		@@ -21,7 +21,19 @@ import { GaxiosOptions, GaxiosPromise, GaxiosResponse } from 'gaxios';
		/**
		* The default cloud universe
		*/
		export declare const DEFAULT_UNIVERSE = "googleapis.com";
		export interface SharedExternalAccountClientOptions {
		audience: string;
		token_url: string;
		quota_project_id?: string;
		/**
		* universe domain is the default service domain for a given Cloud universe
		*/
		universe_domain?: string;
		}
		/**
		* Base external account credentials json interface.
		*/
		export interface BaseExternalAccountClientOptions {
		export interface BaseExternalAccountClientOptions extends SharedExternalAccountClientOptions {
		type: string;
		audience: string;
		subject_token_type: string;
		@@ -32,9 +44,6 @@ service_account_impersonation_url?: string;
		};
		token_url: string;
		token_info_url?: string;
		client_id?: string;
		client_secret?: string;
		quota_project_id?: string;
		workforce_pool_user_project?: string;
		universe_domain?: string;
		}
		@@ -95,3 +104,3 @@ /**
		private readonly workforcePoolUserProject?;
		private universeDomain?;
		universeDomain: string;
		projectId: string \| null;
		@@ -101,2 +110,4 @@ projectNumber: string \| null;
		readonly forceRefreshOnFailure: boolean;
		private readonly configLifetimeRequested;
		protected credentialSourceType?: string;
		/**
		@@ -219,3 +230,4 @@ * Instantiate a BaseExternalAccountClient instance using the provided JSON
		private getScopesArray;
		private getMetricsHeaderValue;
		}
		export {};

build/src/auth/baseexternalclient.js

		@@ -16,3 +16,3 @@ "use strict";
		Object.defineProperty(exports, "__esModule", { value: true });
		exports.BaseExternalAccountClient = exports.CLOUD_RESOURCE_MANAGER = exports.EXTERNAL_ACCOUNT_TYPE = exports.EXPIRATION_TIME_OFFSET = void 0;
		exports.BaseExternalAccountClient = exports.DEFAULT_UNIVERSE = exports.CLOUD_RESOURCE_MANAGER = exports.EXTERNAL_ACCOUNT_TYPE = exports.EXPIRATION_TIME_OFFSET = void 0;
		const stream = require("stream");
		@@ -48,4 +48,10 @@ const authclient_1 = require("./authclient");
		/** The workforce audience pattern. */
		const WORKFORCE_AUDIENCE_PATTERN = '//iam.googleapis.com/locations/[^/]+/workforcePools/[^/]+/providers/.+';
		const WORKFORCE_AUDIENCE_PATTERN = '//iam\\.googleapis\\.com/locations/[^/]+/workforcePools/[^/]+/providers/.+';
		// eslint-disable-next-line @typescript-eslint/no-var-requires
		const pkg = require('../../../package.json');
		/**
		* The default cloud universe
		*/
		exports.DEFAULT_UNIVERSE = 'googleapis.com';
		/**
		* Base external account client. This is used to instantiate AuthClients for
		@@ -70,4 +76,5 @@ * exchanging external account credentials for GCP access token and authorizing
		constructor(options, additionalOptions) {
		var _a, _b;
		var _a;
		super();
		this.universeDomain = exports.DEFAULT_UNIVERSE;
		if (options.type !== exports.EXTERNAL_ACCOUNT_TYPE) {
		@@ -101,3 +108,10 @@ throw new Error(`Expected "${exports.EXTERNAL_ACCOUNT_TYPE}" type but ` +
		this.serviceAccountImpersonationLifetime =
		(_b = (_a = options.service_account_impersonation) === null \|\| _a === void 0 ? void 0 : _a.token_lifetime_seconds) !== null && _b !== void 0 ? _b : DEFAULT_TOKEN_LIFESPAN;
		(_a = options.service_account_impersonation) === null \|\| _a === void 0 ? void 0 : _a.token_lifetime_seconds;
		if (this.serviceAccountImpersonationLifetime) {
		this.configLifetimeRequested = true;
		}
		else {
		this.configLifetimeRequested = false;
		this.serviceAccountImpersonationLifetime = DEFAULT_TOKEN_LIFESPAN;
		}
		// As threshold could be zero,
		@@ -116,3 +130,5 @@ // eagerRefreshThresholdMillis \|\| EXPIRATION_TIME_OFFSET will override the
		this.projectNumber = this.getProjectNumber(this.audience);
		this.universeDomain = options.universe_domain;
		if (options.universe_domain) {
		this.universeDomain = options.universe_domain;
		}
		}
		@@ -295,3 +311,6 @@ /** The service account email to be impersonated, if available. */
		: undefined;
		const stsResponse = await this.stsCredential.exchangeToken(stsCredentialsOptions, undefined, additionalOptions);
		const additionalHeaders = {
		'x-goog-api-client': this.getMetricsHeaderValue(),
		};
		const stsResponse = await this.stsCredential.exchangeToken(stsCredentialsOptions, additionalHeaders, additionalOptions);
		if (this.serviceAccountImpersonationUrl) {
		@@ -407,4 +426,12 @@ this.cachedAccessToken = await this.getImpersonatedAccessToken(stsResponse.access_token);
		}
		getMetricsHeaderValue() {
		const nodeVersion = process.version.replace(/^v/, '');
		const saImpersonation = this.serviceAccountImpersonationUrl !== undefined;
		const credentialSourceType = this.credentialSourceType
		? this.credentialSourceType
		: 'unknown';
		return `gl-node/${nodeVersion} auth/${pkg.version} google-byoid-sdk source/${credentialSourceType} sa-impersonation/${saImpersonation} config-lifetime/${this.configLifetimeRequested}`;
		}
		}
		exports.BaseExternalAccountClient = BaseExternalAccountClient;
		//# sourceMappingURL=baseexternalclient.js.map

build/src/auth/computeclient.d.ts

		@@ -17,3 +17,3 @@ import { GaxiosError } from 'gaxios';
		export declare class Compute extends OAuth2Client {
		private serviceAccountEmail;
		readonly serviceAccountEmail: string;
		scopes: string[];
		@@ -20,0 +20,0 @@ /**

build/src/auth/externalAccountAuthorizedUserClient.d.ts

		@@ -6,21 +6,19 @@ import { AuthClient } from './authclient';
		import { Credentials } from './credentials';
		import { SharedExternalAccountClientOptions } from './baseexternalclient';
		/**
		* The credentials JSON file type for external account authorized user clients.
		*/
		export declare const EXTERNAL_ACCOUNT_AUTHORIZED_USER_TYPE = "external_account_authorized_user";
		/**
		* External Account Authorized User Credentials JSON interface.
		*/
		export interface ExternalAccountAuthorizedUserClientOptions {
		export interface ExternalAccountAuthorizedUserClientOptions extends SharedExternalAccountClientOptions {
		type: typeof EXTERNAL_ACCOUNT_AUTHORIZED_USER_TYPE;
		audience: string;
		client_id: string;
		client_secret: string;
		refresh_token: string;
		token_url: string;
		token_info_url: string;
		revoke_url?: string;
		quota_project_id?: string;
		}
		/**
		* The credentials JSON file type for external account authorized user clients.
		*/
		export declare const EXTERNAL_ACCOUNT_AUTHORIZED_USER_TYPE = "external_account_authorized_user";
		/**
		* Internal interface for tracking the access token expiration time.
		@@ -41,2 +39,3 @@ */
		private refreshToken;
		universeDomain: string;
		/**
		@@ -43,0 +42,0 @@ * Instantiates an ExternalAccountAuthorizedUserClient instances using the

build/src/auth/externalAccountAuthorizedUserClient.js

		@@ -108,2 +108,3 @@ "use strict";
		super();
		this.universeDomain = baseexternalclient_1.DEFAULT_UNIVERSE;
		this.refreshToken = options.refresh_token;
		@@ -130,2 +131,5 @@ const clientAuth = {
		this.forceRefreshOnFailure = !!(additionalOptions === null \|\| additionalOptions === void 0 ? void 0 : additionalOptions.forceRefreshOnFailure);
		if (options.universe_domain) {
		this.universeDomain = options.universe_domain;
		}
		}
		@@ -132,0 +136,0 @@ async getAccessToken() {

build/src/auth/googleauth.d.ts

		@@ -94,2 +94,13 @@ /// <reference types="node" />
		static DefaultTransporter: typeof DefaultTransporter;
		/**
		* Configuration is resolved in the following order of precedence:
		* - {@link GoogleAuthOptions.credentials `credentials`}
		* - {@link GoogleAuthOptions.keyFilename `keyFilename`}
		* - {@link GoogleAuthOptions.keyFile `keyFile`}
		*
		* {@link GoogleAuthOptions.clientOptions `clientOptions`} are passed to the
		* {@link AuthClient `AuthClient`s}.
		*
		* @param opts
		*/
		constructor(opts?: GoogleAuthOptions<T>);
		@@ -99,4 +110,9 @@ setGapicJWTValues(client: JWT): void;
		* Obtains the default project ID for the application.
		* @param callback Optional callback
		* @returns Promise that resolves with project Id (if used without callback)
		*
		* Retrieves in the following order of precedence:
		* - The `projectId` provided in this object's construction
		* - GCLOUD_PROJECT or GOOGLE_CLOUD_PROJECT environment variable
		* - GOOGLE_APPLICATION_CREDENTIALS JSON file
		* - Cloud SDK: `gcloud config config-helper --format json`
		* - GCE project ID from metadata server
		*/
		@@ -242,4 +258,5 @@ getProjectId(): Promise<string>;
		/**
		* Automatically obtain a client based on the provided configuration. If no
		* options were passed, use Application Default Credentials.
		* Automatically obtain an {@link AuthClient `AuthClient`} based on the
		* provided configuration. If no options were passed, use Application
		* Default Credentials.
		*/
		@@ -246,0 +263,0 @@ getClient(): Promise<Compute \| JSONClient \| T>;

build/src/auth/googleauth.js

		@@ -45,2 +45,13 @@ "use strict";
		}
		/**
		* Configuration is resolved in the following order of precedence:
		* - {@link GoogleAuthOptions.credentials `credentials`}
		* - {@link GoogleAuthOptions.keyFilename `keyFilename`}
		* - {@link GoogleAuthOptions.keyFile `keyFile`}
		*
		* {@link GoogleAuthOptions.clientOptions `clientOptions`} are passed to the
		* {@link AuthClient `AuthClient`s}.
		*
		* @param opts
		*/
		constructor(opts) {
		@@ -611,4 +622,5 @@ /**
		/**
		* Automatically obtain a client based on the provided configuration. If no
		* options were passed, use Application Default Credentials.
		* Automatically obtain an {@link AuthClient `AuthClient`} based on the
		* provided configuration. If no options were passed, use Application
		* Default Credentials.
		*/
		@@ -615,0 +627,0 @@ async getClient() {

build/src/auth/identitypoolclient.js

		@@ -51,5 +51,14 @@ "use strict";
		this.headers = options.credential_source.headers;
		if (!this.file && !this.url) {
		throw new Error('No valid Identity Pool "credential_source" provided');
		if (this.file && this.url) {
		throw new Error('No valid Identity Pool "credential_source" provided, must be either file or url.');
		}
		else if (this.file && !this.url) {
		this.credentialSourceType = 'file';
		}
		else if (!this.file && this.url) {
		this.credentialSourceType = 'url';
		}
		else {
		throw new Error('No valid Identity Pool "credential_source" provided, must be either file or url.');
		}
		// Text is the default format type.
		@@ -56,0 +65,0 @@ this.formatType = ((_a = options.credential_source.format) === null \|\| _a === void 0 ? void 0 : _a.type) \|\| 'text';

build/src/auth/oauth2client.d.ts

		@@ -303,2 +303,6 @@ /// <reference types="node" />
		}
		export interface RefreshOptions {
		eagerRefreshThresholdMillis?: number;
		forceRefreshOnFailure?: boolean;
		}
		export interface OAuth2ClientOptions extends RefreshOptions {
		@@ -308,7 +312,4 @@ clientId?: string;
		redirectUri?: string;
		credentials?: Credentials;
		}
		export interface RefreshOptions {
		eagerRefreshThresholdMillis?: number;
		forceRefreshOnFailure?: boolean;
		}
		export declare class OAuth2Client extends AuthClient {
		@@ -315,0 +316,0 @@ private redirectUri?;

build/src/auth/oauth2client.js

		@@ -50,2 +50,3 @@ "use strict";
		this.forceRefreshOnFailure = !!opts.forceRefreshOnFailure;
		this.credentials = opts.credentials \|\| {};
		}
		@@ -52,0 +53,0 @@ /**

build/src/auth/pluggable-auth-client.js

		@@ -145,2 +145,3 @@ "use strict";
		});
		this.credentialSourceType = 'executable';
		}
		@@ -147,0 +148,0 @@ /**

build/src/index.d.ts

		import { GoogleAuth } from './auth/googleauth';
		export * as gcpMetadata from 'gcp-metadata';
		export { AuthClient } from './auth/authclient';
		@@ -3,0 +4,0 @@ export { Compute, ComputeOptions } from './auth/computeclient';

build/src/index.js

		"use strict";
		Object.defineProperty(exports, "__esModule", { value: true });
		exports.GoogleAuth = exports.auth = exports.DefaultTransporter = exports.PluggableAuthClient = exports.DownscopedClient = exports.BaseExternalAccountClient = exports.ExternalAccountClient = exports.IdentityPoolClient = exports.AwsClient = exports.UserRefreshClient = exports.LoginTicket = exports.OAuth2Client = exports.CodeChallengeMethod = exports.Impersonated = exports.JWT = exports.JWTAccess = exports.IdTokenClient = exports.IAMAuth = exports.GCPEnv = exports.Compute = exports.AuthClient = void 0;
		exports.GoogleAuth = exports.auth = exports.DefaultTransporter = exports.PluggableAuthClient = exports.DownscopedClient = exports.BaseExternalAccountClient = exports.ExternalAccountClient = exports.IdentityPoolClient = exports.AwsClient = exports.UserRefreshClient = exports.LoginTicket = exports.OAuth2Client = exports.CodeChallengeMethod = exports.Impersonated = exports.JWT = exports.JWTAccess = exports.IdTokenClient = exports.IAMAuth = exports.GCPEnv = exports.Compute = exports.AuthClient = exports.gcpMetadata = void 0;
		// Copyright 2017 Google LLC
		@@ -19,2 +19,3 @@ //
		Object.defineProperty(exports, "GoogleAuth", { enumerable: true, get: function () { return googleauth_1.GoogleAuth; } });
		exports.gcpMetadata = require("gcp-metadata");
		var authclient_1 = require("./auth/authclient");
		@@ -21,0 +22,0 @@ Object.defineProperty(exports, "AuthClient", { enumerable: true, get: function () { return authclient_1.AuthClient; } });

package.json

		{
		"name": "google-auth-library",
		"version": "9.0.0",
		"version": "9.1.0",
		"author": "Google Inc.",
		@@ -44,3 +44,3 @@ "description": "Google APIs Authentication Client Library for Node.js",
		"execa": "^5.0.0",
		"gts": "^3.1.1",
		"gts": "^5.0.0",
		"is-docker": "^2.0.0",
		@@ -61,3 +61,3 @@ "karma": "^6.0.0",
		"null-loader": "^4.0.0",
		"puppeteer": "^19.0.0",
		"puppeteer": "^21.0.0",
		"sinon": "^15.0.0",
		@@ -64,0 +64,0 @@ "ts-loader": "^8.0.0",

CHANGELOG.md

Sorry, the diff of this file is too big to display

README.md

Sorry, the diff of this file is too big to display

google-auth-library - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics

Worsened metrics