google-auth-library
Advanced tools
Comparing version 8.0.3 to 8.1.0
@@ -64,2 +64,8 @@ export interface Credentials { | ||
} | ||
export interface ImpersonatedJWTInput { | ||
type?: string; | ||
source_credentials?: JWTInput; | ||
service_account_impersonation_url?: string; | ||
delegates?: string[]; | ||
} | ||
export interface CredentialBody { | ||
@@ -66,0 +72,0 @@ client_email?: string; |
@@ -6,3 +6,3 @@ /// <reference types="node" /> | ||
import { Compute } from './computeclient'; | ||
import { CredentialBody, JWTInput } from './credentials'; | ||
import { CredentialBody, ImpersonatedJWTInput, JWTInput } from './credentials'; | ||
import { IdTokenClient } from './idtokenclient'; | ||
@@ -146,2 +146,8 @@ import { GCPEnv } from './envDetect'; | ||
/** | ||
* Create a credentials instance using a given impersonated input options. | ||
* @param json The impersonated input object. | ||
* @returns JWT or UserRefresh Client with data | ||
*/ | ||
fromImpersonatedJSON(json: ImpersonatedJWTInput): Impersonated; | ||
/** | ||
* Create a credentials instance using the given input options. | ||
@@ -152,3 +158,3 @@ * @param json The input object. | ||
*/ | ||
fromJSON(json: JWTInput, options?: RefreshOptions): JSONClient; | ||
fromJSON(json: JWTInput | ImpersonatedJWTInput, options?: RefreshOptions): JSONClient; | ||
/** | ||
@@ -155,0 +161,0 @@ * Return a JWT or UserRefreshClient from JavaScript object, caching both the |
@@ -29,2 +29,3 @@ "use strict"; | ||
const refreshclient_1 = require("./refreshclient"); | ||
const impersonated_1 = require("./impersonated"); | ||
const externalclient_1 = require("./externalclient"); | ||
@@ -291,2 +292,37 @@ const baseexternalclient_1 = require("./baseexternalclient"); | ||
/** | ||
* Create a credentials instance using a given impersonated input options. | ||
* @param json The impersonated input object. | ||
* @returns JWT or UserRefresh Client with data | ||
*/ | ||
fromImpersonatedJSON(json) { | ||
var _a, _b, _c, _d; | ||
if (!json) { | ||
throw new Error('Must pass in a JSON object containing an impersonated refresh token'); | ||
} | ||
if (json.type !== impersonated_1.IMPERSONATED_ACCOUNT_TYPE) { | ||
throw new Error(`The incoming JSON object does not have the "${impersonated_1.IMPERSONATED_ACCOUNT_TYPE}" type`); | ||
} | ||
if (!json.source_credentials) { | ||
throw new Error('The incoming JSON object does not contain a source_credentials field'); | ||
} | ||
if (!json.service_account_impersonation_url) { | ||
throw new Error('The incoming JSON object does not contain a service_account_impersonation_url field'); | ||
} | ||
// Create source client for impersonation | ||
const sourceClient = new refreshclient_1.UserRefreshClient(json.source_credentials.client_id, json.source_credentials.client_secret, json.source_credentials.refresh_token); | ||
// Extreact service account from service_account_impersonation_url | ||
const targetPrincipal = (_b = (_a = /(?<target>[^/]+):generateAccessToken$/.exec(json.service_account_impersonation_url)) === null || _a === void 0 ? void 0 : _a.groups) === null || _b === void 0 ? void 0 : _b.target; | ||
if (!targetPrincipal) { | ||
throw new RangeError(`Cannot extract target principal from ${json.service_account_impersonation_url}`); | ||
} | ||
const targetScopes = (_c = this.getAnyScopes()) !== null && _c !== void 0 ? _c : []; | ||
const client = new impersonated_1.Impersonated({ | ||
delegates: (_d = json.delegates) !== null && _d !== void 0 ? _d : [], | ||
sourceClient: sourceClient, | ||
targetPrincipal: targetPrincipal, | ||
targetScopes: Array.isArray(targetScopes) ? targetScopes : [targetScopes], | ||
}); | ||
return client; | ||
} | ||
/** | ||
* Create a credentials instance using the given input options. | ||
@@ -307,2 +343,5 @@ * @param json The input object. | ||
} | ||
else if (json.type === impersonated_1.IMPERSONATED_ACCOUNT_TYPE) { | ||
client = this.fromImpersonatedJSON(json); | ||
} | ||
else if (json.type === baseexternalclient_1.EXTERNAL_ACCOUNT_TYPE) { | ||
@@ -335,2 +374,5 @@ client = externalclient_1.ExternalAccountClient.fromJSON(json, options); | ||
} | ||
else if (json.type === impersonated_1.IMPERSONATED_ACCOUNT_TYPE) { | ||
client = this.fromImpersonatedJSON(json); | ||
} | ||
else if (json.type === baseexternalclient_1.EXTERNAL_ACCOUNT_TYPE) { | ||
@@ -337,0 +379,0 @@ client = externalclient_1.ExternalAccountClient.fromJSON(json, options); |
@@ -44,2 +44,3 @@ /** | ||
} | ||
export declare const IMPERSONATED_ACCOUNT_TYPE = "impersonated_service_account"; | ||
export interface TokenResponse { | ||
@@ -46,0 +47,0 @@ accessToken: string; |
@@ -18,5 +18,6 @@ "use strict"; | ||
Object.defineProperty(exports, "__esModule", { value: true }); | ||
exports.Impersonated = void 0; | ||
exports.Impersonated = exports.IMPERSONATED_ACCOUNT_TYPE = void 0; | ||
const oauth2client_1 = require("./oauth2client"); | ||
const gaxios_1 = require("gaxios"); | ||
exports.IMPERSONATED_ACCOUNT_TYPE = 'impersonated_service_account'; | ||
class Impersonated extends oauth2client_1.OAuth2Client { | ||
@@ -23,0 +24,0 @@ /** |
@@ -7,2 +7,9 @@ # Changelog | ||
## [8.1.0](https://github.com/googleapis/google-auth-library-nodejs/compare/v8.0.3...v8.1.0) (2022-06-30) | ||
### Features | ||
* handle impersonated ADC ([#1425](https://github.com/googleapis/google-auth-library-nodejs/issues/1425)) ([835be89](https://github.com/googleapis/google-auth-library-nodejs/commit/835be89687c2dff19f34e8b55645d3d611339e14)) | ||
## [8.0.3](https://github.com/googleapis/google-auth-library-nodejs/compare/v8.0.2...v8.0.3) (2022-06-17) | ||
@@ -9,0 +16,0 @@ |
{ | ||
"name": "google-auth-library", | ||
"version": "8.0.3", | ||
"version": "8.1.0", | ||
"author": "Google Inc.", | ||
@@ -5,0 +5,0 @@ "description": "Google APIs Authentication Client Library for Node.js", |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
428288
7235