About gtoken
The npm package gtoken is a crucial tool for developers working with Google Cloud services from Node.js applications. It simplifies the generation of access tokens using Google service account credentials which is paramount for authenticating and gaining authorization to Google APIs. gtoken efficiently handles the token generation, caching, and renewal processes, ensuring that applications interact seamlessly with Google services without frequent manual interventions. This node module supports multiple scopes, allowing for flexible permissions setting based on the specific requirements of an application. With gtoken, developers can focus more on core functionality rather than the complexities of token management.
To integrate gtoken into your Node.js project, the process is straightforward with the command `npm install gtoken`. This installation ensures that your application can automatically manage authentication tokens, leveraging Google's robust security framework. The gtoken package automatically handles the expiration and renewal of tokens, which significantly reduces the risk of service interruptions due to expired credentials. Moreover, by using gtoken, developers can ensure their applications are always using valid tokens, thus adhering to Google's security best practices. This node module is not only a time-saver but also an enhancer of application reliability and security.
Gtoken is designed to be both lightweight and powerful, providing an essential bridge between Node.js applications and Google Cloud services. By handling complex authentication tasks, gtoken allows developers to secure their applications without deep diving into the intricacies of Google's authentication mechanisms. This makes gtoken an indispensable tool for any developer looking to integrate with Google Cloud services efficiently and securely.
@googlemaps/js-api-loader
Wrapper for the loading of Google Maps JavaScript API script in the...
Read moregoogle-libphonenumber
The up-to-date and reliable Google's libphonenumber package for node.js...
Read more@googlemaps/markerclusterer
Creates and manages per-zoom-level clusters for large amounts of markers...
Read moreDependencies
Core dependencies of this npm package and its dev dependencies.
gaxios, jws, @babel/plugin-proposal-private-methods, @compodoc/compodoc, @types/jws, @types/mocha, @types/node, c8, gts, linkinator, mocha, nock, typescript
Documentation
A README file for the gtoken code repository. View Code
node-gtoken
Node.js Google Authentication Service Account Tokens
This is a low level utility library used to interact with Google Authentication services. In most cases, you probably want to use the google-auth-library instead.
Installation
npm install gtoken
Usage
Use with a .pem or .json key file:
const { GoogleToken } = require('gtoken');
const gtoken = new GoogleToken({
keyFile: 'path/to/key.pem', // or path to .json key file
email: 'my_service_account_email@developer.gserviceaccount.com',
scope: ['https://scope1', 'https://scope2'], // or space-delimited string of scopes
eagerRefreshThresholdMillis: 5 * 60 * 1000
});
gtoken.getToken((err, tokens) => {
if (err) {
console.log(err);
return;
}
console.log(tokens);
// {
// access_token: 'very-secret-token',
// expires_in: 3600,
// token_type: 'Bearer'
// }
});
You can also use the async/await style API:
const tokens = await gtoken.getToken()
console.log(tokens);
Or use promises:
gtoken.getToken()
.then(tokens => {
console.log(tokens)
})
.catch(console.error);
Use with a service account .json key file:
const { GoogleToken } = require('gtoken');
const gtoken = new GoogleToken({
keyFile: 'path/to/key.json',
scope: ['https://scope1', 'https://scope2'], // or space-delimited string of scopes
eagerRefreshThresholdMillis: 5 * 60 * 1000
});
gtoken.getToken((err, tokens) => {
if (err) {
console.log(err);
return;
}
console.log(tokens);
});
Pass the private key as a string directly:
const key = '-----BEGIN RSA PRIVATE KEY-----\nXXXXXXXXXXX...';
const { GoogleToken } = require('gtoken');
const gtoken = new GoogleToken({
email: 'my_service_account_email@developer.gserviceaccount.com',
scope: ['https://scope1', 'https://scope2'], // or space-delimited string of scopes
key: key,
eagerRefreshThresholdMillis: 5 * 60 * 1000
});
Options
Various options that can be set when creating initializing the
gtokenobject.
options.email or options.iss: The service account email address.options.scope: An array of scope strings or space-delimited string of scopes.options.sub: The email address of the user requesting delegated access.options.keyFile: The filename of.jsonkey or.pemkey.options.key: The raw RSA private key value, in place of usingoptions.keyFile.options.additionalClaims: Additional claims to include in the JWT when requesting a token.options.eagerRefreshThresholdMillis: How long must a token be valid for in order to return it from the cache. Defaults to 0.
.getToken(callback)
Returns the cached tokens or requests a new one and returns it.
gtoken.getToken((err, token) => {
console.log(err || token);
// gtoken.rawToken value is also set
});
.getCredentials('path/to/key.json')
Given a keyfile, returns the key and (if available) the client email.
const creds = await gtoken.getCredentials('path/to/key.json');
Properties
Various properties set on the gtoken object after call to
.getToken().
gtoken.idToken: The OIDC token returned (if any).gtoken.accessToken: The access token.gtoken.expiresAt: The expiry date as milliseconds since 1970/01/01gtoken.key: The raw key value.gtoken.rawToken: Most recent raw token data received from Google.
.hasExpired()
Returns true if the token has expired, or token does not exist.
const tokens = await gtoken.getToken();
gtoken.hasExpired(); // false
.revokeToken()
Revoke the token if set.
await gtoken.revokeToken();
console.log('Token revoked!');
Downloading your private .json key from Google
- Open the Google Developer Console.
- Open your project and under "APIs & auth", click Credentials.
- Generate a new
.jsonkey and download it into your project.
Converting your .p12 key to a .pem key
If you'd like to convert to a .pem for use later, use OpenSSL if you have it installed.
$ openssl pkcs12 -in key.p12 -nodes -nocerts > key.pem
Don't forget, the passphrase when converting these files is the string 'notasecret'