The gtoken npm package is designed to handle the acquisition and management of Google OAuth2 tokens. It simplifies the process of authenticating with Google APIs by managing the token generation, refresh, and validation processes.
Generate Access Token
This feature allows users to generate an access token by providing a key file and the required scopes. The token can then be used to authenticate requests to Google APIs.
const { GoogleToken } = require('gtoken');
const gtoken = new GoogleToken({
keyFile: 'path/to/keyfile.json',
scope: ['https://www.googleapis.com/auth/drive']
});
gtoken.getToken().then(token => {
console.log(token);
}).catch(err => {
console.error(err);
});Refresh Token
This feature allows users to refresh their existing token when it expires. The refreshed token ensures continued access without needing to re-authenticate.
const { GoogleToken } = require('gtoken');
const gtoken = new GoogleToken({
keyFile: 'path/to/keyfile.json',
scope: ['https://www.googleapis.com/auth/drive'],
token: existingToken
});
gtoken.refreshToken().then(newToken => {
console.log(newToken);
}).catch(err => {
console.error(err);
});Similar to gtoken, google-auth-library is a comprehensive library for Google authentication, supporting OAuth2, service accounts, and other authentication methods. It offers more extensive features compared to gtoken, including support for various environments and additional Google authentication flows.
This package provides mechanisms for implementing OAuth2 clients. While it is not specific to Google, it can be used for Google OAuth2 authentication. It is more generic compared to gtoken, which is specifically tailored for Google token management.
Node.js Google Authentication Service Account Tokens
npm install gtoken
.pem or .p12 key file:const { GoogleToken } = require('gtoken');
const gtoken = new GoogleToken({
keyFile: 'path/to/key.pem', // or path to .p12 key file
email: 'my_service_account_email@developer.gserviceaccount.com',
scope: ['https://scope1', 'https://scope2'] // or space-delimited string of scopes
});
gtoken.getToken(function(err, token) {
if (err) {
console.log(err);
return;
}
console.log(token);
});
You can also use the async/await style API:
const token = await gtoken.getToken()
console.log(token);
Or use promises:
gtoken.getToken()
.then(token => {
console.log(`Token: ${token}`)
})
.catch(e => console.error);
.json key file:const { GoogleToken } = require('gtoken');
const gtoken = new GoogleToken({
keyFile: 'path/to/key.json',
scope: ['https://scope1', 'https://scope2'] // or space-delimited string of scopes
});
gtoken.getToken(function(err, token) {
if (err) {
console.log(err);
return;
}
console.log(token);
});
const key = '-----BEGIN RSA PRIVATE KEY-----\nXXXXXXXXXXX...';
const { GoogleToken } = require('gtoken');
const gtoken = new GoogleToken({
email: 'my_service_account_email@developer.gserviceaccount.com',
scope: ['https://scope1', 'https://scope2'], // or space-delimited string of scopes
key: key
});
Various options that can be set when creating initializing the
gtokenobject.
options.email or options.iss: The service account email address.options.scope: An array of scope strings or space-delimited string of scopes.options.sub: The email address of the user requesting delegated access.options.keyFile: The filename of .json key, .pem key or .p12 key.options.key: The raw RSA private key value, in place of using options.keyFile.Returns the cached token or requests a new one and returns it.
gtoken.getToken(function(err, token) {
console.log(err || token);
// gtoken.token value is also set
});
Given a keyfile, returns the key and (if available) the client email.
const creds = await gtoken.getCredentials('path/to/key.json');
Various properties set on the gtoken object after call to
.getToken().
gtoken.token: The access token.gtoken.expiresAt: The expiry date as milliseconds since 1970/01/01gtoken.key: The raw key value.gtoken.rawToken: Most recent raw token data received from Google.Returns true if the token has expired, or token does not exist.
gtoken.getToken(function(err, token) {
if(token) {
gtoken.hasExpired(); // false
}
});
Revoke the token if set.
gtoken.revokeToken(function(err) {
if (err) {
console.log(err);
return;
}
console.log('Token revoked!');
});
.p12 key from Google.p12 key and download it into your project..p12 key to a .pem keyYou can just specify your .p12 file (with .p12 extension) as the keyFile and it will automatically be converted to a .pem on the fly, however this results in a slight performance hit. If you'd like to convert to a .pem for use later, use OpenSSL if you have it installed.
$ openssl pkcs12 -in key.p12 -nodes -nocerts > key.pem
Don't forget, the passphrase when converting these files is the string 'notasecret'
FAQs
Node.js Google Authentication Service Account Tokens
We found that gtoken demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team uncovered a malicious Python package typosquatting the popular 'fabric' SSH library, silently exfiltrating AWS credentials from unsuspecting developers.
Security News
At its inaugural meeting, the JSR Working Group outlined plans for an open governance model and a roadmap to enhance JavaScript package management.
Security News
Research
An advanced npm supply chain attack is leveraging Ethereum smart contracts for decentralized, persistent malware control, evading traditional defenses.