firebase-admin 9.12.0 → 10.0.0

package/README.md

@@ -36,13 +36,17 @@ $ npm install --save firebase-admin
 To use the module in your application, `require` it from any JavaScript file:
 
 ```js
-var admin = require("firebase-admin");
+const { initializeApp } = require("firebase-admin/app");
+
+initializeApp();
 ```
 
 If you are using ES2015, you can `import` the module instead:
 
 ```js
-import * as admin from "firebase-admin";
+import { initializeApp } from "firebase-admin/app";
+
+initializeApp();
 ```
 
 
@@ -55,7 +59,7 @@ requests, code review feedback, and also pull requests.
 
 ## Supported Environments
 
-We support Node.js 10.13.0 and higher.
+We support Node.js 12 and higher.
 
 Please also note that the Admin SDK should only
 be used in server-side/back-end environments controlled by the app developer.

package/lib/app/core.d.ts

@@ -0,0 +1,188 @@
+/*! firebase-admin v10.0.0 */
+/*!
+ * @license
+ * Copyright 2021 Google Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/// <reference types="node" />
+import { Agent } from 'http';
+import { Credential } from './credential';
+/**
+ * Available options to pass to {@link firebase-admin.app#initializeApp}.
+ */
+export interface AppOptions {
+    /**
+     * A {@link firebase-admin.app#Credential} object used to
+     * authenticate the Admin SDK.
+     *
+     * See {@link https://firebase.google.com/docs/admin/setup#initialize_the_sdk | Initialize the SDK}
+     * for detailed documentation and code samples.
+     */
+    credential?: Credential;
+    /**
+     * The object to use as the {@link https://firebase.google.com/docs/reference/security/database/#auth | auth}
+     * variable in your Realtime Database Rules when the Admin SDK reads from or
+     * writes to the Realtime Database. This allows you to downscope the Admin SDK
+     * from its default full read and write privileges.
+     *
+     * You can pass `null` to act as an unauthenticated client.
+     *
+     * See
+     * {@link https://firebase.google.com/docs/database/admin/start#authenticate-with-limited-privileges |
+     * Authenticate with limited privileges}
+     * for detailed documentation and code samples.
+     */
+    databaseAuthVariableOverride?: object | null;
+    /**
+     * The URL of the Realtime Database from which to read and write data.
+     */
+    databaseURL?: string;
+    /**
+     * The ID of the service account to be used for signing custom tokens. This
+     * can be found in the `client_email` field of a service account JSON file.
+     */
+    serviceAccountId?: string;
+    /**
+     * The name of the Google Cloud Storage bucket used for storing application data.
+     * Use only the bucket name without any prefixes or additions (do *not* prefix
+     * the name with "gs://").
+     */
+    storageBucket?: string;
+    /**
+     * The ID of the Google Cloud project associated with the App.
+     */
+    projectId?: string;
+    /**
+     * An {@link https://nodejs.org/api/http.html#http_class_http_agent | HTTP Agent}
+     * to be used when making outgoing HTTP calls. This Agent instance is used
+     * by all services that make REST calls (e.g. `auth`, `messaging`,
+     * `projectManagement`).
+     *
+     * Realtime Database and Firestore use other means of communicating with
+     * the backend servers, so they do not use this HTTP Agent. `Credential`
+     * instances also do not use this HTTP Agent, but instead support
+     * specifying an HTTP Agent in the corresponding factory methods.
+     */
+    httpAgent?: Agent;
+}
+/**
+ * A Firebase app holds the initialization information for a collection of
+ * services.
+ */
+export interface App {
+    /**
+     * The (read-only) name for this app.
+     *
+     * The default app's name is `"[DEFAULT]"`.
+     *
+     * @example
+     * ```javascript
+     * // The default app's name is "[DEFAULT]"
+     * initializeApp(defaultAppConfig);
+     * console.log(admin.app().name);  // "[DEFAULT]"
+     * ```
+     *
+     * @example
+     * ```javascript
+     * // A named app's name is what you provide to initializeApp()
+     * const otherApp = initializeApp(otherAppConfig, "other");
+     * console.log(otherApp.name);  // "other"
+     * ```
+     */
+    name: string;
+    /**
+     * The (read-only) configuration options for this app. These are the original
+     * parameters given in {@link firebase-admin.app#initializeApp}.
+     *
+     * @example
+     * ```javascript
+     * const app = initializeApp(config);
+     * console.log(app.options.credential === config.credential);  // true
+     * console.log(app.options.databaseURL === config.databaseURL);  // true
+     * ```
+     */
+    options: AppOptions;
+}
+/**
+ * `FirebaseError` is a subclass of the standard JavaScript `Error` object. In
+ * addition to a message string and stack trace, it contains a string code.
+ */
+export interface FirebaseError {
+    /**
+     * Error codes are strings using the following format: `"service/string-code"`.
+     * Some examples include `"auth/invalid-uid"` and
+     * `"messaging/invalid-recipient"`.
+     *
+     * While the message for a given error can change, the code will remain the same
+     * between backward-compatible versions of the Firebase SDK.
+     */
+    code: string;
+    /**
+     * An explanatory message for the error that just occurred.
+     *
+     * This message is designed to be helpful to you, the developer. Because
+     * it generally does not convey meaningful information to end users,
+     * this message should not be displayed in your application.
+     */
+    message: string;
+    /**
+     * A string value containing the execution backtrace when the error originally
+     * occurred.
+     *
+     * This information can be useful for troubleshooting the cause of the error with
+     * {@link https://firebase.google.com/support | Firebase Support}.
+     */
+    stack?: string;
+    /**
+     * Returns a JSON-serializable object representation of this error.
+     *
+     * @returns A JSON-serializable representation of this object.
+     */
+    toJSON(): object;
+}
+/**
+ * Composite type which includes both a `FirebaseError` object and an index
+ * which can be used to get the errored item.
+ *
+ * @example
+ * ```javascript
+ * var registrationTokens = [token1, token2, token3];
+ * admin.messaging().subscribeToTopic(registrationTokens, 'topic-name')
+ *   .then(function(response) {
+ *     if (response.failureCount > 0) {
+ *       console.log("Following devices unsucessfully subscribed to topic:");
+ *       response.errors.forEach(function(error) {
+ *         var invalidToken = registrationTokens[error.index];
+ *         console.log(invalidToken, error.error);
+ *       });
+ *     } else {
+ *       console.log("All devices successfully subscribed to topic:", response);
+ *     }
+ *   })
+ *   .catch(function(error) {
+ *     console.log("Error subscribing to topic:", error);
+ *   });
+ *```
+ */
+export interface FirebaseArrayIndexError {
+    /**
+     * The index of the errored item within the original array passed as part of the
+     * called API method.
+     */
+    index: number;
+    /**
+     * The error object.
+     */
+    error: FirebaseError;
+}

package/lib/app/core.js

@@ -0,0 +1,19 @@
+/*! firebase-admin v10.0.0 */
+"use strict";
+/*!
+ * @license
+ * Copyright 2021 Google Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });

package/lib/app/credential-factory.d.ts

@@ -0,0 +1,123 @@
+/*! firebase-admin v10.0.0 */
+/*!
+ * @license
+ * Copyright 2021 Google Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/// <reference types="node" />
+import { Agent } from 'http';
+import { Credential, ServiceAccount } from './credential';
+/**
+ * Returns a credential created from the
+ * {@link https://developers.google.com/identity/protocols/application-default-credentials |
+ * Google Application Default Credentials}
+ * that grants admin access to Firebase services. This credential can be used
+ * in the call to {@link firebase-admin.app#initializeApp}.
+ *
+ * Google Application Default Credentials are available on any Google
+ * infrastructure, such as Google App Engine and Google Compute Engine.
+ *
+ * See
+ * {@link https://firebase.google.com/docs/admin/setup#initialize_the_sdk | Initialize the SDK}
+ * for more details.
+ *
+ * @example
+ * ```javascript
+ * initializeApp({
+ *   credential: applicationDefault(),
+ *   databaseURL: "https://<DATABASE_NAME>.firebaseio.com"
+ * });
+ * ```
+ *
+ * @param httpAgent - Optional {@link https://nodejs.org/api/http.html#http_class_http_agent | HTTP Agent}
+ *   to be used when retrieving access tokens from Google token servers.
+ *
+ * @returns A credential authenticated via Google
+ *   Application Default Credentials that can be used to initialize an app.
+ */
+export declare function applicationDefault(httpAgent?: Agent): Credential;
+/**
+ * Returns a credential created from the provided service account that grants
+ * admin access to Firebase services. This credential can be used in the call
+ * to {@link firebase-admin.app#initializeApp}.
+ *
+ * See
+ * {@link https://firebase.google.com/docs/admin/setup#initialize_the_sdk | Initialize the SDK}
+ * for more details.
+ *
+ * @example
+ * ```javascript
+ * // Providing a path to a service account key JSON file
+ * const serviceAccount = require("path/to/serviceAccountKey.json");
+ * initializeApp({
+ *   credential: cert(serviceAccount),
+ *   databaseURL: "https://<DATABASE_NAME>.firebaseio.com"
+ * });
+ * ```
+ *
+ * @example
+ * ```javascript
+ * // Providing a service account object inline
+ * initializeApp({
+ *   credential: cert({
+ *     projectId: "<PROJECT_ID>",
+ *     clientEmail: "foo@<PROJECT_ID>.iam.gserviceaccount.com",
+ *     privateKey: "-----BEGIN PRIVATE KEY-----<KEY>-----END PRIVATE KEY-----\n"
+ *   }),
+ *   databaseURL: "https://<DATABASE_NAME>.firebaseio.com"
+ * });
+ * ```
+ *
+ * @param serviceAccountPathOrObject - The path to a service
+ *   account key JSON file or an object representing a service account key.
+ * @param httpAgent - Optional {@link https://nodejs.org/api/http.html#http_class_http_agent | HTTP Agent}
+ *   to be used when retrieving access tokens from Google token servers.
+ *
+ * @returns A credential authenticated via the
+ *   provided service account that can be used to initialize an app.
+ */
+export declare function cert(serviceAccountPathOrObject: string | ServiceAccount, httpAgent?: Agent): Credential;
+/**
+ * Returns a credential created from the provided refresh token that grants
+ * admin access to Firebase services. This credential can be used in the call
+ * to {@link firebase-admin.app#initializeApp}.
+ *
+ * See
+ * {@link https://firebase.google.com/docs/admin/setup#initialize_the_sdk | Initialize the SDK}
+ * for more details.
+ *
+ * @example
+ * ```javascript
+ * // Providing a path to a refresh token JSON file
+ * const refreshToken = require("path/to/refreshToken.json");
+ * initializeApp({
+ *   credential: refreshToken(refreshToken),
+ *   databaseURL: "https://<DATABASE_NAME>.firebaseio.com"
+ * });
+ * ```
+ *
+ * @param refreshTokenPathOrObject - The path to a Google
+ *   OAuth2 refresh token JSON file or an object representing a Google OAuth2
+ *   refresh token.
+ * @param httpAgent - Optional {@link https://nodejs.org/api/http.html#http_class_http_agent | HTTP Agent}
+ *   to be used when retrieving access tokens from Google token servers.
+ *
+ * @returns A credential authenticated via the
+ *   provided service account that can be used to initialize an app.
+ */
+export declare function refreshToken(refreshTokenPathOrObject: string | object, httpAgent?: Agent): Credential;
+/**
+ * Clears the global ADC cache. Exported for testing.
+ */
+export declare function clearGlobalAppDefaultCred(): void;

package/lib/app/credential-factory.js

@@ -0,0 +1,150 @@
+/*! firebase-admin v10.0.0 */
+"use strict";
+/*!
+ * @license
+ * Copyright 2021 Google Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.clearGlobalAppDefaultCred = exports.refreshToken = exports.cert = exports.applicationDefault = void 0;
+var credential_internal_1 = require("./credential-internal");
+var globalAppDefaultCred;
+var globalCertCreds = {};
+var globalRefreshTokenCreds = {};
+/**
+ * Returns a credential created from the
+ * {@link https://developers.google.com/identity/protocols/application-default-credentials |
+ * Google Application Default Credentials}
+ * that grants admin access to Firebase services. This credential can be used
+ * in the call to {@link firebase-admin.app#initializeApp}.
+ *
+ * Google Application Default Credentials are available on any Google
+ * infrastructure, such as Google App Engine and Google Compute Engine.
+ *
+ * See
+ * {@link https://firebase.google.com/docs/admin/setup#initialize_the_sdk | Initialize the SDK}
+ * for more details.
+ *
+ * @example
+ * ```javascript
+ * initializeApp({
+ *   credential: applicationDefault(),
+ *   databaseURL: "https://<DATABASE_NAME>.firebaseio.com"
+ * });
+ * ```
+ *
+ * @param httpAgent - Optional {@link https://nodejs.org/api/http.html#http_class_http_agent | HTTP Agent}
+ *   to be used when retrieving access tokens from Google token servers.
+ *
+ * @returns A credential authenticated via Google
+ *   Application Default Credentials that can be used to initialize an app.
+ */
+function applicationDefault(httpAgent) {
+    if (typeof globalAppDefaultCred === 'undefined') {
+        globalAppDefaultCred = credential_internal_1.getApplicationDefault(httpAgent);
+    }
+    return globalAppDefaultCred;
+}
+exports.applicationDefault = applicationDefault;
+/**
+ * Returns a credential created from the provided service account that grants
+ * admin access to Firebase services. This credential can be used in the call
+ * to {@link firebase-admin.app#initializeApp}.
+ *
+ * See
+ * {@link https://firebase.google.com/docs/admin/setup#initialize_the_sdk | Initialize the SDK}
+ * for more details.
+ *
+ * @example
+ * ```javascript
+ * // Providing a path to a service account key JSON file
+ * const serviceAccount = require("path/to/serviceAccountKey.json");
+ * initializeApp({
+ *   credential: cert(serviceAccount),
+ *   databaseURL: "https://<DATABASE_NAME>.firebaseio.com"
+ * });
+ * ```
+ *
+ * @example
+ * ```javascript
+ * // Providing a service account object inline
+ * initializeApp({
+ *   credential: cert({
+ *     projectId: "<PROJECT_ID>",
+ *     clientEmail: "foo@<PROJECT_ID>.iam.gserviceaccount.com",
+ *     privateKey: "-----BEGIN PRIVATE KEY-----<KEY>-----END PRIVATE KEY-----\n"
+ *   }),
+ *   databaseURL: "https://<DATABASE_NAME>.firebaseio.com"
+ * });
+ * ```
+ *
+ * @param serviceAccountPathOrObject - The path to a service
+ *   account key JSON file or an object representing a service account key.
+ * @param httpAgent - Optional {@link https://nodejs.org/api/http.html#http_class_http_agent | HTTP Agent}
+ *   to be used when retrieving access tokens from Google token servers.
+ *
+ * @returns A credential authenticated via the
+ *   provided service account that can be used to initialize an app.
+ */
+function cert(serviceAccountPathOrObject, httpAgent) {
+    var stringifiedServiceAccount = JSON.stringify(serviceAccountPathOrObject);
+    if (!(stringifiedServiceAccount in globalCertCreds)) {
+        globalCertCreds[stringifiedServiceAccount] = new credential_internal_1.ServiceAccountCredential(serviceAccountPathOrObject, httpAgent);
+    }
+    return globalCertCreds[stringifiedServiceAccount];
+}
+exports.cert = cert;
+/**
+ * Returns a credential created from the provided refresh token that grants
+ * admin access to Firebase services. This credential can be used in the call
+ * to {@link firebase-admin.app#initializeApp}.
+ *
+ * See
+ * {@link https://firebase.google.com/docs/admin/setup#initialize_the_sdk | Initialize the SDK}
+ * for more details.
+ *
+ * @example
+ * ```javascript
+ * // Providing a path to a refresh token JSON file
+ * const refreshToken = require("path/to/refreshToken.json");
+ * initializeApp({
+ *   credential: refreshToken(refreshToken),
+ *   databaseURL: "https://<DATABASE_NAME>.firebaseio.com"
+ * });
+ * ```
+ *
+ * @param refreshTokenPathOrObject - The path to a Google
+ *   OAuth2 refresh token JSON file or an object representing a Google OAuth2
+ *   refresh token.
+ * @param httpAgent - Optional {@link https://nodejs.org/api/http.html#http_class_http_agent | HTTP Agent}
+ *   to be used when retrieving access tokens from Google token servers.
+ *
+ * @returns A credential authenticated via the
+ *   provided service account that can be used to initialize an app.
+ */
+function refreshToken(refreshTokenPathOrObject, httpAgent) {
+    var stringifiedRefreshToken = JSON.stringify(refreshTokenPathOrObject);
+    if (!(stringifiedRefreshToken in globalRefreshTokenCreds)) {
+        globalRefreshTokenCreds[stringifiedRefreshToken] = new credential_internal_1.RefreshTokenCredential(refreshTokenPathOrObject, httpAgent);
+    }
+    return globalRefreshTokenCreds[stringifiedRefreshToken];
+}
+exports.refreshToken = refreshToken;
+/**
+ * Clears the global ADC cache. Exported for testing.
+ */
+function clearGlobalAppDefaultCred() {
+    globalAppDefaultCred = undefined;
+}
+exports.clearGlobalAppDefaultCred = clearGlobalAppDefaultCred;

package/lib/app/credential-internal.d.ts

@@ -0,0 +1,90 @@
+/*! firebase-admin v10.0.0 */
+/*!
+ * @license
+ * Copyright 2020 Google Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/// <reference types="node" />
+import { Agent } from 'http';
+import { Credential, GoogleOAuthAccessToken } from './credential';
+/**
+ * Implementation of Credential that uses a service account.
+ */
+export declare class ServiceAccountCredential implements Credential {
+    private readonly httpAgent?;
+    readonly implicit: boolean;
+    readonly projectId: string;
+    readonly privateKey: string;
+    readonly clientEmail: string;
+    private readonly httpClient;
+    /**
+     * Creates a new ServiceAccountCredential from the given parameters.
+     *
+     * @param serviceAccountPathOrObject - Service account json object or path to a service account json file.
+     * @param httpAgent - Optional http.Agent to use when calling the remote token server.
+     * @param implicit - An optinal boolean indicating whether this credential was implicitly discovered from the
+     *   environment, as opposed to being explicitly specified by the developer.
+     *
+     * @constructor
+     */
+    constructor(serviceAccountPathOrObject: string | object, httpAgent?: Agent | undefined, implicit?: boolean);
+    getAccessToken(): Promise<GoogleOAuthAccessToken>;
+    private createAuthJwt_;
+}
+/**
+ * Implementation of Credential that gets access tokens from the metadata service available
+ * in the Google Cloud Platform. This authenticates the process as the default service account
+ * of an App Engine instance or Google Compute Engine machine.
+ */
+export declare class ComputeEngineCredential implements Credential {
+    private readonly httpClient;
+    private readonly httpAgent?;
+    private projectId?;
+    constructor(httpAgent?: Agent);
+    getAccessToken(): Promise<GoogleOAuthAccessToken>;
+    getProjectId(): Promise<string>;
+    private buildRequest;
+}
+/**
+ * Implementation of Credential that gets access tokens from refresh tokens.
+ */
+export declare class RefreshTokenCredential implements Credential {
+    private readonly httpAgent?;
+    readonly implicit: boolean;
+    private readonly refreshToken;
+    private readonly httpClient;
+    /**
+     * Creates a new RefreshTokenCredential from the given parameters.
+     *
+     * @param refreshTokenPathOrObject - Refresh token json object or path to a refresh token
+     *   (user credentials) json file.
+     * @param httpAgent - Optional http.Agent to use when calling the remote token server.
+     * @param implicit - An optinal boolean indicating whether this credential was implicitly
+     *   discovered from the environment, as opposed to being explicitly specified by the developer.
+     *
+     * @constructor
+     */
+    constructor(refreshTokenPathOrObject: string | object, httpAgent?: Agent | undefined, implicit?: boolean);
+    getAccessToken(): Promise<GoogleOAuthAccessToken>;
+}
+/**
+ * Checks if the given credential was loaded via the application default credentials mechanism. This
+ * includes all ComputeEngineCredential instances, and the ServiceAccountCredential and RefreshTokenCredential
+ * instances that were loaded from well-known files or environment variables, rather than being explicitly
+ * instantiated.
+ *
+ * @param credential - The credential instance to check.
+ */
+export declare function isApplicationDefault(credential?: Credential): boolean;
+export declare function getApplicationDefault(httpAgent?: Agent): Credential;

package/lib/{credential → app}/credential-internal.js

@@ -1,6 +1,7 @@
-/*! firebase-admin v9.12.0 */
+/*! firebase-admin v10.0.0 */
 "use strict";
 /*!
+ * @license
  * Copyright 2020 Google Inc.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
@@ -52,9 +53,9 @@ var ServiceAccountCredential = /** @class */ (function () {
     /**
      * Creates a new ServiceAccountCredential from the given parameters.
      *
-     * @param serviceAccountPathOrObject Service account json object or path to a service account json file.
-     * @param httpAgent Optional http.Agent to use when calling the remote token server.
-     * @param implicit An optinal boolean indicating whether this credential was implicitly discovered from the
+     * @param serviceAccountPathOrObject - Service account json object or path to a service account json file.
+     * @param httpAgent - Optional http.Agent to use when calling the remote token server.
+     * @param implicit - An optinal boolean indicating whether this credential was implicitly discovered from the
      *   environment, as opposed to being explicitly specified by the developer.
      *
      * @constructor
@@ -203,10 +204,11 @@ var RefreshTokenCredential = /** @class */ (function () {
     /**
      * Creates a new RefreshTokenCredential from the given parameters.
      *
-     * @param refreshTokenPathOrObject Refresh token json object or path to a refresh token (user credentials) json file.
-     * @param httpAgent Optional http.Agent to use when calling the remote token server.
-     * @param implicit An optinal boolean indicating whether this credential was implicitly discovered from the
-     *   environment, as opposed to being explicitly specified by the developer.
+     * @param refreshTokenPathOrObject - Refresh token json object or path to a refresh token
+     *   (user credentials) json file.
+     * @param httpAgent - Optional http.Agent to use when calling the remote token server.
+     * @param implicit - An optinal boolean indicating whether this credential was implicitly
+     *   discovered from the environment, as opposed to being explicitly specified by the developer.
      *
      * @constructor
      */
@@ -282,7 +284,7 @@ var RefreshToken = /** @class */ (function () {
  * instances that were loaded from well-known files or environment variables, rather than being explicitly
  * instantiated.
  *
- * @param credential The credential instance to check.
+ * @param credential - The credential instance to check.
  */
 function isApplicationDefault(credential) {
     return credential instanceof ComputeEngineCredential ||
@@ -310,10 +312,10 @@ exports.getApplicationDefault = getApplicationDefault;
  * If no property exists by the given "key", looks for a property identified by "alt", and copies it instead.
  * This can be used to implement behaviors such as "copy property myKey or my_key".
  *
- * @param to Target object to copy the property into.
- * @param from Source object to copy the property from.
- * @param key Name of the property to copy.
- * @param alt Alternative name of the property to copy.
+ * @param to - Target object to copy the property into.
+ * @param from - Source object to copy the property from.
+ * @param key - Name of the property to copy.
+ * @param alt - Alternative name of the property to copy.
  */
 function copyAttr(to, from, key, alt) {
     var tmp = from[key] || from[alt];