node-gtoken

Node.js Google Authentication Service Account Tokens

npm install gtoken

const { GoogleToken } = require('gtoken');
const gtoken = new GoogleToken({
  keyFile: 'path/to/key.pem', // or path to .p12 key file
  email: 'my_service_account_email@developer.gserviceaccount.com',
  scope: ['https://scope1', 'https://scope2'] // or space-delimited string of scopes
});

gtoken.getToken(function(err, token) {
  if (err) {
    console.log(err);
    return;
  }
  console.log(token);
});

You can also use the async/await style API:

const token = await gtoken.getToken()
console.log(token);

Or use promises:

gtoken.getToken()
  .then(token => {
    console.log(`Token: ${token}`)
  })
  .catch(e => console.error);

const { GoogleToken } = require('gtoken');
const gtoken = new GoogleToken({
  keyFile: 'path/to/key.json',
  scope: ['https://scope1', 'https://scope2'] // or space-delimited string of scopes
});

gtoken.getToken(function(err, token) {
  if (err) {
    console.log(err);
    return;
  }
  console.log(token);
});

const key = '-----BEGIN RSA PRIVATE KEY-----\nXXXXXXXXXXX...';
const { GoogleToken } = require('gtoken');
const gtoken = new GoogleToken({
  email: 'my_service_account_email@developer.gserviceaccount.com',
  scope: ['https://scope1', 'https://scope2'], // or space-delimited string of scopes
  key: key
});

Various options that can be set when creating initializing the gtoken object.

• options.email or options.iss: The service account email address.
• options.scope: An array of scope strings or space-delimited string of scopes.
• options.sub: The email address of the user requesting delegated access.
• options.keyFile: The filename of .json key, .pem key or .p12 key.
• options.key: The raw RSA private key value, in place of using options.keyFile.

Returns the cached token or requests a new one and returns it.

gtoken.getToken(function(err, token) {
  console.log(err || token);
  // gtoken.token value is also set
});

Given a keyfile, returns the key and (if available) the client email.

const creds = await gtoken.getCredentials('path/to/key.json');

Various properties set on the gtoken object after call to .getToken().

• gtoken.token: The access token.
• gtoken.expiresAt: The expiry date as milliseconds since 1970/01/01
• gtoken.key: The raw key value.
• gtoken.rawToken: Most recent raw token data received from Google.

Returns true if the token has expired, or token does not exist.

gtoken.getToken(function(err, token) {
  if(token) {
    gtoken.hasExpired(); // false
  }
});

Revoke the token if set.

gtoken.revokeToken(function(err) {
  if (err) {
    console.log(err);
    return;
  }
  console.log('Token revoked!');
});

1. Open the Google Developer Console.
2. Open your project and under "APIs & auth", click Credentials.
3. Generate a new .p12 key and download it into your project.

You can just specify your .p12 file (with .p12 extension) as the keyFile and it will automatically be converted to a .pem on the fly, however this results in a slight performance hit. If you'd like to convert to a .pem for use later, use OpenSSL if you have it installed.

$ openssl pkcs12 -in key.p12 -nodes -nocerts > key.pem

Don't forget, the passphrase when converting these files is the string 'notasecret'

New features:

• API now supports callback and promise based workflows

Breaking changes:

• GoogleToken is now a class type, and must be instantiated.
• GoogleToken.expires_at renamed to GoogleToken.expiresAt
• GoogleToken.raw_token renamed to GoogleToken.rawToken
• GoogleToken.token_expires renamed to GoogleToken.tokenExpires

MIT