npm - @gpc-cli/auth - Versions diffs - 0.1.0 - Mend

@gpc-cli/auth 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/LICENSE ADDED Viewed

@@ -0,0 +1,21 @@
+MIT License
+Copyright (c) 2026 GPC Contributors
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/dist/index.d.ts ADDED Viewed

@@ -0,0 +1,44 @@
+interface AuthOptions {
+    serviceAccountPath?: string;
+    serviceAccountJson?: string;
+    cachePath?: string;
+}
+interface AuthClient {
+    getAccessToken(): Promise<string>;
+    getProjectId(): string | undefined;
+    getClientEmail(): string;
+}
+interface ServiceAccountKey {
+    type: string;
+    project_id: string;
+    private_key_id: string;
+    private_key: string;
+    client_email: string;
+    client_id: string;
+    auth_uri: string;
+    token_uri: string;
+}
+declare function resolveAuth(options?: AuthOptions): Promise<AuthClient>;
+declare function loadServiceAccountKey(pathOrJson: string): Promise<ServiceAccountKey>;
+declare function createServiceAccountAuth(key: ServiceAccountKey, cachePath?: string): AuthClient;
+declare function clearTokenCache(cacheDir: string, email?: string): Promise<void>;
+declare class AuthError extends Error {
+    readonly code: string;
+    readonly suggestion?: string | undefined;
+    readonly exitCode = 3;
+    constructor(message: string, code: string, suggestion?: string | undefined);
+    toJSON(): {
+        success: boolean;
+        error: {
+            code: string;
+            message: string;
+            suggestion: string | undefined;
+        };
+    };
+}
+export { type AuthClient, AuthError, type AuthOptions, type ServiceAccountKey, clearTokenCache, createServiceAccountAuth, loadServiceAccountKey, resolveAuth };

package/dist/index.js ADDED Viewed

@@ -0,0 +1,284 @@
+// src/resolve.ts
+import { GoogleAuth } from "google-auth-library";
+// src/errors.ts
+var AuthError = class extends Error {
+  constructor(message, code, suggestion) {
+    super(message);
+    this.code = code;
+    this.suggestion = suggestion;
+    this.name = "AuthError";
+  }
+  exitCode = 3;
+  toJSON() {
+    return {
+      success: false,
+      error: {
+        code: this.code,
+        message: this.message,
+        suggestion: this.suggestion
+      }
+    };
+  }
+};
+// src/service-account.ts
+import { readFile as readFile2 } from "fs/promises";
+import { resolve } from "path";
+import { JWT } from "google-auth-library";
+// src/token-cache.ts
+import { chmod, mkdir, readFile, writeFile, rename, unlink } from "fs/promises";
+import { dirname, join, isAbsolute } from "path";
+var CACHE_FILE = "token-cache.json";
+var SAFETY_MARGIN_MS = 5 * 60 * 1e3;
+var SAFE_CACHE_KEY = /^[a-zA-Z0-9._%+@-]+$/;
+function getCachePath(cacheDir) {
+  if (!isAbsolute(cacheDir)) {
+    throw new Error("Cache directory must be an absolute path");
+  }
+  return join(cacheDir, CACHE_FILE);
+}
+function validateCacheKey(email) {
+  if (!SAFE_CACHE_KEY.test(email)) {
+    throw new Error("Invalid cache key: must be a valid email address");
+  }
+}
+async function readCache(cacheDir) {
+  try {
+    const content = await readFile(getCachePath(cacheDir), "utf-8");
+    return JSON.parse(content);
+  } catch {
+    return {};
+  }
+}
+async function writeCache(cacheDir, cache) {
+  const cachePath = getCachePath(cacheDir);
+  const tmpPath = cachePath + ".tmp";
+  const cacheParent = dirname(cachePath);
+  await mkdir(cacheParent, { recursive: true });
+  await chmod(cacheParent, 448).catch(() => {
+  });
+  await writeFile(tmpPath, JSON.stringify(cache, null, 2) + "\n", {
+    encoding: "utf-8",
+    mode: 384
+  });
+  await rename(tmpPath, cachePath);
+}
+async function getCachedToken(cacheDir, email) {
+  validateCacheKey(email);
+  const cache = await readCache(cacheDir);
+  const entry = cache[email];
+  if (!entry) return null;
+  if (Date.now() >= entry.expiresAt - SAFETY_MARGIN_MS) {
+    return null;
+  }
+  return entry.token;
+}
+async function setCachedToken(cacheDir, email, token, expiresInSeconds) {
+  validateCacheKey(email);
+  const cache = await readCache(cacheDir);
+  cache[email] = {
+    token,
+    expiresAt: Date.now() + expiresInSeconds * 1e3
+  };
+  await writeCache(cacheDir, cache);
+}
+async function clearTokenCache(cacheDir, email) {
+  if (email) {
+    const cache = await readCache(cacheDir);
+    delete cache[email];
+    await writeCache(cacheDir, cache);
+  } else {
+    try {
+      await unlink(getCachePath(cacheDir));
+    } catch {
+    }
+  }
+}
+// src/service-account.ts
+var ANDROID_PUBLISHER_SCOPE = "https://www.googleapis.com/auth/androidpublisher";
+var REQUIRED_FIELDS = [
+  "type",
+  "private_key",
+  "client_email"
+];
+function validateServiceAccountKey(data) {
+  if (typeof data !== "object" || data === null) {
+    throw new AuthError(
+      "Service account key must be a JSON object.",
+      "AUTH_INVALID_KEY",
+      "Ensure the file contains valid JSON with the required service account fields."
+    );
+  }
+  const record = data;
+  for (const field of REQUIRED_FIELDS) {
+    if (typeof record[field] !== "string" || record[field] === "") {
+      throw new AuthError(
+        `Service account key is missing required field: "${field}".`,
+        "AUTH_INVALID_KEY",
+        `Download a fresh service account key from the Google Cloud Console. The key must include: ${REQUIRED_FIELDS.join(", ")}.`
+      );
+    }
+  }
+  if (record["type"] !== "service_account") {
+    throw new AuthError(
+      `Invalid key type "${String(record["type"])}". Expected "service_account".`,
+      "AUTH_INVALID_KEY",
+      "Ensure you are using a service account key, not an OAuth client or API key."
+    );
+  }
+}
+async function loadServiceAccountKey(pathOrJson) {
+  let raw;
+  const trimmed = pathOrJson.trim();
+  if (trimmed.startsWith("{")) {
+    raw = trimmed;
+  } else {
+    const absolutePath = resolve(trimmed);
+    try {
+      raw = await readFile2(absolutePath, "utf-8");
+    } catch (err) {
+      const code = err instanceof Error && "code" in err && err.code === "ENOENT" ? "AUTH_FILE_NOT_FOUND" : "AUTH_INVALID_KEY";
+      throw new AuthError(
+        `Failed to read service account key file: ${absolutePath}`,
+        code,
+        code === "AUTH_FILE_NOT_FOUND" ? `File not found. Check that the path is correct: ${absolutePath}` : "Ensure the file is readable and contains valid JSON."
+      );
+    }
+  }
+  let parsed;
+  try {
+    parsed = JSON.parse(raw);
+  } catch {
+    throw new AuthError(
+      "Failed to parse service account key as JSON.",
+      "AUTH_INVALID_KEY",
+      "Ensure the value is valid JSON. If passing a file path, check that the path points to a JSON file."
+    );
+  }
+  validateServiceAccountKey(parsed);
+  return parsed;
+}
+var TOKEN_EXPIRY_SECONDS = 3600;
+function createServiceAccountAuth(key, cachePath) {
+  const jwtClient = new JWT({
+    email: key.client_email,
+    key: key.private_key,
+    scopes: [ANDROID_PUBLISHER_SCOPE]
+  });
+  return {
+    async getAccessToken() {
+      if (cachePath) {
+        const cached = await getCachedToken(cachePath, key.client_email);
+        if (cached) return cached;
+      }
+      try {
+        const { token } = await jwtClient.getAccessToken();
+        if (!token) {
+          throw new Error("Token response was empty.");
+        }
+        if (cachePath) {
+          await setCachedToken(cachePath, key.client_email, token, TOKEN_EXPIRY_SECONDS).catch(() => {
+          });
+        }
+        return token;
+      } catch (err) {
+        const rawMsg = err instanceof Error ? err.message : String(err);
+        const safeMsg = rawMsg.length > 150 ? rawMsg.slice(0, 150) + "..." : rawMsg;
+        throw new AuthError(
+          `Failed to obtain access token: ${safeMsg}`,
+          "AUTH_TOKEN_FAILED",
+          "Verify that the service account key is valid and not expired. Check that the private key has not been revoked."
+        );
+      }
+    },
+    getProjectId() {
+      return key.project_id || void 0;
+    },
+    getClientEmail() {
+      return key.client_email;
+    }
+  };
+}
+// src/resolve.ts
+var ANDROID_PUBLISHER_SCOPE2 = "https://www.googleapis.com/auth/androidpublisher";
+async function tryApplicationDefaultCredentials() {
+  try {
+    const auth = new GoogleAuth({
+      scopes: [ANDROID_PUBLISHER_SCOPE2]
+    });
+    const client = await auth.getClient();
+    const projectId = await auth.getProjectId().catch(() => void 0);
+    const email = client.email;
+    return {
+      async getAccessToken() {
+        const { token } = await client.getAccessToken();
+        if (!token) {
+          throw new AuthError(
+            "Application Default Credentials returned an empty token.",
+            "AUTH_TOKEN_FAILED",
+            "Verify your ADC configuration with: gcloud auth application-default print-access-token"
+          );
+        }
+        return token;
+      },
+      getProjectId() {
+        return projectId ?? void 0;
+      },
+      getClientEmail() {
+        return email ?? "unknown";
+      }
+    };
+  } catch {
+    return null;
+  }
+}
+async function resolveAuth(options) {
+  if (options?.serviceAccountJson) {
+    const key = await loadServiceAccountKey(options.serviceAccountJson);
+    return createServiceAccountAuth(key, options?.cachePath);
+  }
+  if (options?.serviceAccountPath) {
+    const key = await loadServiceAccountKey(options.serviceAccountPath);
+    return createServiceAccountAuth(key, options?.cachePath);
+  }
+  const envValue = process.env["GPC_SERVICE_ACCOUNT"];
+  if (envValue) {
+    const key = await loadServiceAccountKey(envValue);
+    return createServiceAccountAuth(key, options?.cachePath);
+  }
+  const gacPath = process.env["GOOGLE_APPLICATION_CREDENTIALS"];
+  if (gacPath) {
+    try {
+      const key = await loadServiceAccountKey(gacPath);
+      return createServiceAccountAuth(key, options?.cachePath);
+    } catch {
+    }
+  }
+  const adcClient = await tryApplicationDefaultCredentials();
+  if (adcClient) {
+    return adcClient;
+  }
+  throw new AuthError(
+    "No credentials found. Could not authenticate with the Google Play Developer API.",
+    "AUTH_NO_CREDENTIALS",
+    [
+      "Provide credentials using one of these methods:",
+      "  1. Pass serviceAccountPath or serviceAccountJson in options",
+      "  2. Set the GPC_SERVICE_ACCOUNT environment variable to a file path or raw JSON",
+      "  3. Set GOOGLE_APPLICATION_CREDENTIALS to a service account key file",
+      "  4. Configure Application Default Credentials: gcloud auth application-default login"
+    ].join("\n")
+  );
+}
+export {
+  AuthError,
+  clearTokenCache,
+  createServiceAccountAuth,
+  loadServiceAccountKey,
+  resolveAuth
+};
+//# sourceMappingURL=index.js.map

package/dist/index.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../src/resolve.ts","../src/errors.ts","../src/service-account.ts","../src/token-cache.ts"],"sourcesContent":["import { GoogleAuth } from \"google-auth-library\";\nimport { AuthError } from \"./errors.js\";\nimport { createServiceAccountAuth, loadServiceAccountKey } from \"./service-account.js\";\nimport type { AuthClient, AuthOptions } from \"./types.js\";\n\nconst ANDROID_PUBLISHER_SCOPE =\n \"https://www.googleapis.com/auth/androidpublisher\";\n\nasync function tryApplicationDefaultCredentials(): Promise<AuthClient | null> {\n try {\n const auth = new GoogleAuth({\n scopes: [ANDROID_PUBLISHER_SCOPE],\n });\n\n const client = await auth.getClient();\n const projectId = await auth.getProjectId().catch(() => undefined);\n const email = (client as { email?: string }).email;\n\n return {\n async getAccessToken(): Promise<string> {\n const { token } = await client.getAccessToken();\n if (!token) {\n throw new AuthError(\n \"Application Default Credentials returned an empty token.\",\n \"AUTH_TOKEN_FAILED\",\n \"Verify your ADC configuration with: gcloud auth application-default print-access-token\",\n );\n }\n return token;\n },\n\n getProjectId(): string | undefined {\n return projectId ?? undefined;\n },\n\n getClientEmail(): string {\n return email ?? \"unknown\";\n },\n };\n } catch {\n return null;\n }\n}\n\nexport async function resolveAuth(\n options?: AuthOptions,\n): Promise<AuthClient> {\n // 1. Explicit options\n if (options?.serviceAccountJson) {\n const key = await loadServiceAccountKey(options.serviceAccountJson);\n return createServiceAccountAuth(key, options?.cachePath);\n }\n\n if (options?.serviceAccountPath) {\n const key = await loadServiceAccountKey(options.serviceAccountPath);\n return createServiceAccountAuth(key, options?.cachePath);\n }\n\n // 2. GPC_SERVICE_ACCOUNT environment variable\n const envValue = process.env[\"GPC_SERVICE_ACCOUNT\"];\n if (envValue) {\n const key = await loadServiceAccountKey(envValue);\n return createServiceAccountAuth(key, options?.cachePath);\n }\n\n // 3. GOOGLE_APPLICATION_CREDENTIALS environment variable\n const gacPath = process.env[\"GOOGLE_APPLICATION_CREDENTIALS\"];\n if (gacPath) {\n try {\n const key = await loadServiceAccountKey(gacPath);\n return createServiceAccountAuth(key, options?.cachePath);\n } catch {\n // Fall through to ADC which also reads GOOGLE_APPLICATION_CREDENTIALS\n }\n }\n\n // 4. Application Default Credentials\n const adcClient = await tryApplicationDefaultCredentials();\n if (adcClient) {\n return adcClient;\n }\n\n throw new AuthError(\n \"No credentials found. Could not authenticate with the Google Play Developer API.\",\n \"AUTH_NO_CREDENTIALS\",\n [\n \"Provide credentials using one of these methods:\",\n \" 1. Pass serviceAccountPath or serviceAccountJson in options\",\n \" 2. Set the GPC_SERVICE_ACCOUNT environment variable to a file path or raw JSON\",\n \" 3. Set GOOGLE_APPLICATION_CREDENTIALS to a service account key file\",\n \" 4. Configure Application Default Credentials: gcloud auth application-default login\",\n ].join(\"\\n\"),\n );\n}\n","export class AuthError extends Error {\n public readonly exitCode = 3;\n constructor(\n message: string,\n public readonly code: string,\n public readonly suggestion?: string,\n ) {\n super(message);\n this.name = \"AuthError\";\n }\n toJSON() {\n return {\n success: false,\n error: {\n code: this.code,\n message: this.message,\n suggestion: this.suggestion,\n },\n };\n }\n}\n","import { readFile } from \"node:fs/promises\";\nimport { resolve } from \"node:path\";\nimport { JWT } from \"google-auth-library\";\nimport { AuthError } from \"./errors.js\";\nimport { getCachedToken, setCachedToken } from \"./token-cache.js\";\nimport type { AuthClient, ServiceAccountKey } from \"./types.js\";\n\nconst ANDROID_PUBLISHER_SCOPE =\n \"https://www.googleapis.com/auth/androidpublisher\";\n\nconst REQUIRED_FIELDS: readonly (keyof ServiceAccountKey)[] = [\n \"type\",\n \"private_key\",\n \"client_email\",\n];\n\nfunction validateServiceAccountKey(\n data: unknown,\n): asserts data is ServiceAccountKey {\n if (typeof data !== \"object\" || data === null) {\n throw new AuthError(\n \"Service account key must be a JSON object.\",\n \"AUTH_INVALID_KEY\",\n \"Ensure the file contains valid JSON with the required service account fields.\",\n );\n }\n\n const record = data as Record<string, unknown>;\n\n for (const field of REQUIRED_FIELDS) {\n if (typeof record[field] !== \"string\" || record[field] === \"\") {\n throw new AuthError(\n `Service account key is missing required field: \"${field}\".`,\n \"AUTH_INVALID_KEY\",\n `Download a fresh service account key from the Google Cloud Console. The key must include: ${REQUIRED_FIELDS.join(\", \")}.`,\n );\n }\n }\n\n if (record[\"type\"] !== \"service_account\") {\n throw new AuthError(\n `Invalid key type \"${String(record[\"type\"])}\". Expected \"service_account\".`,\n \"AUTH_INVALID_KEY\",\n \"Ensure you are using a service account key, not an OAuth client or API key.\",\n );\n }\n}\n\nexport async function loadServiceAccountKey(\n pathOrJson: string,\n): Promise<ServiceAccountKey> {\n let raw: string;\n\n const trimmed = pathOrJson.trim();\n\n if (trimmed.startsWith(\"{\")) {\n raw = trimmed;\n } else {\n const absolutePath = resolve(trimmed);\n try {\n raw = await readFile(absolutePath, \"utf-8\");\n } catch (err) {\n const code =\n err instanceof Error && \"code\" in err && err.code === \"ENOENT\"\n ? \"AUTH_FILE_NOT_FOUND\"\n : \"AUTH_INVALID_KEY\";\n\n throw new AuthError(\n `Failed to read service account key file: ${absolutePath}`,\n code,\n code === \"AUTH_FILE_NOT_FOUND\"\n ? `File not found. Check that the path is correct: ${absolutePath}`\n : \"Ensure the file is readable and contains valid JSON.\",\n );\n }\n }\n\n let parsed: unknown;\n try {\n parsed = JSON.parse(raw);\n } catch {\n throw new AuthError(\n \"Failed to parse service account key as JSON.\",\n \"AUTH_INVALID_KEY\",\n \"Ensure the value is valid JSON. If passing a file path, check that the path points to a JSON file.\",\n );\n }\n\n validateServiceAccountKey(parsed);\n return parsed;\n}\n\nconst TOKEN_EXPIRY_SECONDS = 3600; // Google OAuth2 tokens expire in 1 hour\n\nexport function createServiceAccountAuth(key: ServiceAccountKey, cachePath?: string): AuthClient {\n const jwtClient = new JWT({\n email: key.client_email,\n key: key.private_key,\n scopes: [ANDROID_PUBLISHER_SCOPE],\n });\n\n return {\n async getAccessToken(): Promise<string> {\n // Check cache first\n if (cachePath) {\n const cached = await getCachedToken(cachePath, key.client_email);\n if (cached) return cached;\n }\n\n try {\n const { token } = await jwtClient.getAccessToken();\n if (!token) {\n throw new Error(\"Token response was empty.\");\n }\n\n // Cache the token\n if (cachePath) {\n await setCachedToken(cachePath, key.client_email, token, TOKEN_EXPIRY_SECONDS).catch(() => {});\n }\n\n return token;\n } catch (err) {\n const rawMsg = err instanceof Error ? err.message : String(err);\n const safeMsg = rawMsg.length > 150 ? rawMsg.slice(0, 150) + \"...\" : rawMsg;\n throw new AuthError(\n `Failed to obtain access token: ${safeMsg}`,\n \"AUTH_TOKEN_FAILED\",\n \"Verify that the service account key is valid and not expired. Check that the private key has not been revoked.\",\n );\n }\n },\n\n getProjectId(): string | undefined {\n return key.project_id || undefined;\n },\n\n getClientEmail(): string {\n return key.client_email;\n },\n };\n}\n","import { chmod, mkdir, readFile, writeFile, rename, unlink } from \"node:fs/promises\";\nimport { dirname, join, isAbsolute } from \"node:path\";\n\nexport interface TokenCacheEntry {\n token: string;\n expiresAt: number;\n}\n\nexport type TokenCache = Record<string, TokenCacheEntry>;\n\nconst CACHE_FILE = \"token-cache.json\";\nconst SAFETY_MARGIN_MS = 5 * 60 * 1000; // 5 minutes\n\n// Email must look like a service account email — no path separators or special chars\nconst SAFE_CACHE_KEY = /^[a-zA-Z0-9._%+@-]+$/;\n\nfunction getCachePath(cacheDir: string): string {\n if (!isAbsolute(cacheDir)) {\n throw new Error(\"Cache directory must be an absolute path\");\n }\n return join(cacheDir, CACHE_FILE);\n}\n\nfunction validateCacheKey(email: string): void {\n if (!SAFE_CACHE_KEY.test(email)) {\n throw new Error(\"Invalid cache key: must be a valid email address\");\n }\n}\n\nasync function readCache(cacheDir: string): Promise<TokenCache> {\n try {\n const content = await readFile(getCachePath(cacheDir), \"utf-8\");\n return JSON.parse(content) as TokenCache;\n } catch {\n return {};\n }\n}\n\nasync function writeCache(cacheDir: string, cache: TokenCache): Promise<void> {\n const cachePath = getCachePath(cacheDir);\n const tmpPath = cachePath + \".tmp\";\n\n const cacheParent = dirname(cachePath);\n await mkdir(cacheParent, { recursive: true });\n // Restrict cache directory to owner-only (0o700)\n await chmod(cacheParent, 0o700).catch(() => {});\n await writeFile(tmpPath, JSON.stringify(cache, null, 2) + \"\\n\", {\n encoding: \"utf-8\",\n mode: 0o600,\n });\n await rename(tmpPath, cachePath);\n}\n\nexport async function getCachedToken(\n cacheDir: string,\n email: string,\n): Promise<string | null> {\n validateCacheKey(email);\n const cache = await readCache(cacheDir);\n const entry = cache[email];\n\n if (!entry) return null;\n\n // Check expiry with safety margin\n if (Date.now() >= entry.expiresAt - SAFETY_MARGIN_MS) {\n return null;\n }\n\n return entry.token;\n}\n\nexport async function setCachedToken(\n cacheDir: string,\n email: string,\n token: string,\n expiresInSeconds: number,\n): Promise<void> {\n validateCacheKey(email);\n const cache = await readCache(cacheDir);\n cache[email] = {\n token,\n expiresAt: Date.now() + expiresInSeconds * 1000,\n };\n await writeCache(cacheDir, cache);\n}\n\nexport async function clearTokenCache(\n cacheDir: string,\n email?: string,\n): Promise<void> {\n if (email) {\n const cache = await readCache(cacheDir);\n delete cache[email];\n await writeCache(cacheDir, cache);\n } else {\n try {\n await unlink(getCachePath(cacheDir));\n } catch {\n // File doesn't exist — nothing to clear\n }\n }\n}\n"],"mappings":";AAAA,SAAS,kBAAkB;;;ACApB,IAAM,YAAN,cAAwB,MAAM;AAAA,EAEnC,YACE,SACgB,MACA,YAChB;AACA,UAAM,OAAO;AAHG;AACA;AAGhB,SAAK,OAAO;AAAA,EACd;AAAA,EARgB,WAAW;AAAA,EAS3B,SAAS;AACP,WAAO;AAAA,MACL,SAAS;AAAA,MACT,OAAO;AAAA,QACL,MAAM,KAAK;AAAA,QACX,SAAS,KAAK;AAAA,QACd,YAAY,KAAK;AAAA,MACnB;AAAA,IACF;AAAA,EACF;AACF;;;ACpBA,SAAS,YAAAA,iBAAgB;AACzB,SAAS,eAAe;AACxB,SAAS,WAAW;;;ACFpB,SAAS,OAAO,OAAO,UAAU,WAAW,QAAQ,cAAc;AAClE,SAAS,SAAS,MAAM,kBAAkB;AAS1C,IAAM,aAAa;AACnB,IAAM,mBAAmB,IAAI,KAAK;AAGlC,IAAM,iBAAiB;AAEvB,SAAS,aAAa,UAA0B;AAC9C,MAAI,CAAC,WAAW,QAAQ,GAAG;AACzB,UAAM,IAAI,MAAM,0CAA0C;AAAA,EAC5D;AACA,SAAO,KAAK,UAAU,UAAU;AAClC;AAEA,SAAS,iBAAiB,OAAqB;AAC7C,MAAI,CAAC,eAAe,KAAK,KAAK,GAAG;AAC/B,UAAM,IAAI,MAAM,kDAAkD;AAAA,EACpE;AACF;AAEA,eAAe,UAAU,UAAuC;AAC9D,MAAI;AACF,UAAM,UAAU,MAAM,SAAS,aAAa,QAAQ,GAAG,OAAO;AAC9D,WAAO,KAAK,MAAM,OAAO;AAAA,EAC3B,QAAQ;AACN,WAAO,CAAC;AAAA,EACV;AACF;AAEA,eAAe,WAAW,UAAkB,OAAkC;AAC5E,QAAM,YAAY,aAAa,QAAQ;AACvC,QAAM,UAAU,YAAY;AAE5B,QAAM,cAAc,QAAQ,SAAS;AACrC,QAAM,MAAM,aAAa,EAAE,WAAW,KAAK,CAAC;AAE5C,QAAM,MAAM,aAAa,GAAK,EAAE,MAAM,MAAM;AAAA,EAAC,CAAC;AAC9C,QAAM,UAAU,SAAS,KAAK,UAAU,OAAO,MAAM,CAAC,IAAI,MAAM;AAAA,IAC9D,UAAU;AAAA,IACV,MAAM;AAAA,EACR,CAAC;AACD,QAAM,OAAO,SAAS,SAAS;AACjC;AAEA,eAAsB,eACpB,UACA,OACwB;AACxB,mBAAiB,KAAK;AACtB,QAAM,QAAQ,MAAM,UAAU,QAAQ;AACtC,QAAM,QAAQ,MAAM,KAAK;AAEzB,MAAI,CAAC,MAAO,QAAO;AAGnB,MAAI,KAAK,IAAI,KAAK,MAAM,YAAY,kBAAkB;AACpD,WAAO;AAAA,EACT;AAEA,SAAO,MAAM;AACf;AAEA,eAAsB,eACpB,UACA,OACA,OACA,kBACe;AACf,mBAAiB,KAAK;AACtB,QAAM,QAAQ,MAAM,UAAU,QAAQ;AACtC,QAAM,KAAK,IAAI;AAAA,IACb;AAAA,IACA,WAAW,KAAK,IAAI,IAAI,mBAAmB;AAAA,EAC7C;AACA,QAAM,WAAW,UAAU,KAAK;AAClC;AAEA,eAAsB,gBACpB,UACA,OACe;AACf,MAAI,OAAO;AACT,UAAM,QAAQ,MAAM,UAAU,QAAQ;AACtC,WAAO,MAAM,KAAK;AAClB,UAAM,WAAW,UAAU,KAAK;AAAA,EAClC,OAAO;AACL,QAAI;AACF,YAAM,OAAO,aAAa,QAAQ,CAAC;AAAA,IACrC,QAAQ;AAAA,IAER;AAAA,EACF;AACF;;;AD9FA,IAAM,0BACJ;AAEF,IAAM,kBAAwD;AAAA,EAC5D;AAAA,EACA;AAAA,EACA;AACF;AAEA,SAAS,0BACP,MACmC;AACnC,MAAI,OAAO,SAAS,YAAY,SAAS,MAAM;AAC7C,UAAM,IAAI;AAAA,MACR;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAEA,QAAM,SAAS;AAEf,aAAW,SAAS,iBAAiB;AACnC,QAAI,OAAO,OAAO,KAAK,MAAM,YAAY,OAAO,KAAK,MAAM,IAAI;AAC7D,YAAM,IAAI;AAAA,QACR,mDAAmD,KAAK;AAAA,QACxD;AAAA,QACA,6FAA6F,gBAAgB,KAAK,IAAI,CAAC;AAAA,MACzH;AAAA,IACF;AAAA,EACF;AAEA,MAAI,OAAO,MAAM,MAAM,mBAAmB;AACxC,UAAM,IAAI;AAAA,MACR,qBAAqB,OAAO,OAAO,MAAM,CAAC,CAAC;AAAA,MAC3C;AAAA,MACA;AAAA,IACF;AAAA,EACF;AACF;AAEA,eAAsB,sBACpB,YAC4B;AAC5B,MAAI;AAEJ,QAAM,UAAU,WAAW,KAAK;AAEhC,MAAI,QAAQ,WAAW,GAAG,GAAG;AAC3B,UAAM;AAAA,EACR,OAAO;AACL,UAAM,eAAe,QAAQ,OAAO;AACpC,QAAI;AACF,YAAM,MAAMC,UAAS,cAAc,OAAO;AAAA,IAC5C,SAAS,KAAK;AACZ,YAAM,OACJ,eAAe,SAAS,UAAU,OAAO,IAAI,SAAS,WAClD,wBACA;AAEN,YAAM,IAAI;AAAA,QACR,4CAA4C,YAAY;AAAA,QACxD;AAAA,QACA,SAAS,wBACL,mDAAmD,YAAY,KAC/D;AAAA,MACN;AAAA,IACF;AAAA,EACF;AAEA,MAAI;AACJ,MAAI;AACF,aAAS,KAAK,MAAM,GAAG;AAAA,EACzB,QAAQ;AACN,UAAM,IAAI;AAAA,MACR;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAEA,4BAA0B,MAAM;AAChC,SAAO;AACT;AAEA,IAAM,uBAAuB;AAEtB,SAAS,yBAAyB,KAAwB,WAAgC;AAC/F,QAAM,YAAY,IAAI,IAAI;AAAA,IACxB,OAAO,IAAI;AAAA,IACX,KAAK,IAAI;AAAA,IACT,QAAQ,CAAC,uBAAuB;AAAA,EAClC,CAAC;AAED,SAAO;AAAA,IACL,MAAM,iBAAkC;AAEtC,UAAI,WAAW;AACb,cAAM,SAAS,MAAM,eAAe,WAAW,IAAI,YAAY;AAC/D,YAAI,OAAQ,QAAO;AAAA,MACrB;AAEA,UAAI;AACF,cAAM,EAAE,MAAM,IAAI,MAAM,UAAU,eAAe;AACjD,YAAI,CAAC,OAAO;AACV,gBAAM,IAAI,MAAM,2BAA2B;AAAA,QAC7C;AAGA,YAAI,WAAW;AACb,gBAAM,eAAe,WAAW,IAAI,cAAc,OAAO,oBAAoB,EAAE,MAAM,MAAM;AAAA,UAAC,CAAC;AAAA,QAC/F;AAEA,eAAO;AAAA,MACT,SAAS,KAAK;AACZ,cAAM,SAAS,eAAe,QAAQ,IAAI,UAAU,OAAO,GAAG;AAC9D,cAAM,UAAU,OAAO,SAAS,MAAM,OAAO,MAAM,GAAG,GAAG,IAAI,QAAQ;AACrE,cAAM,IAAI;AAAA,UACR,kCAAkC,OAAO;AAAA,UACzC;AAAA,UACA;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAAA,IAEA,eAAmC;AACjC,aAAO,IAAI,cAAc;AAAA,IAC3B;AAAA,IAEA,iBAAyB;AACvB,aAAO,IAAI;AAAA,IACb;AAAA,EACF;AACF;;;AFvIA,IAAMC,2BACJ;AAEF,eAAe,mCAA+D;AAC5E,MAAI;AACF,UAAM,OAAO,IAAI,WAAW;AAAA,MAC1B,QAAQ,CAACA,wBAAuB;AAAA,IAClC,CAAC;AAED,UAAM,SAAS,MAAM,KAAK,UAAU;AACpC,UAAM,YAAY,MAAM,KAAK,aAAa,EAAE,MAAM,MAAM,MAAS;AACjE,UAAM,QAAS,OAA8B;AAE7C,WAAO;AAAA,MACL,MAAM,iBAAkC;AACtC,cAAM,EAAE,MAAM,IAAI,MAAM,OAAO,eAAe;AAC9C,YAAI,CAAC,OAAO;AACV,gBAAM,IAAI;AAAA,YACR;AAAA,YACA;AAAA,YACA;AAAA,UACF;AAAA,QACF;AACA,eAAO;AAAA,MACT;AAAA,MAEA,eAAmC;AACjC,eAAO,aAAa;AAAA,MACtB;AAAA,MAEA,iBAAyB;AACvB,eAAO,SAAS;AAAA,MAClB;AAAA,IACF;AAAA,EACF,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAEA,eAAsB,YACpB,SACqB;AAErB,MAAI,SAAS,oBAAoB;AAC/B,UAAM,MAAM,MAAM,sBAAsB,QAAQ,kBAAkB;AAClE,WAAO,yBAAyB,KAAK,SAAS,SAAS;AAAA,EACzD;AAEA,MAAI,SAAS,oBAAoB;AAC/B,UAAM,MAAM,MAAM,sBAAsB,QAAQ,kBAAkB;AAClE,WAAO,yBAAyB,KAAK,SAAS,SAAS;AAAA,EACzD;AAGA,QAAM,WAAW,QAAQ,IAAI,qBAAqB;AAClD,MAAI,UAAU;AACZ,UAAM,MAAM,MAAM,sBAAsB,QAAQ;AAChD,WAAO,yBAAyB,KAAK,SAAS,SAAS;AAAA,EACzD;AAGA,QAAM,UAAU,QAAQ,IAAI,gCAAgC;AAC5D,MAAI,SAAS;AACX,QAAI;AACF,YAAM,MAAM,MAAM,sBAAsB,OAAO;AAC/C,aAAO,yBAAyB,KAAK,SAAS,SAAS;AAAA,IACzD,QAAQ;AAAA,IAER;AAAA,EACF;AAGA,QAAM,YAAY,MAAM,iCAAiC;AACzD,MAAI,WAAW;AACb,WAAO;AAAA,EACT;AAEA,QAAM,IAAI;AAAA,IACR;AAAA,IACA;AAAA,IACA;AAAA,MACE;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACF,EAAE,KAAK,IAAI;AAAA,EACb;AACF;","names":["readFile","readFile","ANDROID_PUBLISHER_SCOPE"]}

package/package.json ADDED Viewed

@@ -0,0 +1,38 @@
+{
+  "name": "@gpc-cli/auth",
+  "version": "0.1.0",
+  "description": "Authentication strategies for Google Play Developer API",
+  "type": "module",
+  "main": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "import": "./dist/index.js",
+      "types": "./dist/index.d.ts"
+    }
+  },
+  "files": [
+    "dist"
+  ],
+  "keywords": [
+    "google-play",
+    "auth",
+    "service-account"
+  ],
+  "license": "MIT",
+  "devDependencies": {
+    "@types/node": "^25.3.5"
+  },
+  "dependencies": {
+    "google-auth-library": "^10.6.1"
+  },
+  "scripts": {
+    "build": "tsup",
+    "dev": "tsup --watch",
+    "test": "vitest run",
+    "test:watch": "vitest",
+    "lint": "eslint src/",
+    "typecheck": "tsc --noEmit",
+    "clean": "rm -rf dist"
+  }
+}