npm - @sebspark/gcp-iam - Versions diffs - 1.0.0 → 1.1.1 - Mend

@sebspark/gcp-iam 1.0.0 → 1.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/dist/index.d.mts CHANGED Viewed

@@ -24,6 +24,6 @@ declare const clearCache: (key: string) => Promise<void>;
  * @param clientId OAUTH Client ID.
  * @returns ID Token.
  */
-declare const getApiGatewayTokenByClientId: (clientId: string) => Promise<string>;
+declare const getApiGatewayTokenByClientId: (clientId: string, logger?: Logger) => Promise<string>;
 export { clearCache, getApiGatewayTokenByClientId, getApiGatewayTokenByUrl };

package/dist/index.d.ts CHANGED Viewed

@@ -24,6 +24,6 @@ declare const clearCache: (key: string) => Promise<void>;
  * @param clientId OAUTH Client ID.
  * @returns ID Token.
  */
-declare const getApiGatewayTokenByClientId: (clientId: string) => Promise<string>;
+declare const getApiGatewayTokenByClientId: (clientId: string, logger?: Logger) => Promise<string>;
 export { clearCache, getApiGatewayTokenByClientId, getApiGatewayTokenByUrl };

package/dist/index.js CHANGED Viewed

@@ -80,6 +80,7 @@ var getApiGatewayTokenByUrl = async ({
 }) => {
   const cachedJwt = apiGatewayJwtCache.get(key || apiURL);
   if (cachedJwt) {
+    logger?.debug(`JWT for ${key || apiURL} found in cache.`);
     return cachedJwt;
   }
   try {
@@ -118,14 +119,16 @@ var getApiGatewayTokenByUrl = async ({
         "signBlob(...) returned an empty response. Cannot sign JWT."
       );
     }
-    console.log("IAM KeyID", response.keyId);
+    logger?.debug(
+      `New JWT for ${key || apiURL} created. Signed with ${response.keyId}.`
+    );
     const signature = Buffer.from(response.signedBlob).toString("base64");
     const signedJWT = `${unsignedJWT}.${signature}`;
     apiGatewayJwtCache.put(key || apiURL, signedJWT, ttl);
     return signedJWT;
   } catch (error) {
     if (process.env.GCP_IAM_SOFT_FAIL === "true") {
-      logger?.warn("Soft fail enabled, returning empty JWT");
+      logger?.info("Soft fail enabled, returning empty JWT");
       return "";
     }
     logger?.error("Error generating system JWT", error);
@@ -135,12 +138,22 @@ var getApiGatewayTokenByUrl = async ({
 var clearCache = async (key) => {
   apiGatewayJwtCache.clear(key);
 };
-var getApiGatewayTokenByClientId = async (clientId) => {
-  const auth = new import_google_auth_library.GoogleAuth({
-    scopes: "https://www.googleapis.com/auth/cloud-platform"
-  });
-  const client = await auth.getIdTokenClient(clientId);
-  return await client.idTokenProvider.fetchIdToken(clientId);
+var getApiGatewayTokenByClientId = async (clientId, logger) => {
+  try {
+    const auth = new import_google_auth_library.GoogleAuth({
+      scopes: "https://www.googleapis.com/auth/cloud-platform"
+    });
+    const client = await auth.getIdTokenClient(clientId);
+    return await client.idTokenProvider.fetchIdToken(clientId);
+  } catch (error) {
+    if (process.env.GCP_IAM_SOFT_FAIL === "true") {
+      logger?.info("Soft fail enabled, returning empty JWT.");
+      return "";
+    }
+    logger?.error("Error generating system JWT", error);
+    logger?.error(JSON.stringify(error, null, 2));
+    throw new Error(`Error generating system JWT: ${JSON.stringify(error)}`);
+  }
 };
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {

package/dist/index.mjs CHANGED Viewed

@@ -52,6 +52,7 @@ var getApiGatewayTokenByUrl = async ({
 }) => {
   const cachedJwt = apiGatewayJwtCache.get(key || apiURL);
   if (cachedJwt) {
+    logger?.debug(`JWT for ${key || apiURL} found in cache.`);
     return cachedJwt;
   }
   try {
@@ -90,14 +91,16 @@ var getApiGatewayTokenByUrl = async ({
         "signBlob(...) returned an empty response. Cannot sign JWT."
       );
     }
-    console.log("IAM KeyID", response.keyId);
+    logger?.debug(
+      `New JWT for ${key || apiURL} created. Signed with ${response.keyId}.`
+    );
     const signature = Buffer.from(response.signedBlob).toString("base64");
     const signedJWT = `${unsignedJWT}.${signature}`;
     apiGatewayJwtCache.put(key || apiURL, signedJWT, ttl);
     return signedJWT;
   } catch (error) {
     if (process.env.GCP_IAM_SOFT_FAIL === "true") {
-      logger?.warn("Soft fail enabled, returning empty JWT");
+      logger?.info("Soft fail enabled, returning empty JWT");
       return "";
     }
     logger?.error("Error generating system JWT", error);
@@ -107,12 +110,22 @@ var getApiGatewayTokenByUrl = async ({
 var clearCache = async (key) => {
   apiGatewayJwtCache.clear(key);
 };
-var getApiGatewayTokenByClientId = async (clientId) => {
-  const auth = new GoogleAuth({
-    scopes: "https://www.googleapis.com/auth/cloud-platform"
-  });
-  const client = await auth.getIdTokenClient(clientId);
-  return await client.idTokenProvider.fetchIdToken(clientId);
+var getApiGatewayTokenByClientId = async (clientId, logger) => {
+  try {
+    const auth = new GoogleAuth({
+      scopes: "https://www.googleapis.com/auth/cloud-platform"
+    });
+    const client = await auth.getIdTokenClient(clientId);
+    return await client.idTokenProvider.fetchIdToken(clientId);
+  } catch (error) {
+    if (process.env.GCP_IAM_SOFT_FAIL === "true") {
+      logger?.info("Soft fail enabled, returning empty JWT.");
+      return "";
+    }
+    logger?.error("Error generating system JWT", error);
+    logger?.error(JSON.stringify(error, null, 2));
+    throw new Error(`Error generating system JWT: ${JSON.stringify(error)}`);
+  }
 };
 export {
   clearCache,

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@sebspark/gcp-iam",
-  "version": "1.0.0",
+  "version": "1.1.1",
   "license": "Apache-2.0",
   "main": "dist/index.js",
   "module": "dist/index.mjs",