@mcpher/gas-fakes 2.0.1 → 2.0.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/package.json +1 -1
  2. package/src/cli/setup.js +1 -1
  3. package/src/support/auth.js +3 -1
  4. package/src/support/sxauth.js +17 -3
package/package.json CHANGED
@@ -33,7 +33,7 @@
33
33
  },
34
34
  "name": "@mcpher/gas-fakes",
35
35
  "author": "bruce mcpherson",
36
- "version": "2.0.1",
36
+ "version": "2.0.4",
37
37
  "license": "MIT",
38
38
  "main": "main.js",
39
39
  "description": "An implementation of the Google Workspace Apps Script runtime: Run native App Script Code on Node and Cloud Run",
package/src/cli/setup.js CHANGED
@@ -153,7 +153,7 @@ export async function initializeConfiguration(options = {}) {
153
153
  name: "GOOGLE_CLOUD_PROJECT",
154
154
  message: "Enter your GCP Project ID",
155
155
  initial:
156
- existingConfig.GCP_PROJECT_ID || process.env.GOOGLE_CLOUD_PROJECT,
156
+ existingConfig.GOOGLE_CLOUD_PROJECT || process.env.GOOGLE_CLOUD_PROJECT || existingConfig.GCP_PROJECT_ID,
157
157
  },
158
158
  {
159
159
  type: "text",
package/src/support/auth.js CHANGED
@@ -132,7 +132,9 @@ const setAuth = async (scopes = [], mcpLoading = false) => {
132
132
  mayLog(`...attempting to use service account: ${targetPrincipal}`)
133
133
 
134
134
  /// _sourceClient is the identity of the person/thing running the code
135
- _sourceClient = await _auth.getClient()
135
+ // we'll try to get the openid and email scopes for the source client too if they are in the manifest
136
+ const sourceScopes = scopes.filter(s => s === 'openid' || s === 'https://www.googleapis.com/auth/userinfo.email')
137
+ _sourceClient = await _auth.getClient(sourceScopes.length > 0 ? { scopes: sourceScopes } : {})
136
138
 
137
139
  // now to get who the real user is
138
140
  const { tokenInfo: userInfo } = await getSourceAccessTokenInfo()
package/src/support/sxauth.js CHANGED
@@ -85,8 +85,22 @@ export const sxInit = async ({ manifestPath, claspPath, settingsPath, cachePath,
85
85
  // get the required scopes and set them
86
86
  const scopes = manifest.oauthScopes || []
87
87
 
88
+ // Force mandatory scopes for DWD if not already present
89
+ // These are required to get user identity information when using Domain-Wide Delegation
90
+ const mandatoryScopes = [
91
+ "openid",
92
+ "https://www.googleapis.com/auth/userinfo.email",
93
+ "https://www.googleapis.com/auth/cloud-platform"
94
+ ]
95
+
96
+ const scopeSet = new Set(scopes)
97
+ mandatoryScopes.forEach(scope => scopeSet.add(scope))
98
+ const finalScopes = Array.from(scopeSet)
99
+
100
+ syncLog(`...using scopes: ${finalScopes.join(', ')}`)
101
+
88
102
  // Initialize auth.
89
- const auth = await Auth.setAuth(scopes);
103
+ const auth = await Auth.setAuth(finalScopes);
90
104
 
91
105
  // static things we need to get into the main thread we can do now
92
106
  const projectId = Auth.getProjectId();
@@ -99,12 +113,12 @@ export const sxInit = async ({ manifestPath, claspPath, settingsPath, cachePath,
99
113
  /// these all jst exist in this sub process so we need to send them back to parent process
100
114
  /// we'll send back the token, but it should be refreshed dynamically to handle expiry
101
115
  const activeUser = {
102
- id: activeInfo.tokenInfo.sub,
116
+ id: activeInfo.tokenInfo.sub || activeInfo.tokenInfo.email || activeInfo.tokenInfo.user_id || 'unknown-active-user',
103
117
  email: activeInfo.tokenInfo.email,
104
118
  token: activeInfo.token
105
119
  }
106
120
  const effectiveUser = {
107
- id: effectiveInfo.tokenInfo.sub,
121
+ id: effectiveInfo.tokenInfo.sub || effectiveInfo.tokenInfo.email || effectiveInfo.tokenInfo.user_id || 'unknown-effective-user',
108
122
  email: effectiveInfo.tokenInfo.email,
109
123
  token: effectiveInfo.token
110
124
  }