Global

Members

(constant) AWS_ALGORITHM

AWS Signature Version 4 signing algorithm identifier.

(constant) AWS_REQUEST_TYPE

The termination string for the AWS credential scope value as defined in https://docs.aws.amazon.com/general/latest/gr/sigv4-create-string-to-sign.html

CLOUD_RESOURCE_MANAGER

Cloud resource manager URL used to retrieve project information.

ClientAuthentication

The client authentication type. Supported values are basic, post, and none. https://datatracker.ietf.org/doc/html/rfc7591#section-2

DEFAULT_EAGER_REFRESH_THRESHOLD_MILLIS

The default AuthClientOptions.eagerRefreshThresholdMillis

(constant) DEFAULT_EXECUTABLE_TIMEOUT_MILLIS

The default executable timeout when none is provided, in milliseconds.

(constant) DEFAULT_OAUTH_SCOPE

The default OAuth scope to request when none is provided.

(constant) DEFAULT_TOKEN_LIFESPAN

Default impersonated token lifespan in seconds.

DEFAULT_UNIVERSE

The default cloud universe

See:
  • AuthJSONOptions.universe_domain

EXPIRATION_TIME_OFFSET

Offset to take into account network delays and server clock skews.

EXPIRATION_TIME_OFFSET

Offset to take into account network delays and server clock skews.

EXTERNAL_ACCOUNT_AUTHORIZED_USER_TYPE

The credentials JSON file type for external account authorized user clients.

EXTERNAL_ACCOUNT_TYPE

The credentials JSON file type for external account clients. There are 3 types of JSON configs:

  1. authorized_user => Google end user credential
  2. service_account => Google service account credential
  3. external_Account => non-GCP service (eg. AWS, Azure, K8s)

(constant) GOOGLE_EXTERNAL_ACCOUNT_ALLOW_EXECUTABLES

The environment variable to check to see if executable can be run. Value must be set to '1' for the executable to run.

(constant) MAXIMUM_EXECUTABLE_TIMEOUT_MILLIS

The maximum allowed executable timeout in milliseconds.

(constant) MAXIMUM_EXECUTABLE_VERSION

The maximum currently supported executable version.

MAX_ACCESS_BOUNDARY_RULES_COUNT

The maximum number of access boundary rules a Credential Access Boundary can contain.

(constant) METHODS_SUPPORTING_REQUEST_BODY

List of HTTP methods that accept request bodies.

(constant) MINIMUM_EXECUTABLE_TIMEOUT_MILLIS

The minimum allowed executable timeout in milliseconds.

(constant) STS_GRANT_TYPE

The required token exchange grant_type: rfc8693#section-2.1

(constant) STS_GRANT_TYPE

The required token exchange grant_type: rfc8693#section-2.1

(constant) STS_REQUEST_TOKEN_TYPE

The requested token exchange requested_token_type: rfc8693#section-2.1

(constant) STS_REQUEST_TOKEN_TYPE

The requested token exchange requested_token_type: rfc8693#section-2.1

(constant) STS_SUBJECT_TOKEN_TYPE

The requested token exchange subject_token_type: rfc8693#section-2.1

(constant) WORKFORCE_AUDIENCE_PATTERN

The workforce audience pattern.

Methods

fromArrayBufferToHex(arrayBuffer)

Converts an ArrayBuffer to a hexadecimal string.

Parameters:
Name Type Description
arrayBuffer

The ArrayBuffer to convert to hexadecimal string.
Returns:
Type Description

The hexadecimal encoding of the ArrayBuffer.

(async) generateAuthenticationHeaderMap(option)

Generates the authentication header map needed for generating the AWS Signature Version 4 signed request.

Parameters:
Name Type Description
option

The options needed to compute the authentication header map.
Returns:
Type Description

The AWS authentication header map which constitutes of the following components: amz-date, authorization header and canonical query string.

getErrorFromOAuthErrorResponse(resp, err)

Converts an OAuth error response to a native JavaScript Error.

Parameters:
Name Type Description
resp

The OAuth error response to convert to a native Error object.
err

The optional original error. If provided, the error properties will be copied to the new error.
Returns:
Type Description

The converted native Error object.

(async) getSigningKey(crypto, key, dateStamp, region, serviceName)

Calculates the signing key used to calculate the signature for AWS Signature Version 4 based on: https://docs.aws.amazon.com/general/latest/gr/sigv4-calculate-signature.html

Parameters:
Name Type Description
crypto

The crypto instance used to facilitate cryptographic operations.
key

The AWS secret access key.
dateStamp

The '%Y%m%d' date format.
region

The AWS region.
serviceName

The AWS service name, eg. sts.
Returns:
Type Description

The signing key bytes.

isCloudRun()

This check only verifies that the environment is running knative. This must be run after checking for Kubernetes, otherwise it will return a false positive.

originalOrCamelOptions(obj)

Get the value of obj[key] or obj[camelCaseKey], with a preference for original, non-camelCase key.

Parameters:
Name Type Description
obj

object to lookup a value in
Returns:
Type Description

a get function for getting obj[key || snakeKey], if available

(async) sign(crypto, key, msg)

Creates the HMAC-SHA256 hash of the provided message using the provided key.

Parameters:
Name Type Description
crypto

The crypto instance used to facilitate cryptographic operations.
key

The HMAC-SHA256 key to use.
msg

The message to hash.
Returns:
Type Description

The computed hash bytes.

snakeToCamel(str)

Returns the camel case of a provided string.

Parameters:
Name Type Description
str

the string to convert
Returns:
Type Description

the camelCase'd string

toArrayBuffer(buffer)

Converts a Node.js Buffer to an ArrayBuffer. https://stackoverflow.com/questions/8609289/convert-a-binary-nodejs-buffer-to-javascript-arraybuffer

Parameters:
Name Type Description
buffer

The Buffer input to covert.
Returns:
Type Description

The ArrayBuffer representation of the input.

toBuffer(arrayBuffer)

Converts an ArrayBuffer to a Node.js Buffer.

Parameters:
Name Type Description
arrayBuffer

The ArrayBuffer input to covert.
Returns:
Type Description

The Buffer representation of the input.