7,9 @@ # Changelog

		## [7.10.0](https://www.github.com/googleapis/google-auth-library-nodejs/compare/v7.9.2...v7.10.0) (2021-09-28)


		### Features

		* add workforce config support. ([#1251](https://www.github.com/googleapis/google-auth-library-nodejs/issues/1251)) ([fe29e38](https://www.github.com/googleapis/google-auth-library-nodejs/commit/fe29e384820f1c97ca62478c55813aad3f8ecbea))

		### [7.9.2](https://www.github.com/googleapis/google-auth-library-nodejs/compare/v7.9.1...v7.9.2) (2021-09-16)
		@@ -9,0 +16,0 @@

package.json

		{
		"name": "google-auth-library",
		"version": "7.9.2",
		"version": "7.10.0",
		"author": "Google Inc.",
		@@ -5,0 +5,0 @@ "description": "Google APIs Authentication Client Library for Node.js",

google-auth-library - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics