[go: up one dir, main page]

gtoken
TypeScript icon, indicating that this package has built-in type declarations

7.1.0 • Public • Published

Google Cloud Platform logo

node-gtoken

npm version Known Vulnerabilities codecov Code Style: Google

Node.js Google Authentication Service Account Tokens

This is a low level utility library used to interact with Google Authentication services. In most cases, you probably want to use the google-auth-library instead.

Installation

npm install gtoken

Usage

Use with a .pem or .json key file:

const { GoogleToken } = require('gtoken');
const gtoken = new GoogleToken({
  keyFile: 'path/to/key.pem', // or path to .json key file
  email: 'my_service_account_email@developer.gserviceaccount.com',
  scope: ['https://scope1', 'https://scope2'], // or space-delimited string of scopes
  eagerRefreshThresholdMillis: 5 * 60 * 1000
});

gtoken.getToken((err, tokens) => {
  if (err) {
    console.log(err);
    return;
  }
  console.log(tokens);
  // {
  //   access_token: 'very-secret-token',
  //   expires_in: 3600,
  //   token_type: 'Bearer'
  // }
});

You can also use the async/await style API:

const tokens = await gtoken.getToken()
console.log(tokens);

Or use promises:

gtoken.getToken()
  .then(tokens => {
    console.log(tokens)
  })
  .catch(console.error);

Use with a service account .json key file:

const { GoogleToken } = require('gtoken');
const gtoken = new GoogleToken({
  keyFile: 'path/to/key.json',
  scope: ['https://scope1', 'https://scope2'], // or space-delimited string of scopes
  eagerRefreshThresholdMillis: 5 * 60 * 1000
});

gtoken.getToken((err, tokens) => {
  if (err) {
    console.log(err);
    return;
  }
  console.log(tokens);
});

Pass the private key as a string directly:

const key = '-----BEGIN RSA PRIVATE KEY-----\nXXXXXXXXXXX...';
const { GoogleToken } = require('gtoken');
const gtoken = new GoogleToken({
  email: 'my_service_account_email@developer.gserviceaccount.com',
  scope: ['https://scope1', 'https://scope2'], // or space-delimited string of scopes
  key: key,
  eagerRefreshThresholdMillis: 5 * 60 * 1000
});

Options

Various options that can be set when creating initializing the gtoken object.

  • options.email or options.iss: The service account email address.
  • options.scope: An array of scope strings or space-delimited string of scopes.
  • options.sub: The email address of the user requesting delegated access.
  • options.keyFile: The filename of .json key or .pem key.
  • options.key: The raw RSA private key value, in place of using options.keyFile.
  • options.additionalClaims: Additional claims to include in the JWT when requesting a token.
  • options.eagerRefreshThresholdMillis: How long must a token be valid for in order to return it from the cache. Defaults to 0.

.getToken(callback)

Returns the cached tokens or requests a new one and returns it.

gtoken.getToken((err, token) => {
  console.log(err || token);
  // gtoken.rawToken value is also set
});

.getCredentials('path/to/key.json')

Given a keyfile, returns the key and (if available) the client email.

const creds = await gtoken.getCredentials('path/to/key.json');

Properties

Various properties set on the gtoken object after call to .getToken().

  • gtoken.idToken: The OIDC token returned (if any).
  • gtoken.accessToken: The access token.
  • gtoken.expiresAt: The expiry date as milliseconds since 1970/01/01
  • gtoken.key: The raw key value.
  • gtoken.rawToken: Most recent raw token data received from Google.

.hasExpired()

Returns true if the token has expired, or token does not exist.

const tokens = await gtoken.getToken();
gtoken.hasExpired(); // false

.revokeToken()

Revoke the token if set.

await gtoken.revokeToken();
console.log('Token revoked!');

Downloading your private .json key from Google

  1. Open the Google Developer Console.
  2. Open your project and under "APIs & auth", click Credentials.
  3. Generate a new .json key and download it into your project.

Converting your .p12 key to a .pem key

If you'd like to convert to a .pem for use later, use OpenSSL if you have it installed.

$ openssl pkcs12 -in key.p12 -nodes -nocerts > key.pem

Don't forget, the passphrase when converting these files is the string 'notasecret'

License

MIT

Versions

Current Tags

VersionDownloads (Last 7 Days)Tag
6.1.26,146,636legacy-12
7.1.05,043,076latest
7.1.05,043,076legacy-14
5.3.24,822,753legacy-10
4.1.4925,497legacy-8

Version History

VersionDownloads (Last 7 Days)Published
7.1.05,043,076
7.0.12,289,401
7.0.06
6.1.26,146,636
6.1.1300,331
6.1.0270,390
6.0.148,002
6.0.051
5.3.24,822,753
5.3.11,571,141
5.3.0316,780
5.2.1844,342
5.2.076,360
5.1.0237,515
5.0.595,815
5.0.483,387
5.0.3139,188
5.0.224,172
5.0.154,628
5.0.0754
4.1.4925,497
4.1.337,414
4.1.22,037
4.1.118,743
4.1.018,778
4.0.014,812
3.0.280,927
3.0.11,417
3.0.05,504
2.3.31,264,322
2.3.213,413
2.3.13
2.3.039,143
2.2.03,599
2.1.1180
2.1.0147
2.0.283
2.0.14
2.0.02
1.2.3186,519
1.2.26,311
1.2.11,244
1.2.053
1.1.23
1.1.15
1.1.03
1.0.02

Package Sidebar

Install

npm i gtoken

Weekly Downloads

10,443,580

Version

7.1.0

License

MIT

Unpacked Size

41.4 kB

Total Files

6

Last publish

Collaborators

  • ofrobots
  • google-node-team
  • soldair
  • google-wombot