///
import * as fs from 'fs';
import * as http from 'http';
import * as stream from 'stream';
import { DefaultTransporter, Transporter } from '../transporters';
import { Compute } from './computeclient';
import { JWTInput } from './credentials';
import { GCPEnv } from './envDetect';
import { JWT } from './jwtclient';
import { OAuth2Client, RefreshOptions } from './oauth2client';
import { UserRefreshClient } from './refreshclient';
export interface ProjectIdCallback {
(err?: Error | null, projectId?: string | null): void;
}
export interface CredentialCallback {
(err: Error | null, result?: UserRefreshClient | JWT): void;
}
export interface ADCCallback {
(err: Error | null, credential?: OAuth2Client, projectId?: string | null): void;
}
export interface ADCResponse {
credential: OAuth2Client;
projectId: string | null;
}
export interface CredentialBody {
client_email?: string;
private_key?: string;
}
export interface GoogleAuthOptions {
/**
* Path to a .json, .pem, or .p12 key file
*/
keyFilename?: string;
/**
* Path to a .json, .pem, or .p12 key file
*/
keyFile?: string;
/**
* Object containing client_email and private_key properties
*/
credentials?: CredentialBody;
/**
* Required scopes for the desired API request
*/
scopes?: string | string[];
/**
* Your project ID.
*/
projectId?: string;
}
export declare class GoogleAuth {
transporter?: Transporter;
/**
* Caches a value indicating whether the auth layer is running on Google
* Compute Engine.
* @private
*/
private checkIsGCE?;
readonly isGCE: boolean | undefined;
private _getDefaultProjectIdPromise?;
private _cachedProjectId?;
jsonContent: JWTInput | null;
cachedCredential: JWT | UserRefreshClient | Compute | null;
private keyFilename?;
private scopes?;
/**
* Export DefaultTransporter as a static property of the class.
*/
static DefaultTransporter: typeof DefaultTransporter;
constructor(opts?: GoogleAuthOptions);
/**
* Obtains the default project ID for the application.
* @param callback Optional callback
* @returns Promise that resolves with project Id (if used without callback)
*/
getDefaultProjectId(): Promise;
getDefaultProjectId(callback: ProjectIdCallback): void;
private getDefaultProjectIdAsync();
/**
* Obtains the default service-level credentials for the application.
* @param callback Optional callback.
* @returns Promise that resolves with the ADCResponse (if no callback was
* passed).
*/
getApplicationDefault(): Promise;
getApplicationDefault(callback: ADCCallback): void;
getApplicationDefault(options: RefreshOptions): Promise;
getApplicationDefault(options: RefreshOptions, callback: ADCCallback): void;
private getApplicationDefaultAsync(options?);
/**
* Determines whether the auth layer is running on Google Compute Engine.
* @returns A promise that resolves with the boolean.
* @api private
*/
_checkIsGCE(): Promise;
/**
* Attempts to load default credentials from the environment variable path..
* @returns Promise that resolves with the OAuth2Client or null.
* @api private
*/
_tryGetApplicationCredentialsFromEnvironmentVariable(options?: RefreshOptions): Promise;
/**
* Attempts to load default credentials from a well-known file location
* @return Promise that resolves with the OAuth2Client or null.
* @api private
*/
_tryGetApplicationCredentialsFromWellKnownFile(options?: RefreshOptions): Promise;
/**
* Attempts to load default credentials from a file at the given path..
* @param filePath The path to the file to read.
* @returns Promise that resolves with the OAuth2Client
* @api private
*/
_getApplicationCredentialsFromFilePath(filePath: string, options?: RefreshOptions): Promise;
/**
* Create a credentials instance using the given input options.
* @param json The input object.
* @returns JWT or UserRefresh Client with data
*/
fromJSON(json: JWTInput, options?: RefreshOptions): JWT | UserRefreshClient;
/**
* Create a credentials instance using the given input stream.
* @param inputStream The input stream.
* @param callback Optional callback.
*/
fromStream(inputStream: stream.Readable): Promise;
fromStream(inputStream: stream.Readable, callback: CredentialCallback): void;
fromStream(inputStream: stream.Readable, options: RefreshOptions): Promise;
fromStream(inputStream: stream.Readable, options: RefreshOptions, callback: CredentialCallback): void;
private fromStreamAsync(inputStream, options?);
/**
* Create a credentials instance using the given API key string.
* @param apiKey The API key string
* @param options An optional options object.
* @returns A JWT loaded from the key
*/
fromAPIKey(apiKey: string, options?: RefreshOptions): JWT;
/**
* Determines whether the current operating system is Windows.
* @api private
*/
private _isWindows();
/**
* Creates a file stream. Allows mocking.
* @api private
*/
_createReadStream(filePath: string): fs.ReadStream;
/**
* Gets the current operating system platform. Allows mocking.
* @api private
*/
_osPlatform(): NodeJS.Platform;
/**
* Determines whether a file exists. Allows mocking.
* @api private
*/
_fileExists(filePath: string): boolean;
/**
* Joins two parts of a path. Allows mocking.
* @api private
*/
_pathJoin(item1: string, item2: string): string;
/**
* Allows mocking of the path to a well-known file.
* @api private
*/
_mockWellKnownFilePath(filePath: string): string;
private createError(message, err);
/**
* Run the Google Cloud SDK command that prints the default project ID
*/
private getDefaultServiceProjectId();
/**
* Loads the project id from environment variables.
* @api private
*/
private getProductionProjectId();
/**
* Loads the project id from the GOOGLE_APPLICATION_CREDENTIALS json file.
* @api private
*/
private getFileProjectId();
/**
* Gets the Compute Engine project ID if it can be inferred.
*/
private getGCEProjectId();
/**
* The callback function handles a credential object that contains the
* client_email and private_key (if exists).
* getCredentials checks for these values from the user JSON at first.
* If it doesn't exist, and the environment is on GCE, it gets the
* client_email from the cloud metadata server.
* @param callback Callback that handles the credential object that contains
* a client_email and optional private key, or the error.
* returned
*/
getCredentials(): Promise;
getCredentials(callback: (err: Error | null, credentials?: CredentialBody) => void): void;
private getCredentialsAsync();
/**
* Automatically obtain a client based on the provided configuration. If no
* options were passed, use Application Default Credentials.
*/
getClient(): Promise;
/**
* Automatically obtain application default credentials, and return
* an access token for making requests.
*/
getAccessToken(): Promise;
/**
* Obtain the HTTP headers that will provide authorization for a given
* request.
*/
getRequestHeaders(url?: string): Promise;
/**
* Obtain credentials for a request, then attach the appropriate headers to
* the request options.
* @param opts Axios or Request options on which to attach the headers
*/
authorizeRequest(opts: {
url?: string;
uri?: string;
headers?: http.IncomingHttpHeaders;
}): Promise<{
url?: string | undefined;
uri?: string | undefined;
headers?: http.IncomingHttpHeaders | undefined;
}>;
/**
* Determine the compute environment in which the code is running.
*/
getEnv(): Promise;
}