Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
google-auth-library
Advanced tools
google-auth-library - npm Package Compare versions
Comparing version 9.1.0 to 9.2.0
| /// <reference types="node" /> | ||
| import { EventEmitter } from 'events'; | ||
| import { GaxiosOptions, GaxiosPromise, GaxiosResponse } from 'gaxios'; | ||
| import { Gaxios, GaxiosOptions, GaxiosPromise, GaxiosResponse } from 'gaxios'; | ||
| import { Transporter } from '../transporters'; | ||
| import { Credentials } from './credentials'; | ||
| import { Headers } from './oauth2client'; | ||
| import { OriginalAndCamel } from '../util'; | ||
| /** | ||
| * Defines the root interface for all clients that generate credentials | ||
| * for calling Google APIs. All clients should implement this interface. | ||
| * Base auth configurations (e.g. from JWT or `.json` files) with conventional | ||
| * camelCased options. | ||
| * | ||
| * @privateRemarks | ||
| * | ||
| * This interface is purposely not exported so that it can be removed once | ||
| * {@link https://github.com/microsoft/TypeScript/issues/50715} has been | ||
| * resolved. Then, we can use {@link OriginalAndCamel} to shrink this interface. | ||
| * | ||
| * Tracking: {@link https://github.com/googleapis/google-auth-library-nodejs/issues/1686} | ||
| */ | ||
| export interface CredentialsClient { | ||
| interface AuthJSONOptions { | ||
| /** | ||
| * The project ID corresponding to the current credentials if available. | ||
| */ | ||
| projectId?: string | null; | ||
| project_id: string | null; | ||
| /** | ||
| * The expiration threshold in milliseconds before forcing token refresh. | ||
| * An alias for {@link AuthJSONOptions.project_id `project_id`}. | ||
| */ | ||
| eagerRefreshThresholdMillis: number; | ||
| projectId: AuthJSONOptions['project_id']; | ||
| /** | ||
| * Whether to force refresh on failure when making an authorization request. | ||
| * The quota project ID. The quota project can be used by client libraries for the billing purpose. | ||
| * See {@link https://cloud.google.com/docs/quota Working with quotas} | ||
| */ | ||
| forceRefreshOnFailure: boolean; | ||
| quota_project_id: string; | ||
| /** | ||
| * An alias for {@link AuthJSONOptions.quota_project_id `quota_project_id`}. | ||
| */ | ||
| quotaProjectId: AuthJSONOptions['quota_project_id']; | ||
| /** | ||
| * The default service domain for a given Cloud universe. | ||
| */ | ||
| universe_domain: string; | ||
| /** | ||
| * An alias for {@link AuthJSONOptions.universe_domain `universe_domain`}. | ||
| */ | ||
| universeDomain: AuthJSONOptions['universe_domain']; | ||
| } | ||
| /** | ||
| * Base `AuthClient` configuration. | ||
| * | ||
| * The camelCased options are aliases of the snake_cased options, supporting both | ||
| * JSON API and JS conventions. | ||
| */ | ||
| export interface AuthClientOptions extends Partial<OriginalAndCamel<AuthJSONOptions>> { | ||
| credentials?: Credentials; | ||
| /** | ||
| * A `Gaxios` or `Transporter` instance to use for `AuthClient` requests. | ||
| */ | ||
| transporter?: Gaxios | Transporter; | ||
| /** | ||
| * Provides default options to the transporter, such as {@link GaxiosOptions.agent `agent`} or | ||
| * {@link GaxiosOptions.retryConfig `retryConfig`}. | ||
| */ | ||
| transporterOptions?: GaxiosOptions; | ||
| /** | ||
| * The expiration threshold in milliseconds before forcing token refresh of | ||
| * unexpired tokens. | ||
| */ | ||
| eagerRefreshThresholdMillis?: number; | ||
| /** | ||
| * Whether to attempt to refresh tokens on status 401/403 responses | ||
| * even if an attempt is made to refresh the token preemptively based | ||
| * on the expiry_date. | ||
| */ | ||
| forceRefreshOnFailure?: boolean; | ||
| } | ||
| /** | ||
| * The default cloud universe | ||
| * | ||
| * @see {@link AuthJSONOptions.universe_domain} | ||
| */ | ||
| export declare const DEFAULT_UNIVERSE = "googleapis.com"; | ||
| /** | ||
| * The default {@link AuthClientOptions.eagerRefreshThresholdMillis} | ||
| */ | ||
| export declare const DEFAULT_EAGER_REFRESH_THRESHOLD_MILLIS: number; | ||
| /** | ||
| * Defines the root interface for all clients that generate credentials | ||
| * for calling Google APIs. All clients should implement this interface. | ||
| */ | ||
| export interface CredentialsClient { | ||
| projectId?: AuthClientOptions['projectId']; | ||
| eagerRefreshThresholdMillis: NonNullable<AuthClientOptions['eagerRefreshThresholdMillis']>; | ||
| forceRefreshOnFailure: NonNullable<AuthClientOptions['forceRefreshOnFailure']>; | ||
| /** | ||
| * @return A promise that resolves with the current GCP access token | ||
@@ -64,5 +134,6 @@ * response. If the current credential is expired, a new one is retrieved. | ||
| export declare abstract class AuthClient extends EventEmitter implements CredentialsClient { | ||
| projectId?: string | null; | ||
| /** | ||
| * The quota project ID. The quota project can be used by client libraries for the billing purpose. | ||
| * See {@link https://cloud.google.com/docs/quota| Working with quotas} | ||
| * See {@link https://cloud.google.com/docs/quota Working with quotas} | ||
| */ | ||
@@ -72,5 +143,6 @@ quotaProjectId?: string; | ||
| credentials: Credentials; | ||
| projectId?: string | null; | ||
| eagerRefreshThresholdMillis: number; | ||
| forceRefreshOnFailure: boolean; | ||
| universeDomain: string; | ||
| constructor(opts?: AuthClientOptions); | ||
| /** | ||
@@ -112,1 +184,2 @@ * Provides an alternative Gaxios request implementation with auth credentials | ||
| } | ||
| export {}; |
@@ -16,12 +16,39 @@ "use strict"; | ||
| Object.defineProperty(exports, "__esModule", { value: true }); | ||
| exports.AuthClient = void 0; | ||
| exports.AuthClient = exports.DEFAULT_EAGER_REFRESH_THRESHOLD_MILLIS = exports.DEFAULT_UNIVERSE = void 0; | ||
| const events_1 = require("events"); | ||
| const transporters_1 = require("../transporters"); | ||
| const util_1 = require("../util"); | ||
| /** | ||
| * The default cloud universe | ||
| * | ||
| * @see {@link AuthJSONOptions.universe_domain} | ||
| */ | ||
| exports.DEFAULT_UNIVERSE = 'googleapis.com'; | ||
| /** | ||
| * The default {@link AuthClientOptions.eagerRefreshThresholdMillis} | ||
| */ | ||
| exports.DEFAULT_EAGER_REFRESH_THRESHOLD_MILLIS = 5 * 60 * 1000; | ||
| class AuthClient extends events_1.EventEmitter { | ||
| constructor() { | ||
| super(...arguments); | ||
| this.transporter = new transporters_1.DefaultTransporter(); | ||
| constructor(opts = {}) { | ||
| var _a, _b, _c, _d, _e; | ||
| super(); | ||
| this.credentials = {}; | ||
| this.eagerRefreshThresholdMillis = 5 * 60 * 1000; | ||
| this.eagerRefreshThresholdMillis = exports.DEFAULT_EAGER_REFRESH_THRESHOLD_MILLIS; | ||
| this.forceRefreshOnFailure = false; | ||
| this.universeDomain = exports.DEFAULT_UNIVERSE; | ||
| const options = (0, util_1.originalOrCamelOptions)(opts); | ||
| // Shared auth options | ||
| this.projectId = (_a = options.get('project_id')) !== null && _a !== void 0 ? _a : null; | ||
| this.quotaProjectId = options.get('quota_project_id'); | ||
| this.credentials = (_b = options.get('credentials')) !== null && _b !== void 0 ? _b : {}; | ||
| this.universeDomain = (_c = options.get('universe_domain')) !== null && _c !== void 0 ? _c : exports.DEFAULT_UNIVERSE; | ||
| // Shared client options | ||
| this.transporter = (_d = opts.transporter) !== null && _d !== void 0 ? _d : new transporters_1.DefaultTransporter(); | ||
| if (opts.transporterOptions) { | ||
| this.transporter.defaults = opts.transporterOptions; | ||
| } | ||
| if (opts.eagerRefreshThresholdMillis) { | ||
| this.eagerRefreshThresholdMillis = opts.eagerRefreshThresholdMillis; | ||
| } | ||
| this.forceRefreshOnFailure = (_e = opts.forceRefreshOnFailure) !== null && _e !== void 0 ? _e : false; | ||
| } | ||
@@ -54,2 +81,1 @@ /** | ||
| exports.AuthClient = AuthClient; | ||
| //# sourceMappingURL=authclient.js.map |
| import { BaseExternalAccountClient, BaseExternalAccountClientOptions } from './baseexternalclient'; | ||
| import { RefreshOptions } from './oauth2client'; | ||
| import { AuthClientOptions } from './authclient'; | ||
| /** | ||
@@ -36,7 +36,8 @@ * AWS credentials JSON interface. This is used for AWS workloads. | ||
| * from the external account JSON credential file. | ||
| * @param additionalOptions Optional additional behavior customization | ||
| * options. These currently customize expiration threshold time and | ||
| * whether to retry on 401/403 API request errors. | ||
| * @param additionalOptions **DEPRECATED, all options are available in the | ||
| * `options` parameter.** Optional additional behavior customization options. | ||
| * These currently customize expiration threshold time and whether to retry | ||
| * on 401/403 API request errors. | ||
| */ | ||
| constructor(options: AwsClientOptions, additionalOptions?: RefreshOptions); | ||
| constructor(options: AwsClientOptions, additionalOptions?: AuthClientOptions); | ||
| private validateEnvironmentId; | ||
@@ -43,0 +44,0 @@ /** |
@@ -31,5 +31,6 @@ "use strict"; | ||
| * from the external account JSON credential file. | ||
| * @param additionalOptions Optional additional behavior customization | ||
| * options. These currently customize expiration threshold time and | ||
| * whether to retry on 401/403 API request errors. | ||
| * @param additionalOptions **DEPRECATED, all options are available in the | ||
| * `options` parameter.** Optional additional behavior customization options. | ||
| * These currently customize expiration threshold time and whether to retry | ||
| * on 401/403 API request errors. | ||
| */ | ||
@@ -262,2 +263,1 @@ constructor(options, additionalOptions) { | ||
| AwsClient.AWS_EC2_METADATA_IPV6_ADDRESS = 'fd00:ec2::254'; | ||
| //# sourceMappingURL=awsclient.js.map |
@@ -210,2 +210,1 @@ "use strict"; | ||
| } | ||
| //# sourceMappingURL=awsrequestsigner.js.map |
| import { GaxiosOptions, GaxiosPromise, GaxiosResponse } from 'gaxios'; | ||
| import { Credentials } from './credentials'; | ||
| import { AuthClient } from './authclient'; | ||
| import { AuthClient, AuthClientOptions } from './authclient'; | ||
| import { BodyResponseCallback } from '../transporters'; | ||
| import { GetAccessTokenResponse, Headers, RefreshOptions } from './oauth2client'; | ||
| import { GetAccessTokenResponse, Headers } from './oauth2client'; | ||
| import { SnakeToCamelObject } from '../util'; | ||
| /** | ||
@@ -21,13 +22,8 @@ * Offset to take into account network delays and server clock skews. | ||
| /** | ||
| * The default cloud universe | ||
| * For backwards compatibility. | ||
| */ | ||
| export declare const DEFAULT_UNIVERSE = "googleapis.com"; | ||
| export interface SharedExternalAccountClientOptions { | ||
| export { DEFAULT_UNIVERSE } from './authclient'; | ||
| export interface SharedExternalAccountClientOptions extends AuthClientOptions { | ||
| audience: string; | ||
| token_url: string; | ||
| quota_project_id?: string; | ||
| /** | ||
| * universe domain is the default service domain for a given Cloud universe | ||
| */ | ||
| universe_domain?: string; | ||
| } | ||
@@ -103,7 +99,3 @@ /** | ||
| private readonly workforcePoolUserProject?; | ||
| universeDomain: string; | ||
| projectId: string | null; | ||
| projectNumber: string | null; | ||
| readonly eagerRefreshThresholdMillis: number; | ||
| readonly forceRefreshOnFailure: boolean; | ||
| private readonly configLifetimeRequested; | ||
@@ -115,8 +107,10 @@ protected credentialSourceType?: string; | ||
| * @param options The external account options object typically loaded | ||
| * from the external account JSON credential file. | ||
| * @param additionalOptions Optional additional behavior customization | ||
| * options. These currently customize expiration threshold time and | ||
| * whether to retry on 401/403 API request errors. | ||
| * from the external account JSON credential file. The camelCased options | ||
| * are aliases for the snake_cased options. | ||
| * @param additionalOptions **DEPRECATED, all options are available in the | ||
| * `options` parameter.** Optional additional behavior customization options. | ||
| * These currently customize expiration threshold time and whether to retry | ||
| * on 401/403 API request errors. | ||
| */ | ||
| constructor(options: BaseExternalAccountClientOptions, additionalOptions?: RefreshOptions); | ||
| constructor(options: BaseExternalAccountClientOptions | SnakeToCamelObject<BaseExternalAccountClientOptions>, additionalOptions?: AuthClientOptions); | ||
| /** The service account email to be impersonated, if available. */ | ||
@@ -231,2 +225,1 @@ getServiceAccountEmail(): string | null; | ||
| } | ||
| export {}; |
@@ -20,2 +20,3 @@ "use strict"; | ||
| const sts = require("./stscredentials"); | ||
| const util_1 = require("../util"); | ||
| /** | ||
@@ -52,5 +53,6 @@ * The required token exchange grant_type: rfc8693#section-2.1 | ||
| /** | ||
| * The default cloud universe | ||
| * For backwards compatibility. | ||
| */ | ||
| exports.DEFAULT_UNIVERSE = 'googleapis.com'; | ||
| var authclient_2 = require("./authclient"); | ||
| Object.defineProperty(exports, "DEFAULT_UNIVERSE", { enumerable: true, get: function () { return authclient_2.DEFAULT_UNIVERSE; } }); | ||
| /** | ||
@@ -70,30 +72,38 @@ * Base external account client. This is used to instantiate AuthClients for | ||
| * @param options The external account options object typically loaded | ||
| * from the external account JSON credential file. | ||
| * @param additionalOptions Optional additional behavior customization | ||
| * options. These currently customize expiration threshold time and | ||
| * whether to retry on 401/403 API request errors. | ||
| * from the external account JSON credential file. The camelCased options | ||
| * are aliases for the snake_cased options. | ||
| * @param additionalOptions **DEPRECATED, all options are available in the | ||
| * `options` parameter.** Optional additional behavior customization options. | ||
| * These currently customize expiration threshold time and whether to retry | ||
| * on 401/403 API request errors. | ||
| */ | ||
| constructor(options, additionalOptions) { | ||
| var _a; | ||
| super(); | ||
| this.universeDomain = exports.DEFAULT_UNIVERSE; | ||
| if (options.type !== exports.EXTERNAL_ACCOUNT_TYPE) { | ||
| super({ ...options, ...additionalOptions }); | ||
| const opts = (0, util_1.originalOrCamelOptions)(options); | ||
| if (opts.get('type') !== exports.EXTERNAL_ACCOUNT_TYPE) { | ||
| throw new Error(`Expected "${exports.EXTERNAL_ACCOUNT_TYPE}" type but ` + | ||
| `received "${options.type}"`); | ||
| } | ||
| this.clientAuth = options.client_id | ||
| ? { | ||
| const clientId = opts.get('client_id'); | ||
| const clientSecret = opts.get('client_secret'); | ||
| const tokenUrl = opts.get('token_url'); | ||
| const subjectTokenType = opts.get('subject_token_type'); | ||
| const workforcePoolUserProject = opts.get('workforce_pool_user_project'); | ||
| const serviceAccountImpersonationUrl = opts.get('service_account_impersonation_url'); | ||
| const serviceAccountImpersonation = opts.get('service_account_impersonation'); | ||
| const serviceAccountImpersonationLifetime = (0, util_1.originalOrCamelOptions)(serviceAccountImpersonation).get('token_lifetime_seconds'); | ||
| if (clientId) { | ||
| this.clientAuth = { | ||
| confidentialClientType: 'basic', | ||
| clientId: options.client_id, | ||
| clientSecret: options.client_secret, | ||
| } | ||
| : undefined; | ||
| this.stsCredential = new sts.StsCredentials(options.token_url, this.clientAuth); | ||
| clientId, | ||
| clientSecret, | ||
| }; | ||
| } | ||
| this.stsCredential = new sts.StsCredentials(tokenUrl, this.clientAuth); | ||
| // Default OAuth scope. This could be overridden via public property. | ||
| this.scopes = [DEFAULT_OAUTH_SCOPE]; | ||
| this.cachedAccessToken = null; | ||
| this.audience = options.audience; | ||
| this.subjectTokenType = options.subject_token_type; | ||
| this.quotaProjectId = options.quota_project_id; | ||
| this.workforcePoolUserProject = options.workforce_pool_user_project; | ||
| this.audience = opts.get('audience'); | ||
| this.subjectTokenType = subjectTokenType; | ||
| this.workforcePoolUserProject = workforcePoolUserProject; | ||
| const workforceAudiencePattern = new RegExp(WORKFORCE_AUDIENCE_PATTERN); | ||
@@ -105,6 +115,5 @@ if (this.workforcePoolUserProject && | ||
| } | ||
| this.serviceAccountImpersonationUrl = | ||
| options.service_account_impersonation_url; | ||
| this.serviceAccountImpersonationUrl = serviceAccountImpersonationUrl; | ||
| this.serviceAccountImpersonationLifetime = | ||
| (_a = options.service_account_impersonation) === null || _a === void 0 ? void 0 : _a.token_lifetime_seconds; | ||
| serviceAccountImpersonationLifetime; | ||
| if (this.serviceAccountImpersonationLifetime) { | ||
@@ -117,18 +126,3 @@ this.configLifetimeRequested = true; | ||
| } | ||
| // As threshold could be zero, | ||
| // eagerRefreshThresholdMillis || EXPIRATION_TIME_OFFSET will override the | ||
| // zero value. | ||
| if (typeof (additionalOptions === null || additionalOptions === void 0 ? void 0 : additionalOptions.eagerRefreshThresholdMillis) !== 'number') { | ||
| this.eagerRefreshThresholdMillis = exports.EXPIRATION_TIME_OFFSET; | ||
| } | ||
| else { | ||
| this.eagerRefreshThresholdMillis = additionalOptions | ||
| .eagerRefreshThresholdMillis; | ||
| } | ||
| this.forceRefreshOnFailure = !!(additionalOptions === null || additionalOptions === void 0 ? void 0 : additionalOptions.forceRefreshOnFailure); | ||
| this.projectId = null; | ||
| this.projectNumber = this.getProjectNumber(this.audience); | ||
| if (options.universe_domain) { | ||
| this.universeDomain = options.universe_domain; | ||
| } | ||
| } | ||
@@ -139,2 +133,9 @@ /** The service account email to be impersonated, if available. */ | ||
| if (this.serviceAccountImpersonationUrl) { | ||
| if (this.serviceAccountImpersonationUrl.length > 256) { | ||
| /** | ||
| * Prevents DOS attacks. | ||
| * @see {@link https://github.com/googleapis/google-auth-library-nodejs/security/code-scanning/84} | ||
| **/ | ||
| throw new RangeError(`URL is too long: ${this.serviceAccountImpersonationUrl}`); | ||
| } | ||
| // Parse email from URL. The formal looks as follows: | ||
@@ -436,2 +437,1 @@ // https://iamcredentials.googleapis.com/v1/projects/-/serviceAccounts/name@project-id.iam.gserviceaccount.com:generateAccessToken | ||
| exports.BaseExternalAccountClient = BaseExternalAccountClient; | ||
| //# sourceMappingURL=baseexternalclient.js.map |
| import { GaxiosError } from 'gaxios'; | ||
| import { GetTokenResponse, OAuth2Client, RefreshOptions } from './oauth2client'; | ||
| export interface ComputeOptions extends RefreshOptions { | ||
| import { GetTokenResponse, OAuth2Client, OAuth2ClientOptions } from './oauth2client'; | ||
| export interface ComputeOptions extends OAuth2ClientOptions { | ||
| /** | ||
@@ -5,0 +5,0 @@ * The service account email to use, or 'default'. A Compute Engine instance |
@@ -118,2 +118,1 @@ "use strict"; | ||
| exports.Compute = Compute; | ||
| //# sourceMappingURL=computeclient.js.map |
@@ -16,2 +16,1 @@ "use strict"; | ||
| Object.defineProperty(exports, "__esModule", { value: true }); | ||
| //# sourceMappingURL=credentials.js.map |
| import { GaxiosOptions, GaxiosPromise, GaxiosResponse } from 'gaxios'; | ||
| import { BodyResponseCallback } from '../transporters'; | ||
| import { Credentials } from './credentials'; | ||
| import { AuthClient } from './authclient'; | ||
| import { GetAccessTokenResponse, Headers, RefreshOptions } from './oauth2client'; | ||
| import { AuthClient, AuthClientOptions } from './authclient'; | ||
| import { GetAccessTokenResponse, Headers } from './oauth2client'; | ||
| /** | ||
@@ -66,4 +66,2 @@ * The maximum number of access boundary rules a Credential Access Boundary | ||
| private readonly stsCredential; | ||
| readonly eagerRefreshThresholdMillis: number; | ||
| readonly forceRefreshOnFailure: boolean; | ||
| /** | ||
@@ -84,9 +82,8 @@ * Instantiates a downscoped client object using the provided source | ||
| * condition to further restrict permissions. | ||
| * @param additionalOptions Optional additional behavior customization | ||
| * options. These currently customize expiration threshold time and | ||
| * whether to retry on 401/403 API request errors. | ||
| * @param quotaProjectId Optional quota project id for setting up in the | ||
| * x-goog-user-project header. | ||
| * @param additionalOptions **DEPRECATED, set this in the provided `authClient`.** | ||
| * Optional additional behavior customization options. | ||
| * @param quotaProjectId **DEPRECATED, set this in the provided `authClient`.** | ||
| * Optional quota project id for setting up in the x-goog-user-project header. | ||
| */ | ||
| constructor(authClient: AuthClient, credentialAccessBoundary: CredentialAccessBoundary, additionalOptions?: RefreshOptions, quotaProjectId?: string); | ||
| constructor(authClient: AuthClient, credentialAccessBoundary: CredentialAccessBoundary, additionalOptions?: AuthClientOptions, quotaProjectId?: string); | ||
| /** | ||
@@ -93,0 +90,0 @@ * Provides a mechanism to inject Downscoped access tokens directly. |
@@ -69,10 +69,9 @@ "use strict"; | ||
| * condition to further restrict permissions. | ||
| * @param additionalOptions Optional additional behavior customization | ||
| * options. These currently customize expiration threshold time and | ||
| * whether to retry on 401/403 API request errors. | ||
| * @param quotaProjectId Optional quota project id for setting up in the | ||
| * x-goog-user-project header. | ||
| * @param additionalOptions **DEPRECATED, set this in the provided `authClient`.** | ||
| * Optional additional behavior customization options. | ||
| * @param quotaProjectId **DEPRECATED, set this in the provided `authClient`.** | ||
| * Optional quota project id for setting up in the x-goog-user-project header. | ||
| */ | ||
| constructor(authClient, credentialAccessBoundary, additionalOptions, quotaProjectId) { | ||
| super(); | ||
| super({ ...additionalOptions, quotaProjectId }); | ||
| this.authClient = authClient; | ||
@@ -100,14 +99,2 @@ this.credentialAccessBoundary = credentialAccessBoundary; | ||
| this.cachedDownscopedAccessToken = null; | ||
| // As threshold could be zero, | ||
| // eagerRefreshThresholdMillis || EXPIRATION_TIME_OFFSET will override the | ||
| // zero value. | ||
| if (typeof (additionalOptions === null || additionalOptions === void 0 ? void 0 : additionalOptions.eagerRefreshThresholdMillis) !== 'number') { | ||
| this.eagerRefreshThresholdMillis = exports.EXPIRATION_TIME_OFFSET; | ||
| } | ||
| else { | ||
| this.eagerRefreshThresholdMillis = additionalOptions | ||
| .eagerRefreshThresholdMillis; | ||
| } | ||
| this.forceRefreshOnFailure = !!(additionalOptions === null || additionalOptions === void 0 ? void 0 : additionalOptions.forceRefreshOnFailure); | ||
| this.quotaProjectId = quotaProjectId; | ||
| } | ||
@@ -280,2 +267,1 @@ /** | ||
| exports.DownscopedClient = DownscopedClient; | ||
| //# sourceMappingURL=downscopedclient.js.map |
@@ -90,2 +90,1 @@ "use strict"; | ||
| } | ||
| //# sourceMappingURL=envDetect.js.map |
@@ -147,2 +147,1 @@ "use strict"; | ||
| exports.InvalidSubjectTokenError = InvalidSubjectTokenError; | ||
| //# sourceMappingURL=executable-response.js.map |
@@ -1,3 +0,3 @@ | ||
| import { AuthClient } from './authclient'; | ||
| import { Headers, RefreshOptions } from './oauth2client'; | ||
| import { AuthClient, AuthClientOptions } from './authclient'; | ||
| import { Headers } from './oauth2client'; | ||
| import { BodyResponseCallback } from '../transporters'; | ||
@@ -38,3 +38,2 @@ import { GaxiosOptions, GaxiosPromise, GaxiosResponse } from 'gaxios'; | ||
| private refreshToken; | ||
| universeDomain: string; | ||
| /** | ||
@@ -46,7 +45,8 @@ * Instantiates an ExternalAccountAuthorizedUserClient instances using the | ||
| * from the external accoutn authorized user JSON credential file. | ||
| * @param additionalOptions Optional additional behavior customization | ||
| * options. These currently customize expiration threshold time and | ||
| * whether to retry on 401/403 API request errors. | ||
| * @param additionalOptions **DEPRECATED, all options are available in the | ||
| * `options` parameter.** Optional additional behavior customization options. | ||
| * These currently customize expiration threshold time and whether to retry | ||
| * on 401/403 API request errors. | ||
| */ | ||
| constructor(options: ExternalAccountAuthorizedUserClientOptions, additionalOptions?: RefreshOptions); | ||
| constructor(options: ExternalAccountAuthorizedUserClientOptions, additionalOptions?: AuthClientOptions); | ||
| getAccessToken(): Promise<{ | ||
@@ -53,0 +53,0 @@ token?: string | null; |
@@ -102,9 +102,9 @@ "use strict"; | ||
| * from the external accoutn authorized user JSON credential file. | ||
| * @param additionalOptions Optional additional behavior customization | ||
| * options. These currently customize expiration threshold time and | ||
| * whether to retry on 401/403 API request errors. | ||
| * @param additionalOptions **DEPRECATED, all options are available in the | ||
| * `options` parameter.** Optional additional behavior customization options. | ||
| * These currently customize expiration threshold time and whether to retry | ||
| * on 401/403 API request errors. | ||
| */ | ||
| constructor(options, additionalOptions) { | ||
| super(); | ||
| this.universeDomain = baseexternalclient_1.DEFAULT_UNIVERSE; | ||
| super({ ...options, ...additionalOptions }); | ||
| this.refreshToken = options.refresh_token; | ||
@@ -238,2 +238,1 @@ const clientAuth = { | ||
| exports.ExternalAccountAuthorizedUserClient = ExternalAccountAuthorizedUserClient; | ||
| //# sourceMappingURL=externalAccountAuthorizedUserClient.js.map |
@@ -1,2 +0,1 @@ | ||
| import { RefreshOptions } from './oauth2client'; | ||
| import { BaseExternalAccountClient } from './baseexternalclient'; | ||
@@ -6,2 +5,3 @@ import { IdentityPoolClientOptions } from './identitypoolclient'; | ||
| import { PluggableAuthClientOptions } from './pluggable-auth-client'; | ||
| import { AuthClientOptions } from './authclient'; | ||
| export type ExternalAccountClientOptions = IdentityPoolClientOptions | AwsClientOptions | PluggableAuthClientOptions; | ||
@@ -19,9 +19,10 @@ /** | ||
| * from the external account JSON credential file. | ||
| * @param additionalOptions Optional additional behavior customization | ||
| * options. These currently customize expiration threshold time and | ||
| * whether to retry on 401/403 API request errors. | ||
| * @param additionalOptions **DEPRECATED, all options are available in the | ||
| * `options` parameter.** Optional additional behavior customization options. | ||
| * These currently customize expiration threshold time and whether to retry | ||
| * on 401/403 API request errors. | ||
| * @return A BaseExternalAccountClient instance or null if the options | ||
| * provided do not correspond to an external account credential. | ||
| */ | ||
| static fromJSON(options: ExternalAccountClientOptions, additionalOptions?: RefreshOptions): BaseExternalAccountClient | null; | ||
| static fromJSON(options: ExternalAccountClientOptions, additionalOptions?: AuthClientOptions): BaseExternalAccountClient | null; | ||
| } |
@@ -39,5 +39,6 @@ "use strict"; | ||
| * from the external account JSON credential file. | ||
| * @param additionalOptions Optional additional behavior customization | ||
| * options. These currently customize expiration threshold time and | ||
| * whether to retry on 401/403 API request errors. | ||
| * @param additionalOptions **DEPRECATED, all options are available in the | ||
| * `options` parameter.** Optional additional behavior customization options. | ||
| * These currently customize expiration threshold time and whether to retry | ||
| * on 401/403 API request errors. | ||
| * @return A BaseExternalAccountClient instance or null if the options | ||
@@ -65,2 +66,1 @@ * provided do not correspond to an external account credential. | ||
| exports.ExternalAccountClient = ExternalAccountClient; | ||
| //# sourceMappingURL=externalclient.js.map |
@@ -10,3 +10,3 @@ /// <reference types="node" /> | ||
| import { JWT, JWTOptions } from './jwtclient'; | ||
| import { Headers, OAuth2ClientOptions, RefreshOptions } from './oauth2client'; | ||
| import { Headers, OAuth2ClientOptions } from './oauth2client'; | ||
| import { UserRefreshClient, UserRefreshClientOptions } from './refreshclient'; | ||
@@ -16,3 +16,3 @@ import { Impersonated, ImpersonatedOptions } from './impersonated'; | ||
| import { BaseExternalAccountClient } from './baseexternalclient'; | ||
| import { AuthClient } from './authclient'; | ||
| import { AuthClient, AuthClientOptions } from './authclient'; | ||
| import { ExternalAccountAuthorizedUserClient } from './externalAccountAuthorizedUserClient'; | ||
@@ -145,4 +145,4 @@ /** | ||
| getApplicationDefault(callback: ADCCallback): void; | ||
| getApplicationDefault(options: RefreshOptions): Promise<ADCResponse>; | ||
| getApplicationDefault(options: RefreshOptions, callback: ADCCallback): void; | ||
| getApplicationDefault(options: AuthClientOptions): Promise<ADCResponse>; | ||
| getApplicationDefault(options: AuthClientOptions, callback: ADCCallback): void; | ||
| private getApplicationDefaultAsync; | ||
@@ -164,3 +164,3 @@ private prepareAndCacheADC; | ||
| */ | ||
| _tryGetApplicationCredentialsFromEnvironmentVariable(options?: RefreshOptions): Promise<JSONClient | null>; | ||
| _tryGetApplicationCredentialsFromEnvironmentVariable(options?: AuthClientOptions): Promise<JSONClient | null>; | ||
| /** | ||
@@ -171,3 +171,3 @@ * Attempts to load default credentials from a well-known file location | ||
| */ | ||
| _tryGetApplicationCredentialsFromWellKnownFile(options?: RefreshOptions): Promise<JSONClient | null>; | ||
| _tryGetApplicationCredentialsFromWellKnownFile(options?: AuthClientOptions): Promise<JSONClient | null>; | ||
| /** | ||
@@ -179,3 +179,3 @@ * Attempts to load default credentials from a file at the given path.. | ||
| */ | ||
| _getApplicationCredentialsFromFilePath(filePath: string, options?: RefreshOptions): Promise<JSONClient>; | ||
| _getApplicationCredentialsFromFilePath(filePath: string, options?: AuthClientOptions): Promise<JSONClient>; | ||
| /** | ||
@@ -193,3 +193,3 @@ * Create a credentials instance using a given impersonated input options. | ||
| */ | ||
| fromJSON(json: JWTInput | ImpersonatedJWTInput, options?: RefreshOptions): JSONClient; | ||
| fromJSON(json: JWTInput | ImpersonatedJWTInput, options?: AuthClientOptions): JSONClient; | ||
| /** | ||
@@ -210,4 +210,4 @@ * Return a JWT or UserRefreshClient from JavaScript object, caching both the | ||
| fromStream(inputStream: stream.Readable, callback: CredentialCallback): void; | ||
| fromStream(inputStream: stream.Readable, options: RefreshOptions): Promise<JSONClient>; | ||
| fromStream(inputStream: stream.Readable, options: RefreshOptions, callback: CredentialCallback): void; | ||
| fromStream(inputStream: stream.Readable, options: AuthClientOptions): Promise<JSONClient>; | ||
| fromStream(inputStream: stream.Readable, options: AuthClientOptions, callback: CredentialCallback): void; | ||
| private fromStreamAsync; | ||
@@ -220,3 +220,3 @@ /** | ||
| */ | ||
| fromAPIKey(apiKey: string, options?: RefreshOptions): JWT; | ||
| fromAPIKey(apiKey: string, options?: AuthClientOptions): JWT; | ||
| /** | ||
@@ -223,0 +223,0 @@ * Determines whether the current operating system is Windows. |
@@ -195,3 +195,4 @@ "use strict"; | ||
| // Look in the well-known credential file location. | ||
| credential = await this._tryGetApplicationCredentialsFromWellKnownFile(options); | ||
| credential = | ||
| await this._tryGetApplicationCredentialsFromWellKnownFile(options); | ||
| if (credential) { | ||
@@ -341,3 +342,3 @@ if (credential instanceof jwtclient_1.JWT) { | ||
| fromImpersonatedJSON(json) { | ||
| var _a, _b, _c, _d; | ||
| var _a, _b, _c, _d, _e; | ||
| if (!json) { | ||
@@ -357,10 +358,17 @@ throw new Error('Must pass in a JSON object containing an impersonated refresh token'); | ||
| const sourceClient = new refreshclient_1.UserRefreshClient(json.source_credentials.client_id, json.source_credentials.client_secret, json.source_credentials.refresh_token); | ||
| if (((_a = json.service_account_impersonation_url) === null || _a === void 0 ? void 0 : _a.length) > 256) { | ||
| /** | ||
| * Prevents DOS attacks. | ||
| * @see {@link https://github.com/googleapis/google-auth-library-nodejs/security/code-scanning/85} | ||
| **/ | ||
| throw new RangeError(`Target principal is too long: ${json.service_account_impersonation_url}`); | ||
| } | ||
| // Extreact service account from service_account_impersonation_url | ||
| const targetPrincipal = (_b = (_a = /(?<target>[^/]+):generateAccessToken$/.exec(json.service_account_impersonation_url)) === null || _a === void 0 ? void 0 : _a.groups) === null || _b === void 0 ? void 0 : _b.target; | ||
| const targetPrincipal = (_c = (_b = /(?<target>[^/]+):generateAccessToken$/.exec(json.service_account_impersonation_url)) === null || _b === void 0 ? void 0 : _b.groups) === null || _c === void 0 ? void 0 : _c.target; | ||
| if (!targetPrincipal) { | ||
| throw new RangeError(`Cannot extract target principal from ${json.service_account_impersonation_url}`); | ||
| } | ||
| const targetScopes = (_c = this.getAnyScopes()) !== null && _c !== void 0 ? _c : []; | ||
| const targetScopes = (_d = this.getAnyScopes()) !== null && _d !== void 0 ? _d : []; | ||
| const client = new impersonated_1.Impersonated({ | ||
| delegates: (_d = json.delegates) !== null && _d !== void 0 ? _d : [], | ||
| delegates: (_e = json.delegates) !== null && _e !== void 0 ? _e : [], | ||
| sourceClient: sourceClient, | ||
@@ -380,3 +388,2 @@ targetPrincipal: targetPrincipal, | ||
| let client; | ||
| options = options || {}; | ||
| if (json.type === refreshclient_1.USER_REFRESH_ACCOUNT_TYPE) { | ||
@@ -738,2 +745,1 @@ client = new refreshclient_1.UserRefreshClient(options); | ||
| GoogleAuth.DefaultTransporter = transporters_1.DefaultTransporter; | ||
| //# sourceMappingURL=googleauth.js.map |
@@ -42,2 +42,1 @@ "use strict"; | ||
| exports.IAMAuth = IAMAuth; | ||
| //# sourceMappingURL=iam.js.map |
| import { BaseExternalAccountClient, BaseExternalAccountClientOptions } from './baseexternalclient'; | ||
| import { RefreshOptions } from './oauth2client'; | ||
| import { AuthClientOptions } from './authclient'; | ||
| import { SnakeToCamelObject } from '../util'; | ||
| type SubjectTokenFormatType = 'json' | 'text'; | ||
@@ -38,8 +39,10 @@ /** | ||
| * @param options The external account options object typically loaded | ||
| * from the external account JSON credential file. | ||
| * @param additionalOptions Optional additional behavior customization | ||
| * options. These currently customize expiration threshold time and | ||
| * whether to retry on 401/403 API request errors. | ||
| * from the external account JSON credential file. The camelCased options | ||
| * are aliases for the snake_cased options. | ||
| * @param additionalOptions **DEPRECATED, all options are available in the | ||
| * `options` parameter.** Optional additional behavior customization options. | ||
| * These currently customize expiration threshold time and whether to retry | ||
| * on 401/403 API request errors. | ||
| */ | ||
| constructor(options: IdentityPoolClientOptions, additionalOptions?: RefreshOptions); | ||
| constructor(options: IdentityPoolClientOptions | SnakeToCamelObject<IdentityPoolClientOptions>, additionalOptions?: AuthClientOptions); | ||
| /** | ||
@@ -46,0 +49,0 @@ * Triggered when a external subject token is needed to be exchanged for a GCP |
@@ -21,2 +21,3 @@ "use strict"; | ||
| const baseexternalclient_1 = require("./baseexternalclient"); | ||
| const util_2 = require("../util"); | ||
| // fs.readfile is undefined in browser karma tests causing | ||
@@ -41,13 +42,17 @@ // `npm run browser-test` to fail as test.oauth2.ts imports this file via | ||
| * @param options The external account options object typically loaded | ||
| * from the external account JSON credential file. | ||
| * @param additionalOptions Optional additional behavior customization | ||
| * options. These currently customize expiration threshold time and | ||
| * whether to retry on 401/403 API request errors. | ||
| * from the external account JSON credential file. The camelCased options | ||
| * are aliases for the snake_cased options. | ||
| * @param additionalOptions **DEPRECATED, all options are available in the | ||
| * `options` parameter.** Optional additional behavior customization options. | ||
| * These currently customize expiration threshold time and whether to retry | ||
| * on 401/403 API request errors. | ||
| */ | ||
| constructor(options, additionalOptions) { | ||
| var _a, _b; | ||
| super(options, additionalOptions); | ||
| this.file = options.credential_source.file; | ||
| this.url = options.credential_source.url; | ||
| this.headers = options.credential_source.headers; | ||
| const opts = (0, util_2.originalOrCamelOptions)(options); | ||
| const credentialSource = opts.get('credential_source'); | ||
| const credentialSourceOpts = (0, util_2.originalOrCamelOptions)(credentialSource); | ||
| this.file = credentialSourceOpts.get('file'); | ||
| this.url = credentialSourceOpts.get('url'); | ||
| this.headers = credentialSourceOpts.get('headers'); | ||
| if (this.file && this.url) { | ||
@@ -65,6 +70,6 @@ throw new Error('No valid Identity Pool "credential_source" provided, must be either file or url.'); | ||
| } | ||
| const formatOpts = (0, util_2.originalOrCamelOptions)(credentialSourceOpts.get('format')); | ||
| // Text is the default format type. | ||
| this.formatType = ((_a = options.credential_source.format) === null || _a === void 0 ? void 0 : _a.type) || 'text'; | ||
| this.formatSubjectTokenFieldName = | ||
| (_b = options.credential_source.format) === null || _b === void 0 ? void 0 : _b.subject_token_field_name; | ||
| this.formatType = formatOpts.get('type') || 'text'; | ||
| this.formatSubjectTokenFieldName = formatOpts.get('subject_token_field_name'); | ||
| if (this.formatType !== 'json' && this.formatType !== 'text') { | ||
@@ -170,2 +175,1 @@ throw new Error(`Invalid credential_source format "${this.formatType}"`); | ||
| exports.IdentityPoolClient = IdentityPoolClient; | ||
| //# sourceMappingURL=identitypoolclient.js.map |
@@ -1,3 +0,3 @@ | ||
| import { OAuth2Client, RequestMetadataResponse } from './oauth2client'; | ||
| export interface IdTokenOptions { | ||
| import { OAuth2Client, OAuth2ClientOptions, RequestMetadataResponse } from './oauth2client'; | ||
| export interface IdTokenOptions extends OAuth2ClientOptions { | ||
| /** | ||
@@ -4,0 +4,0 @@ * The client to make the request to fetch an ID token. |
@@ -26,3 +26,3 @@ "use strict"; | ||
| constructor(options) { | ||
| super(); | ||
| super(options); | ||
| this.targetAudience = options.targetAudience; | ||
@@ -57,2 +57,1 @@ this.idTokenProvider = options.idTokenProvider; | ||
| exports.IdTokenClient = IdTokenClient; | ||
| //# sourceMappingURL=idtokenclient.js.map |
@@ -16,6 +16,6 @@ /** | ||
| */ | ||
| import { GetTokenResponse, OAuth2Client, RefreshOptions } from './oauth2client'; | ||
| import { GetTokenResponse, OAuth2Client, OAuth2ClientOptions } from './oauth2client'; | ||
| import { AuthClient } from './authclient'; | ||
| import { IdTokenProvider } from './idtokenclient'; | ||
| export interface ImpersonatedOptions extends RefreshOptions { | ||
| export interface ImpersonatedOptions extends OAuth2ClientOptions { | ||
| /** | ||
@@ -22,0 +22,0 @@ * Client used to perform exchange for impersonated client. |
@@ -58,2 +58,4 @@ "use strict"; | ||
| super(options); | ||
| // Start with an expired refresh token, which will automatically be | ||
| // refreshed before the first API call is made. | ||
| this.credentials = { | ||
@@ -145,2 +147,1 @@ expiry_date: 1, | ||
| exports.Impersonated = Impersonated; | ||
| //# sourceMappingURL=impersonated.js.map |
@@ -18,3 +18,3 @@ "use strict"; | ||
| const jws = require("jws"); | ||
| const LRU = require("lru-cache"); | ||
| const util_1 = require("../util"); | ||
| const DEFAULT_HEADER = { | ||
@@ -36,4 +36,4 @@ alg: 'RS256', | ||
| constructor(email, key, keyId, eagerRefreshThresholdMillis) { | ||
| this.cache = new LRU({ | ||
| max: 500, | ||
| this.cache = new util_1.LRUCache({ | ||
| capacity: 500, | ||
| maxAge: 60 * 60 * 1000, | ||
@@ -195,2 +195,1 @@ }); | ||
| exports.JWTAccess = JWTAccess; | ||
| //# sourceMappingURL=jwtaccess.js.map |
@@ -6,4 +6,4 @@ /// <reference types="node" /> | ||
| import { IdTokenProvider } from './idtokenclient'; | ||
| import { GetTokenResponse, OAuth2Client, RefreshOptions, RequestMetadataResponse } from './oauth2client'; | ||
| export interface JWTOptions extends RefreshOptions { | ||
| import { GetTokenResponse, OAuth2Client, OAuth2ClientOptions, RequestMetadataResponse } from './oauth2client'; | ||
| export interface JWTOptions extends OAuth2ClientOptions { | ||
| email?: string; | ||
@@ -10,0 +10,0 @@ keyFile?: string; |
@@ -25,6 +25,3 @@ "use strict"; | ||
| : { email: optionsOrEmail, keyFile, key, keyId, scopes, subject }; | ||
| super({ | ||
| eagerRefreshThresholdMillis: opts.eagerRefreshThresholdMillis, | ||
| forceRefreshOnFailure: opts.forceRefreshOnFailure, | ||
| }); | ||
| super(opts); | ||
| this.email = opts.email; | ||
@@ -37,2 +34,4 @@ this.keyFile = opts.keyFile; | ||
| this.additionalClaims = opts.additionalClaims; | ||
| // Start with an expired refresh token, which will automatically be | ||
| // refreshed before the first API call is made. | ||
| this.credentials = { refresh_token: 'jwt-placeholder', expiry_date: 1 }; | ||
@@ -46,11 +45,5 @@ } | ||
| createScoped(scopes) { | ||
| return new JWT({ | ||
| email: this.email, | ||
| keyFile: this.keyFile, | ||
| key: this.key, | ||
| keyId: this.keyId, | ||
| scopes, | ||
| subject: this.subject, | ||
| additionalClaims: this.additionalClaims, | ||
| }); | ||
| const jwt = new JWT(this); | ||
| jwt.scopes = scopes; | ||
| return jwt; | ||
| } | ||
@@ -282,2 +275,1 @@ /** | ||
| exports.JWT = JWT; | ||
| //# sourceMappingURL=jwtclient.js.map |
@@ -58,2 +58,1 @@ "use strict"; | ||
| exports.LoginTicket = LoginTicket; | ||
| //# sourceMappingURL=loginticket.js.map |
@@ -6,3 +6,3 @@ /// <reference types="node" /> | ||
| import { BodyResponseCallback } from '../transporters'; | ||
| import { AuthClient } from './authclient'; | ||
| import { AuthClient, AuthClientOptions } from './authclient'; | ||
| import { Credentials } from './credentials'; | ||
@@ -304,12 +304,8 @@ import { LoginTicket } from './loginticket'; | ||
| } | ||
| export interface RefreshOptions { | ||
| eagerRefreshThresholdMillis?: number; | ||
| forceRefreshOnFailure?: boolean; | ||
| } | ||
| export interface OAuth2ClientOptions extends RefreshOptions { | ||
| export interface OAuth2ClientOptions extends AuthClientOptions { | ||
| clientId?: string; | ||
| clientSecret?: string; | ||
| redirectUri?: string; | ||
| credentials?: Credentials; | ||
| } | ||
| export type RefreshOptions = Pick<AuthClientOptions, 'eagerRefreshThresholdMillis' | 'forceRefreshOnFailure'>; | ||
| export declare class OAuth2Client extends AuthClient { | ||
@@ -324,5 +320,2 @@ private redirectUri?; | ||
| apiKey?: string; | ||
| projectId?: string; | ||
| eagerRefreshThresholdMillis: number; | ||
| forceRefreshOnFailure: boolean; | ||
| refreshHandler?: GetRefreshHandlerCallback; | ||
@@ -329,0 +322,0 @@ /** |
@@ -36,3 +36,6 @@ "use strict"; | ||
| constructor(optionsOrClientId, clientSecret, redirectUri) { | ||
| super(); | ||
| const opts = optionsOrClientId && typeof optionsOrClientId === 'object' | ||
| ? optionsOrClientId | ||
| : { clientId: optionsOrClientId, clientSecret, redirectUri }; | ||
| super(opts); | ||
| this.certificateCache = {}; | ||
@@ -42,12 +45,5 @@ this.certificateExpiry = null; | ||
| this.refreshTokenPromises = new Map(); | ||
| const opts = optionsOrClientId && typeof optionsOrClientId === 'object' | ||
| ? optionsOrClientId | ||
| : { clientId: optionsOrClientId, clientSecret, redirectUri }; | ||
| this._clientId = opts.clientId; | ||
| this._clientSecret = opts.clientSecret; | ||
| this.redirectUri = opts.redirectUri; | ||
| this.eagerRefreshThresholdMillis = | ||
| opts.eagerRefreshThresholdMillis || 5 * 60 * 1000; | ||
| this.forceRefreshOnFailure = !!opts.forceRefreshOnFailure; | ||
| this.credentials = opts.credentials || {}; | ||
| } | ||
@@ -769,2 +765,1 @@ /** | ||
| ]; | ||
| //# sourceMappingURL=oauth2client.js.map |
@@ -176,2 +176,1 @@ "use strict"; | ||
| exports.getErrorFromOAuthErrorResponse = getErrorFromOAuthErrorResponse; | ||
| //# sourceMappingURL=oauth2common.js.map |
| import { BaseExternalAccountClient, BaseExternalAccountClientOptions } from './baseexternalclient'; | ||
| import { RefreshOptions } from './oauth2client'; | ||
| import { AuthClientOptions } from './authclient'; | ||
| /** | ||
@@ -132,7 +132,8 @@ * Defines the credential source portion of the configuration for PluggableAuthClient. | ||
| * the external account JSON credential file. | ||
| * @param additionalOptions Optional additional behavior customization | ||
| * options. These currently customize expiration threshold time and | ||
| * whether to retry on 401/403 API request errors. | ||
| * @param additionalOptions **DEPRECATED, all options are available in the | ||
| * `options` parameter.** Optional additional behavior customization options. | ||
| * These currently customize expiration threshold time and whether to retry | ||
| * on 401/403 API request errors. | ||
| */ | ||
| constructor(options: PluggableAuthClientOptions, additionalOptions?: RefreshOptions); | ||
| constructor(options: PluggableAuthClientOptions, additionalOptions?: AuthClientOptions); | ||
| /** | ||
@@ -139,0 +140,0 @@ * Triggered when an external subject token is needed to be exchanged for a |
@@ -114,5 +114,6 @@ "use strict"; | ||
| * the external account JSON credential file. | ||
| * @param additionalOptions Optional additional behavior customization | ||
| * options. These currently customize expiration threshold time and | ||
| * whether to retry on 401/403 API request errors. | ||
| * @param additionalOptions **DEPRECATED, all options are available in the | ||
| * `options` parameter.** Optional additional behavior customization options. | ||
| * These currently customize expiration threshold time and whether to retry | ||
| * on 401/403 API request errors. | ||
| */ | ||
@@ -191,3 +192,4 @@ constructor(options, additionalOptions) { | ||
| } | ||
| executableResponse = await this.handler.retrieveResponseFromExecutable(envMap); | ||
| executableResponse = | ||
| await this.handler.retrieveResponseFromExecutable(envMap); | ||
| } | ||
@@ -216,2 +218,1 @@ if (executableResponse.version > MAXIMUM_EXECUTABLE_VERSION) { | ||
| exports.PluggableAuthClient = PluggableAuthClient; | ||
| //# sourceMappingURL=pluggable-auth-client.js.map |
@@ -157,2 +157,1 @@ "use strict"; | ||
| exports.PluggableAuthHandler = PluggableAuthHandler; | ||
| //# sourceMappingURL=pluggable-auth-handler.js.map |
| /// <reference types="node" /> | ||
| import * as stream from 'stream'; | ||
| import { JWTInput } from './credentials'; | ||
| import { GetTokenResponse, OAuth2Client, RefreshOptions } from './oauth2client'; | ||
| import { GetTokenResponse, OAuth2Client, OAuth2ClientOptions } from './oauth2client'; | ||
| export declare const USER_REFRESH_ACCOUNT_TYPE = "authorized_user"; | ||
| export interface UserRefreshClientOptions extends RefreshOptions { | ||
| export interface UserRefreshClientOptions extends OAuth2ClientOptions { | ||
| clientId?: string; | ||
@@ -8,0 +8,0 @@ clientSecret?: string; |
@@ -30,8 +30,3 @@ "use strict"; | ||
| }; | ||
| super({ | ||
| clientId: opts.clientId, | ||
| clientSecret: opts.clientSecret, | ||
| eagerRefreshThresholdMillis: opts.eagerRefreshThresholdMillis, | ||
| forceRefreshOnFailure: opts.forceRefreshOnFailure, | ||
| }); | ||
| super(opts); | ||
| this._refreshToken = opts.refreshToken; | ||
@@ -109,2 +104,1 @@ this.credentials.refresh_token = opts.refreshToken; | ||
| exports.UserRefreshClient = UserRefreshClient; | ||
| //# sourceMappingURL=refreshclient.js.map |
@@ -109,2 +109,1 @@ "use strict"; | ||
| exports.StsCredentials = StsCredentials; | ||
| //# sourceMappingURL=stscredentials.js.map |
@@ -134,2 +134,1 @@ "use strict"; | ||
| exports.BrowserCrypto = BrowserCrypto; | ||
| //# sourceMappingURL=crypto.js.map |
@@ -49,2 +49,1 @@ "use strict"; | ||
| exports.fromArrayBufferToHex = fromArrayBufferToHex; | ||
| //# sourceMappingURL=crypto.js.map |
@@ -83,2 +83,1 @@ "use strict"; | ||
| } | ||
| //# sourceMappingURL=crypto.js.map |
@@ -59,2 +59,1 @@ "use strict"; | ||
| exports.auth = auth; | ||
| //# sourceMappingURL=index.js.map |
@@ -40,2 +40,1 @@ "use strict"; | ||
| exports.warn = warn; | ||
| //# sourceMappingURL=messages.js.map |
@@ -36,2 +36,1 @@ "use strict"; | ||
| exports.validate = validate; | ||
| //# sourceMappingURL=options.js.map |
@@ -1,3 +0,4 @@ | ||
| import { GaxiosError, GaxiosOptions, GaxiosPromise, GaxiosResponse } from 'gaxios'; | ||
| import { Gaxios, GaxiosError, GaxiosOptions, GaxiosPromise, GaxiosResponse } from 'gaxios'; | ||
| export interface Transporter { | ||
| defaults?: GaxiosOptions; | ||
| request<T>(opts: GaxiosOptions): GaxiosPromise<T>; | ||
@@ -17,2 +18,6 @@ } | ||
| /** | ||
| * A configurable, replacable `Gaxios` instance. | ||
| */ | ||
| instance: Gaxios; | ||
| /** | ||
| * Configures request options before making a request. | ||
@@ -30,2 +35,4 @@ * @param opts GaxiosOptions options. | ||
| request<T>(opts: GaxiosOptions): GaxiosPromise<T>; | ||
| get defaults(): GaxiosOptions; | ||
| set defaults(opts: GaxiosOptions); | ||
| /** | ||
@@ -32,0 +39,0 @@ * Changes the error to include details from the body. |
@@ -23,2 +23,8 @@ "use strict"; | ||
| class DefaultTransporter { | ||
| constructor() { | ||
| /** | ||
| * A configurable, replacable `Gaxios` instance. | ||
| */ | ||
| this.instance = new gaxios_1.Gaxios(); | ||
| } | ||
| /** | ||
@@ -58,6 +64,12 @@ * Configures request options before making a request. | ||
| (0, options_1.validate)(opts); | ||
| return (0, gaxios_1.request)(opts).catch(e => { | ||
| return this.instance.request(opts).catch(e => { | ||
| throw this.processError(e); | ||
| }); | ||
| } | ||
| get defaults() { | ||
| return this.instance.defaults; | ||
| } | ||
| set defaults(opts) { | ||
| this.instance.defaults = opts; | ||
| } | ||
| /** | ||
@@ -100,2 +112,1 @@ * Changes the error to include details from the body. | ||
| DefaultTransporter.USER_AGENT = `${PRODUCT_NAME}/${pkg.version}`; | ||
| //# sourceMappingURL=transporters.js.map |
| { | ||
| "name": "google-auth-library", | ||
| "version": "9.1.0", | ||
| "version": "9.2.0", | ||
| "author": "Google Inc.", | ||
@@ -25,4 +25,3 @@ "description": "Google APIs Authentication Client Library for Node.js", | ||
| "gtoken": "^7.0.0", | ||
| "jws": "^4.0.0", | ||
| "lru-cache": "^6.0.0" | ||
| "jws": "^4.0.0" | ||
| }, | ||
@@ -34,3 +33,2 @@ "devDependencies": { | ||
| "@types/jws": "^3.1.0", | ||
| "@types/lru-cache": "^5.0.0", | ||
| "@types/mocha": "^9.0.0", | ||
@@ -80,3 +78,3 @@ "@types/mv": "^2.1.0", | ||
| "fix": "gts fix", | ||
| "pretest": "npm run compile", | ||
| "pretest": "npm run compile -- --sourceMap", | ||
| "docs": "compodoc src/", | ||
@@ -86,3 +84,3 @@ "samples-setup": "cd samples/ && npm link ../ && npm run setup && cd ../", | ||
| "system-test": "mocha build/system-test --timeout 60000", | ||
| "presystem-test": "npm run compile", | ||
| "presystem-test": "npm run compile -- --sourceMap", | ||
| "webpack": "webpack", | ||
@@ -89,0 +87,0 @@ "browser-test": "karma start", |
Sorry, the diff of this file is too big to display
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by2.6%
536009
- Dependency count
- decreased by-14.29%
6
- Dev dependency count
- decreased by-2.7%
36
- Number of package files
- increased by2.94%
70
- Lines of code
- increased by4.37%
8931
Dependency changes
- Removedlru-cache@^6.0.0
- Removedlru-cache@6.0.0(transitive)
- Removedyallist@4.0.0(transitive)