google-auth-library
Advanced tools
google-auth-library - npm Package Compare versions
Comparing version 9.14.2 to 9.15.0
@@ -39,2 +39,5 @@ import { EventEmitter } from 'events'; | ||
| * The default service domain for a given Cloud universe. | ||
| * | ||
| * @example | ||
| * 'googleapis.com' | ||
| */ | ||
@@ -41,0 +44,0 @@ universe_domain: string; |
@@ -148,2 +148,13 @@ import { GaxiosOptions, GaxiosResponse } from 'gaxios'; | ||
| private getProjectIdOptional; | ||
| /** | ||
| * A private method for finding and caching a projectId. | ||
| * | ||
| * Supports environments in order of precedence: | ||
| * - GCLOUD_PROJECT or GOOGLE_CLOUD_PROJECT environment variable | ||
| * - GOOGLE_APPLICATION_CREDENTIALS JSON file | ||
| * - Cloud SDK: `gcloud config config-helper --format json` | ||
| * - GCE project ID from metadata server | ||
| * | ||
| * @returns projectId | ||
| */ | ||
| private findAndCacheProjectId; | ||
@@ -220,2 +231,4 @@ private getProjectIdAsync; | ||
| * Create a credentials instance using the given input options. | ||
| * This client is not cached. | ||
| * | ||
| * @param json The input object. | ||
@@ -222,0 +235,0 @@ * @param options The JWT or UserRefresh options for the client |
@@ -147,3 +147,3 @@ "use strict"; | ||
| } | ||
| /* | ||
| /** | ||
| * A private method for finding and caching a projectId. | ||
@@ -397,3 +397,3 @@ * | ||
| fromImpersonatedJSON(json) { | ||
| var _a, _b, _c, _d, _e; | ||
| var _a, _b, _c, _d; | ||
| if (!json) { | ||
@@ -411,5 +411,3 @@ throw new Error('Must pass in a JSON object containing an impersonated refresh token'); | ||
| } | ||
| // Create source client for impersonation | ||
| const sourceClient = new refreshclient_1.UserRefreshClient(); | ||
| sourceClient.fromJSON(json.source_credentials); | ||
| const sourceClient = this.fromJSON(json.source_credentials); | ||
| if (((_a = json.service_account_impersonation_url) === null || _a === void 0 ? void 0 : _a.length) > 256) { | ||
@@ -422,4 +420,4 @@ /** | ||
| } | ||
| // Extreact service account from service_account_impersonation_url | ||
| const targetPrincipal = (_c = (_b = /(?<target>[^/]+):generateAccessToken$/.exec(json.service_account_impersonation_url)) === null || _b === void 0 ? void 0 : _b.groups) === null || _c === void 0 ? void 0 : _c.target; | ||
| // Extract service account from service_account_impersonation_url | ||
| const targetPrincipal = (_c = (_b = /(?<target>[^/]+):(generateAccessToken|generateIdToken)$/.exec(json.service_account_impersonation_url)) === null || _b === void 0 ? void 0 : _b.groups) === null || _c === void 0 ? void 0 : _c.target; | ||
| if (!targetPrincipal) { | ||
@@ -429,13 +427,13 @@ throw new RangeError(`Cannot extract target principal from ${json.service_account_impersonation_url}`); | ||
| const targetScopes = (_d = this.getAnyScopes()) !== null && _d !== void 0 ? _d : []; | ||
| const client = new impersonated_1.Impersonated({ | ||
| return new impersonated_1.Impersonated({ | ||
| ...json, | ||
| delegates: (_e = json.delegates) !== null && _e !== void 0 ? _e : [], | ||
| sourceClient: sourceClient, | ||
| targetPrincipal: targetPrincipal, | ||
| sourceClient, | ||
| targetPrincipal, | ||
| targetScopes: Array.isArray(targetScopes) ? targetScopes : [targetScopes], | ||
| }); | ||
| return client; | ||
| } | ||
| /** | ||
| * Create a credentials instance using the given input options. | ||
| * This client is not cached. | ||
| * | ||
| * @param json The input object. | ||
@@ -442,0 +440,0 @@ * @param options The JWT or UserRefresh options for the client |
@@ -107,3 +107,4 @@ /** | ||
| * @param blobToSign String to sign. | ||
| * @return <SignBlobResponse> denoting the keyyID and signedBlob in base64 string | ||
| * | ||
| * @returns A {@link SignBlobResponse} denoting the keyID and signedBlob in base64 string | ||
| */ | ||
@@ -110,0 +111,0 @@ sign(blobToSign: string): Promise<SignBlobResponse>; |
@@ -21,2 +21,3 @@ "use strict"; | ||
| const gaxios_1 = require("gaxios"); | ||
| const util_1 = require("../util"); | ||
| exports.IMPERSONATED_ACCOUNT_TYPE = 'impersonated_service_account'; | ||
@@ -70,3 +71,13 @@ class Impersonated extends oauth2client_1.OAuth2Client { | ||
| this.lifetime = (_e = options.lifetime) !== null && _e !== void 0 ? _e : 3600; | ||
| this.endpoint = (_f = options.endpoint) !== null && _f !== void 0 ? _f : 'https://iamcredentials.googleapis.com'; | ||
| const usingExplicitUniverseDomain = !!(0, util_1.originalOrCamelOptions)(options).get('universe_domain'); | ||
| if (!usingExplicitUniverseDomain) { | ||
| // override the default universe with the source's universe | ||
| this.universeDomain = this.sourceClient.universeDomain; | ||
| } | ||
| else if (this.sourceClient.universeDomain !== this.universeDomain) { | ||
| // non-default universe and is not matching the source - this could be a credential leak | ||
| throw new RangeError(`Universe domain ${this.sourceClient.universeDomain} in source credentials does not match ${this.universeDomain} universe domain set for impersonated credentials.`); | ||
| } | ||
| this.endpoint = | ||
| (_f = options.endpoint) !== null && _f !== void 0 ? _f : `https://iamcredentials.${this.universeDomain}`; | ||
| } | ||
@@ -78,3 +89,4 @@ /** | ||
| * @param blobToSign String to sign. | ||
| * @return <SignBlobResponse> denoting the keyyID and signedBlob in base64 string | ||
| * | ||
| * @returns A {@link SignBlobResponse} denoting the keyID and signedBlob in base64 string | ||
| */ | ||
@@ -158,3 +170,3 @@ async sign(blobToSign) { | ||
| async fetchIdToken(targetAudience, options) { | ||
| var _a; | ||
| var _a, _b; | ||
| await this.sourceClient.getAccessToken(); | ||
@@ -167,2 +179,3 @@ const name = `projects/-/serviceAccounts/${this.targetPrincipal}`; | ||
| includeEmail: (_a = options === null || options === void 0 ? void 0 : options.includeEmail) !== null && _a !== void 0 ? _a : true, | ||
| useEmailAzp: (_b = options === null || options === void 0 ? void 0 : options.includeEmail) !== null && _b !== void 0 ? _b : true, | ||
| }; | ||
@@ -169,0 +182,0 @@ const res = await this.sourceClient.request({ |
@@ -44,2 +44,8 @@ import * as stream from 'stream'; | ||
| private fromStreamAsync; | ||
| /** | ||
| * Create a UserRefreshClient credentials instance using the given input | ||
| * options. | ||
| * @param json The input object. | ||
| */ | ||
| static fromJSON(json: JWTInput): UserRefreshClient; | ||
| } |
@@ -121,3 +121,13 @@ "use strict"; | ||
| } | ||
| /** | ||
| * Create a UserRefreshClient credentials instance using the given input | ||
| * options. | ||
| * @param json The input object. | ||
| */ | ||
| static fromJSON(json) { | ||
| const client = new UserRefreshClient(); | ||
| client.fromJSON(json); | ||
| return client; | ||
| } | ||
| } | ||
| exports.UserRefreshClient = UserRefreshClient; |
| { | ||
| "name": "google-auth-library", | ||
| "version": "9.14.2", | ||
| "version": "9.15.0", | ||
| "author": "Google Inc.", | ||
@@ -28,3 +28,2 @@ "description": "Google APIs Authentication Client Library for Node.js", | ||
| "devDependencies": { | ||
| "@compodoc/compodoc": "1.1.23", | ||
| "@types/base64-js": "^1.2.5", | ||
@@ -46,2 +45,5 @@ "@types/chai": "^4.1.7", | ||
| "is-docker": "^2.0.0", | ||
| "jsdoc": "^4.0.0", | ||
| "jsdoc-fresh": "^3.0.0", | ||
| "jsdoc-region-tag": "^3.0.0", | ||
| "karma": "^6.0.0", | ||
@@ -81,3 +83,3 @@ "karma-chrome-launcher": "^3.0.0", | ||
| "pretest": "npm run compile -- --sourceMap", | ||
| "docs": "compodoc src/", | ||
| "docs": "jsdoc -c .jsdoc.json", | ||
| "samples-setup": "cd samples/ && npm link ../ && npm run setup && cd ../", | ||
@@ -84,0 +86,0 @@ "samples-test": "cd samples/ && npm link ../ && npm test && cd ../", |
Improved metrics
- Lines of code
- increased by0.44%
10011
Worsened metrics
- Total package byte prevSize
- decreased by-14.65%
516407
- Dev dependency count
- increased by5.26%
40
- Number of package files
- decreased by-1.28%
77