cwchristerw/musix-oss
1
0
Fork 0
mirror of https://github.com/musix-org/musix-oss synced 2025-07-01 20:13:38 +00:00
Code Activity

Updated

Browse Source
This commit is contained in:
MatteZ02
2019-10-10 16:43:04 +03:00
parent 6f6ac8a6fa
commit 50b9bed483
9432 changed files with 1988816 additions and 167 deletions
Download Patch File Download Diff File Expand all files Collapse all files

447
node_modules/google-auth-library/CHANGELOG.md generated vendored Normal file
View File

@ -0,0 +1,447 @@
# Changelog
[npm history][1]
[1]: https://www.npmjs.com/package/google-auth-library-nodejs?activeTab=versions
### [5.2.1](https://www.github.com/googleapis/google-auth-library-nodejs/compare/v5.2.0...v5.2.1) (2019-09-06)
### Bug Fixes
* **deps:** nock@next has types that work with our libraries ([#783](https://www.github.com/googleapis/google-auth-library-nodejs/issues/783)) ([a253709](https://www.github.com/googleapis/google-auth-library-nodejs/commit/a253709))
* **docs:** fix variable name in README.md ([#782](https://www.github.com/googleapis/google-auth-library-nodejs/issues/782)) ([d8c70b9](https://www.github.com/googleapis/google-auth-library-nodejs/commit/d8c70b9))
## [5.2.0](https://www.github.com/googleapis/google-auth-library-nodejs/compare/v5.1.2...v5.2.0) (2019-08-09)
### Features
* populate x-goog-api-client header for auth ([#772](https://www.github.com/googleapis/google-auth-library-nodejs/issues/772)) ([526dcf6](https://www.github.com/googleapis/google-auth-library-nodejs/commit/526dcf6))
### [5.1.2](https://www.github.com/googleapis/google-auth-library-nodejs/compare/v5.1.1...v5.1.2) (2019-08-05)
### Bug Fixes
* **deps:** upgrade to gtoken 4.x ([#763](https://www.github.com/googleapis/google-auth-library-nodejs/issues/763)) ([a1fcc25](https://www.github.com/googleapis/google-auth-library-nodejs/commit/a1fcc25))
### [5.1.1](https://www.github.com/googleapis/google-auth-library-nodejs/compare/v5.1.0...v5.1.1) (2019-07-29)
### Bug Fixes
* **deps:** update dependency google-auth-library to v5 ([#759](https://www.github.com/googleapis/google-auth-library-nodejs/issues/759)) ([e32a12b](https://www.github.com/googleapis/google-auth-library-nodejs/commit/e32a12b))
## [5.1.0](https://www.github.com/googleapis/google-auth-library-nodejs/compare/v5.0.0...v5.1.0) (2019-07-24)
### Features
* **types:** expose ProjectIdCallback interface ([#753](https://www.github.com/googleapis/google-auth-library-nodejs/issues/753)) ([5577f0d](https://www.github.com/googleapis/google-auth-library-nodejs/commit/5577f0d))
## [5.0.0](https://www.github.com/googleapis/google-auth-library-nodejs/compare/v4.2.6...v5.0.0) (2019-07-23)
### ⚠ BREAKING CHANGES
* getOptions() no longer accepts GoogleAuthOptions (#749)
### Code Refactoring
* getOptions() no longer accepts GoogleAuthOptions ([#749](https://www.github.com/googleapis/google-auth-library-nodejs/issues/749)) ([ba58e3b](https://www.github.com/googleapis/google-auth-library-nodejs/commit/ba58e3b))
### [4.2.6](https://www.github.com/googleapis/google-auth-library-nodejs/compare/v4.2.5...v4.2.6) (2019-07-23)
### Bug Fixes
* use FUNCTION_TARGET to detect GCF 10 and above ([#748](https://www.github.com/googleapis/google-auth-library-nodejs/issues/748)) ([ca17685](https://www.github.com/googleapis/google-auth-library-nodejs/commit/ca17685))
### [4.2.5](https://www.github.com/googleapis/google-auth-library-nodejs/compare/v4.2.4...v4.2.5) (2019-06-26)
### Bug Fixes
* **docs:** make anchors work in jsdoc ([#742](https://www.github.com/googleapis/google-auth-library-nodejs/issues/742)) ([7901456](https://www.github.com/googleapis/google-auth-library-nodejs/commit/7901456))
### [4.2.4](https://www.github.com/googleapis/google-auth-library-nodejs/compare/v4.2.3...v4.2.4) (2019-06-25)
### Bug Fixes
* only require fast-text-encoding when needed ([#740](https://www.github.com/googleapis/google-auth-library-nodejs/issues/740)) ([04fcd77](https://www.github.com/googleapis/google-auth-library-nodejs/commit/04fcd77))
### [4.2.3](https://www.github.com/googleapis/google-auth-library-nodejs/compare/v4.2.2...v4.2.3) (2019-06-24)
### Bug Fixes
* feature detection to check for browser ([#738](https://www.github.com/googleapis/google-auth-library-nodejs/issues/738)) ([83a5ba5](https://www.github.com/googleapis/google-auth-library-nodejs/commit/83a5ba5))
### [4.2.2](https://www.github.com/googleapis/google-auth-library-nodejs/compare/v4.2.1...v4.2.2) (2019-06-18)
### Bug Fixes
* **compute:** correctly specify scopes when fetching token ([#735](https://www.github.com/googleapis/google-auth-library-nodejs/issues/735)) ([4803e3c](https://www.github.com/googleapis/google-auth-library-nodejs/commit/4803e3c))
### [4.2.1](https://www.github.com/googleapis/google-auth-library-nodejs/compare/v4.2.0...v4.2.1) (2019-06-14)
### Bug Fixes
* **docs:** move to new client docs URL ([#733](https://www.github.com/googleapis/google-auth-library-nodejs/issues/733)) ([cfbbe2a](https://www.github.com/googleapis/google-auth-library-nodejs/commit/cfbbe2a))
## [4.2.0](https://www.github.com/googleapis/google-auth-library-nodejs/compare/v4.1.0...v4.2.0) (2019-06-05)
### Bug Fixes
* pad base64 strings for base64js ([#722](https://www.github.com/googleapis/google-auth-library-nodejs/issues/722)) ([81e0a23](https://www.github.com/googleapis/google-auth-library-nodejs/commit/81e0a23))
### Features
* make both crypto implementations support sign ([#727](https://www.github.com/googleapis/google-auth-library-nodejs/issues/727)) ([e445fb3](https://www.github.com/googleapis/google-auth-library-nodejs/commit/e445fb3))
## [4.1.0](https://www.github.com/googleapis/google-auth-library-nodejs/compare/v4.0.0...v4.1.0) (2019-05-29)
### Bug Fixes
* **deps:** update dependency google-auth-library to v4 ([#705](https://www.github.com/googleapis/google-auth-library-nodejs/issues/705)) ([2b13344](https://www.github.com/googleapis/google-auth-library-nodejs/commit/2b13344))
### Features
* use X-Goog-Api-Key header ([#719](https://www.github.com/googleapis/google-auth-library-nodejs/issues/719)) ([35471d0](https://www.github.com/googleapis/google-auth-library-nodejs/commit/35471d0))
## [4.0.0](https://www.github.com/googleapis/google-auth-library-nodejs/compare/v3.1.2...v4.0.0) (2019-05-08)
### Bug Fixes
* **deps:** update dependency arrify to v2 ([#684](https://www.github.com/googleapis/google-auth-library-nodejs/issues/684)) ([1757ee2](https://www.github.com/googleapis/google-auth-library-nodejs/commit/1757ee2))
* **deps:** update dependency gaxios to v2 ([#681](https://www.github.com/googleapis/google-auth-library-nodejs/issues/681)) ([770ad2f](https://www.github.com/googleapis/google-auth-library-nodejs/commit/770ad2f))
* **deps:** update dependency gcp-metadata to v2 ([#701](https://www.github.com/googleapis/google-auth-library-nodejs/issues/701)) ([be20528](https://www.github.com/googleapis/google-auth-library-nodejs/commit/be20528))
* **deps:** update dependency gtoken to v3 ([#702](https://www.github.com/googleapis/google-auth-library-nodejs/issues/702)) ([2c538e5](https://www.github.com/googleapis/google-auth-library-nodejs/commit/2c538e5))
* re-throw original exception and preserve message in compute client ([#668](https://www.github.com/googleapis/google-auth-library-nodejs/issues/668)) ([dffd1cc](https://www.github.com/googleapis/google-auth-library-nodejs/commit/dffd1cc))
* surface original stack trace and message with errors ([#651](https://www.github.com/googleapis/google-auth-library-nodejs/issues/651)) ([8fb65eb](https://www.github.com/googleapis/google-auth-library-nodejs/commit/8fb65eb))
* throw on missing refresh token in all cases ([#670](https://www.github.com/googleapis/google-auth-library-nodejs/issues/670)) ([0a02946](https://www.github.com/googleapis/google-auth-library-nodejs/commit/0a02946))
* throw when adc cannot acquire a projectId ([#658](https://www.github.com/googleapis/google-auth-library-nodejs/issues/658)) ([ba48164](https://www.github.com/googleapis/google-auth-library-nodejs/commit/ba48164))
* **deps:** update dependency semver to v6 ([#655](https://www.github.com/googleapis/google-auth-library-nodejs/issues/655)) ([ec56c88](https://www.github.com/googleapis/google-auth-library-nodejs/commit/ec56c88))
### Build System
* upgrade engines field to >=8.10.0 ([#686](https://www.github.com/googleapis/google-auth-library-nodejs/issues/686)) ([377d5c6](https://www.github.com/googleapis/google-auth-library-nodejs/commit/377d5c6))
### Features
* support scopes on compute credentials ([#642](https://www.github.com/googleapis/google-auth-library-nodejs/issues/642)) ([1811b7f](https://www.github.com/googleapis/google-auth-library-nodejs/commit/1811b7f))
### BREAKING CHANGES
* upgrade engines field to >=8.10.0 (#686)
## v3.1.2
03-22-2019 15:38 PDT
### Implementation Changes
- fix: getCredential(): load credentials with getClient() ([#648](https://github.com/google/google-auth-library-nodejs/pull/648))
### Internal / Testing Changes
- chore: publish to npm using wombat ([#645](https://github.com/google/google-auth-library-nodejs/pull/645))
## v3.1.1
03-18-2019 08:32 PDT
### Bug Fixes
- fix: Avoid loading fast-text-encoding if not in browser environment ([#627](https://github.com/google/google-auth-library-nodejs/pull/627))
### Dependencies
- fix(deps): update dependency gcp-metadata to v1 ([#632](https://github.com/google/google-auth-library-nodejs/pull/632))
### Documentation
- docs: update links in contrib guide ([#630](https://github.com/google/google-auth-library-nodejs/pull/630))
### Internal / Testing Changes
- build: use per-repo publish token ([#641](https://github.com/google/google-auth-library-nodejs/pull/641))
- build: Add docuploader credentials to node publish jobs ([#639](https://github.com/google/google-auth-library-nodejs/pull/639))
- build: use node10 to run samples-test, system-test etc ([#638](https://github.com/google/google-auth-library-nodejs/pull/638))
- build: update release configuration
- chore(deps): update dependency @types/lru-cache to v5 ([#635](https://github.com/google/google-auth-library-nodejs/pull/635))
- chore(deps): update dependency mocha to v6
- chore: fix lint ([#631](https://github.com/google/google-auth-library-nodejs/pull/631))
- build: use linkinator for docs test ([#628](https://github.com/google/google-auth-library-nodejs/pull/628))
- chore(deps): update dependency @types/tmp to ^0.0.34 ([#629](https://github.com/google/google-auth-library-nodejs/pull/629))
- build: create docs test npm scripts ([#625](https://github.com/google/google-auth-library-nodejs/pull/625))
- build: test using @grpc/grpc-js in CI ([#624](https://github.com/google/google-auth-library-nodejs/pull/624))
## v3.1.0
02-08-2019 08:29 PST
### Bug fixes
- fix: use key file when fetching project id ([#618](https://github.com/googleapis/google-auth-library-nodejs/pull/618))
- fix: Throw error if there is no refresh token despite the necessity of refreshing ([#605](https://github.com/googleapis/google-auth-library-nodejs/pull/605))
### New Features
- feat: allow passing constructor options to getClient ([#611](https://github.com/googleapis/google-auth-library-nodejs/pull/611))
### Documentation
- docs: update contributing path in README ([#621](https://github.com/googleapis/google-auth-library-nodejs/pull/621))
- chore: move CONTRIBUTING.md to root ([#619](https://github.com/googleapis/google-auth-library-nodejs/pull/619))
- docs: add lint/fix example to contributing guide ([#615](https://github.com/googleapis/google-auth-library-nodejs/pull/615))
- docs: use the People API for samples ([#609](https://github.com/googleapis/google-auth-library-nodejs/pull/609))
### Internal / Testing Changes
- chore(deps): update dependency typescript to ~3.3.0 ([#612](https://github.com/googleapis/google-auth-library-nodejs/pull/612))
- chore(deps): update dependency eslint-config-prettier to v4 ([#604](https://github.com/googleapis/google-auth-library-nodejs/pull/604))
- build: ignore googleapis.com in doc link check ([#602](https://github.com/googleapis/google-auth-library-nodejs/pull/602))
- chore(deps): update dependency karma to v4 ([#603](https://github.com/googleapis/google-auth-library-nodejs/pull/603))
## v3.0.1
01-16-2019 21:04 PST
### Bug Fixes
- fix(deps): upgrade to the latest gaxios ([#596](https://github.com/googleapis/google-auth-library-nodejs/pull/596))
## v3.0.0
01-16-2019 10:00 PST
Welcome to 3.0 🎉 This release has it all. New features, bug fixes, breaking changes, performance improvements - something for everyone! The biggest addition to this release is support for the browser via Webpack.
**This release has breaking changes.** This release has a few breaking changes. These changes are unlikely to affect most clients.
#### BREAKING: Migration from `axios` to `gaxios`
The 2.0 version of this library used the [axios](https://github.com/axios/axios) library for making HTTP requests. In the 3.0 release, this has been replaced by a *mostly* API compatible library [gaxios](https://github.com/JustinBeckwith/gaxios). The new request library natively supports proxies, and comes with a smaller dependency chain. While this is mostly an implementation detail, the `request` method was directly exposed via the `GoogleAuth.request` and `OAuth2Client.request` methods. The gaxios library aims to provide an API compatible implementation of axios, but that can never be 100% promised. If you run into bugs or differences that cause issues - please do let us know.
#### BREAKING: `generateCodeVerifier` is now `generateCodeVerifierAsync`
The `OAuth2Client.generateCodeVerifier` method has been replaced by the `OAuth2Client.generateCodeVerifierAsync` method. It has changed from a synchronous method to an asynchronous method to support async browser crypto APIs required for Webpack support.
#### BREAKING: `verifySignedJwtWithCerts` is now `verifySignedJwtWithCertsAsync`
The `OAuth2Client.verifySignedJwtWithCerts` method has been replaced by the `OAuth2Client.verifySignedJwtWithCertsAsync` method. It has changed from a synchronous method to an asynchronous method to support async browser crypto APIs required for Webpack support.
### New Features
- feat: make it webpackable ([#371](https://github.com/google/google-auth-library-nodejs/pull/371))
### Bug Fixes
- fix: accept lowercase env vars ([#578](https://github.com/google/google-auth-library-nodejs/pull/578))
### Dependencies
- chore(deps): update gtoken ([#592](https://github.com/google/google-auth-library-nodejs/pull/592))
- fix(deps): upgrade to gcp-metadata v0.9.3 ([#586](https://github.com/google/google-auth-library-nodejs/pull/586))
### Documentation
- docs: update bug report link ([#585](https://github.com/google/google-auth-library-nodejs/pull/585))
- docs: clarify access and refresh token docs ([#577](https://github.com/google/google-auth-library-nodejs/pull/577))
### Internal / Testing Changes
- refactor(deps): use `gaxios` for HTTP requests instead of `axios` ([#593](https://github.com/google/google-auth-library-nodejs/pull/593))
- fix: some browser fixes ([#590](https://github.com/google/google-auth-library-nodejs/pull/590))
- chore(deps): update dependency ts-loader to v5 ([#588](https://github.com/google/google-auth-library-nodejs/pull/588))
- chore(deps): update dependency karma to v3 ([#587](https://github.com/google/google-auth-library-nodejs/pull/587))
- build: check broken links in generated docs ([#579](https://github.com/google/google-auth-library-nodejs/pull/579))
- chore(deps): drop unused dep on typedoc ([#583](https://github.com/google/google-auth-library-nodejs/pull/583))
- build: add browser test running on Kokoro ([#584](https://github.com/google/google-auth-library-nodejs/pull/584))
- test: improve samples and add tests ([#576](https://github.com/google/google-auth-library-nodejs/pull/576))
## v2.0.2
12-16-2018 10:48 PST
### Fixes
- fix(types): export GCPEnv type ([#569](https://github.com/google/google-auth-library-nodejs/pull/569))
- fix: use post for token revocation ([#524](https://github.com/google/google-auth-library-nodejs/pull/524))
### Dependencies
- fix(deps): update dependency lru-cache to v5 ([#541](https://github.com/google/google-auth-library-nodejs/pull/541))
### Documentation
- docs: add ref docs again ([#553](https://github.com/google/google-auth-library-nodejs/pull/553))
- docs: clean up the readme ([#554](https://github.com/google/google-auth-library-nodejs/pull/554))
### Internal / Testing Changes
- chore(deps): update dependency @types/sinon to v7 ([#568](https://github.com/google/google-auth-library-nodejs/pull/568))
- refactor: use execa for install tests, run eslint on samples ([#559](https://github.com/google/google-auth-library-nodejs/pull/559))
- chore(build): inject yoshi automation key ([#566](https://github.com/google/google-auth-library-nodejs/pull/566))
- chore: update nyc and eslint configs ([#565](https://github.com/google/google-auth-library-nodejs/pull/565))
- chore: fix publish.sh permission +x ([#563](https://github.com/google/google-auth-library-nodejs/pull/563))
- fix(build): fix Kokoro release script ([#562](https://github.com/google/google-auth-library-nodejs/pull/562))
- build: add Kokoro configs for autorelease ([#561](https://github.com/google/google-auth-library-nodejs/pull/561))
- chore: always nyc report before calling codecov ([#557](https://github.com/google/google-auth-library-nodejs/pull/557))
- chore: nyc ignore build/test by default ([#556](https://github.com/google/google-auth-library-nodejs/pull/556))
- chore(build): update the prettier and renovate config ([#552](https://github.com/google/google-auth-library-nodejs/pull/552))
- chore: update license file ([#551](https://github.com/google/google-auth-library-nodejs/pull/551))
- fix(build): fix system key decryption ([#547](https://github.com/google/google-auth-library-nodejs/pull/547))
- chore(deps): update dependency typescript to ~3.2.0 ([#546](https://github.com/google/google-auth-library-nodejs/pull/546))
- chore(deps): unpin sinon ([#544](https://github.com/google/google-auth-library-nodejs/pull/544))
- refactor: drop non-required modules ([#542](https://github.com/google/google-auth-library-nodejs/pull/542))
- chore: add synth.metadata ([#537](https://github.com/google/google-auth-library-nodejs/pull/537))
- fix: Pin @types/sinon to last compatible version ([#538](https://github.com/google/google-auth-library-nodejs/pull/538))
- chore(deps): update dependency gts to ^0.9.0 ([#531](https://github.com/google/google-auth-library-nodejs/pull/531))
- chore: update eslintignore config ([#530](https://github.com/google/google-auth-library-nodejs/pull/530))
- chore: drop contributors from multiple places ([#528](https://github.com/google/google-auth-library-nodejs/pull/528))
- chore: use latest npm on Windows ([#527](https://github.com/google/google-auth-library-nodejs/pull/527))
- chore: update CircleCI config ([#523](https://github.com/google/google-auth-library-nodejs/pull/523))
- chore: include build in eslintignore ([#516](https://github.com/google/google-auth-library-nodejs/pull/516))
## v2.0.1
### Implementation Changes
- fix: verifyIdToken will never return null ([#488](https://github.com/google/google-auth-library-nodejs/pull/488))
- Update the url to application default credentials ([#470](https://github.com/google/google-auth-library-nodejs/pull/470))
- Update omitted parameter 'hd' ([#467](https://github.com/google/google-auth-library-nodejs/pull/467))
### Dependencies
- chore(deps): update dependency nock to v10 ([#501](https://github.com/google/google-auth-library-nodejs/pull/501))
- chore(deps): update dependency sinon to v7 ([#502](https://github.com/google/google-auth-library-nodejs/pull/502))
- chore(deps): update dependency typescript to v3.1.3 ([#503](https://github.com/google/google-auth-library-nodejs/pull/503))
- chore(deps): update dependency gh-pages to v2 ([#499](https://github.com/google/google-auth-library-nodejs/pull/499))
- chore(deps): update dependency typedoc to ^0.13.0 ([#497](https://github.com/google/google-auth-library-nodejs/pull/497))
### Documentation
- docs: Remove code format from Application Default Credentials ([#483](https://github.com/google/google-auth-library-nodejs/pull/483))
- docs: replace google/ with googleapis/ in URIs ([#472](https://github.com/google/google-auth-library-nodejs/pull/472))
- Fix typo in readme ([#469](https://github.com/google/google-auth-library-nodejs/pull/469))
- Update samples and docs for 2.0 ([#459](https://github.com/google/google-auth-library-nodejs/pull/459))
### Internal / Testing Changes
- chore: update issue templates ([#509](https://github.com/google/google-auth-library-nodejs/pull/509))
- chore: remove old issue template ([#507](https://github.com/google/google-auth-library-nodejs/pull/507))
- build: run tests on node11 ([#506](https://github.com/google/google-auth-library-nodejs/pull/506))
- chore(build): drop hard rejection and update gts in the kitchen test ([#504](https://github.com/google/google-auth-library-nodejs/pull/504))
- chores(build): do not collect sponge.xml from windows builds ([#500](https://github.com/google/google-auth-library-nodejs/pull/500))
- chores(build): run codecov on continuous builds ([#495](https://github.com/google/google-auth-library-nodejs/pull/495))
- chore: update new issue template ([#494](https://github.com/google/google-auth-library-nodejs/pull/494))
- build: fix codecov uploading on Kokoro ([#490](https://github.com/google/google-auth-library-nodejs/pull/490))
- test: move kitchen sink tests to system-test ([#489](https://github.com/google/google-auth-library-nodejs/pull/489))
- Update kokoro config ([#482](https://github.com/google/google-auth-library-nodejs/pull/482))
- fix: export additional typescript types ([#479](https://github.com/google/google-auth-library-nodejs/pull/479))
- Don't publish sourcemaps ([#478](https://github.com/google/google-auth-library-nodejs/pull/478))
- test: remove appveyor config ([#477](https://github.com/google/google-auth-library-nodejs/pull/477))
- Enable prefer-const in the eslint config ([#473](https://github.com/google/google-auth-library-nodejs/pull/473))
- Enable no-var in eslint ([#471](https://github.com/google/google-auth-library-nodejs/pull/471))
- Update CI config ([#468](https://github.com/google/google-auth-library-nodejs/pull/468))
- Retry npm install in CI ([#465](https://github.com/google/google-auth-library-nodejs/pull/465))
- Update Kokoro config ([#462](https://github.com/google/google-auth-library-nodejs/pull/462))
## v2.0.0
Well hello 2.0 🎉 **This release has multiple breaking changes**. It also has a lot of bug fixes.
### Breaking Changes
#### Support for node.js 4.x and 9.x has been dropped
These versions of node.js are no longer supported.
#### The `getRequestMetadata` method has been deprecated
The `getRequestMetadata` method has been deprecated on the `IAM`, `OAuth2`, `JWT`, and `JWTAccess` classes. The `getRequestHeaders` method should be used instead. The methods have a subtle difference: the `getRequestMetadata` method returns an object with a headers property, which contains the authorization header. The `getRequestHeaders` method simply returns the headers.
##### Old code
```js
const client = await auth.getClient();
const res = await client.getRequestMetadata();
const headers = res.headers;
```
##### New code
```js
const client = await auth.getClient();
const headers = await client.getRequestHeaders();
```
#### The `createScopedRequired` method has been deprecated
The `createScopedRequired` method has been deprecated on multiple classes. The `createScopedRequired` and `createScoped` methods on the `JWT` class were largely in place to help inform clients when scopes were required in an application default credential scenario. Instead of checking if scopes are required after creating the client, instead scopes should just be passed either into the `GoogleAuth.getClient` method, or directly into the `JWT` constructor.
##### Old code
```js
auth.getApplicationDefault(function(err, authClient) {
if (err) {
return callback(err);
}
if (authClient.createScopedRequired && authClient.createScopedRequired()) {
authClient = authClient.createScoped([
'https://www.googleapis.com/auth/cloud-platform'
]);
}
callback(null, authClient);
});
```
##### New code
```js
const client = await auth.getClient({
scopes: ['https://www.googleapis.com/auth/cloud-platform']
});
```
#### The `refreshAccessToken` method has been deprecated
The `OAuth2.refreshAccessToken` method has been deprecated. The `getAccessToken`, `getRequestMetadata`, and `request` methods will all refresh the token if needed automatically. There is no need to ever manually refresh the token.
As always, if you run into any problems... please let us know!
### Features
- Set private_key_id in JWT access token header like other google auth libraries. (#450)
### Bug Fixes
- fix: support HTTPS proxies (#405)
- fix: export missing interfaces (#437)
- fix: Use new auth URIs (#434)
- docs: Fix broken link (#423)
- fix: surface file read streams (#413)
- fix: prevent unhandled rejections by avoid .catch (#404)
- fix: use gcp-metadata for compute credentials (#409)
- Add Code of Conduct
- fix: Warn when using user credentials from the Cloud SDK (#399)
- fix: use `Buffer.from` instead of `new Buffer` (#400)
- fix: Fix link format in README.md (#385)
### Breaking changes
- chore: deprecate getRequestMetadata (#414)
- fix: deprecate the `createScopedRequired` methods (#410)
- fix: drop support for node.js 4.x and 9.x (#417)
- fix: deprecate the `refreshAccessToken` methods (#411)
- fix: deprecate the `getDefaultProjectId` method (#402)
- fix: drop support for node.js 4 (#401)
### Build / Test changes
- Run synth to make build tools consistent (#455)
- Add a package.json for samples and cleanup README (#454)
- chore(deps): update dependency typedoc to ^0.12.0 (#453)
- chore: move examples => samples + synth (#448)
- chore(deps): update dependency nyc to v13 (#452)
- chore(deps): update dependency pify to v4 (#447)
- chore(deps): update dependency assert-rejects to v1 (#446)
- chore: ignore package-lock.json (#445)
- chore: update renovate config (#442)
- chore(deps): lock file maintenance (#443)
- chore: remove greenkeeper badge (#440)
- test: throw on deprecation
- chore: add intelli-espower-loader for running tests (#430)
- chore(deps): update dependency typescript to v3 (#432)
- chore(deps): lock file maintenance (#431)
- test: use strictEqual in tests (#425)
- chore(deps): lock file maintenance (#428)
- chore: Configure Renovate (#424)
- chore: Update gts to the latest version 🚀 (#422)
- chore: update gcp-metadata for isAvailable fix (#420)
- refactor: use assert.reject in the tests (#415)
- refactor: cleanup types for certificates (#412)
- test: run tests with hard-rejection (#397)
- cleanup: straighten nested try-catch (#394)
- test: getDefaultProjectId should prefer config (#388)
- chore(package): Update gts to the latest version 🚀 (#387)
- chore(package): update sinon to version 6.0.0 (#386)
## Upgrading to 1.x
The `1.x` release includes a variety of bug fixes, new features, and breaking changes. Please take care, and see [the release notes](https://github.com/googleapis/google-auth-library-nodejs/releases/tag/v1.0.0) for a list of breaking changes, and the upgrade guide.

202
node_modules/google-auth-library/LICENSE generated vendored Normal file
View File

@ -0,0 +1,202 @@
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "[]"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
file or class name and description of purpose be included on the
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright [yyyy] [name of copyright owner]
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

367
node_modules/google-auth-library/README.md generated vendored Normal file
View File

@ -0,0 +1,367 @@
<img src="https://avatars0.githubusercontent.com/u/1342004?v=3&s=96" alt="Google Inc. logo" title="Google" align="right" height="96" width="96"/>
# Google Auth Library
[![npm version][npmimg]][npm]
[![codecov][codecov-image]][codecov-url]
[![Dependencies][david-dm-img]][david-dm]
[![Known Vulnerabilities][snyk-image]][snyk-url]
This is Google's officially supported [node.js][node] client library for using OAuth 2.0 authorization and authentication with Google APIs.
## Installation
This library is distributed on `npm`. To add it as a dependency, run the following command:
``` sh
$ npm install google-auth-library
```
## Ways to authenticate
This library provides a variety of ways to authenticate to your Google services.
- [Application Default Credentials](#choosing-the-correct-credential-type-automatically) - Use Application Default Credentials when you use a single identity for all users in your application. Especially useful for applications running on Google Cloud.
- [OAuth 2](#oauth2) - Use OAuth2 when you need to perform actions on behalf of the end user.
- [JSON Web Tokens](#json-web-tokens) - Use JWT when you are using a single identity for all users. Especially useful for server->server or server->API communication.
- [Google Compute](#compute) - Directly use a service account on Google Cloud Platform. Useful for server->server or server->API communication.
## Application Default Credentials
This library provides an implementation of [Application Default Credentials][] for Node.js. The [Application Default Credentials][] provide a simple way to get authorization credentials for use in calling Google APIs.
They are best suited for cases when the call needs to have the same identity and authorization level for the application independent of the user. This is the recommended approach to authorize calls to Cloud APIs, particularly when you're building an application that uses Google Cloud Platform.
#### Download your Service Account Credentials JSON file
To use Application Default Credentials, You first need to download a set of JSON credentials for your project. Go to **APIs & Auth** > **Credentials** in the [Google Developers Console][devconsole] and select **Service account** from the **Add credentials** dropdown.
> This file is your *only copy* of these credentials. It should never be
> committed with your source code, and should be stored securely.
Once downloaded, store the path to this file in the `GOOGLE_APPLICATION_CREDENTIALS` environment variable.
#### Enable the API you want to use
Before making your API call, you must be sure the API you're calling has been enabled. Go to **APIs & Auth** > **APIs** in the [Google Developers Console][devconsole] and enable the APIs you'd like to call. For the example below, you must enable the `DNS API`.
#### Choosing the correct credential type automatically
Rather than manually creating an OAuth2 client, JWT client, or Compute client, the auth library can create the correct credential type for you, depending upon the environment your code is running under.
For example, a JWT auth client will be created when your code is running on your local developer machine, and a Compute client will be created when the same code is running on Google Cloud Platform. If you need a specific set of scopes, you can pass those in the form of a string or an array to the `GoogleAuth` constructor.
The code below shows how to retrieve a default credential type, depending upon the runtime environment.
```js
const {GoogleAuth} = require('google-auth-library');
/**
* Instead of specifying the type of client you'd like to use (JWT, OAuth2, etc)
* this library will automatically choose the right client based on the environment.
*/
async function main() {
const auth = new GoogleAuth({
scopes: 'https://www.googleapis.com/auth/cloud-platform'
});
const client = await auth.getClient();
const projectId = await auth.getProjectId();
const url = `https://dns.googleapis.com/dns/v1/projects/${projectId}`;
const res = await client.request({ url });
console.log(res.data);
}
main().catch(console.error);
```
## OAuth2
This library comes with an [OAuth2][oauth] client that allows you to retrieve an access token and refreshes the token and retry the request seamlessly if you also provide an `expiry_date` and the token is expired. The basics of Google's OAuth2 implementation is explained on [Google Authorization and Authentication documentation][authdocs].
In the following examples, you may need a `CLIENT_ID`, `CLIENT_SECRET` and `REDIRECT_URL`. You can find these pieces of information by going to the [Developer Console][devconsole], clicking your project > APIs & auth > credentials.
For more information about OAuth2 and how it works, [see here][oauth].
#### A complete OAuth2 example
Let's take a look at a complete example.
``` js
const {OAuth2Client} = require('google-auth-library');
const http = require('http');
const url = require('url');
const open = require('open');
const destroyer = require('server-destroy');
// Download your OAuth2 configuration from the Google
const keys = require('./oauth2.keys.json');
/**
* Start by acquiring a pre-authenticated oAuth2 client.
*/
async function main() {
const oAuth2Client = await getAuthenticatedClient();
// Make a simple request to the People API using our pre-authenticated client. The `request()` method
// takes an GaxiosOptions object. Visit https://github.com/JustinBeckwith/gaxios.
const url = 'https://people.googleapis.com/v1/people/me?personFields=names';
const res = await oAuth2Client.request({url});
console.log(res.data);
// After acquiring an access_token, you may want to check on the audience, expiration,
// or original scopes requested. You can do that with the `getTokenInfo` method.
const tokenInfo = await oAuth2Client.getTokenInfo(
oAuth2Client.credentials.access_token
);
console.log(tokenInfo);
}
/**
* Create a new OAuth2Client, and go through the OAuth2 content
* workflow. Return the full client to the callback.
*/
function getAuthenticatedClient() {
return new Promise((resolve, reject) => {
// create an oAuth client to authorize the API call. Secrets are kept in a `keys.json` file,
// which should be downloaded from the Google Developers Console.
const oAuth2Client = new OAuth2Client(
keys.web.client_id,
keys.web.client_secret,
keys.web.redirect_uris[0]
);
// Generate the url that will be used for the consent dialog.
const authorizeUrl = oAuth2Client.generateAuthUrl({
access_type: 'offline',
scope: 'https://www.googleapis.com/auth/userinfo.profile',
});
// Open an http server to accept the oauth callback. In this simple example, the
// only request to our webserver is to /oauth2callback?code=<code>
const server = http
.createServer(async (req, res) => {
try {
if (req.url.indexOf('/oauth2callback') > -1) {
// acquire the code from the querystring, and close the web server.
const qs = new url.URL(req.url, 'http://localhost:3000')
.searchParams;
const code = qs.get('code');
console.log(`Code is ${code}`);
res.end('Authentication successful! Please return to the console.');
server.destroy();
// Now that we have the code, use that to acquire tokens.
const r = await oAuth2Client.getToken(code);
// Make sure to set the credentials on the OAuth2 client.
oAuth2Client.setCredentials(r.tokens);
console.info('Tokens acquired.');
resolve(oAuth2Client);
}
} catch (e) {
reject(e);
}
})
.listen(3000, () => {
// open the browser to the authorize url to start the workflow
open(authorizeUrl, {wait: false}).then(cp => cp.unref());
});
destroyer(server);
});
}
main().catch(console.error);
```
#### Handling token events
This library will automatically obtain an `access_token`, and automatically refresh the `access_token` if a `refresh_token` is present. The `refresh_token` is only returned on the [first authorization](https://github.com/googleapis/google-api-nodejs-client/issues/750#issuecomment-304521450), so if you want to make sure you store it safely. An easy way to make sure you always store the most recent tokens is to use the `tokens` event:
```js
const client = await auth.getClient();
client.on('tokens', (tokens) => {
if (tokens.refresh_token) {
// store the refresh_token in my database!
console.log(tokens.refresh_token);
}
console.log(tokens.access_token);
});
const url = `https://dns.googleapis.com/dns/v1/projects/${projectId}`;
const res = await client.request({ url });
// The `tokens` event would now be raised if this was the first request
```
#### Retrieve access token
With the code returned, you can ask for an access token as shown below:
``` js
const tokens = await oauth2Client.getToken(code);
// Now tokens contains an access_token and an optional refresh_token. Save them.
oauth2Client.setCredentials(tokens);
```
#### Obtaining a new Refresh Token
If you need to obtain a new `refresh_token`, ensure the call to `generateAuthUrl` sets the `access_type` to `offline`. The refresh token will only be returned for the first authorization by the user. To force consent, set the `prompt` property to `consent`:
```js
// Generate the url that will be used for the consent dialog.
const authorizeUrl = oAuth2Client.generateAuthUrl({
// To get a refresh token, you MUST set access_type to `offline`.
access_type: 'offline',
// set the appropriate scopes
scope: 'https://www.googleapis.com/auth/userinfo.profile',
// A refresh token is only returned the first time the user
// consents to providing access. For illustration purposes,
// setting the prompt to 'consent' will force this consent
// every time, forcing a refresh_token to be returned.
prompt: 'consent'
});
```
#### Checking `access_token` information
After obtaining and storing an `access_token`, at a later time you may want to go check the expiration date,
original scopes, or audience for the token. To get the token info, you can use the `getTokenInfo` method:
```js
// after acquiring an oAuth2Client...
const tokenInfo = await oAuth2Client.getTokenInfo('my-access-token');
// take a look at the scopes originally provisioned for the access token
console.log(tokenInfo.scopes);
```
This method will throw if the token is invalid.
#### OAuth2 with Installed Apps (Electron)
If you're authenticating with OAuth2 from an installed application (like Electron), you may not want to embed your `client_secret` inside of the application sources. To work around this restriction, you can choose the `iOS` application type when creating your OAuth2 credentials in the [Google Developers console][devconsole]:
![application type][apptype]
If using the `iOS` type, when creating the OAuth2 client you won't need to pass a `client_secret` into the constructor:
```js
const oAuth2Client = new OAuth2Client({
clientId: <your_client_id>,
redirectUri: <your_redirect_uri>
});
```
## JSON Web Tokens
The Google Developers Console provides a `.json` file that you can use to configure a JWT auth client and authenticate your requests, for example when using a service account.
``` js
const {JWT} = require('google-auth-library');
const keys = require('./jwt.keys.json');
async function main() {
const client = new JWT(
keys.client_email,
null,
keys.private_key,
['https://www.googleapis.com/auth/cloud-platform'],
);
const url = `https://dns.googleapis.com/dns/v1/projects/${keys.project_id}`;
const res = await client.request({url});
console.log(res.data);
}
main().catch(console.error);
```
The parameters for the JWT auth client including how to use it with a `.pem` file are explained in [samples/jwt.js](https://github.com/googleapis/google-auth-library-nodejs/blob/master/samples/jwt.js).
#### Loading credentials from environment variables
Instead of loading credentials from a key file, you can also provide them using an environment variable and the `GoogleAuth.fromJSON()` method. This is particularly convenient for systems that deploy directly from source control (Heroku, App Engine, etc).
Start by exporting your credentials:
```
$ export CREDS='{
"type": "service_account",
"project_id": "your-project-id",
"private_key_id": "your-private-key-id",
"private_key": "your-private-key",
"client_email": "your-client-email",
"client_id": "your-client-id",
"auth_uri": "https://accounts.google.com/o/oauth2/auth",
"token_uri": "https://accounts.google.com/o/oauth2/token",
"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
"client_x509_cert_url": "your-cert-url"
}'
```
Now you can create a new client from the credentials:
```js
const {auth} = require('google-auth-library');
// load the environment variable with our keys
const keysEnvVar = process.env['CREDS'];
if (!keysEnvVar) {
throw new Error('The $CREDS environment variable was not found!');
}
const keys = JSON.parse(keysEnvVar);
async function main() {
// load the JWT or UserRefreshClient from the keys
const client = auth.fromJSON(keys);
client.scopes = ['https://www.googleapis.com/auth/cloud-platform'];
const url = `https://dns.googleapis.com/dns/v1/projects/${keys.project_id}`;
const res = await client.request({url});
console.log(res.data);
}
main().catch(console.error);
```
#### Using a Proxy
You can set the `HTTPS_PROXY` or `https_proxy` environment variables to proxy HTTPS requests. When `HTTPS_PROXY` or `https_proxy` are set, they will be used to proxy SSL requests that do not have an explicit proxy configuration option present.
## Compute
If your application is running on Google Cloud Platform, you can authenticate using the default service account or by specifying a specific service account.
**Note**: In most cases, you will want to use [Application Default Credentials](#choosing-the-correct-credential-type-automatically). Direct use of the `Compute` class is for very specific scenarios.
``` js
const {auth, Compute} = require('google-auth-library');
async function main() {
const client = new Compute({
// Specifying the service account email is optional.
serviceAccountEmail: 'my-service-account@example.com'
});
const projectId = await auth.getProjectId();
const url = `https://dns.googleapis.com/dns/v1/projects/${projectId}`;
const res = await client.request({url});
console.log(res.data);
}
main().catch(console.error);
```
## Questions/problems?
* Ask your development related questions on [Stack Overflow][stackoverflow].
* If you've found an bug/issue, please [file it on GitHub][bugs].
## Contributing
See [CONTRIBUTING][contributing].
## License
This library is licensed under Apache 2.0. Full license text is available in [LICENSE][copying].
[Application Default Credentials]: https://cloud.google.com/docs/authentication/getting-started
[apptype]: https://user-images.githubusercontent.com/534619/36553844-3f9a863c-17b2-11e8-904a-29f6cd5f807a.png
[authdocs]: https://developers.google.com/accounts/docs/OAuth2Login
[bugs]: https://github.com/googleapis/google-auth-library-nodejs/issues
[codecov-image]: https://codecov.io/gh/googleapis/google-auth-library-nodejs/branch/master/graph/badge.svg
[codecov-url]: https://codecov.io/gh/googleapis/google-auth-library-nodejs
[contributing]: https://github.com/googleapis/google-auth-library-nodejs/blob/master/CONTRIBUTING.md
[copying]: https://github.com/googleapis/google-auth-library-nodejs/tree/master/LICENSE
[david-dm-img]: https://david-dm.org/googleapis/google-auth-library-nodejs/status.svg
[david-dm]: https://david-dm.org/googleapis/google-auth-library-nodejs
[node]: http://nodejs.org/
[npmimg]: https://img.shields.io/npm/v/google-auth-library.svg
[npm]: https://www.npmjs.org/package/google-auth-library
[oauth]: https://developers.google.com/identity/protocols/OAuth2
[snyk-image]: https://snyk.io/test/github/googleapis/google-auth-library-nodejs/badge.svg
[snyk-url]: https://snyk.io/test/github/googleapis/google-auth-library-nodejs
[stackoverflow]: http://stackoverflow.com/questions/tagged/google-auth-library-nodejs
[devconsole]: https://console.developer.google.com

35
node_modules/google-auth-library/build/src/auth/authclient.d.ts generated vendored Normal file
View File

@ -0,0 +1,35 @@
/**
* Copyright 2012 Google Inc. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/// <reference types="node" />
import { EventEmitter } from 'events';
import { GaxiosOptions, GaxiosPromise } from 'gaxios';
import { DefaultTransporter } from '../transporters';
import { Credentials } from './credentials';
export declare interface AuthClient {
on(event: 'tokens', listener: (tokens: Credentials) => void): this;
}
export declare abstract class AuthClient extends EventEmitter {
transporter: DefaultTransporter;
credentials: Credentials;
/**
* Provides an alternative Gaxios request implementation with auth credentials
*/
abstract request<T>(opts: GaxiosOptions): GaxiosPromise<T>;
/**
* Sets the auth credentials.
*/
setCredentials(credentials: Credentials): void;
}

34
node_modules/google-auth-library/build/src/auth/authclient.js generated vendored Normal file
View File

@ -0,0 +1,34 @@
"use strict";
/**
* Copyright 2012 Google Inc. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
Object.defineProperty(exports, "__esModule", { value: true });
const events_1 = require("events");
const transporters_1 = require("../transporters");
class AuthClient extends events_1.EventEmitter {
constructor() {
super(...arguments);
this.transporter = new transporters_1.DefaultTransporter();
this.credentials = {};
}
/**
* Sets the auth credentials.
*/
setCredentials(credentials) {
this.credentials = credentials;
}
}
exports.AuthClient = AuthClient;
//# sourceMappingURL=authclient.js.map

54
node_modules/google-auth-library/build/src/auth/computeclient.d.ts generated vendored Normal file
View File

@ -0,0 +1,54 @@
/**
* Copyright 2013 Google Inc. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
import { GaxiosError } from 'gaxios';
import { GetTokenResponse, OAuth2Client, RefreshOptions } from './oauth2client';
export interface ComputeOptions extends RefreshOptions {
/**
* The service account email to use, or 'default'. A Compute Engine instance
* may have multiple service accounts.
*/
serviceAccountEmail?: string;
/**
* The scopes that will be requested when acquiring service account
* credentials. Only applicable to modern App Engine and Cloud Function
* runtimes as of March 2019.
*/
scopes?: string | string[];
}
export declare class Compute extends OAuth2Client {
private serviceAccountEmail;
scopes: string[];
/**
* Google Compute Engine service account credentials.
*
* Retrieve access token from the metadata server.
* See: https://developers.google.com/compute/docs/authentication
*/
constructor(options?: ComputeOptions);
/**
* Indicates whether the credential requires scopes to be created by calling
* createdScoped before use.
* @deprecated
* @return Boolean indicating if scope is required.
*/
createScopedRequired(): boolean;
/**
* Refreshes the access token.
* @param refreshToken Unused parameter
*/
protected refreshTokenNoCache(refreshToken?: string | null): Promise<GetTokenResponse>;
protected wrapError(e: GaxiosError): void;
}

103
node_modules/google-auth-library/build/src/auth/computeclient.js generated vendored Normal file
View File

@ -0,0 +1,103 @@
"use strict";
/**
* Copyright 2013 Google Inc. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
Object.defineProperty(exports, "__esModule", { value: true });
const arrify = require("arrify");
const gcpMetadata = require("gcp-metadata");
const messages = require("../messages");
const oauth2client_1 = require("./oauth2client");
class Compute extends oauth2client_1.OAuth2Client {
/**
* Google Compute Engine service account credentials.
*
* Retrieve access token from the metadata server.
* See: https://developers.google.com/compute/docs/authentication
*/
constructor(options = {}) {
super(options);
// Start with an expired refresh token, which will automatically be
// refreshed before the first API call is made.
this.credentials = { expiry_date: 1, refresh_token: 'compute-placeholder' };
this.serviceAccountEmail = options.serviceAccountEmail || 'default';
this.scopes = arrify(options.scopes);
}
/**
* Indicates whether the credential requires scopes to be created by calling
* createdScoped before use.
* @deprecated
* @return Boolean indicating if scope is required.
*/
createScopedRequired() {
// On compute engine, scopes are specified at the compute instance's
// creation time, and cannot be changed. For this reason, always return
// false.
messages.warn(messages.COMPUTE_CREATE_SCOPED_DEPRECATED);
return false;
}
/**
* Refreshes the access token.
* @param refreshToken Unused parameter
*/
async refreshTokenNoCache(refreshToken) {
const tokenPath = `service-accounts/${this.serviceAccountEmail}/token`;
let data;
try {
const instanceOptions = {
property: tokenPath,
};
if (this.scopes.length > 0) {
instanceOptions.params = {
scopes: this.scopes.join(','),
};
}
data = await gcpMetadata.instance(instanceOptions);
}
catch (e) {
e.message = `Could not refresh access token: ${e.message}`;
this.wrapError(e);
throw e;
}
const tokens = data;
if (data && data.expires_in) {
tokens.expiry_date = new Date().getTime() + data.expires_in * 1000;
delete tokens.expires_in;
}
this.emit('tokens', tokens);
return { tokens, res: null };
}
wrapError(e) {
const res = e.response;
if (res && res.status) {
e.code = res.status.toString();
if (res.status === 403) {
e.message =
'A Forbidden error was returned while attempting to retrieve an access ' +
'token for the Compute Engine built-in service account. This may be because the Compute ' +
'Engine instance does not have the correct permission scopes specified: ' +
e.message;
}
else if (res.status === 404) {
e.message =
'A Not Found error was returned while attempting to retrieve an access' +
'token for the Compute Engine built-in service account. This may be because the Compute ' +
'Engine instance does not have any permission scopes specified: ' +
e.message;
}
}
}
}
exports.Compute = Compute;
//# sourceMappingURL=computeclient.js.map

43
node_modules/google-auth-library/build/src/auth/credentials.d.ts generated vendored Normal file
View File

@ -0,0 +1,43 @@
/**
* Copyright 2014 Google Inc. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
export interface Credentials {
refresh_token?: string | null;
expiry_date?: number | null;
access_token?: string | null;
token_type?: string | null;
id_token?: string | null;
}
export interface CredentialRequest {
refresh_token?: string;
access_token?: string;
token_type?: string;
expires_in?: number;
id_token?: string;
}
export interface JWTInput {
type?: string;
client_email?: string;
private_key?: string;
private_key_id?: string;
project_id?: string;
client_id?: string;
client_secret?: string;
refresh_token?: string;
}
export interface CredentialBody {
client_email?: string;
private_key?: string;
}

18
node_modules/google-auth-library/build/src/auth/credentials.js generated vendored Normal file
View File

@ -0,0 +1,18 @@
"use strict";
/**
* Copyright 2014 Google Inc. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
Object.defineProperty(exports, "__esModule", { value: true });
//# sourceMappingURL=credentials.js.map

24
node_modules/google-auth-library/build/src/auth/envDetect.d.ts generated vendored Normal file
View File

@ -0,0 +1,24 @@
/**
* Copyright 2018 Google LLC. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
export declare enum GCPEnv {
APP_ENGINE = "APP_ENGINE",
KUBERNETES_ENGINE = "KUBERNETES_ENGINE",
CLOUD_FUNCTIONS = "CLOUD_FUNCTIONS",
COMPUTE_ENGINE = "COMPUTE_ENGINE",
NONE = "NONE"
}
export declare function clear(): void;
export declare function getEnv(): Promise<GCPEnv>;

71
node_modules/google-auth-library/build/src/auth/envDetect.js generated vendored Normal file
View File

@ -0,0 +1,71 @@
"use strict";
/**
* Copyright 2018 Google LLC. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
Object.defineProperty(exports, "__esModule", { value: true });
const gcpMetadata = require("gcp-metadata");
var GCPEnv;
(function (GCPEnv) {
GCPEnv["APP_ENGINE"] = "APP_ENGINE";
GCPEnv["KUBERNETES_ENGINE"] = "KUBERNETES_ENGINE";
GCPEnv["CLOUD_FUNCTIONS"] = "CLOUD_FUNCTIONS";
GCPEnv["COMPUTE_ENGINE"] = "COMPUTE_ENGINE";
GCPEnv["NONE"] = "NONE";
})(GCPEnv = exports.GCPEnv || (exports.GCPEnv = {}));
let env;
function clear() {
env = undefined;
}
exports.clear = clear;
async function getEnv() {
if (!env) {
if (isAppEngine()) {
env = GCPEnv.APP_ENGINE;
}
else if (isCloudFunction()) {
env = GCPEnv.CLOUD_FUNCTIONS;
}
else if (await isKubernetesEngine()) {
env = GCPEnv.KUBERNETES_ENGINE;
}
else if (await isComputeEngine()) {
env = GCPEnv.COMPUTE_ENGINE;
}
else {
env = GCPEnv.NONE;
}
}
return env;
}
exports.getEnv = getEnv;
function isAppEngine() {
return !!(process.env.GAE_SERVICE || process.env.GAE_MODULE_NAME);
}
function isCloudFunction() {
return !!(process.env.FUNCTION_NAME || process.env.FUNCTION_TARGET);
}
async function isKubernetesEngine() {
try {
await gcpMetadata.instance('attributes/cluster-name');
return true;
}
catch (e) {
return false;
}
}
async function isComputeEngine() {
return gcpMetadata.isAvailable();
}
//# sourceMappingURL=envDetect.js.map

262
node_modules/google-auth-library/build/src/auth/googleauth.d.ts generated vendored Normal file
View File

@ -0,0 +1,262 @@
/**
* Copyright 2019 Google LLC. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/// <reference types="node" />
import { GaxiosOptions, GaxiosResponse } from 'gaxios';
import * as stream from 'stream';
import { DefaultTransporter, Transporter } from '../transporters';
import { Compute } from './computeclient';
import { CredentialBody, JWTInput } from './credentials';
import { GCPEnv } from './envDetect';
import { JWT, JWTOptions } from './jwtclient';
import { Headers, OAuth2Client, OAuth2ClientOptions, RefreshOptions } from './oauth2client';
import { UserRefreshClient, UserRefreshClientOptions } from './refreshclient';
export interface ProjectIdCallback {
(err?: Error | null, projectId?: string | null): void;
}
export interface CredentialCallback {
(err: Error | null, result?: UserRefreshClient | JWT): void;
}
interface DeprecatedGetClientOptions {
}
export interface ADCCallback {
(err: Error | null, credential?: OAuth2Client, projectId?: string | null): void;
}
export interface ADCResponse {
credential: OAuth2Client;
projectId: string | null;
}
export interface GoogleAuthOptions {
/**
* Path to a .json, .pem, or .p12 key file
*/
keyFilename?: string;
/**
* Path to a .json, .pem, or .p12 key file
*/
keyFile?: string;
/**
* Object containing client_email and private_key properties
*/
credentials?: CredentialBody;
/**
* Options object passed to the constructor of the client
*/
clientOptions?: JWTOptions | OAuth2ClientOptions | UserRefreshClientOptions;
/**
* Required scopes for the desired API request
*/
scopes?: string | string[];
/**
* Your project ID.
*/
projectId?: string;
}
export declare const CLOUD_SDK_CLIENT_ID = "764086051850-6qr4p6gpi6hn506pt8ejuq83di341hur.apps.googleusercontent.com";
export declare class GoogleAuth {
transporter?: Transporter;
/**
* Caches a value indicating whether the auth layer is running on Google
* Compute Engine.
* @private
*/
private checkIsGCE?;
readonly isGCE: boolean | undefined;
private _getDefaultProjectIdPromise?;
private _cachedProjectId?;
jsonContent: JWTInput | null;
cachedCredential: JWT | UserRefreshClient | Compute | null;
private keyFilename?;
private scopes?;
private clientOptions?;
/**
* Export DefaultTransporter as a static property of the class.
*/
static DefaultTransporter: typeof DefaultTransporter;
constructor(opts?: GoogleAuthOptions);
/**
* THIS METHOD HAS BEEN DEPRECATED.
* It will be removed in 3.0. Please use getProjectId instead.
*/
getDefaultProjectId(): Promise<string>;
getDefaultProjectId(callback: ProjectIdCallback): void;
/**
* Obtains the default project ID for the application.
* @param callback Optional callback
* @returns Promise that resolves with project Id (if used without callback)
*/
getProjectId(): Promise<string>;
getProjectId(callback: ProjectIdCallback): void;
private getProjectIdAsync;
/**
* Obtains the default service-level credentials for the application.
* @param callback Optional callback.
* @returns Promise that resolves with the ADCResponse (if no callback was
* passed).
*/
getApplicationDefault(): Promise<ADCResponse>;
getApplicationDefault(callback: ADCCallback): void;
getApplicationDefault(options: RefreshOptions): Promise<ADCResponse>;
getApplicationDefault(options: RefreshOptions, callback: ADCCallback): void;
private getApplicationDefaultAsync;
/**
* Determines whether the auth layer is running on Google Compute Engine.
* @returns A promise that resolves with the boolean.
* @api private
*/
_checkIsGCE(): Promise<boolean>;
/**
* Attempts to load default credentials from the environment variable path..
* @returns Promise that resolves with the OAuth2Client or null.
* @api private
*/
_tryGetApplicationCredentialsFromEnvironmentVariable(options?: RefreshOptions): Promise<JWT | UserRefreshClient | null>;
/**
* Attempts to load default credentials from a well-known file location
* @return Promise that resolves with the OAuth2Client or null.
* @api private
*/
_tryGetApplicationCredentialsFromWellKnownFile(options?: RefreshOptions): Promise<JWT | UserRefreshClient | null>;
/**
* Attempts to load default credentials from a file at the given path..
* @param filePath The path to the file to read.
* @returns Promise that resolves with the OAuth2Client
* @api private
*/
_getApplicationCredentialsFromFilePath(filePath: string, options?: RefreshOptions): Promise<JWT | UserRefreshClient>;
/**
* Credentials from the Cloud SDK that are associated with Cloud SDK's project
* are problematic because they may not have APIs enabled and have limited
* quota. If this is the case, warn about it.
*/
protected warnOnProblematicCredentials(client: JWT): void;
/**
* Create a credentials instance using the given input options.
* @param json The input object.
* @param options The JWT or UserRefresh options for the client
* @returns JWT or UserRefresh Client with data
*/
fromJSON(json: JWTInput, options?: RefreshOptions): JWT | UserRefreshClient;
/**
* Return a JWT or UserRefreshClient from JavaScript object, caching both the
* object used to instantiate and the client.
* @param json The input object.
* @param options The JWT or UserRefresh options for the client
* @returns JWT or UserRefresh Client with data
*/
private _cacheClientFromJSON;
/**
* Create a credentials instance using the given input stream.
* @param inputStream The input stream.
* @param callback Optional callback.
*/
fromStream(inputStream: stream.Readable): Promise<JWT | UserRefreshClient>;
fromStream(inputStream: stream.Readable, callback: CredentialCallback): void;
fromStream(inputStream: stream.Readable, options: RefreshOptions): Promise<JWT | UserRefreshClient>;
fromStream(inputStream: stream.Readable, options: RefreshOptions, callback: CredentialCallback): void;
private fromStreamAsync;
/**
* Create a credentials instance using the given API key string.
* @param apiKey The API key string
* @param options An optional options object.
* @returns A JWT loaded from the key
*/
fromAPIKey(apiKey: string, options?: RefreshOptions): JWT;
/**
* Determines whether the current operating system is Windows.
* @api private
*/
private _isWindows;
/**
* Run the Google Cloud SDK command that prints the default project ID
*/
private getDefaultServiceProjectId;
/**
* Loads the project id from environment variables.
* @api private
*/
private getProductionProjectId;
/**
* Loads the project id from the GOOGLE_APPLICATION_CREDENTIALS json file.
* @api private
*/
private getFileProjectId;
/**
* Gets the Compute Engine project ID if it can be inferred.
*/
private getGCEProjectId;
/**
* The callback function handles a credential object that contains the
* client_email and private_key (if exists).
* getCredentials checks for these values from the user JSON at first.
* If it doesn't exist, and the environment is on GCE, it gets the
* client_email from the cloud metadata server.
* @param callback Callback that handles the credential object that contains
* a client_email and optional private key, or the error.
* returned
*/
getCredentials(): Promise<CredentialBody>;
getCredentials(callback: (err: Error | null, credentials?: CredentialBody) => void): void;
private getCredentialsAsync;
/**
* Automatically obtain a client based on the provided configuration. If no
* options were passed, use Application Default Credentials.
*/
getClient(options?: DeprecatedGetClientOptions): Promise<Compute | JWT | UserRefreshClient>;
/**
* Automatically obtain application default credentials, and return
* an access token for making requests.
*/
getAccessToken(): Promise<string | null | undefined>;
/**
* Obtain the HTTP headers that will provide authorization for a given
* request.
*/
getRequestHeaders(url?: string): Promise<Headers>;
/**
* Obtain credentials for a request, then attach the appropriate headers to
* the request options.
* @param opts Axios or Request options on which to attach the headers
*/
authorizeRequest(opts: {
url?: string;
uri?: string;
headers?: Headers;
}): Promise<{
url?: string | undefined;
uri?: string | undefined;
headers?: Headers | undefined;
}>;
/**
* Automatically obtain application default credentials, and make an
* HTTP request using the given options.
* @param opts Axios request options for the HTTP request.
*/
request<T = any>(opts: GaxiosOptions): Promise<GaxiosResponse<T>>;
/**
* Determine the compute environment in which the code is running.
*/
getEnv(): Promise<GCPEnv>;
/**
* Sign the given data with the current private key, or go out
* to the IAM API to sign it.
* @param data The data to be signed.
*/
sign(data: string): Promise<string>;
}
export interface SignBlobResponse {
signature: string;
}
export {};

587
node_modules/google-auth-library/build/src/auth/googleauth.js generated vendored Normal file
View File

@ -0,0 +1,587 @@
"use strict";
/**
* Copyright 2019 Google LLC. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
Object.defineProperty(exports, "__esModule", { value: true });
const child_process_1 = require("child_process");
const fs = require("fs");
const gcpMetadata = require("gcp-metadata");
const os = require("os");
const path = require("path");
const crypto_1 = require("../crypto/crypto");
const messages = require("../messages");
const transporters_1 = require("../transporters");
const computeclient_1 = require("./computeclient");
const envDetect_1 = require("./envDetect");
const jwtclient_1 = require("./jwtclient");
const refreshclient_1 = require("./refreshclient");
exports.CLOUD_SDK_CLIENT_ID = '764086051850-6qr4p6gpi6hn506pt8ejuq83di341hur.apps.googleusercontent.com';
class GoogleAuth {
constructor(opts) {
/**
* Caches a value indicating whether the auth layer is running on Google
* Compute Engine.
* @private
*/
this.checkIsGCE = undefined;
// To save the contents of the JSON credential file
this.jsonContent = null;
this.cachedCredential = null;
opts = opts || {};
this._cachedProjectId = opts.projectId || null;
this.keyFilename = opts.keyFilename || opts.keyFile;
this.scopes = opts.scopes;
this.jsonContent = opts.credentials || null;
this.clientOptions = opts.clientOptions;
}
// Note: this properly is only public to satisify unit tests.
// https://github.com/Microsoft/TypeScript/issues/5228
get isGCE() {
return this.checkIsGCE;
}
getDefaultProjectId(callback) {
messages.warn(messages.DEFAULT_PROJECT_ID_DEPRECATED);
if (callback) {
this.getProjectIdAsync().then(r => callback(null, r), callback);
}
else {
return this.getProjectIdAsync();
}
}
getProjectId(callback) {
if (callback) {
this.getProjectIdAsync().then(r => callback(null, r), callback);
}
else {
return this.getProjectIdAsync();
}
}
getProjectIdAsync() {
if (this._cachedProjectId) {
return Promise.resolve(this._cachedProjectId);
}
// In implicit case, supports three environments. In order of precedence,
// the implicit environments are:
// - GCLOUD_PROJECT or GOOGLE_CLOUD_PROJECT environment variable
// - GOOGLE_APPLICATION_CREDENTIALS JSON file
// - Cloud SDK: `gcloud config config-helper --format json`
// - GCE project ID from metadata server)
if (!this._getDefaultProjectIdPromise) {
this._getDefaultProjectIdPromise = new Promise(async (resolve, reject) => {
try {
const projectId = this.getProductionProjectId() ||
(await this.getFileProjectId()) ||
(await this.getDefaultServiceProjectId()) ||
(await this.getGCEProjectId());
this._cachedProjectId = projectId;
if (!projectId) {
throw new Error('Unable to detect a Project Id in the current environment. \n' +
'To learn more about authentication and Google APIs, visit: \n' +
'https://cloud.google.com/docs/authentication/getting-started');
}
resolve(projectId);
}
catch (e) {
reject(e);
}
});
}
return this._getDefaultProjectIdPromise;
}
getApplicationDefault(optionsOrCallback = {}, callback) {
let options;
if (typeof optionsOrCallback === 'function') {
callback = optionsOrCallback;
}
else {
options = optionsOrCallback;
}
if (callback) {
this.getApplicationDefaultAsync(options).then(r => callback(null, r.credential, r.projectId), callback);
}
else {
return this.getApplicationDefaultAsync(options);
}
}
async getApplicationDefaultAsync(options = {}) {
// If we've already got a cached credential, just return it.
if (this.cachedCredential) {
return {
credential: this.cachedCredential,
projectId: await this.getProjectIdAsync(),
};
}
let credential;
let projectId;
// Check for the existence of a local environment variable pointing to the
// location of the credential file. This is typically used in local
// developer scenarios.
credential = await this._tryGetApplicationCredentialsFromEnvironmentVariable(options);
if (credential) {
if (credential instanceof jwtclient_1.JWT) {
credential.scopes = this.scopes;
}
this.cachedCredential = credential;
projectId = await this.getProjectId();
return { credential, projectId };
}
// Look in the well-known credential file location.
credential = await this._tryGetApplicationCredentialsFromWellKnownFile(options);
if (credential) {
if (credential instanceof jwtclient_1.JWT) {
credential.scopes = this.scopes;
}
this.cachedCredential = credential;
projectId = await this.getProjectId();
return { credential, projectId };
}
// Determine if we're running on GCE.
let isGCE;
try {
isGCE = await this._checkIsGCE();
}
catch (e) {
e.message = `Unexpected error determining execution environment: ${e.message}`;
throw e;
}
if (!isGCE) {
// We failed to find the default credentials. Bail out with an error.
throw new Error('Could not load the default credentials. Browse to https://cloud.google.com/docs/authentication/getting-started for more information.');
}
// For GCE, just return a default ComputeClient. It will take care of
// the rest.
options.scopes = this.scopes;
this.cachedCredential = new computeclient_1.Compute(options);
projectId = await this.getProjectId();
return { projectId, credential: this.cachedCredential };
}
/**
* Determines whether the auth layer is running on Google Compute Engine.
* @returns A promise that resolves with the boolean.
* @api private
*/
async _checkIsGCE() {
if (this.checkIsGCE === undefined) {
this.checkIsGCE = await gcpMetadata.isAvailable();
}
return this.checkIsGCE;
}
/**
* Attempts to load default credentials from the environment variable path..
* @returns Promise that resolves with the OAuth2Client or null.
* @api private
*/
async _tryGetApplicationCredentialsFromEnvironmentVariable(options) {
const credentialsPath = process.env['GOOGLE_APPLICATION_CREDENTIALS'] ||
process.env['google_application_credentials'];
if (!credentialsPath || credentialsPath.length === 0) {
return null;
}
try {
return this._getApplicationCredentialsFromFilePath(credentialsPath, options);
}
catch (e) {
e.message = `Unable to read the credential file specified by the GOOGLE_APPLICATION_CREDENTIALS environment variable: ${e.message}`;
throw e;
}
}
/**
* Attempts to load default credentials from a well-known file location
* @return Promise that resolves with the OAuth2Client or null.
* @api private
*/
async _tryGetApplicationCredentialsFromWellKnownFile(options) {
// First, figure out the location of the file, depending upon the OS type.
let location = null;
if (this._isWindows()) {
// Windows
location = process.env['APPDATA'];
}
else {
// Linux or Mac
const home = process.env['HOME'];
if (home) {
location = path.join(home, '.config');
}
}
// If we found the root path, expand it.
if (location) {
location = path.join(location, 'gcloud', 'application_default_credentials.json');
if (!fs.existsSync(location)) {
location = null;
}
}
// The file does not exist.
if (!location) {
return null;
}
// The file seems to exist. Try to use it.
const client = await this._getApplicationCredentialsFromFilePath(location, options);
this.warnOnProblematicCredentials(client);
return client;
}
/**
* Attempts to load default credentials from a file at the given path..
* @param filePath The path to the file to read.
* @returns Promise that resolves with the OAuth2Client
* @api private
*/
async _getApplicationCredentialsFromFilePath(filePath, options = {}) {
// Make sure the path looks like a string.
if (!filePath || filePath.length === 0) {
throw new Error('The file path is invalid.');
}
// Make sure there is a file at the path. lstatSync will throw if there is
// nothing there.
try {
// Resolve path to actual file in case of symlink. Expect a thrown error
// if not resolvable.
filePath = fs.realpathSync(filePath);
if (!fs.lstatSync(filePath).isFile()) {
throw new Error();
}
}
catch (err) {
err.message = `The file at ${filePath} does not exist, or it is not a file. ${err.message}`;
throw err;
}
// Now open a read stream on the file, and parse it.
const readStream = fs.createReadStream(filePath);
return this.fromStream(readStream, options);
}
/**
* Credentials from the Cloud SDK that are associated with Cloud SDK's project
* are problematic because they may not have APIs enabled and have limited
* quota. If this is the case, warn about it.
*/
warnOnProblematicCredentials(client) {
if (client.email === exports.CLOUD_SDK_CLIENT_ID) {
messages.warn(messages.PROBLEMATIC_CREDENTIALS_WARNING);
}
}
/**
* Create a credentials instance using the given input options.
* @param json The input object.
* @param options The JWT or UserRefresh options for the client
* @returns JWT or UserRefresh Client with data
*/
fromJSON(json, options) {
let client;
if (!json) {
throw new Error('Must pass in a JSON object containing the Google auth settings.');
}
options = options || {};
if (json.type === 'authorized_user') {
client = new refreshclient_1.UserRefreshClient(options);
}
else {
options.scopes = this.scopes;
client = new jwtclient_1.JWT(options);
}
client.fromJSON(json);
return client;
}
/**
* Return a JWT or UserRefreshClient from JavaScript object, caching both the
* object used to instantiate and the client.
* @param json The input object.
* @param options The JWT or UserRefresh options for the client
* @returns JWT or UserRefresh Client with data
*/
_cacheClientFromJSON(json, options) {
let client;
// create either a UserRefreshClient or JWT client.
options = options || {};
if (json.type === 'authorized_user') {
client = new refreshclient_1.UserRefreshClient(options);
}
else {
options.scopes = this.scopes;
client = new jwtclient_1.JWT(options);
}
client.fromJSON(json);
// cache both raw data used to instantiate client and client itself.
this.jsonContent = json;
this.cachedCredential = client;
return this.cachedCredential;
}
fromStream(inputStream, optionsOrCallback = {}, callback) {
let options = {};
if (typeof optionsOrCallback === 'function') {
callback = optionsOrCallback;
}
else {
options = optionsOrCallback;
}
if (callback) {
this.fromStreamAsync(inputStream, options).then(r => callback(null, r), callback);
}
else {
return this.fromStreamAsync(inputStream, options);
}
}
fromStreamAsync(inputStream, options) {
return new Promise((resolve, reject) => {
if (!inputStream) {
throw new Error('Must pass in a stream containing the Google auth settings.');
}
let s = '';
inputStream
.setEncoding('utf8')
.on('error', reject)
.on('data', chunk => (s += chunk))
.on('end', () => {
try {
const data = JSON.parse(s);
const r = this._cacheClientFromJSON(data, options);
return resolve(r);
}
catch (err) {
return reject(err);
}
});
});
}
/**
* Create a credentials instance using the given API key string.
* @param apiKey The API key string
* @param options An optional options object.
* @returns A JWT loaded from the key
*/
fromAPIKey(apiKey, options) {
options = options || {};
const client = new jwtclient_1.JWT(options);
client.fromAPIKey(apiKey);
return client;
}
/**
* Determines whether the current operating system is Windows.
* @api private
*/
_isWindows() {
const sys = os.platform();
if (sys && sys.length >= 3) {
if (sys.substring(0, 3).toLowerCase() === 'win') {
return true;
}
}
return false;
}
/**
* Run the Google Cloud SDK command that prints the default project ID
*/
async getDefaultServiceProjectId() {
return new Promise(resolve => {
child_process_1.exec('gcloud config config-helper --format json', (err, stdout, stderr) => {
if (!err && stdout) {
try {
const projectId = JSON.parse(stdout).configuration.properties.core
.project;
resolve(projectId);
return;
}
catch (e) {
// ignore errors
}
}
resolve(null);
});
});
}
/**
* Loads the project id from environment variables.
* @api private
*/
getProductionProjectId() {
return (process.env['GCLOUD_PROJECT'] ||
process.env['GOOGLE_CLOUD_PROJECT'] ||
process.env['gcloud_project'] ||
process.env['google_cloud_project']);
}
/**
* Loads the project id from the GOOGLE_APPLICATION_CREDENTIALS json file.
* @api private
*/
async getFileProjectId() {
if (this.cachedCredential) {
// Try to read the project ID from the cached credentials file
return this.cachedCredential.projectId;
}
// Ensure the projectId is loaded from the keyFile if available.
if (this.keyFilename) {
const creds = await this.getClient();
if (creds && creds.projectId) {
return creds.projectId;
}
}
// Try to load a credentials file and read its project ID
const r = await this._tryGetApplicationCredentialsFromEnvironmentVariable();
if (r) {
return r.projectId;
}
else {
return null;
}
}
/**
* Gets the Compute Engine project ID if it can be inferred.
*/
async getGCEProjectId() {
try {
const r = await gcpMetadata.project('project-id');
return r;
}
catch (e) {
// Ignore any errors
return null;
}
}
getCredentials(callback) {
if (callback) {
this.getCredentialsAsync().then(r => callback(null, r), callback);
}
else {
return this.getCredentialsAsync();
}
}
async getCredentialsAsync() {
await this.getClient();
if (this.jsonContent) {
const credential = {
client_email: this.jsonContent.client_email,
private_key: this.jsonContent.private_key,
};
return credential;
}
const isGCE = await this._checkIsGCE();
if (!isGCE) {
throw new Error('Unknown error.');
}
// For GCE, return the service account details from the metadata server
// NOTE: The trailing '/' at the end of service-accounts/ is very important!
// The GCF metadata server doesn't respect querystring params if this / is
// not included.
const data = await gcpMetadata.instance({
property: 'service-accounts/',
params: { recursive: 'true' },
});
if (!data || !data.default || !data.default.email) {
throw new Error('Failure from metadata server.');
}
return { client_email: data.default.email };
}
/**
* Automatically obtain a client based on the provided configuration. If no
* options were passed, use Application Default Credentials.
*/
async getClient(options) {
if (options) {
throw new Error('Passing options to getClient is forbidden in v5.0.0. Use new GoogleAuth(opts) instead.');
}
if (!this.cachedCredential) {
if (this.jsonContent) {
this._cacheClientFromJSON(this.jsonContent, this.clientOptions);
}
else if (this.keyFilename) {
const filePath = path.resolve(this.keyFilename);
const stream = fs.createReadStream(filePath);
await this.fromStreamAsync(stream, this.clientOptions);
}
else {
await this.getApplicationDefaultAsync(this.clientOptions);
}
}
return this.cachedCredential;
}
/**
* Automatically obtain application default credentials, and return
* an access token for making requests.
*/
async getAccessToken() {
const client = await this.getClient();
return (await client.getAccessToken()).token;
}
/**
* Obtain the HTTP headers that will provide authorization for a given
* request.
*/
async getRequestHeaders(url) {
const client = await this.getClient();
return client.getRequestHeaders(url);
}
/**
* Obtain credentials for a request, then attach the appropriate headers to
* the request options.
* @param opts Axios or Request options on which to attach the headers
*/
async authorizeRequest(opts) {
opts = opts || {};
const url = opts.url || opts.uri;
const client = await this.getClient();
const headers = await client.getRequestHeaders(url);
opts.headers = Object.assign(opts.headers || {}, headers);
return opts;
}
/**
* Automatically obtain application default credentials, and make an
* HTTP request using the given options.
* @param opts Axios request options for the HTTP request.
*/
// tslint:disable-next-line no-any
async request(opts) {
const client = await this.getClient();
return client.request(opts);
}
/**
* Determine the compute environment in which the code is running.
*/
getEnv() {
return envDetect_1.getEnv();
}
/**
* Sign the given data with the current private key, or go out
* to the IAM API to sign it.
* @param data The data to be signed.
*/
async sign(data) {
const client = await this.getClient();
const crypto = crypto_1.createCrypto();
if (client instanceof jwtclient_1.JWT && client.key) {
const sign = await crypto.sign(client.key, data);
return sign;
}
const projectId = await this.getProjectId();
if (!projectId) {
throw new Error('Cannot sign data without a project ID.');
}
const creds = await this.getCredentials();
if (!creds.client_email) {
throw new Error('Cannot sign data without `client_email`.');
}
const id = `projects/${projectId}/serviceAccounts/${creds.client_email}`;
const res = await this.request({
method: 'POST',
url: `https://iam.googleapis.com/v1/${id}:signBlob`,
data: { bytesToSign: crypto.encodeBase64StringUtf8(data) },
});
return res.data.signature;
}
}
exports.GoogleAuth = GoogleAuth;
/**
* Export DefaultTransporter as a static property of the class.
*/
GoogleAuth.DefaultTransporter = transporters_1.DefaultTransporter;
//# sourceMappingURL=googleauth.js.map

53
node_modules/google-auth-library/build/src/auth/iam.d.ts generated vendored Normal file
View File

@ -0,0 +1,53 @@
/**
* Copyright 2014 Google Inc. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
export interface RequestMetadata {
'x-goog-iam-authority-selector': string;
'x-goog-iam-authorization-token': string;
}
export declare class IAMAuth {
selector: string;
token: string;
/**
* IAM credentials.
*
* @param selector the iam authority selector
* @param token the token
* @constructor
*/
constructor(selector: string, token: string);
/**
* Indicates whether the credential requires scopes to be created by calling
* createdScoped before use.
* @deprecated
* @return always false
*/
createScopedRequired(): boolean;
/**
* Pass the selector and token to the metadataFn callback.
* @deprecated
* @param unused_uri is required of the credentials interface
* @param metadataFn a callback invoked with object containing request
* metadata.
*/
getRequestMetadata(unusedUri: string | null, metadataFn: (err: Error | null, metadata?: RequestMetadata) => void): void;
/**
* Acquire the HTTP headers required to make an authenticated request.
*/
getRequestHeaders(): {
'x-goog-iam-authority-selector': string;
'x-goog-iam-authorization-token': string;
};
}

66
node_modules/google-auth-library/build/src/auth/iam.js generated vendored Normal file
View File

@ -0,0 +1,66 @@
"use strict";
/**
* Copyright 2014 Google Inc. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
Object.defineProperty(exports, "__esModule", { value: true });
const messages = require("../messages");
class IAMAuth {
/**
* IAM credentials.
*
* @param selector the iam authority selector
* @param token the token
* @constructor
*/
constructor(selector, token) {
this.selector = selector;
this.token = token;
this.selector = selector;
this.token = token;
}
/**
* Indicates whether the credential requires scopes to be created by calling
* createdScoped before use.
* @deprecated
* @return always false
*/
createScopedRequired() {
// IAM authorization does not use scopes.
messages.warn(messages.IAM_CREATE_SCOPED_DEPRECATED);
return false;
}
/**
* Pass the selector and token to the metadataFn callback.
* @deprecated
* @param unused_uri is required of the credentials interface
* @param metadataFn a callback invoked with object containing request
* metadata.
*/
getRequestMetadata(unusedUri, metadataFn) {
messages.warn(messages.IAM_GET_REQUEST_METADATA_DEPRECATED);
metadataFn(null, this.getRequestHeaders());
}
/**
* Acquire the HTTP headers required to make an authenticated request.
*/
getRequestHeaders() {
return {
'x-goog-iam-authority-selector': this.selector,
'x-goog-iam-authorization-token': this.token,
};
}
}
exports.IAMAuth = IAMAuth;
//# sourceMappingURL=iam.js.map

79
node_modules/google-auth-library/build/src/auth/jwtaccess.d.ts generated vendored Normal file
View File

@ -0,0 +1,79 @@
/**
* Copyright 2015 Google Inc. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/// <reference types="node" />
import * as stream from 'stream';
import { JWTInput } from './credentials';
import { Headers, RequestMetadataResponse } from './oauth2client';
export interface Claims {
[index: string]: string;
}
export declare class JWTAccess {
email?: string | null;
key?: string | null;
keyId?: string | null;
projectId?: string;
private cache;
/**
* JWTAccess service account credentials.
*
* Create a new access token by using the credential to create a new JWT token
* that's recognized as the access token.
*
* @param email the service account email address.
* @param key the private key that will be used to sign the token.
* @param keyId the ID of the private key used to sign the token.
*/
constructor(email?: string | null, key?: string | null, keyId?: string | null);
/**
* Indicates whether the credential requires scopes to be created by calling
* createdScoped before use.
* @deprecated
* @return always false
*/
createScopedRequired(): boolean;
/**
* Get a non-expired access token, after refreshing if necessary.
*
* @param authURI The URI being authorized.
* @param additionalClaims An object with a set of additional claims to
* include in the payload.
* @deprecated Please use `getRequestHeaders` instead.
* @returns An object that includes the authorization header.
*/
getRequestMetadata(url: string, additionalClaims?: Claims): RequestMetadataResponse;
/**
* Get a non-expired access token, after refreshing if necessary.
*
* @param url The URI being authorized.
* @param additionalClaims An object with a set of additional claims to
* include in the payload.
* @returns An object that includes the authorization header.
*/
getRequestHeaders(url: string, additionalClaims?: Claims): Headers;
/**
* Create a JWTAccess credentials instance using the given input options.
* @param json The input object.
*/
fromJSON(json: JWTInput): void;
/**
* Create a JWTAccess credentials instance using the given input stream.
* @param inputStream The input stream.
* @param callback Optional callback.
*/
fromStream(inputStream: stream.Readable): Promise<void>;
fromStream(inputStream: stream.Readable, callback: (err?: Error) => void): void;
private fromStreamAsync;
}

161
node_modules/google-auth-library/build/src/auth/jwtaccess.js generated vendored Normal file
View File

@ -0,0 +1,161 @@
"use strict";
/**
* Copyright 2015 Google Inc. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
Object.defineProperty(exports, "__esModule", { value: true });
const jws = require("jws");
const LRU = require("lru-cache");
const messages = require("../messages");
const DEFAULT_HEADER = {
alg: 'RS256',
typ: 'JWT',
};
class JWTAccess {
/**
* JWTAccess service account credentials.
*
* Create a new access token by using the credential to create a new JWT token
* that's recognized as the access token.
*
* @param email the service account email address.
* @param key the private key that will be used to sign the token.
* @param keyId the ID of the private key used to sign the token.
*/
constructor(email, key, keyId) {
this.cache = new LRU({ max: 500, maxAge: 60 * 60 * 1000 });
this.email = email;
this.key = key;
this.keyId = keyId;
}
/**
* Indicates whether the credential requires scopes to be created by calling
* createdScoped before use.
* @deprecated
* @return always false
*/
createScopedRequired() {
// JWT Header authentication does not use scopes.
messages.warn(messages.JWT_ACCESS_CREATE_SCOPED_DEPRECATED);
return false;
}
/**
* Get a non-expired access token, after refreshing if necessary.
*
* @param authURI The URI being authorized.
* @param additionalClaims An object with a set of additional claims to
* include in the payload.
* @deprecated Please use `getRequestHeaders` instead.
* @returns An object that includes the authorization header.
*/
getRequestMetadata(url, additionalClaims) {
messages.warn(messages.JWT_ACCESS_GET_REQUEST_METADATA_DEPRECATED);
return { headers: this.getRequestHeaders(url, additionalClaims) };
}
/**
* Get a non-expired access token, after refreshing if necessary.
*
* @param url The URI being authorized.
* @param additionalClaims An object with a set of additional claims to
* include in the payload.
* @returns An object that includes the authorization header.
*/
getRequestHeaders(url, additionalClaims) {
const cachedToken = this.cache.get(url);
if (cachedToken) {
return cachedToken;
}
const iat = Math.floor(new Date().getTime() / 1000);
const exp = iat + 3600; // 3600 seconds = 1 hour
// The payload used for signed JWT headers has:
// iss == sub == <client email>
// aud == <the authorization uri>
const defaultClaims = {
iss: this.email,
sub: this.email,
aud: url,
exp,
iat,
};
// if additionalClaims are provided, ensure they do not collide with
// other required claims.
if (additionalClaims) {
for (const claim in defaultClaims) {
if (additionalClaims[claim]) {
throw new Error(`The '${claim}' property is not allowed when passing additionalClaims. This claim is included in the JWT by default.`);
}
}
}
const header = this.keyId
? Object.assign(Object.assign({}, DEFAULT_HEADER), { kid: this.keyId }) : DEFAULT_HEADER;
const payload = Object.assign(defaultClaims, additionalClaims);
// Sign the jwt and add it to the cache
const signedJWT = jws.sign({ header, payload, secret: this.key });
const headers = { Authorization: `Bearer ${signedJWT}` };
this.cache.set(url, headers);
return headers;
}
/**
* Create a JWTAccess credentials instance using the given input options.
* @param json The input object.
*/
fromJSON(json) {
if (!json) {
throw new Error('Must pass in a JSON object containing the service account auth settings.');
}
if (!json.client_email) {
throw new Error('The incoming JSON object does not contain a client_email field');
}
if (!json.private_key) {
throw new Error('The incoming JSON object does not contain a private_key field');
}
// Extract the relevant information from the json key file.
this.email = json.client_email;
this.key = json.private_key;
this.keyId = json.private_key_id;
this.projectId = json.project_id;
}
fromStream(inputStream, callback) {
if (callback) {
this.fromStreamAsync(inputStream).then(r => callback(), callback);
}
else {
return this.fromStreamAsync(inputStream);
}
}
fromStreamAsync(inputStream) {
return new Promise((resolve, reject) => {
if (!inputStream) {
reject(new Error('Must pass in a stream containing the service account auth settings.'));
}
let s = '';
inputStream
.setEncoding('utf8')
.on('data', chunk => (s += chunk))
.on('error', reject)
.on('end', () => {
try {
const data = JSON.parse(s);
this.fromJSON(data);
resolve();
}
catch (err) {
reject(err);
}
});
});
}
}
exports.JWTAccess = JWTAccess;
//# sourceMappingURL=jwtaccess.js.map

119
node_modules/google-auth-library/build/src/auth/jwtclient.d.ts generated vendored Normal file
View File

@ -0,0 +1,119 @@
/**
* Copyright 2013 Google Inc. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/// <reference types="node" />
import { GoogleToken } from 'gtoken';
import * as stream from 'stream';
import { CredentialBody, Credentials, JWTInput } from './credentials';
import { GetTokenResponse, OAuth2Client, RefreshOptions, RequestMetadataResponse } from './oauth2client';
export interface JWTOptions extends RefreshOptions {
email?: string;
keyFile?: string;
key?: string;
keyId?: string;
scopes?: string | string[];
subject?: string;
additionalClaims?: {};
}
export declare class JWT extends OAuth2Client {
email?: string;
keyFile?: string;
key?: string;
keyId?: string;
scopes?: string | string[];
scope?: string;
subject?: string;
gtoken?: GoogleToken;
additionalClaims?: {};
private access?;
/**
* JWT service account credentials.
*
* Retrieve access token using gtoken.
*
* @param email service account email address.
* @param keyFile path to private key file.
* @param key value of key
* @param scopes list of requested scopes or a single scope.
* @param subject impersonated account's email address.
* @param key_id the ID of the key
*/
constructor(options: JWTOptions);
constructor(email?: string, keyFile?: string, key?: string, scopes?: string | string[], subject?: string, keyId?: string);
/**
* Creates a copy of the credential with the specified scopes.
* @param scopes List of requested scopes or a single scope.
* @return The cloned instance.
*/
createScoped(scopes?: string | string[]): JWT;
/**
* Obtains the metadata to be sent with the request.
*
* @param url the URI being authorized.
*/
protected getRequestMetadataAsync(url?: string | null): Promise<RequestMetadataResponse>;
/**
* Indicates whether the credential requires scopes to be created by calling
* createScoped before use.
* @deprecated
* @return false if createScoped does not need to be called.
*/
createScopedRequired(): boolean;
/**
* Determine if there are currently scopes available.
*/
private hasScopes;
/**
* Get the initial access token using gToken.
* @param callback Optional callback.
* @returns Promise that resolves with credentials
*/
authorize(): Promise<Credentials>;
authorize(callback: (err: Error | null, result?: Credentials) => void): void;
private authorizeAsync;
/**
* Refreshes the access token.
* @param refreshToken ignored
* @private
*/
protected refreshTokenNoCache(refreshToken?: string | null): Promise<GetTokenResponse>;
/**
* Create a gToken if it doesn't already exist.
*/
private createGToken;
/**
* Create a JWT credentials instance using the given input options.
* @param json The input object.
*/
fromJSON(json: JWTInput): void;
/**
* Create a JWT credentials instance using the given input stream.
* @param inputStream The input stream.
* @param callback Optional callback.
*/
fromStream(inputStream: stream.Readable): Promise<void>;
fromStream(inputStream: stream.Readable, callback: (err?: Error | null) => void): void;
private fromStreamAsync;
/**
* Creates a JWT credentials instance using an API Key for authentication.
* @param apiKey The API Key in string form.
*/
fromAPIKey(apiKey: string): void;
/**
* Using the key or keyFile on the JWT client, obtain an object that contains
* the key and the client email.
*/
getCredentials(): Promise<CredentialBody>;
}

232
node_modules/google-auth-library/build/src/auth/jwtclient.js generated vendored Normal file
View File

@ -0,0 +1,232 @@
"use strict";
/**
* Copyright 2013 Google Inc. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
Object.defineProperty(exports, "__esModule", { value: true });
const gtoken_1 = require("gtoken");
const messages = require("../messages");
const jwtaccess_1 = require("./jwtaccess");
const oauth2client_1 = require("./oauth2client");
class JWT extends oauth2client_1.OAuth2Client {
constructor(optionsOrEmail, keyFile, key, scopes, subject, keyId) {
const opts = optionsOrEmail && typeof optionsOrEmail === 'object'
? optionsOrEmail
: { email: optionsOrEmail, keyFile, key, keyId, scopes, subject };
super({ eagerRefreshThresholdMillis: opts.eagerRefreshThresholdMillis });
this.email = opts.email;
this.keyFile = opts.keyFile;
this.key = opts.key;
this.keyId = opts.keyId;
this.scopes = opts.scopes;
this.subject = opts.subject;
this.additionalClaims = opts.additionalClaims;
this.credentials = { refresh_token: 'jwt-placeholder', expiry_date: 1 };
}
/**
* Creates a copy of the credential with the specified scopes.
* @param scopes List of requested scopes or a single scope.
* @return The cloned instance.
*/
createScoped(scopes) {
return new JWT({
email: this.email,
keyFile: this.keyFile,
key: this.key,
keyId: this.keyId,
scopes,
subject: this.subject,
additionalClaims: this.additionalClaims,
});
}
/**
* Obtains the metadata to be sent with the request.
*
* @param url the URI being authorized.
*/
async getRequestMetadataAsync(url) {
if (!this.apiKey && !this.hasScopes() && url) {
if (this.additionalClaims &&
this.additionalClaims.target_audience) {
const { tokens } = await this.refreshToken();
return { headers: { Authorization: `Bearer ${tokens.id_token}` } };
}
else {
// no scopes have been set, but a uri has been provided. Use JWTAccess
// credentials.
if (!this.access) {
this.access = new jwtaccess_1.JWTAccess(this.email, this.key, this.keyId);
}
const headers = await this.access.getRequestHeaders(url, this.additionalClaims);
return { headers };
}
}
else {
return super.getRequestMetadataAsync(url);
}
}
/**
* Indicates whether the credential requires scopes to be created by calling
* createScoped before use.
* @deprecated
* @return false if createScoped does not need to be called.
*/
createScopedRequired() {
messages.warn(messages.JWT_CREATE_SCOPED_DEPRECATED);
return !this.hasScopes();
}
/**
* Determine if there are currently scopes available.
*/
hasScopes() {
if (!this.scopes) {
return false;
}
// For arrays, check the array length.
if (this.scopes instanceof Array) {
return this.scopes.length > 0;
}
// For others, convert to a string and check the length.
return String(this.scopes).length > 0;
}
authorize(callback) {
if (callback) {
this.authorizeAsync().then(r => callback(null, r), callback);
}
else {
return this.authorizeAsync();
}
}
async authorizeAsync() {
const result = await this.refreshToken();
if (!result) {
throw new Error('No result returned');
}
this.credentials = result.tokens;
this.credentials.refresh_token = 'jwt-placeholder';
this.key = this.gtoken.key;
this.email = this.gtoken.iss;
return result.tokens;
}
/**
* Refreshes the access token.
* @param refreshToken ignored
* @private
*/
async refreshTokenNoCache(refreshToken) {
const gtoken = this.createGToken();
const token = await gtoken.getToken();
const tokens = {
access_token: token.access_token,
token_type: 'Bearer',
expiry_date: gtoken.expiresAt,
id_token: gtoken.idToken,
};
this.emit('tokens', tokens);
return { res: null, tokens };
}
/**
* Create a gToken if it doesn't already exist.
*/
createGToken() {
if (!this.gtoken) {
this.gtoken = new gtoken_1.GoogleToken({
iss: this.email,
sub: this.subject,
scope: this.scopes,
keyFile: this.keyFile,
key: this.key,
additionalClaims: this.additionalClaims,
});
}
return this.gtoken;
}
/**
* Create a JWT credentials instance using the given input options.
* @param json The input object.
*/
fromJSON(json) {
if (!json) {
throw new Error('Must pass in a JSON object containing the service account auth settings.');
}
if (!json.client_email) {
throw new Error('The incoming JSON object does not contain a client_email field');
}
if (!json.private_key) {
throw new Error('The incoming JSON object does not contain a private_key field');
}
// Extract the relevant information from the json key file.
this.email = json.client_email;
this.key = json.private_key;
this.keyId = json.private_key_id;
this.projectId = json.project_id;
}
fromStream(inputStream, callback) {
if (callback) {
this.fromStreamAsync(inputStream).then(r => callback(), callback);
}
else {
return this.fromStreamAsync(inputStream);
}
}
fromStreamAsync(inputStream) {
return new Promise((resolve, reject) => {
if (!inputStream) {
throw new Error('Must pass in a stream containing the service account auth settings.');
}
let s = '';
inputStream
.setEncoding('utf8')
.on('error', reject)
.on('data', chunk => (s += chunk))
.on('end', () => {
try {
const data = JSON.parse(s);
this.fromJSON(data);
resolve();
}
catch (e) {
reject(e);
}
});
});
}
/**
* Creates a JWT credentials instance using an API Key for authentication.
* @param apiKey The API Key in string form.
*/
fromAPIKey(apiKey) {
if (typeof apiKey !== 'string') {
throw new Error('Must provide an API Key string.');
}
this.apiKey = apiKey;
}
/**
* Using the key or keyFile on the JWT client, obtain an object that contains
* the key and the client email.
*/
async getCredentials() {
if (this.key) {
return { private_key: this.key, client_email: this.email };
}
else if (this.keyFile) {
const gtoken = this.createGToken();
const creds = await gtoken.getCredentials(this.keyFile);
return { private_key: creds.privateKey, client_email: creds.clientEmail };
}
throw new Error('A key or a keyFile must be provided to getCredentials.');
}
}
exports.JWT = JWT;
//# sourceMappingURL=jwtclient.js.map

150
node_modules/google-auth-library/build/src/auth/loginticket.d.ts generated vendored Normal file
View File

@ -0,0 +1,150 @@
/**
* Copyright 2014 Google Inc. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
export declare class LoginTicket {
private envelope?;
private payload?;
/**
* Create a simple class to extract user ID from an ID Token
*
* @param {string} env Envelope of the jwt
* @param {TokenPayload} pay Payload of the jwt
* @constructor
*/
constructor(env?: string, pay?: TokenPayload);
getEnvelope(): string | undefined;
getPayload(): TokenPayload | undefined;
/**
* Create a simple class to extract user ID from an ID Token
*
* @return The user ID
*/
getUserId(): string | null;
/**
* Returns attributes from the login ticket. This can contain
* various information about the user session.
*
* @return The envelope and payload
*/
getAttributes(): {
envelope: string | undefined;
payload: TokenPayload | undefined;
};
}
export interface TokenPayload {
/**
* The Issuer Identifier for the Issuer of the response. Always
* https://accounts.google.com or accounts.google.com for Google ID tokens.
*/
iss: string;
/**
* Access token hash. Provides validation that the access token is tied to the
* identity token. If the ID token is issued with an access token in the
* server flow, this is always included. This can be used as an alternate
* mechanism to protect against cross-site request forgery attacks, but if you
* follow Step 1 and Step 3 it is not necessary to verify the access token.
*/
at_hash?: string;
/**
* True if the user's e-mail address has been verified; otherwise false.
*/
email_verified?: boolean;
/**
* An identifier for the user, unique among all Google accounts and never
* reused. A Google account can have multiple emails at different points in
* time, but the sub value is never changed. Use sub within your application
* as the unique-identifier key for the user.
*/
sub: string;
/**
* The client_id of the authorized presenter. This claim is only needed when
* the party requesting the ID token is not the same as the audience of the ID
* token. This may be the case at Google for hybrid apps where a web
* application and Android app have a different client_id but share the same
* project.
*/
azp?: string;
/**
* The user's email address. This may not be unique and is not suitable for
* use as a primary key. Provided only if your scope included the string
* "email".
*/
email?: string;
/**
* The URL of the user's profile page. Might be provided when:
* - The request scope included the string "profile"
* - The ID token is returned from a token refresh
* - When profile claims are present, you can use them to update your app's
* user records. Note that this claim is never guaranteed to be present.
*/
profile?: string;
/**
* The URL of the user's profile picture. Might be provided when:
* - The request scope included the string "profile"
* - The ID token is returned from a token refresh
* - When picture claims are present, you can use them to update your app's
* user records. Note that this claim is never guaranteed to be present.
*/
picture?: string;
/**
* The user's full name, in a displayable form. Might be provided when:
* - The request scope included the string "profile"
* - The ID token is returned from a token refresh
* - When name claims are present, you can use them to update your app's user
* records. Note that this claim is never guaranteed to be present.
*/
name?: string;
/**
* The user's given name, in a displayable form. Might be provided when:
* - The request scope included the string "profile"
* - The ID token is returned from a token refresh
* - When name claims are present, you can use them to update your app's user
* records. Note that this claim is never guaranteed to be present.
*/
given_name?: string;
/**
* The user's family name, in a displayable form. Might be provided when:
* - The request scope included the string "profile"
* - The ID token is returned from a token refresh
* - When name claims are present, you can use them to update your app's user
* records. Note that this claim is never guaranteed to be present.
*/
family_name?: string;
/**
* Identifies the audience that this ID token is intended for. It must be one
* of the OAuth 2.0 client IDs of your application.
*/
aud: string;
/**
* The time the ID token was issued, represented in Unix time (integer
* seconds).
*/
iat: number;
/**
* The time the ID token expires, represented in Unix time (integer seconds).
*/
exp: number;
/**
* The value of the nonce supplied by your app in the authentication request.
* You should enforce protection against replay attacks by ensuring it is
* presented only once.
*/
nonce?: string;
/**
* The hosted G Suite domain of the user. Provided only if the user belongs to
* a hosted domain.
*/
hd?: string;
}

59
node_modules/google-auth-library/build/src/auth/loginticket.js generated vendored Normal file
View File

@ -0,0 +1,59 @@
"use strict";
/**
* Copyright 2014 Google Inc. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
Object.defineProperty(exports, "__esModule", { value: true });
class LoginTicket {
/**
* Create a simple class to extract user ID from an ID Token
*
* @param {string} env Envelope of the jwt
* @param {TokenPayload} pay Payload of the jwt
* @constructor
*/
constructor(env, pay) {
this.envelope = env;
this.payload = pay;
}
getEnvelope() {
return this.envelope;
}
getPayload() {
return this.payload;
}
/**
* Create a simple class to extract user ID from an ID Token
*
* @return The user ID
*/
getUserId() {
const payload = this.getPayload();
if (payload && payload.sub) {
return payload.sub;
}
return null;
}
/**
* Returns attributes from the login ticket. This can contain
* various information about the user session.
*
* @return The envelope and payload
*/
getAttributes() {
return { envelope: this.getEnvelope(), payload: this.getPayload() };
}
}
exports.LoginTicket = LoginTicket;
//# sourceMappingURL=loginticket.js.map

474
node_modules/google-auth-library/build/src/auth/oauth2client.d.ts generated vendored Normal file
View File

@ -0,0 +1,474 @@
/**
* Copyright 2019 Google LLC. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
import { GaxiosError, GaxiosOptions, GaxiosPromise, GaxiosResponse } from 'gaxios';
import { JwkCertificate } from '../crypto/crypto';
import { BodyResponseCallback } from '../transporters';
import { AuthClient } from './authclient';
import { Credentials } from './credentials';
import { LoginTicket } from './loginticket';
export interface Certificates {
[index: string]: string | JwkCertificate;
}
export interface Headers {
[index: string]: string;
}
export declare enum CodeChallengeMethod {
Plain = "plain",
S256 = "S256"
}
export declare enum CertificateFormat {
PEM = "PEM",
JWK = "JWK"
}
export interface GetTokenOptions {
code: string;
codeVerifier?: string;
/**
* The client ID for your application. The value passed into the constructor
* will be used if not provided. Must match any client_id option passed to
* a corresponding call to generateAuthUrl.
*/
client_id?: string;
/**
* Determines where the API server redirects the user after the user
* completes the authorization flow. The value passed into the constructor
* will be used if not provided. Must match any redirect_uri option passed to
* a corresponding call to generateAuthUrl.
*/
redirect_uri?: string;
}
export interface TokenInfo {
/**
* The application that is the intended user of the access token.
*/
aud: string;
/**
* This value lets you correlate profile information from multiple Google
* APIs. It is only present in the response if you included the profile scope
* in your request in step 1. The field value is an immutable identifier for
* the logged-in user that can be used to create and manage user sessions in
* your application. The identifier is the same regardless of which client ID
* is used to retrieve it. This enables multiple applications in the same
* organization to correlate profile information.
*/
user_id?: string;
/**
* An array of scopes that the user granted access to.
*/
scopes: string[];
/**
* The datetime when the token becomes invalid.
*/
expiry_date: number;
/**
* An identifier for the user, unique among all Google accounts and never
* reused. A Google account can have multiple emails at different points in
* time, but the sub value is never changed. Use sub within your application
* as the unique-identifier key for the user.
*/
sub?: string;
/**
* The client_id of the authorized presenter. This claim is only needed when
* the party requesting the ID token is not the same as the audience of the ID
* token. This may be the case at Google for hybrid apps where a web
* application and Android app have a different client_id but share the same
* project.
*/
azp?: string;
/**
* Indicates whether your application can refresh access tokens
* when the user is not present at the browser. Valid parameter values are
* 'online', which is the default value, and 'offline'. Set the value to
* 'offline' if your application needs to refresh access tokens when the user
* is not present at the browser. This value instructs the Google
* authorization server to return a refresh token and an access token the
* first time that your application exchanges an authorization code for
* tokens.
*/
access_type?: string;
}
export interface GenerateAuthUrlOpts {
/**
* Recommended. Indicates whether your application can refresh access tokens
* when the user is not present at the browser. Valid parameter values are
* 'online', which is the default value, and 'offline'. Set the value to
* 'offline' if your application needs to refresh access tokens when the user
* is not present at the browser. This value instructs the Google
* authorization server to return a refresh token and an access token the
* first time that your application exchanges an authorization code for
* tokens.
*/
access_type?: string;
/**
* The hd (hosted domain) parameter streamlines the login process for G Suite
* hosted accounts. By including the domain of the G Suite user (for example,
* mycollege.edu), you can indicate that the account selection UI should be
* optimized for accounts at that domain. To optimize for G Suite accounts
* generally instead of just one domain, use an asterisk: hd=*.
* Don't rely on this UI optimization to control who can access your app,
* as client-side requests can be modified. Be sure to validate that the
* returned ID token has an hd claim value that matches what you expect
* (e.g. mycolledge.edu). Unlike the request parameter, the ID token claim is
* contained within a security token from Google, so the value can be trusted.
*/
hd?: string;
/**
* The 'response_type' will always be set to 'CODE'.
*/
response_type?: string;
/**
* The client ID for your application. The value passed into the constructor
* will be used if not provided. You can find this value in the API Console.
*/
client_id?: string;
/**
* Determines where the API server redirects the user after the user
* completes the authorization flow. The value must exactly match one of the
* 'redirect_uri' values listed for your project in the API Console. Note that
* the http or https scheme, case, and trailing slash ('/') must all match.
* The value passed into the constructor will be used if not provided.
*/
redirect_uri?: string;
/**
* Required. A space-delimited list of scopes that identify the resources that
* your application could access on the user's behalf. These values inform the
* consent screen that Google displays to the user. Scopes enable your
* application to only request access to the resources that it needs while
* also enabling users to control the amount of access that they grant to your
* application. Thus, there is an inverse relationship between the number of
* scopes requested and the likelihood of obtaining user consent. The
* OAuth 2.0 API Scopes document provides a full list of scopes that you might
* use to access Google APIs. We recommend that your application request
* access to authorization scopes in context whenever possible. By requesting
* access to user data in context, via incremental authorization, you help
* users to more easily understand why your application needs the access it is
* requesting.
*/
scope?: string[] | string;
/**
* Recommended. Specifies any string value that your application uses to
* maintain state between your authorization request and the authorization
* server's response. The server returns the exact value that you send as a
* name=value pair in the hash (#) fragment of the 'redirect_uri' after the
* user consents to or denies your application's access request. You can use
* this parameter for several purposes, such as directing the user to the
* correct resource in your application, sending nonces, and mitigating
* cross-site request forgery. Since your redirect_uri can be guessed, using a
* state value can increase your assurance that an incoming connection is the
* result of an authentication request. If you generate a random string or
* encode the hash of a cookie or another value that captures the client's
* state, you can validate the response to additionally ensure that the
* request and response originated in the same browser, providing protection
* against attacks such as cross-site request forgery. See the OpenID Connect
* documentation for an example of how to create and confirm a state token.
*/
state?: string;
/**
* Optional. Enables applications to use incremental authorization to request
* access to additional scopes in context. If you set this parameter's value
* to true and the authorization request is granted, then the new access token
* will also cover any scopes to which the user previously granted the
* application access. See the incremental authorization section for examples.
*/
include_granted_scopes?: boolean;
/**
* Optional. If your application knows which user is trying to authenticate,
* it can use this parameter to provide a hint to the Google Authentication
* Server. The server uses the hint to simplify the login flow either by
* prefilling the email field in the sign-in form or by selecting the
* appropriate multi-login session. Set the parameter value to an email
* address or sub identifier, which is equivalent to the user's Google ID.
*/
login_hint?: string;
/**
* Optional. A space-delimited, case-sensitive list of prompts to present the
* user. If you don't specify this parameter, the user will be prompted only
* the first time your app requests access. Possible values are:
*
* 'none' - Donot display any authentication or consent screens. Must not be
* specified with other values.
* 'consent' - Prompt the user for consent.
* 'select_account' - Prompt the user to select an account.
*/
prompt?: string;
/**
* Recommended. Specifies what method was used to encode a 'code_verifier'
* that will be used during authorization code exchange. This parameter must
* be used with the 'code_challenge' parameter. The value of the
* 'code_challenge_method' defaults to "plain" if not present in the request
* that includes a 'code_challenge'. The only supported values for this
* parameter are "S256" or "plain".
*/
code_challenge_method?: CodeChallengeMethod;
/**
* Recommended. Specifies an encoded 'code_verifier' that will be used as a
* server-side challenge during authorization code exchange. This parameter
* must be used with the 'code_challenge' parameter described above.
*/
code_challenge?: string;
}
export interface GetTokenCallback {
(err: GaxiosError | null, token?: Credentials | null, res?: GaxiosResponse | null): void;
}
export interface GetTokenResponse {
tokens: Credentials;
res: GaxiosResponse | null;
}
export interface GetAccessTokenCallback {
(err: GaxiosError | null, token?: string | null, res?: GaxiosResponse | null): void;
}
export interface GetAccessTokenResponse {
token?: string | null;
res?: GaxiosResponse | null;
}
export interface RefreshAccessTokenCallback {
(err: GaxiosError | null, credentials?: Credentials | null, res?: GaxiosResponse | null): void;
}
export interface RefreshAccessTokenResponse {
credentials: Credentials;
res: GaxiosResponse | null;
}
export interface RequestMetadataResponse {
headers: Headers;
res?: GaxiosResponse<void> | null;
}
export interface RequestMetadataCallback {
(err: GaxiosError | null, headers?: Headers, res?: GaxiosResponse<void> | null): void;
}
export interface GetFederatedSignonCertsCallback {
(err: GaxiosError | null, certs?: Certificates, response?: GaxiosResponse<void> | null): void;
}
export interface FederatedSignonCertsResponse {
certs: Certificates;
format: CertificateFormat;
res?: GaxiosResponse<void> | null;
}
export interface RevokeCredentialsResult {
success: boolean;
}
export interface VerifyIdTokenOptions {
idToken: string;
audience: string | string[];
maxExpiry?: number;
}
export interface OAuth2ClientOptions extends RefreshOptions {
clientId?: string;
clientSecret?: string;
redirectUri?: string;
}
export interface RefreshOptions {
eagerRefreshThresholdMillis?: number;
}
export declare class OAuth2Client extends AuthClient {
private redirectUri?;
private certificateCache;
private certificateExpiry;
private certificateCacheFormat;
protected refreshTokenPromises: Map<string, Promise<GetTokenResponse>>;
_clientId?: string;
_clientSecret?: string;
apiKey?: string;
projectId?: string;
eagerRefreshThresholdMillis: number;
/**
* Handles OAuth2 flow for Google APIs.
*
* @param clientId The authentication client ID.
* @param clientSecret The authentication client secret.
* @param redirectUri The URI to redirect to after completing the auth
* request.
* @param opts optional options for overriding the given parameters.
* @constructor
*/
constructor(options?: OAuth2ClientOptions);
constructor(clientId?: string, clientSecret?: string, redirectUri?: string);
protected static readonly GOOGLE_TOKEN_INFO_URL = "https://oauth2.googleapis.com/tokeninfo";
/**
* The base URL for auth endpoints.
*/
private static readonly GOOGLE_OAUTH2_AUTH_BASE_URL_;
/**
* The base endpoint for token retrieval.
*/
private static readonly GOOGLE_OAUTH2_TOKEN_URL_;
/**
* The base endpoint to revoke tokens.
*/
private static readonly GOOGLE_OAUTH2_REVOKE_URL_;
/**
* Google Sign on certificates in PEM format.
*/
private static readonly GOOGLE_OAUTH2_FEDERATED_SIGNON_PEM_CERTS_URL_;
/**
* Google Sign on certificates in JWK format.
*/
private static readonly GOOGLE_OAUTH2_FEDERATED_SIGNON_JWK_CERTS_URL_;
/**
* Clock skew - five minutes in seconds
*/
private static readonly CLOCK_SKEW_SECS_;
/**
* Max Token Lifetime is one day in seconds
*/
private static readonly MAX_TOKEN_LIFETIME_SECS_;
/**
* The allowed oauth token issuers.
*/
private static readonly ISSUERS_;
/**
* Generates URL for consent page landing.
* @param opts Options.
* @return URL to consent page.
*/
generateAuthUrl(opts?: GenerateAuthUrlOpts): string;
generateCodeVerifier(): void;
/**
* Convenience method to automatically generate a code_verifier, and it's
* resulting SHA256. If used, this must be paired with a S256
* code_challenge_method.
*/
generateCodeVerifierAsync(): Promise<{
codeVerifier: string;
codeChallenge: string;
}>;
/**
* Gets the access token for the given code.
* @param code The authorization code.
* @param callback Optional callback fn.
*/
getToken(code: string): Promise<GetTokenResponse>;
getToken(options: GetTokenOptions): Promise<GetTokenResponse>;
getToken(code: string, callback: GetTokenCallback): void;
getToken(options: GetTokenOptions, callback: GetTokenCallback): void;
private getTokenAsync;
/**
* Refreshes the access token.
* @param refresh_token Existing refresh token.
* @private
*/
protected refreshToken(refreshToken?: string | null): Promise<GetTokenResponse>;
protected refreshTokenNoCache(refreshToken?: string | null): Promise<GetTokenResponse>;
/**
* Retrieves the access token using refresh token
*
* @deprecated use getRequestHeaders instead.
* @param callback callback
*/
refreshAccessToken(): Promise<RefreshAccessTokenResponse>;
refreshAccessToken(callback: RefreshAccessTokenCallback): void;
private refreshAccessTokenAsync;
/**
* Get a non-expired access token, after refreshing if necessary
*
* @param callback Callback to call with the access token
*/
getAccessToken(): Promise<GetAccessTokenResponse>;
getAccessToken(callback: GetAccessTokenCallback): void;
private getAccessTokenAsync;
/**
* Obtain the set of headers required to authenticate a request.
*
* @deprecated Use getRequestHeaders instead.
* @param url the Uri being authorized
* @param callback the func described above
*/
getRequestMetadata(url?: string | null): Promise<RequestMetadataResponse>;
getRequestMetadata(url: string | null, callback: RequestMetadataCallback): void;
/**
* The main authentication interface. It takes an optional url which when
* present is the endpoint being accessed, and returns a Promise which
* resolves with authorization header fields.
*
* In OAuth2Client, the result has the form:
* { Authorization: 'Bearer <access_token_value>' }
* @param url The optional url being authorized
*/
getRequestHeaders(url?: string): Promise<Headers>;
protected getRequestMetadataAsync(url?: string | null): Promise<RequestMetadataResponse>;
/**
* Generates an URL to revoke the given token.
* @param token The existing token to be revoked.
*/
static getRevokeTokenUrl(token: string): string;
/**
* Revokes the access given to token.
* @param token The existing token to be revoked.
* @param callback Optional callback fn.
*/
revokeToken(token: string): GaxiosPromise<RevokeCredentialsResult>;
revokeToken(token: string, callback: BodyResponseCallback<RevokeCredentialsResult>): void;
/**
* Revokes access token and clears the credentials object
* @param callback callback
*/
revokeCredentials(): GaxiosPromise<RevokeCredentialsResult>;
revokeCredentials(callback: BodyResponseCallback<RevokeCredentialsResult>): void;
private revokeCredentialsAsync;
/**
* Provides a request implementation with OAuth 2.0 flow. If credentials have
* a refresh_token, in cases of HTTP 401 and 403 responses, it automatically
* asks for a new access token and replays the unsuccessful request.
* @param opts Request options.
* @param callback callback.
* @return Request object
*/
request<T>(opts: GaxiosOptions): GaxiosPromise<T>;
request<T>(opts: GaxiosOptions, callback: BodyResponseCallback<T>): void;
protected requestAsync<T>(opts: GaxiosOptions, retry?: boolean): Promise<GaxiosResponse<T>>;
/**
* Verify id token is token by checking the certs and audience
* @param options that contains all options.
* @param callback Callback supplying GoogleLogin if successful
*/
verifyIdToken(options: VerifyIdTokenOptions): Promise<LoginTicket>;
verifyIdToken(options: VerifyIdTokenOptions, callback: (err: Error | null, login?: LoginTicket) => void): void;
private verifyIdTokenAsync;
/**
* Obtains information about the provisioned access token. Especially useful
* if you want to check the scopes that were provisioned to a given token.
*
* @param accessToken Required. The Access Token for which you want to get
* user info.
*/
getTokenInfo(accessToken: string): Promise<TokenInfo>;
/**
* Gets federated sign-on certificates to use for verifying identity tokens.
* Returns certs as array structure, where keys are key ids, and values
* are certificates in either PEM or JWK format.
* @param callback Callback supplying the certificates
*/
getFederatedSignonCerts(): Promise<FederatedSignonCertsResponse>;
getFederatedSignonCerts(callback: GetFederatedSignonCertsCallback): void;
getFederatedSignonCertsAsync(): Promise<FederatedSignonCertsResponse>;
verifySignedJwtWithCerts(): void;
/**
* Verify the id token is signed with the correct certificate
* and is from the correct audience.
* @param jwt The jwt to verify (The ID Token in this case).
* @param certs The array of certs to test the jwt against.
* @param requiredAudience The audience to test the jwt against.
* @param issuers The allowed issuers of the jwt (Optional).
* @param maxExpiry The max expiry the certificate can be (Optional).
* @return Returns a promise resolving to LoginTicket on verification.
*/
verifySignedJwtWithCertsAsync(jwt: string, certs: Certificates, requiredAudience: string | string[], issuers?: string[], maxExpiry?: number): Promise<LoginTicket>;
/**
* Returns true if a token is expired or will expire within
* eagerRefreshThresholdMillismilliseconds.
* If there is no expiry time, assumes the token is not expired or expiring.
*/
protected isTokenExpiring(): boolean;
}

649
node_modules/google-auth-library/build/src/auth/oauth2client.js generated vendored Normal file
View File

@ -0,0 +1,649 @@
"use strict";
/**
* Copyright 2019 Google LLC. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
Object.defineProperty(exports, "__esModule", { value: true });
const querystring = require("querystring");
const stream = require("stream");
const crypto_1 = require("../crypto/crypto");
const messages = require("../messages");
const authclient_1 = require("./authclient");
const loginticket_1 = require("./loginticket");
var CodeChallengeMethod;
(function (CodeChallengeMethod) {
CodeChallengeMethod["Plain"] = "plain";
CodeChallengeMethod["S256"] = "S256";
})(CodeChallengeMethod = exports.CodeChallengeMethod || (exports.CodeChallengeMethod = {}));
var CertificateFormat;
(function (CertificateFormat) {
CertificateFormat["PEM"] = "PEM";
CertificateFormat["JWK"] = "JWK";
})(CertificateFormat = exports.CertificateFormat || (exports.CertificateFormat = {}));
class OAuth2Client extends authclient_1.AuthClient {
constructor(optionsOrClientId, clientSecret, redirectUri) {
super();
this.certificateCache = {};
this.certificateExpiry = null;
this.certificateCacheFormat = CertificateFormat.PEM;
this.refreshTokenPromises = new Map();
const opts = optionsOrClientId && typeof optionsOrClientId === 'object'
? optionsOrClientId
: { clientId: optionsOrClientId, clientSecret, redirectUri };
this._clientId = opts.clientId;
this._clientSecret = opts.clientSecret;
this.redirectUri = opts.redirectUri;
this.eagerRefreshThresholdMillis =
opts.eagerRefreshThresholdMillis || 5 * 60 * 1000;
}
/**
* Generates URL for consent page landing.
* @param opts Options.
* @return URL to consent page.
*/
generateAuthUrl(opts = {}) {
if (opts.code_challenge_method && !opts.code_challenge) {
throw new Error('If a code_challenge_method is provided, code_challenge must be included.');
}
opts.response_type = opts.response_type || 'code';
opts.client_id = opts.client_id || this._clientId;
opts.redirect_uri = opts.redirect_uri || this.redirectUri;
// Allow scopes to be passed either as array or a string
if (opts.scope instanceof Array) {
opts.scope = opts.scope.join(' ');
}
const rootUrl = OAuth2Client.GOOGLE_OAUTH2_AUTH_BASE_URL_;
return rootUrl + '?' + querystring.stringify(opts);
}
generateCodeVerifier() {
// To make the code compatible with browser SubtleCrypto we need to make
// this method async.
throw new Error('generateCodeVerifier is removed, please use generateCodeVerifierAsync instead.');
}
/**
* Convenience method to automatically generate a code_verifier, and it's
* resulting SHA256. If used, this must be paired with a S256
* code_challenge_method.
*/
async generateCodeVerifierAsync() {
// base64 encoding uses 6 bits per character, and we want to generate128
// characters. 6*128/8 = 96.
const crypto = crypto_1.createCrypto();
const randomString = crypto.randomBytesBase64(96);
// The valid characters in the code_verifier are [A-Z]/[a-z]/[0-9]/
// "-"/"."/"_"/"~". Base64 encoded strings are pretty close, so we're just
// swapping out a few chars.
const codeVerifier = randomString
.replace(/\+/g, '~')
.replace(/=/g, '_')
.replace(/\//g, '-');
// Generate the base64 encoded SHA256
const unencodedCodeChallenge = await crypto.sha256DigestBase64(codeVerifier);
// We need to use base64UrlEncoding instead of standard base64
const codeChallenge = unencodedCodeChallenge
.split('=')[0]
.replace(/\+/g, '-')
.replace(/\//g, '_');
return { codeVerifier, codeChallenge };
}
getToken(codeOrOptions, callback) {
const options = typeof codeOrOptions === 'string' ? { code: codeOrOptions } : codeOrOptions;
if (callback) {
this.getTokenAsync(options).then(r => callback(null, r.tokens, r.res), e => callback(e, null, e.response));
}
else {
return this.getTokenAsync(options);
}
}
async getTokenAsync(options) {
const url = OAuth2Client.GOOGLE_OAUTH2_TOKEN_URL_;
const values = {
code: options.code,
client_id: options.client_id || this._clientId,
client_secret: this._clientSecret,
redirect_uri: options.redirect_uri || this.redirectUri,
grant_type: 'authorization_code',
code_verifier: options.codeVerifier,
};
const res = await this.transporter.request({
method: 'POST',
url,
data: querystring.stringify(values),
headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
});
const tokens = res.data;
if (res.data && res.data.expires_in) {
tokens.expiry_date = new Date().getTime() + res.data.expires_in * 1000;
delete tokens.expires_in;
}
this.emit('tokens', tokens);
return { tokens, res };
}
/**
* Refreshes the access token.
* @param refresh_token Existing refresh token.
* @private
*/
async refreshToken(refreshToken) {
if (!refreshToken) {
return this.refreshTokenNoCache(refreshToken);
}
// If a request to refresh using the same token has started,
// return the same promise.
if (this.refreshTokenPromises.has(refreshToken)) {
return this.refreshTokenPromises.get(refreshToken);
}
const p = this.refreshTokenNoCache(refreshToken).then(r => {
this.refreshTokenPromises.delete(refreshToken);
return r;
}, e => {
this.refreshTokenPromises.delete(refreshToken);
throw e;
});
this.refreshTokenPromises.set(refreshToken, p);
return p;
}
async refreshTokenNoCache(refreshToken) {
if (!refreshToken) {
throw new Error('No refresh token is set.');
}
const url = OAuth2Client.GOOGLE_OAUTH2_TOKEN_URL_;
const data = {
refresh_token: refreshToken,
client_id: this._clientId,
client_secret: this._clientSecret,
grant_type: 'refresh_token',
};
// request for new token
const res = await this.transporter.request({
method: 'POST',
url,
data: querystring.stringify(data),
headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
});
const tokens = res.data;
// TODO: de-duplicate this code from a few spots
if (res.data && res.data.expires_in) {
tokens.expiry_date = new Date().getTime() + res.data.expires_in * 1000;
delete tokens.expires_in;
}
this.emit('tokens', tokens);
return { tokens, res };
}
refreshAccessToken(callback) {
messages.warn(messages.REFRESH_ACCESS_TOKEN_DEPRECATED);
if (callback) {
this.refreshAccessTokenAsync().then(r => callback(null, r.credentials, r.res), callback);
}
else {
return this.refreshAccessTokenAsync();
}
}
async refreshAccessTokenAsync() {
const r = await this.refreshToken(this.credentials.refresh_token);
const tokens = r.tokens;
tokens.refresh_token = this.credentials.refresh_token;
this.credentials = tokens;
return { credentials: this.credentials, res: r.res };
}
getAccessToken(callback) {
if (callback) {
this.getAccessTokenAsync().then(r => callback(null, r.token, r.res), callback);
}
else {
return this.getAccessTokenAsync();
}
}
async getAccessTokenAsync() {
const shouldRefresh = !this.credentials.access_token || this.isTokenExpiring();
if (shouldRefresh) {
if (!this.credentials.refresh_token) {
throw new Error('No refresh token is set.');
}
const r = await this.refreshAccessTokenAsync();
if (!r.credentials || (r.credentials && !r.credentials.access_token)) {
throw new Error('Could not refresh access token.');
}
return { token: r.credentials.access_token, res: r.res };
}
else {
return { token: this.credentials.access_token };
}
}
getRequestMetadata(url, callback) {
messages.warn(messages.OAUTH_GET_REQUEST_METADATA_DEPRECATED);
if (callback) {
this.getRequestMetadataAsync(url).then(r => callback(null, r.headers, r.res), callback);
}
else {
return this.getRequestMetadataAsync();
}
}
/**
* The main authentication interface. It takes an optional url which when
* present is the endpoint being accessed, and returns a Promise which
* resolves with authorization header fields.
*
* In OAuth2Client, the result has the form:
* { Authorization: 'Bearer <access_token_value>' }
* @param url The optional url being authorized
*/
async getRequestHeaders(url) {
const res = await this.getRequestMetadataAsync(url);
return res.headers;
}
async getRequestMetadataAsync(url) {
const thisCreds = this.credentials;
if (!thisCreds.access_token && !thisCreds.refresh_token && !this.apiKey) {
throw new Error('No access, refresh token or API key is set.');
}
if (thisCreds.access_token && !this.isTokenExpiring()) {
thisCreds.token_type = thisCreds.token_type || 'Bearer';
const headers = {
Authorization: thisCreds.token_type + ' ' + thisCreds.access_token,
};
return { headers };
}
if (this.apiKey) {
return { headers: { 'X-Goog-Api-Key': this.apiKey } };
}
let r = null;
let tokens = null;
try {
r = await this.refreshToken(thisCreds.refresh_token);
tokens = r.tokens;
}
catch (err) {
const e = err;
if (e.response &&
(e.response.status === 403 || e.response.status === 404)) {
e.message = `Could not refresh access token: ${e.message}`;
}
throw e;
}
const credentials = this.credentials;
credentials.token_type = credentials.token_type || 'Bearer';
tokens.refresh_token = credentials.refresh_token;
this.credentials = tokens;
const headers = {
Authorization: credentials.token_type + ' ' + tokens.access_token,
};
return { headers, res: r.res };
}
/**
* Generates an URL to revoke the given token.
* @param token The existing token to be revoked.
*/
static getRevokeTokenUrl(token) {
const parameters = querystring.stringify({ token });
return `${OAuth2Client.GOOGLE_OAUTH2_REVOKE_URL_}?${parameters}`;
}
revokeToken(token, callback) {
const opts = {
url: OAuth2Client.getRevokeTokenUrl(token),
method: 'POST',
};
if (callback) {
this.transporter
.request(opts)
.then(r => callback(null, r), callback);
}
else {
return this.transporter.request(opts);
}
}
revokeCredentials(callback) {
if (callback) {
this.revokeCredentialsAsync().then(res => callback(null, res), callback);
}
else {
return this.revokeCredentialsAsync();
}
}
async revokeCredentialsAsync() {
const token = this.credentials.access_token;
this.credentials = {};
if (token) {
return this.revokeToken(token);
}
else {
throw new Error('No access token to revoke.');
}
}
request(opts, callback) {
if (callback) {
this.requestAsync(opts).then(r => callback(null, r), e => {
return callback(e, e.response);
});
}
else {
return this.requestAsync(opts);
}
}
async requestAsync(opts, retry = false) {
let r2;
try {
const r = await this.getRequestMetadataAsync(opts.url);
if (r.headers && r.headers.Authorization) {
opts.headers = opts.headers || {};
opts.headers.Authorization = r.headers.Authorization;
}
if (this.apiKey) {
opts.headers = opts.headers || {};
opts.headers['X-Goog-Api-Key'] = this.apiKey;
}
r2 = await this.transporter.request(opts);
}
catch (e) {
const res = e.response;
if (res) {
const statusCode = res.status;
// Retry the request for metadata if the following criteria are true:
// - We haven't already retried. It only makes sense to retry once.
// - The response was a 401 or a 403
// - The request didn't send a readableStream
// - An access_token and refresh_token were available, but no
// expiry_date was availabe. This can happen when developers stash
// the access_token and refresh_token for later use, but the
// access_token fails on the first try because it's expired.
const mayRequireRefresh = this.credentials &&
this.credentials.access_token &&
this.credentials.refresh_token &&
!this.credentials.expiry_date;
const isReadableStream = res.config.data instanceof stream.Readable;
const isAuthErr = statusCode === 401 || statusCode === 403;
if (!retry && isAuthErr && !isReadableStream && mayRequireRefresh) {
await this.refreshAccessTokenAsync();
return this.requestAsync(opts, true);
}
}
throw e;
}
return r2;
}
verifyIdToken(options, callback) {
// This function used to accept two arguments instead of an options object.
// Check the types to help users upgrade with less pain.
// This check can be removed after a 2.0 release.
if (callback && typeof callback !== 'function') {
throw new Error('This method accepts an options object as the first parameter, which includes the idToken, audience, and maxExpiry.');
}
if (callback) {
this.verifyIdTokenAsync(options).then(r => callback(null, r), callback);
}
else {
return this.verifyIdTokenAsync(options);
}
}
async verifyIdTokenAsync(options) {
if (!options.idToken) {
throw new Error('The verifyIdToken method requires an ID Token');
}
const response = await this.getFederatedSignonCertsAsync();
const login = await this.verifySignedJwtWithCertsAsync(options.idToken, response.certs, options.audience, OAuth2Client.ISSUERS_, options.maxExpiry);
return login;
}
/**
* Obtains information about the provisioned access token. Especially useful
* if you want to check the scopes that were provisioned to a given token.
*
* @param accessToken Required. The Access Token for which you want to get
* user info.
*/
async getTokenInfo(accessToken) {
const { data } = await this.transporter.request({
method: 'GET',
url: OAuth2Client.GOOGLE_TOKEN_INFO_URL,
params: { access_token: accessToken },
});
const info = Object.assign({
expiry_date: new Date().getTime() + data.expires_in * 1000,
scopes: data.scope.split(' '),
}, data);
delete info.expires_in;
delete info.scope;
return info;
}
getFederatedSignonCerts(callback) {
if (callback) {
this.getFederatedSignonCertsAsync().then(r => callback(null, r.certs, r.res), callback);
}
else {
return this.getFederatedSignonCertsAsync();
}
}
async getFederatedSignonCertsAsync() {
const nowTime = new Date().getTime();
const format = crypto_1.hasBrowserCrypto()
? CertificateFormat.JWK
: CertificateFormat.PEM;
if (this.certificateExpiry &&
nowTime < this.certificateExpiry.getTime() &&
this.certificateCacheFormat === format) {
return { certs: this.certificateCache, format };
}
let res;
let url;
switch (format) {
case CertificateFormat.PEM:
url = OAuth2Client.GOOGLE_OAUTH2_FEDERATED_SIGNON_PEM_CERTS_URL_;
break;
case CertificateFormat.JWK:
url = OAuth2Client.GOOGLE_OAUTH2_FEDERATED_SIGNON_JWK_CERTS_URL_;
break;
default:
throw new Error(`Unsupported certificate format ${format}`);
}
try {
res = await this.transporter.request({ url });
}
catch (e) {
e.message = `Failed to retrieve verification certificates: ${e.message}`;
throw e;
}
const cacheControl = res ? res.headers['cache-control'] : undefined;
let cacheAge = -1;
if (cacheControl) {
const pattern = new RegExp('max-age=([0-9]*)');
const regexResult = pattern.exec(cacheControl);
if (regexResult && regexResult.length === 2) {
// Cache results with max-age (in seconds)
cacheAge = Number(regexResult[1]) * 1000; // milliseconds
}
}
let certificates = {};
switch (format) {
case CertificateFormat.PEM:
certificates = res.data;
break;
case CertificateFormat.JWK:
for (const key of res.data.keys) {
certificates[key.kid] = key;
}
break;
default:
throw new Error(`Unsupported certificate format ${format}`);
}
const now = new Date();
this.certificateExpiry =
cacheAge === -1 ? null : new Date(now.getTime() + cacheAge);
this.certificateCache = certificates;
this.certificateCacheFormat = format;
return { certs: certificates, format, res };
}
verifySignedJwtWithCerts() {
// To make the code compatible with browser SubtleCrypto we need to make
// this method async.
throw new Error('verifySignedJwtWithCerts is removed, please use verifySignedJwtWithCertsAsync instead.');
}
/**
* Verify the id token is signed with the correct certificate
* and is from the correct audience.
* @param jwt The jwt to verify (The ID Token in this case).
* @param certs The array of certs to test the jwt against.
* @param requiredAudience The audience to test the jwt against.
* @param issuers The allowed issuers of the jwt (Optional).
* @param maxExpiry The max expiry the certificate can be (Optional).
* @return Returns a promise resolving to LoginTicket on verification.
*/
async verifySignedJwtWithCertsAsync(jwt, certs, requiredAudience, issuers, maxExpiry) {
const crypto = crypto_1.createCrypto();
if (!maxExpiry) {
maxExpiry = OAuth2Client.MAX_TOKEN_LIFETIME_SECS_;
}
const segments = jwt.split('.');
if (segments.length !== 3) {
throw new Error('Wrong number of segments in token: ' + jwt);
}
const signed = segments[0] + '.' + segments[1];
const signature = segments[2];
let envelope;
let payload;
try {
envelope = JSON.parse(crypto.decodeBase64StringUtf8(segments[0]));
}
catch (err) {
err.message = `Can't parse token envelope: ${segments[0]}': ${err.message}`;
throw err;
}
if (!envelope) {
throw new Error("Can't parse token envelope: " + segments[0]);
}
try {
payload = JSON.parse(crypto.decodeBase64StringUtf8(segments[1]));
}
catch (err) {
err.message = `Can't parse token payload '${segments[0]}`;
throw err;
}
if (!payload) {
throw new Error("Can't parse token payload: " + segments[1]);
}
if (!certs.hasOwnProperty(envelope.kid)) {
// If this is not present, then there's no reason to attempt verification
throw new Error('No pem found for envelope: ' + JSON.stringify(envelope));
}
const cert = certs[envelope.kid];
const verified = await crypto.verify(cert, signed, signature);
if (!verified) {
throw new Error('Invalid token signature: ' + jwt);
}
if (!payload.iat) {
throw new Error('No issue time in token: ' + JSON.stringify(payload));
}
if (!payload.exp) {
throw new Error('No expiration time in token: ' + JSON.stringify(payload));
}
const iat = Number(payload.iat);
if (isNaN(iat))
throw new Error('iat field using invalid format');
const exp = Number(payload.exp);
if (isNaN(exp))
throw new Error('exp field using invalid format');
const now = new Date().getTime() / 1000;
if (exp >= now + maxExpiry) {
throw new Error('Expiration time too far in future: ' + JSON.stringify(payload));
}
const earliest = iat - OAuth2Client.CLOCK_SKEW_SECS_;
const latest = exp + OAuth2Client.CLOCK_SKEW_SECS_;
if (now < earliest) {
throw new Error('Token used too early, ' +
now +
' < ' +
earliest +
': ' +
JSON.stringify(payload));
}
if (now > latest) {
throw new Error('Token used too late, ' +
now +
' > ' +
latest +
': ' +
JSON.stringify(payload));
}
if (issuers && issuers.indexOf(payload.iss) < 0) {
throw new Error('Invalid issuer, expected one of [' +
issuers +
'], but got ' +
payload.iss);
}
// Check the audience matches if we have one
if (typeof requiredAudience !== 'undefined' && requiredAudience !== null) {
const aud = payload.aud;
let audVerified = false;
// If the requiredAudience is an array, check if it contains token
// audience
if (requiredAudience.constructor === Array) {
audVerified = requiredAudience.indexOf(aud) > -1;
}
else {
audVerified = aud === requiredAudience;
}
if (!audVerified) {
throw new Error('Wrong recipient, payload audience != requiredAudience');
}
}
return new loginticket_1.LoginTicket(envelope, payload);
}
/**
* Returns true if a token is expired or will expire within
* eagerRefreshThresholdMillismilliseconds.
* If there is no expiry time, assumes the token is not expired or expiring.
*/
isTokenExpiring() {
const expiryDate = this.credentials.expiry_date;
return expiryDate
? expiryDate <= new Date().getTime() + this.eagerRefreshThresholdMillis
: false;
}
}
exports.OAuth2Client = OAuth2Client;
OAuth2Client.GOOGLE_TOKEN_INFO_URL = 'https://oauth2.googleapis.com/tokeninfo';
/**
* The base URL for auth endpoints.
*/
OAuth2Client.GOOGLE_OAUTH2_AUTH_BASE_URL_ = 'https://accounts.google.com/o/oauth2/v2/auth';
/**
* The base endpoint for token retrieval.
*/
OAuth2Client.GOOGLE_OAUTH2_TOKEN_URL_ = 'https://oauth2.googleapis.com/token';
/**
* The base endpoint to revoke tokens.
*/
OAuth2Client.GOOGLE_OAUTH2_REVOKE_URL_ = 'https://oauth2.googleapis.com/revoke';
/**
* Google Sign on certificates in PEM format.
*/
OAuth2Client.GOOGLE_OAUTH2_FEDERATED_SIGNON_PEM_CERTS_URL_ = 'https://www.googleapis.com/oauth2/v1/certs';
/**
* Google Sign on certificates in JWK format.
*/
OAuth2Client.GOOGLE_OAUTH2_FEDERATED_SIGNON_JWK_CERTS_URL_ = 'https://www.googleapis.com/oauth2/v3/certs';
/**
* Clock skew - five minutes in seconds
*/
OAuth2Client.CLOCK_SKEW_SECS_ = 300;
/**
* Max Token Lifetime is one day in seconds
*/
OAuth2Client.MAX_TOKEN_LIFETIME_SECS_ = 86400;
/**
* The allowed oauth token issuers.
*/
OAuth2Client.ISSUERS_ = [
'accounts.google.com',
'https://accounts.google.com',
];
//# sourceMappingURL=oauth2client.js.map

58
node_modules/google-auth-library/build/src/auth/refreshclient.d.ts generated vendored Normal file
View File

@ -0,0 +1,58 @@
/**
* Copyright 2015 Google Inc. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/// <reference types="node" />
import * as stream from 'stream';
import { JWTInput } from './credentials';
import { GetTokenResponse, OAuth2Client, RefreshOptions } from './oauth2client';
export interface UserRefreshClientOptions extends RefreshOptions {
clientId?: string;
clientSecret?: string;
refreshToken?: string;
}
export declare class UserRefreshClient extends OAuth2Client {
_refreshToken?: string | null;
/**
* User Refresh Token credentials.
*
* @param clientId The authentication client ID.
* @param clientSecret The authentication client secret.
* @param refreshToken The authentication refresh token.
*/
constructor(clientId?: string, clientSecret?: string, refreshToken?: string);
constructor(options: UserRefreshClientOptions);
constructor(clientId?: string, clientSecret?: string, refreshToken?: string);
/**
* Refreshes the access token.
* @param refreshToken An ignored refreshToken..
* @param callback Optional callback.
*/
protected refreshTokenNoCache(refreshToken?: string | null): Promise<GetTokenResponse>;
/**
* Create a UserRefreshClient credentials instance using the given input
* options.
* @param json The input object.
*/
fromJSON(json: JWTInput): void;
/**
* Create a UserRefreshClient credentials instance using the given input
* stream.
* @param inputStream The input stream.
* @param callback Optional callback.
*/
fromStream(inputStream: stream.Readable): Promise<void>;
fromStream(inputStream: stream.Readable, callback: (err?: Error) => void): void;
private fromStreamAsync;
}

102
node_modules/google-auth-library/build/src/auth/refreshclient.js generated vendored Normal file
View File

@ -0,0 +1,102 @@
"use strict";
/**
* Copyright 2015 Google Inc. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
Object.defineProperty(exports, "__esModule", { value: true });
const oauth2client_1 = require("./oauth2client");
class UserRefreshClient extends oauth2client_1.OAuth2Client {
constructor(optionsOrClientId, clientSecret, refreshToken, eagerRefreshThresholdMillis) {
const opts = optionsOrClientId && typeof optionsOrClientId === 'object'
? optionsOrClientId
: {
clientId: optionsOrClientId,
clientSecret,
refreshToken,
eagerRefreshThresholdMillis,
};
super({
clientId: opts.clientId,
clientSecret: opts.clientSecret,
eagerRefreshThresholdMillis: opts.eagerRefreshThresholdMillis,
});
this._refreshToken = opts.refreshToken;
}
/**
* Refreshes the access token.
* @param refreshToken An ignored refreshToken..
* @param callback Optional callback.
*/
async refreshTokenNoCache(refreshToken) {
return super.refreshTokenNoCache(this._refreshToken);
}
/**
* Create a UserRefreshClient credentials instance using the given input
* options.
* @param json The input object.
*/
fromJSON(json) {
if (!json) {
throw new Error('Must pass in a JSON object containing the user refresh token');
}
if (json.type !== 'authorized_user') {
throw new Error('The incoming JSON object does not have the "authorized_user" type');
}
if (!json.client_id) {
throw new Error('The incoming JSON object does not contain a client_id field');
}
if (!json.client_secret) {
throw new Error('The incoming JSON object does not contain a client_secret field');
}
if (!json.refresh_token) {
throw new Error('The incoming JSON object does not contain a refresh_token field');
}
this._clientId = json.client_id;
this._clientSecret = json.client_secret;
this._refreshToken = json.refresh_token;
this.credentials.refresh_token = json.refresh_token;
}
fromStream(inputStream, callback) {
if (callback) {
this.fromStreamAsync(inputStream).then(r => callback(), callback);
}
else {
return this.fromStreamAsync(inputStream);
}
}
async fromStreamAsync(inputStream) {
return new Promise((resolve, reject) => {
if (!inputStream) {
return reject(new Error('Must pass in a stream containing the user refresh token.'));
}
let s = '';
inputStream
.setEncoding('utf8')
.on('error', reject)
.on('data', chunk => (s += chunk))
.on('end', () => {
try {
const data = JSON.parse(s);
this.fromJSON(data);
return resolve();
}
catch (err) {
return reject(err);
}
});
});
}
}
exports.UserRefreshClient = UserRefreshClient;
//# sourceMappingURL=refreshclient.js.map

26
node_modules/google-auth-library/build/src/crypto/browser/crypto.d.ts generated vendored Normal file
View File

@ -0,0 +1,26 @@
/**
* Copyright 2019 Google LLC. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
import { Crypto, JwkCertificate } from '../crypto';
export declare class BrowserCrypto implements Crypto {
constructor();
sha256DigestBase64(str: string): Promise<string>;
randomBytesBase64(count: number): string;
private static padBase64;
verify(pubkey: JwkCertificate, data: string, signature: string): Promise<boolean>;
sign(privateKey: JwkCertificate, data: string): Promise<string>;
decodeBase64StringUtf8(base64: string): string;
encodeBase64StringUtf8(text: string): string;
}

94
node_modules/google-auth-library/build/src/crypto/browser/crypto.js generated vendored Normal file
View File

@ -0,0 +1,94 @@
"use strict";
/**
* Copyright 2019 Google LLC. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
Object.defineProperty(exports, "__esModule", { value: true });
// This file implements crypto functions we need using in-browser
// SubtleCrypto interface `window.crypto.subtle`.
const base64js = require("base64-js");
// Not all browsers support `TextEncoder`. The following `require` will
// provide a fast UTF8-only replacement for those browsers that don't support
// text encoding natively.
if (typeof process === 'undefined' && typeof TextEncoder === 'undefined') {
require('fast-text-encoding');
}
class BrowserCrypto {
constructor() {
if (typeof window === 'undefined' ||
window.crypto === undefined ||
window.crypto.subtle === undefined) {
throw new Error("SubtleCrypto not found. Make sure it's an https:// website.");
}
}
async sha256DigestBase64(str) {
// SubtleCrypto digest() method is async, so we must make
// this method async as well.
// To calculate SHA256 digest using SubtleCrypto, we first
// need to convert an input string to an ArrayBuffer:
const inputBuffer = new TextEncoder().encode(str);
// Result is ArrayBuffer as well.
const outputBuffer = await window.crypto.subtle.digest('SHA-256', inputBuffer);
return base64js.fromByteArray(new Uint8Array(outputBuffer));
}
randomBytesBase64(count) {
const array = new Uint8Array(count);
window.crypto.getRandomValues(array);
return base64js.fromByteArray(array);
}
static padBase64(base64) {
// base64js requires padding, so let's add some '='
while (base64.length % 4 !== 0) {
base64 += '=';
}
return base64;
}
async verify(pubkey, data, signature) {
const algo = {
name: 'RSASSA-PKCS1-v1_5',
hash: { name: 'SHA-256' },
};
const dataArray = new TextEncoder().encode(data);
const signatureArray = base64js.toByteArray(BrowserCrypto.padBase64(signature));
const cryptoKey = await window.crypto.subtle.importKey('jwk', pubkey, algo, true, ['verify']);
// SubtleCrypto's verify method is async so we must make
// this method async as well.
const result = await window.crypto.subtle.verify(algo, cryptoKey, signatureArray, dataArray);
return result;
}
async sign(privateKey, data) {
const algo = {
name: 'RSASSA-PKCS1-v1_5',
hash: { name: 'SHA-256' },
};
const dataArray = new TextEncoder().encode(data);
const cryptoKey = await window.crypto.subtle.importKey('jwk', privateKey, algo, true, ['sign']);
// SubtleCrypto's sign method is async so we must make
// this method async as well.
const result = await window.crypto.subtle.sign(algo, cryptoKey, dataArray);
return base64js.fromByteArray(new Uint8Array(result));
}
decodeBase64StringUtf8(base64) {
const uint8array = base64js.toByteArray(BrowserCrypto.padBase64(base64));
const result = new TextDecoder().decode(uint8array);
return result;
}
encodeBase64StringUtf8(text) {
const uint8array = new TextEncoder().encode(text);
const result = base64js.fromByteArray(uint8array);
return result;
}
}
exports.BrowserCrypto = BrowserCrypto;
//# sourceMappingURL=crypto.js.map

38
node_modules/google-auth-library/build/src/crypto/crypto.d.ts generated vendored Normal file
View File

@ -0,0 +1,38 @@
/**
* Copyright 2019 Google LLC. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/// <reference types="node" />
export interface JwkCertificate {
kty: string;
alg: string;
use?: string;
kid: string;
n: string;
e: string;
}
export interface CryptoSigner {
update(data: string): void;
sign(key: string, outputFormat: string): string;
}
export interface Crypto {
sha256DigestBase64(str: string): Promise<string>;
randomBytesBase64(n: number): string;
verify(pubkey: string | JwkCertificate, data: string | Buffer, signature: string): Promise<boolean>;
sign(privateKey: string | JwkCertificate, data: string | Buffer): Promise<string>;
decodeBase64StringUtf8(base64: string): string;
encodeBase64StringUtf8(text: string): string;
}
export declare function createCrypto(): Crypto;
export declare function hasBrowserCrypto(): boolean;

33
node_modules/google-auth-library/build/src/crypto/crypto.js generated vendored Normal file
View File

@ -0,0 +1,33 @@
"use strict";
/**
* Copyright 2019 Google LLC. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
Object.defineProperty(exports, "__esModule", { value: true });
const crypto_1 = require("./browser/crypto");
const crypto_2 = require("./node/crypto");
function createCrypto() {
if (hasBrowserCrypto()) {
return new crypto_1.BrowserCrypto();
}
return new crypto_2.NodeCrypto();
}
exports.createCrypto = createCrypto;
function hasBrowserCrypto() {
return (typeof window !== 'undefined' &&
typeof window.crypto !== 'undefined' &&
typeof window.crypto.subtle !== 'undefined');
}
exports.hasBrowserCrypto = hasBrowserCrypto;
//# sourceMappingURL=crypto.js.map

25
node_modules/google-auth-library/build/src/crypto/node/crypto.d.ts generated vendored Normal file
View File

@ -0,0 +1,25 @@
/**
* Copyright 2019 Google LLC. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/// <reference types="node" />
import { Crypto } from '../crypto';
export declare class NodeCrypto implements Crypto {
sha256DigestBase64(str: string): Promise<string>;
randomBytesBase64(count: number): string;
verify(pubkey: string, data: string | Buffer, signature: string): Promise<boolean>;
sign(privateKey: string, data: string | Buffer): Promise<string>;
decodeBase64StringUtf8(base64: string): string;
encodeBase64StringUtf8(text: string): string;
}

49
node_modules/google-auth-library/build/src/crypto/node/crypto.js generated vendored Normal file
View File

@ -0,0 +1,49 @@
"use strict";
/**
* Copyright 2019 Google LLC. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
Object.defineProperty(exports, "__esModule", { value: true });
const crypto = require("crypto");
class NodeCrypto {
async sha256DigestBase64(str) {
return crypto
.createHash('sha256')
.update(str)
.digest('base64');
}
randomBytesBase64(count) {
return crypto.randomBytes(count).toString('base64');
}
async verify(pubkey, data, signature) {
const verifier = crypto.createVerify('sha256');
verifier.update(data);
verifier.end();
return verifier.verify(pubkey, signature, 'base64');
}
async sign(privateKey, data) {
const signer = crypto.createSign('RSA-SHA256');
signer.update(data);
signer.end();
return signer.sign(privateKey, 'base64');
}
decodeBase64StringUtf8(base64) {
return Buffer.from(base64, 'base64').toString('utf-8');
}
encodeBase64StringUtf8(text) {
return Buffer.from(text, 'utf-8').toString('base64');
}
}
exports.NodeCrypto = NodeCrypto;
//# sourceMappingURL=crypto.js.map

28
node_modules/google-auth-library/build/src/index.d.ts generated vendored Normal file
View File

@ -0,0 +1,28 @@
/**
* Copyright 2017 Google Inc. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
import { GoogleAuth } from './auth/googleauth';
export { Compute, ComputeOptions } from './auth/computeclient';
export { CredentialBody, CredentialRequest, Credentials, JWTInput, } from './auth/credentials';
export { GCPEnv } from './auth/envDetect';
export { GoogleAuthOptions, ProjectIdCallback } from './auth/googleauth';
export { IAMAuth, RequestMetadata } from './auth/iam';
export { Claims, JWTAccess } from './auth/jwtaccess';
export { JWT, JWTOptions } from './auth/jwtclient';
export { Certificates, CodeChallengeMethod, GenerateAuthUrlOpts, GetTokenOptions, OAuth2Client, OAuth2ClientOptions, RefreshOptions, TokenInfo, VerifyIdTokenOptions, } from './auth/oauth2client';
export { UserRefreshClient, UserRefreshClientOptions, } from './auth/refreshclient';
export { DefaultTransporter } from './transporters';
declare const auth: GoogleAuth;
export { auth, GoogleAuth };

39
node_modules/google-auth-library/build/src/index.js generated vendored Normal file
View File

@ -0,0 +1,39 @@
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
/**
* Copyright 2017 Google Inc. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
const googleauth_1 = require("./auth/googleauth");
exports.GoogleAuth = googleauth_1.GoogleAuth;
var computeclient_1 = require("./auth/computeclient");
exports.Compute = computeclient_1.Compute;
var envDetect_1 = require("./auth/envDetect");
exports.GCPEnv = envDetect_1.GCPEnv;
var iam_1 = require("./auth/iam");
exports.IAMAuth = iam_1.IAMAuth;
var jwtaccess_1 = require("./auth/jwtaccess");
exports.JWTAccess = jwtaccess_1.JWTAccess;
var jwtclient_1 = require("./auth/jwtclient");
exports.JWT = jwtclient_1.JWT;
var oauth2client_1 = require("./auth/oauth2client");
exports.CodeChallengeMethod = oauth2client_1.CodeChallengeMethod;
exports.OAuth2Client = oauth2client_1.OAuth2Client;
var refreshclient_1 = require("./auth/refreshclient");
exports.UserRefreshClient = refreshclient_1.UserRefreshClient;
var transporters_1 = require("./transporters");
exports.DefaultTransporter = transporters_1.DefaultTransporter;
const auth = new googleauth_1.GoogleAuth();
exports.auth = auth;
//# sourceMappingURL=index.js.map

76
node_modules/google-auth-library/build/src/messages.d.ts generated vendored Normal file
View File

@ -0,0 +1,76 @@
/**
* Copyright 2018 Google LLC. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
export declare enum WarningTypes {
WARNING = "Warning",
DEPRECATION = "DeprecationWarning"
}
export declare function warn(warning: Warning): void;
export interface Warning {
code: string;
type: WarningTypes;
message: string;
warned?: boolean;
}
export declare const PROBLEMATIC_CREDENTIALS_WARNING: {
code: string;
type: WarningTypes;
message: string;
};
export declare const DEFAULT_PROJECT_ID_DEPRECATED: {
code: string;
type: WarningTypes;
message: string;
};
export declare const COMPUTE_CREATE_SCOPED_DEPRECATED: {
code: string;
type: WarningTypes;
message: string;
};
export declare const JWT_CREATE_SCOPED_DEPRECATED: {
code: string;
type: WarningTypes;
message: string;
};
export declare const IAM_CREATE_SCOPED_DEPRECATED: {
code: string;
type: WarningTypes;
message: string;
};
export declare const JWT_ACCESS_CREATE_SCOPED_DEPRECATED: {
code: string;
type: WarningTypes;
message: string;
};
export declare const REFRESH_ACCESS_TOKEN_DEPRECATED: {
code: string;
type: WarningTypes;
message: string;
};
export declare const OAUTH_GET_REQUEST_METADATA_DEPRECATED: {
code: string;
type: WarningTypes;
message: string;
};
export declare const IAM_GET_REQUEST_METADATA_DEPRECATED: {
code: string;
type: WarningTypes;
message: string;
};
export declare const JWT_ACCESS_GET_REQUEST_METADATA_DEPRECATED: {
code: string;
type: WarningTypes;
message: string;
};

130
node_modules/google-auth-library/build/src/messages.js generated vendored Normal file
View File

@ -0,0 +1,130 @@
"use strict";
/**
* Copyright 2018 Google LLC. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
Object.defineProperty(exports, "__esModule", { value: true });
var WarningTypes;
(function (WarningTypes) {
WarningTypes["WARNING"] = "Warning";
WarningTypes["DEPRECATION"] = "DeprecationWarning";
})(WarningTypes = exports.WarningTypes || (exports.WarningTypes = {}));
function warn(warning) {
// Only show a given warning once
if (warning.warned) {
return;
}
warning.warned = true;
if (typeof process !== 'undefined' && process.emitWarning) {
// @types/node doesn't recognize the emitWarning syntax which
// accepts a config object, so `as any` it is
// https://nodejs.org/docs/latest-v8.x/api/process.html#process_process_emitwarning_warning_options
// tslint:disable-next-line no-any
process.emitWarning(warning.message, warning);
}
else {
console.warn(warning.message);
}
}
exports.warn = warn;
exports.PROBLEMATIC_CREDENTIALS_WARNING = {
code: 'google-auth-library:00001',
type: WarningTypes.WARNING,
message: [
'Your application has authenticated using end user credentials from Google',
'Cloud SDK. We recommend that most server applications use service accounts',
'instead. If your application continues to use end user credentials from',
'Cloud SDK, you might receive a "quota exceeded" or "API not enabled" error.',
'For more information about service accounts, see',
'https://cloud.google.com/docs/authentication/.',
].join(' '),
};
exports.DEFAULT_PROJECT_ID_DEPRECATED = {
code: 'google-auth-library:DEP002',
type: WarningTypes.DEPRECATION,
message: [
'The `getDefaultProjectId` method has been deprecated, and will be removed',
'in the 3.0 release of google-auth-library. Please use the `getProjectId`',
'method instead.',
].join(' '),
};
exports.COMPUTE_CREATE_SCOPED_DEPRECATED = {
code: 'google-auth-library:DEP003',
type: WarningTypes.DEPRECATION,
message: [
'The `createScopedRequired` method on the `Compute` class has been deprecated,',
'and will be removed in the 3.0 release of google-auth-library.',
].join(' '),
};
exports.JWT_CREATE_SCOPED_DEPRECATED = {
code: 'google-auth-library:DEP004',
type: WarningTypes.DEPRECATION,
message: [
'The `createScopedRequired` method on the `JWT` class has been deprecated,',
'and will be removed in the 3.0 release of google-auth-library.',
].join(' '),
};
exports.IAM_CREATE_SCOPED_DEPRECATED = {
code: 'google-auth-library:DEP005',
type: WarningTypes.DEPRECATION,
message: [
'The `createScopedRequired` method on the `IAM` class has been deprecated,',
'and will be removed in the 3.0 release of google-auth-library.',
].join(' '),
};
exports.JWT_ACCESS_CREATE_SCOPED_DEPRECATED = {
code: 'google-auth-library:DEP006',
type: WarningTypes.DEPRECATION,
message: [
'The `createScopedRequired` method on the `JWTAccess` class has been deprecated,',
'and will be removed in the 3.0 release of google-auth-library.',
].join(' '),
};
exports.REFRESH_ACCESS_TOKEN_DEPRECATED = {
code: 'google-auth-library:DEP007',
type: WarningTypes.DEPRECATION,
message: [
'The `refreshAccessToken` method has been deprecated, and will be removed',
'in the 3.0 release of google-auth-library. Please use the `getRequestHeaders`',
'method instead.',
].join(' '),
};
exports.OAUTH_GET_REQUEST_METADATA_DEPRECATED = {
code: 'google-auth-library:DEP004',
type: WarningTypes.DEPRECATION,
message: [
'The `getRequestMetadata` method on the `OAuth2` class has been deprecated,',
'and will be removed in the 3.0 release of google-auth-library. Please use',
'the `getRequestHeaders` method instead.',
].join(' '),
};
exports.IAM_GET_REQUEST_METADATA_DEPRECATED = {
code: 'google-auth-library:DEP005',
type: WarningTypes.DEPRECATION,
message: [
'The `getRequestMetadata` method on the `IAM` class has been deprecated,',
'and will be removed in the 3.0 release of google-auth-library. Please use',
'the `getRequestHeaders` method instead.',
].join(' '),
};
exports.JWT_ACCESS_GET_REQUEST_METADATA_DEPRECATED = {
code: 'google-auth-library:DEP006',
type: WarningTypes.DEPRECATION,
message: [
'The `getRequestMetadata` method on the `JWTAccess` class has been deprecated,',
'and will be removed in the 3.0 release of google-auth-library. Please use',
'the `getRequestHeaders` method instead.',
].join(' '),
};
//# sourceMappingURL=messages.js.map

16
node_modules/google-auth-library/build/src/options.d.ts generated vendored Normal file
View File

@ -0,0 +1,16 @@
/**
* Copyright 2017 Google Inc. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
export declare function validate(options: any): void;

37
node_modules/google-auth-library/build/src/options.js generated vendored Normal file
View File

@ -0,0 +1,37 @@
"use strict";
/**
* Copyright 2017 Google Inc. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
Object.defineProperty(exports, "__esModule", { value: true });
// Accepts an options object passed from the user to the API. In the
// previous version of the API, it referred to a `Request` options object.
// Now it refers to an Axiox Request Config object. This is here to help
// ensure users don't pass invalid options when they upgrade from 0.x to 1.x.
// tslint:disable-next-line no-any
function validate(options) {
const vpairs = [
{ invalid: 'uri', expected: 'url' },
{ invalid: 'json', expected: 'data' },
{ invalid: 'qs', expected: 'params' },
];
for (const pair of vpairs) {
if (options[pair.invalid]) {
const e = `'${pair.invalid}' is not a valid configuration option. Please use '${pair.expected}' instead. This library is using Axios for requests. Please see https://github.com/axios/axios to learn more about the valid request options.`;
throw new Error(e);
}
}
}
exports.validate = validate;
//# sourceMappingURL=options.js.map

51
node_modules/google-auth-library/build/src/transporters.d.ts generated vendored Normal file
View File

@ -0,0 +1,51 @@
/**
* Copyright 2019 Google LLC. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
import { GaxiosError, GaxiosOptions, GaxiosPromise, GaxiosResponse } from 'gaxios';
export interface Transporter {
request<T>(opts: GaxiosOptions): GaxiosPromise<T>;
request<T>(opts: GaxiosOptions, callback?: BodyResponseCallback<T>): void;
request<T>(opts: GaxiosOptions, callback?: BodyResponseCallback<T>): GaxiosPromise | void;
}
export interface BodyResponseCallback<T> {
(err: Error | null, res?: GaxiosResponse<T> | null): void;
}
export interface RequestError extends GaxiosError {
errors: Error[];
}
export declare class DefaultTransporter {
/**
* Default user agent.
*/
static readonly USER_AGENT: string;
/**
* Configures request options before making a request.
* @param opts GaxiosOptions options.
* @return Configured options.
*/
configure(opts?: GaxiosOptions): GaxiosOptions;
/**
* Makes a request using Gaxios with given options.
* @param opts GaxiosOptions options.
* @param callback optional callback that contains GaxiosResponse object.
* @return GaxiosPromise, assuming no callback is passed.
*/
request<T>(opts: GaxiosOptions): GaxiosPromise<T>;
request<T>(opts: GaxiosOptions, callback?: BodyResponseCallback<T>): void;
/**
* Changes the error to include details from the body.
*/
private processError;
}

116
node_modules/google-auth-library/build/src/transporters.js generated vendored Normal file
View File

@ -0,0 +1,116 @@
"use strict";
/**
* Copyright 2019 Google LLC. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
Object.defineProperty(exports, "__esModule", { value: true });
const gaxios_1 = require("gaxios");
const options_1 = require("./options");
// tslint:disable-next-line no-var-requires
const pkg = require('../../package.json');
const PRODUCT_NAME = 'google-api-nodejs-client';
class DefaultTransporter {
/**
* Configures request options before making a request.
* @param opts GaxiosOptions options.
* @return Configured options.
*/
configure(opts = {}) {
opts.headers = opts.headers || {};
if (typeof window === 'undefined') {
// set transporter user agent if not in browser
const uaValue = opts.headers['User-Agent'];
if (!uaValue) {
opts.headers['User-Agent'] = DefaultTransporter.USER_AGENT;
}
else if (!uaValue.includes(`${PRODUCT_NAME}/`)) {
opts.headers['User-Agent'] = `${uaValue} ${DefaultTransporter.USER_AGENT}`;
}
// track google-auth-library-nodejs version:
const authVersion = `auth/${pkg.version}`;
if (opts.headers['x-goog-api-client']) {
opts.headers['x-goog-api-client'] = `${opts.headers['x-goog-api-client']} ${authVersion}`;
}
else {
const nodeVersion = process.version.replace(/^v/, '');
opts.headers['x-goog-api-client'] = `gl-node/${nodeVersion} ${authVersion}`;
}
}
return opts;
}
request(opts, callback) {
// ensure the user isn't passing in request-style options
opts = this.configure(opts);
try {
options_1.validate(opts);
}
catch (e) {
if (callback) {
return callback(e);
}
else {
throw e;
}
}
if (callback) {
gaxios_1.request(opts).then(r => {
callback(null, r);
}, e => {
callback(this.processError(e));
});
}
else {
return gaxios_1.request(opts).catch(e => {
throw this.processError(e);
});
}
}
/**
* Changes the error to include details from the body.
*/
processError(e) {
const res = e.response;
const err = e;
const body = res ? res.data : null;
if (res && body && body.error && res.status !== 200) {
if (typeof body.error === 'string') {
err.message = body.error;
err.code = res.status.toString();
}
else if (Array.isArray(body.error.errors)) {
err.message = body.error.errors
.map((err2) => err2.message)
.join('\n');
err.code = body.error.code;
err.errors = body.error.errors;
}
else {
err.message = body.error.message;
err.code = body.error.code || res.status;
}
}
else if (res && res.status >= 400) {
// Consider all 4xx and 5xx responses errors.
err.message = body;
err.code = res.status.toString();
}
return err;
}
}
exports.DefaultTransporter = DefaultTransporter;
/**
* Default user agent.
*/
DefaultTransporter.USER_AGENT = `${PRODUCT_NAME}/${pkg.version}`;
//# sourceMappingURL=transporters.js.map

137
node_modules/google-auth-library/package.json generated vendored Normal file
View File

@ -0,0 +1,137 @@
{
"_from": "google-auth-library@^5.0.0",
"_id": "google-auth-library@5.2.1",
"_inBundle": false,
"_integrity": "sha512-p9vO6UcRIK/zD3PxoMijaUfFYu6tvzaQwvag1K/82O42NBeAnmllyQUgqaBhcAh9FzFAVlN4bQIaO8+prpE7Vg==",
"_location": "/google-auth-library",
"_phantomChildren": {},
"_requested": {
"type": "range",
"registry": true,
"raw": "google-auth-library@^5.0.0",
"name": "google-auth-library",
"escapedName": "google-auth-library",
"rawSpec": "^5.0.0",
"saveSpec": null,
"fetchSpec": "^5.0.0"
},
"_requiredBy": [
"/@google-cloud/common",
"/gcs-resumable-upload",
"/google-gax"
],
"_resolved": "https://registry.npmjs.org/google-auth-library/-/google-auth-library-5.2.1.tgz",
"_shasum": "3df7cb4186a24355184551837b24012cb1b31013",
"_spec": "google-auth-library@^5.0.0",
"_where": "C:\\Users\\matia\\Documents\\GitHub\\FutoX-Musix\\node_modules\\google-gax",
"author": {
"name": "Google Inc."
},
"bugs": {
"url": "https://github.com/googleapis/google-auth-library-nodejs/issues"
},
"bundleDependencies": false,
"dependencies": {
"arrify": "^2.0.0",
"base64-js": "^1.3.0",
"fast-text-encoding": "^1.0.0",
"gaxios": "^2.0.0",
"gcp-metadata": "^2.0.0",
"gtoken": "^4.0.0",
"jws": "^3.1.5",
"lru-cache": "^5.0.0"
},
"deprecated": false,
"description": "Google APIs Authentication Client Library for Node.js",
"devDependencies": {
"@compodoc/compodoc": "^1.1.7",
"@types/base64-js": "^1.2.5",
"@types/chai": "^4.1.7",
"@types/jws": "^3.1.0",
"@types/lru-cache": "^5.0.0",
"@types/mocha": "^5.2.1",
"@types/mv": "^2.1.0",
"@types/ncp": "^2.0.1",
"@types/node": "^10.5.1",
"@types/sinon": "^7.0.0",
"@types/tmp": "^0.1.0",
"assert-rejects": "^1.0.0",
"chai": "^4.2.0",
"codecov": "^3.0.2",
"eslint": "^6.0.0",
"eslint-config-prettier": "^6.0.0",
"eslint-plugin-node": "^10.0.0",
"eslint-plugin-prettier": "^3.0.0",
"execa": "^2.0.0",
"gts": "^1.0.0",
"is-docker": "^2.0.0",
"js-green-licenses": "^1.0.0",
"karma": "^4.0.0",
"karma-chrome-launcher": "^3.0.0",
"karma-coverage": "^2.0.0",
"karma-firefox-launcher": "^1.1.0",
"karma-mocha": "^1.3.0",
"karma-remap-coverage": "^0.1.5",
"karma-sourcemap-loader": "^0.3.7",
"karma-webpack": "^4.0.0",
"keypair": "^1.0.1",
"linkinator": "^1.5.0",
"mocha": "^6.0.0",
"mv": "^2.1.1",
"ncp": "^2.0.0",
"nock": "^11.3.2",
"null-loader": "^3.0.0",
"nyc": "^14.1.1",
"prettier": "^1.13.4",
"puppeteer": "^1.11.0",
"sinon": "^7.0.0",
"source-map-support": "^0.5.6",
"tmp": "^0.1.0",
"ts-loader": "^6.0.0",
"typescript": "~3.6.0",
"webpack": "^4.20.2",
"webpack-cli": "^3.1.1"
},
"engines": {
"node": ">=8.10.0"
},
"files": [
"build/src",
"!build/src/**/*.map"
],
"homepage": "https://github.com/googleapis/google-auth-library-nodejs#readme",
"keywords": [
"google",
"api",
"google apis",
"client",
"client library"
],
"license": "Apache-2.0",
"main": "./build/src/index.js",
"name": "google-auth-library",
"repository": {
"type": "git",
"url": "git+https://github.com/googleapis/google-auth-library-nodejs.git"
},
"scripts": {
"browser-test": "karma start",
"clean": "gts clean",
"compile": "tsc -p .",
"docs": "compodoc src/",
"docs-test": "linkinator docs",
"fix": "gts fix && eslint --fix '**/*.js'",
"license-check": "jsgl --local .",
"lint": "gts check && eslint '**/*.js' && jsgl --local .",
"predocs-test": "npm run docs",
"prepare": "npm run compile",
"presystem-test": "npm run compile",
"pretest": "npm run compile",
"samples-test": "cd samples/ && npm link ../ && npm test && cd ../",
"system-test": "mocha build/system-test --timeout 60000",
"test": "nyc mocha build/test",
"webpack": "webpack"
},
"types": "./build/src/index.d.ts",
"version": "5.2.1"
}