firebase-functions 3.20.0 → 3.21.1

package/lib/common/providers/identity.js

@@ -21,23 +21,12 @@
 // OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 // SOFTWARE.
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.createHandler = exports.getUpdateMask = exports.validateAuthResponse = exports.parseAuthEventContext = exports.parseAuthUserRecord = exports.parseMultiFactor = exports.parseDate = exports.parseProviderData = exports.parseMetadata = exports.verifyJWT = exports.shouldVerifyJWT = exports.decodeJWT = exports.checkDecodedToken = exports.isAuthorizedCloudFunctionURL = exports.getPublicKeyFromHeader = exports.isValidRequest = exports.setKeyExpirationTime = exports.invalidPublicKeys = exports.userRecordConstructor = exports.UserRecordMetadata = exports.JWT_ISSUER = exports.JWT_ALG = exports.JWT_CLIENT_CERT_PATH = exports.JWT_CLIENT_CERT_URL = exports.INVALID_TOKEN_BUFFER = exports.HttpsError = void 0;
-const jwt = require("jsonwebtoken");
-const node_fetch_1 = require("node-fetch");
+exports.wrapHandler = exports.getUpdateMask = exports.validateAuthResponse = exports.parseAuthEventContext = exports.parseAuthUserRecord = exports.parseMultiFactor = exports.parseDate = exports.parseProviderData = exports.parseMetadata = exports.isValidRequest = exports.userRecordConstructor = exports.UserRecordMetadata = exports.HttpsError = void 0;
+const __1 = require("../..");
+const apps_1 = require("../../apps");
+const debug_1 = require("../debug");
 const https_1 = require("./https");
 Object.defineProperty(exports, "HttpsError", { enumerable: true, get: function () { return https_1.HttpsError; } });
-const function_configuration_1 = require("../../function-configuration");
-const __1 = require("../..");
-/** @internal */
-exports.INVALID_TOKEN_BUFFER = 60000; // set to 1 minute
-/** @internal */
-exports.JWT_CLIENT_CERT_URL = 'https://www.googleapis.com';
-/** @internal */
-exports.JWT_CLIENT_CERT_PATH = 'robot/v1/metadata/x509/securetoken@system.gserviceaccount.com';
-/** @internal */
-exports.JWT_ALG = 'RS256';
-/** @internal */
-exports.JWT_ISSUER = 'https://securetoken.google.com/';
 const DISALLOWED_CUSTOM_CLAIMS = [
     'acr',
     'amr',
@@ -98,19 +87,14 @@ function userRecordConstructor(wireData) {
         tokensValidAfterTime: null,
     };
     const record = { ...falseyValues, ...wireData };
-    const meta = record['metadata'];
+    const meta = record.metadata;
     if (meta) {
-        record['metadata'] = new UserRecordMetadata(meta.createdAt || meta.creationTime, meta.lastSignedInAt || meta.lastSignInTime);
+        record.metadata = new UserRecordMetadata(meta.createdAt || meta.creationTime, meta.lastSignedInAt || meta.lastSignInTime);
     }
     else {
-        record['metadata'] = new UserRecordMetadata(null, null);
+        record.metadata = new UserRecordMetadata(null, null);
     }
-    for (const entry of Object.entries(record.providerData)) {
-        entry['toJSON'] = () => {
-            return entry;
-        };
-    }
-    record['toJSON'] = () => {
+    record.toJSON = () => {
         const { uid, email, emailVerified, displayName, photoURL, phoneNumber, disabled, passwordHash, passwordSalt, tokensValidAfterTime, } = record;
         const json = {
             uid,
@@ -124,58 +108,14 @@ function userRecordConstructor(wireData) {
             passwordSalt,
             tokensValidAfterTime,
         };
-        json['metadata'] = record['metadata'].toJSON();
-        json['customClaims'] = JSON.parse(JSON.stringify(record.customClaims));
-        json['providerData'] = record.providerData.map((entry) => entry.toJSON());
+        json.metadata = record.metadata.toJSON();
+        json.customClaims = JSON.parse(JSON.stringify(record.customClaims));
+        json.providerData = record.providerData.map((entry) => entry.toJSON());
         return json;
     };
     return record;
 }
 exports.userRecordConstructor = userRecordConstructor;
-/**
- * Helper to determine if we refresh the public keys
- * @internal
- */
-function invalidPublicKeys(keys, time = Date.now()) {
-    if (!keys.publicKeysExpireAt) {
-        return true;
-    }
-    return time + exports.INVALID_TOKEN_BUFFER >= keys.publicKeysExpireAt;
-}
-exports.invalidPublicKeys = invalidPublicKeys;
-/**
- * Helper to parse the response headers to obtain the expiration time.
- * @internal
- */
-function setKeyExpirationTime(response, keysCache, time) {
-    if (response.headers.has('cache-control')) {
-        const ccHeader = response.headers.get('cache-control');
-        const maxAgeEntry = ccHeader
-            .split(', ')
-            .find((item) => item.includes('max-age'));
-        if (maxAgeEntry) {
-            const maxAge = +maxAgeEntry.trim().split('=')[1];
-            keysCache.publicKeysExpireAt = time + maxAge * 1000;
-        }
-    }
-}
-exports.setKeyExpirationTime = setKeyExpirationTime;
-/**
- * Fetch the public keys for use in decoding and verifying the jwt sent from identity platform.
- */
-async function refreshPublicKeys(keysCache, time = Date.now()) {
-    const url = `${exports.JWT_CLIENT_CERT_URL}/${exports.JWT_CLIENT_CERT_PATH}`;
-    try {
-        const response = await node_fetch_1.default(url);
-        setKeyExpirationTime(response, keysCache, time);
-        const data = await response.json();
-        keysCache.publicKeys = data;
-    }
-    catch (err) {
-        __1.logger.error(`Failed to obtain public keys for JWT verification: ${err.message}`);
-        throw new https_1.HttpsError('internal', 'Failed to obtain the public keys for JWT verification.');
-    }
-}
 /**
  * Checks for a valid identity platform web request, otherwise throws an HttpsError
  * @internal
@@ -198,120 +138,18 @@ function isValidRequest(req) {
     return true;
 }
 exports.isValidRequest = isValidRequest;
-/** @internal */
-function getPublicKeyFromHeader(header, publicKeys) {
-    if (header.alg !== exports.JWT_ALG) {
-        throw new https_1.HttpsError('invalid-argument', `Provided JWT has incorrect algorithm. Expected ${exports.JWT_ALG} but got ${header.alg}.`);
-    }
-    if (!header.kid) {
-        throw new https_1.HttpsError('invalid-argument', 'JWT header missing "kid" claim.');
-    }
-    if (!publicKeys.hasOwnProperty(header.kid)) {
-        throw new https_1.HttpsError('invalid-argument', 'Provided JWT has "kid" claim which does not correspond to a known public key. Most likely the JWT is expired.');
-    }
-    return publicKeys[header.kid];
-}
-exports.getPublicKeyFromHeader = getPublicKeyFromHeader;
 /**
- * Checks for a well forms cloud functions url
- * @internal
+ * Decode, but not verify, an Auth Blocking token.
+ *
+ * Do not use in production. Token should always be verified using the Admin SDK.
+ *
+ * This is exposed only for testing.
  */
-function isAuthorizedCloudFunctionURL(cloudFunctionUrl, projectId) {
-    const re = new RegExp(`^https://(${function_configuration_1.SUPPORTED_REGIONS.join('|')})+-${projectId}\.cloudfunctions\.net/`);
-    const res = re.exec(cloudFunctionUrl) || [];
-    return res.length > 0;
-}
-exports.isAuthorizedCloudFunctionURL = isAuthorizedCloudFunctionURL;
-/**
- * Checks for errors in a decoded jwt
- * @internal
- */
-function checkDecodedToken(decodedJWT, eventType, projectId) {
-    if (decodedJWT.event_type !== eventType) {
-        throw new https_1.HttpsError('invalid-argument', `Expected "${eventType}" but received "${decodedJWT.event_type}".`);
-    }
-    if (!isAuthorizedCloudFunctionURL(decodedJWT.aud, projectId)) {
-        throw new https_1.HttpsError('invalid-argument', 'Provided JWT has incorrect "aud" (audience) claim.');
-    }
-    if (decodedJWT.iss !== `${exports.JWT_ISSUER}${projectId}`) {
-        throw new https_1.HttpsError('invalid-argument', `Provided JWT has incorrect "iss" (issuer) claim. Expected ` +
-            `"${exports.JWT_ISSUER}${projectId}" but got "${decodedJWT.iss}".`);
-    }
-    if (typeof decodedJWT.sub !== 'string' || decodedJWT.sub.length === 0) {
-        throw new https_1.HttpsError('invalid-argument', 'Provided JWT has no "sub" (subject) claim.');
-    }
-    if (decodedJWT.sub.length > 128) {
-        throw new https_1.HttpsError('invalid-argument', 'Provided JWT has "sub" (subject) claim longer than 128 characters.');
-    }
-    // set uid to sub
-    decodedJWT.uid = decodedJWT.sub;
-}
-exports.checkDecodedToken = checkDecodedToken;
-/**
- * Helper function to decode the jwt, internally uses the 'jsonwebtoken' package.
- * @internal
- */
-function decodeJWT(token) {
-    let decoded;
-    try {
-        decoded = jwt.decode(token, { complete: true });
-    }
-    catch (err) {
-        __1.logger.error('Decoding the JWT failed', err);
-        throw new https_1.HttpsError('internal', 'Failed to decode the JWT.');
-    }
-    if (!(decoded === null || decoded === void 0 ? void 0 : decoded.payload)) {
-        throw new https_1.HttpsError('internal', 'The decoded JWT is not structured correctly.');
-    }
+function unsafeDecodeAuthBlockingToken(token) {
+    const decoded = (0, https_1.unsafeDecodeToken)(token);
+    decoded.uid = decoded.sub;
     return decoded;
 }
-exports.decodeJWT = decodeJWT;
-/**
- * Helper function to determine if we need to do full verification of the jwt
- * @internal
- */
-function shouldVerifyJWT() {
-    // TODO(colerogers): add emulator support to skip verification
-    return true;
-}
-exports.shouldVerifyJWT = shouldVerifyJWT;
-/**
- * Verifies the jwt using the 'jwt' library and decodes the token with the public keys
- * Throws an error if the event types do not match
- * @internal
- */
-function verifyJWT(token, rawDecodedJWT, keysCache, time = Date.now()) {
-    if (!rawDecodedJWT.header) {
-        throw new https_1.HttpsError('internal', 'Unable to verify JWT payload, the decoded JWT does not have a header property.');
-    }
-    const header = rawDecodedJWT.header;
-    let publicKey;
-    try {
-        if (invalidPublicKeys(keysCache, time)) {
-            refreshPublicKeys(keysCache);
-        }
-        publicKey = getPublicKeyFromHeader(header, keysCache.publicKeys);
-        return jwt.verify(token, publicKey, {
-            algorithms: [exports.JWT_ALG],
-        });
-    }
-    catch (err) {
-        __1.logger.error('Verifying the JWT failed', err);
-    }
-    // force refresh keys and retry one more time
-    try {
-        refreshPublicKeys(keysCache);
-        publicKey = getPublicKeyFromHeader(header, keysCache.publicKeys);
-        return jwt.verify(token, publicKey, {
-            algorithms: [exports.JWT_ALG],
-        });
-    }
-    catch (err) {
-        __1.logger.error('Verifying the JWT failed again', err);
-        throw new https_1.HttpsError('internal', 'Failed to verify the JWT.');
-    }
-}
-exports.verifyJWT = verifyJWT;
 /**
  * Helper function to parse the decoded metadata object into a UserMetaData object
  * @internal
@@ -436,13 +274,14 @@ exports.parseAuthUserRecord = parseAuthUserRecord;
 /** Helper to get the AdditionalUserInfo from the decoded jwt */
 function parseAdditionalUserInfo(decodedJWT) {
     let profile, username;
-    if (decodedJWT.raw_user_info)
+    if (decodedJWT.raw_user_info) {
         try {
             profile = JSON.parse(decodedJWT.raw_user_info);
         }
         catch (err) {
             __1.logger.debug(`Parse Error: ${err.message}`);
         }
+    }
     if (profile) {
         if (decodedJWT.sign_in_method === 'github.com') {
             username = profile.login;
@@ -570,17 +409,7 @@ function getUpdateMask(authResponse) {
 }
 exports.getUpdateMask = getUpdateMask;
 /** @internal */
-function createHandler(handler, eventType, keysCache) {
-    const wrappedHandler = wrapHandler(handler, eventType, keysCache);
-    return (req, res) => {
-        return new Promise((resolve) => {
-            res.on('finish', resolve);
-            resolve(wrappedHandler(req, res));
-        });
-    };
-}
-exports.createHandler = createHandler;
-function wrapHandler(handler, eventType, keysCache) {
+function wrapHandler(eventType, handler) {
     return async (req, res) => {
         try {
             const projectId = process.env.GCLOUD_PROJECT;
@@ -588,22 +417,39 @@ function wrapHandler(handler, eventType, keysCache) {
                 __1.logger.error('Invalid request, unable to process');
                 throw new https_1.HttpsError('invalid-argument', 'Bad Request');
             }
-            const rawDecodedJWT = decodeJWT(req.body.data.jwt);
-            const decodedPayload = shouldVerifyJWT()
-                ? verifyJWT(req.body.data.jwt, rawDecodedJWT, keysCache)
-                : rawDecodedJWT.payload;
-            checkDecodedToken(decodedPayload, eventType, projectId);
+            if (!(0, apps_1.apps)().admin.auth()._verifyAuthBlockingToken) {
+                throw new Error('Cannot validate Auth Blocking token. Please update Firebase Admin SDK to >= v10.1.0');
+            }
+            const decodedPayload = (0, debug_1.isDebugFeatureEnabled)('skipTokenVerification')
+                ? unsafeDecodeAuthBlockingToken(req.body.data.jwt)
+                : await (0, apps_1.apps)()
+                    .admin.auth()
+                    ._verifyAuthBlockingToken(req.body.data.jwt);
             const authUserRecord = parseAuthUserRecord(decodedPayload.user_record);
             const authEventContext = parseAuthEventContext(decodedPayload, projectId);
-            const authResponse = (await handler(authUserRecord, authEventContext)) || undefined;
+            let authResponse;
+            if (handler.length === 2) {
+                authResponse =
+                    (await handler(authUserRecord, authEventContext)) ||
+                        undefined;
+            }
+            else {
+                authResponse =
+                    (await handler({
+                        ...authEventContext,
+                        data: authUserRecord,
+                    })) || undefined;
+            }
             validateAuthResponse(eventType, authResponse);
             const updateMask = getUpdateMask(authResponse);
-            const result = {
-                userRecord: {
-                    ...authResponse,
-                    updateMask,
-                },
-            };
+            const result = updateMask.length === 0
+                ? {}
+                : {
+                    userRecord: {
+                        ...authResponse,
+                        updateMask,
+                    },
+                };
             res.status(200);
             res.setHeader('Content-Type', 'application/json');
             res.send(JSON.stringify(result));
@@ -614,9 +460,11 @@ function wrapHandler(handler, eventType, keysCache) {
                 __1.logger.error('Unhandled error', err);
                 err = new https_1.HttpsError('internal', 'An unexpected error occurred.');
             }
-            res.status(err.code);
+            const { status } = err.httpErrorCode;
+            const body = { error: err.toJSON() };
             res.setHeader('Content-Type', 'application/json');
-            res.send({ error: err.toJson() });
+            res.status(status).send(body);
         }
     };
 }
+exports.wrapHandler = wrapHandler;

package/lib/common/providers/tasks.d.ts

@@ -29,9 +29,18 @@ export interface RetryConfig {
 }
 /** How congestion control should be applied to the function. */
 export interface RateLimits {
+    /**
+     * The maximum number of requests that can be outstanding at a time.
+     * If left unspecified, will default to 1000.
+     */
     maxConcurrentDispatches?: number;
+    /**
+     * The maximum number of requests that can be invoked per second.
+     * If left unspecified, will default to 500.
+     */
     maxDispatchesPerSecond?: number;
 }
+/** Metadata about the authorization used to invoke a function. */
 export interface AuthData {
     uid: string;
     token: firebase.auth.DecodedIdToken;

package/lib/common/providers/tasks.js

@@ -27,17 +27,26 @@ const https = require("./https");
 /** @internal */
 function onDispatchHandler(handler) {
     return async (req, res) => {
+        var _a;
         try {
             if (!https.isValidRequest(req)) {
                 logger.error('Invalid request, unable to process.');
                 throw new https.HttpsError('invalid-argument', 'Bad Request');
             }
-            const context = {};
-            const status = await https.checkAuthToken(req, context);
+            const authHeader = req.header('Authorization') || '';
+            const token = (_a = authHeader.match(/^Bearer (.*)$/)) === null || _a === void 0 ? void 0 : _a[1];
             // Note: this should never happen since task queue functions are guarded by IAM.
-            if (status === 'INVALID') {
+            if (!token) {
                 throw new https.HttpsError('unauthenticated', 'Unauthenticated');
             }
+            // We skip authenticating the token since tq functions are guarded by IAM.
+            const authToken = await https.unsafeDecodeIdToken(token);
+            const context = {
+                auth: {
+                    uid: authToken.uid,
+                    token: authToken,
+                },
+            };
             const data = https.decode(req.body.data);
             if (handler.length === 2) {
                 await handler(data, context);

package/lib/function-builder.d.ts

@@ -78,7 +78,7 @@ export declare class FunctionBuilder {
          * Declares a callable method for clients to call using a Firebase SDK.
          * @param handler A method that takes a data and context and returns a value.
          */
-        onCall: (handler: (data: any, context: https.CallableContext) => any | Promise<any>) => import("./cloud-functions").TriggerAnnotated & import("./cloud-functions").EndpointAnnotated & ((req: express.Request<import("express-serve-static-core").ParamsDictionary>, resp: express.Response<any>) => void | Promise<void>) & import("./cloud-functions").Runnable<any>;
+        onCall: (handler: (data: any, context: https.CallableContext) => any | Promise<any>) => import("./cloud-functions").HttpsFunction & import("./cloud-functions").Runnable<any>;
     };
     get tasks(): {
         /**
@@ -178,7 +178,7 @@ export declare class FunctionBuilder {
         /**
          * Handle events related to Firebase authentication users.
          */
-        user: () => auth.UserBuilder;
+        user: (userOptions?: auth.UserOptions) => auth.UserBuilder;
     };
     get testLab(): {
         /**

package/lib/function-builder.js

@@ -356,7 +356,7 @@ class FunctionBuilder {
             /**
              * Handle events related to Firebase authentication users.
              */
-            user: () => auth._userWithOptions(this.options),
+            user: (userOptions) => auth._userWithOptions(this.options, userOptions),
         };
     }
     get testLab() {

package/lib/handler-builder.js

@@ -141,12 +141,12 @@ class HandlerBuilder {
             get instance() {
                 return {
                     get ref() {
-                        return new database.RefBuilder(apps_1.apps(), () => null, {});
+                        return new database.RefBuilder((0, apps_1.apps)(), () => null, {});
                     },
                 };
             },
             get ref() {
-                return new database.RefBuilder(apps_1.apps(), () => null, {});
+                return new database.RefBuilder((0, apps_1.apps)(), () => null, {});
             },
         };
     }
@@ -323,7 +323,7 @@ class HandlerBuilder {
     get auth() {
         return {
             get user() {
-                return new auth.UserBuilder(() => null, {});
+                return new auth.UserBuilder(() => null, {}, {});
             },
         };
     }

package/lib/index.js

@@ -22,7 +22,11 @@
 // SOFTWARE.
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];
@@ -66,4 +70,4 @@ __exportStar(require("./cloud-functions"), exports);
 __exportStar(require("./config"), exports);
 __exportStar(require("./function-builder"), exports);
 __exportStar(require("./function-configuration"), exports);
-setup_1.setup();
+(0, setup_1.setup)();

package/lib/logger/common.js

@@ -1,4 +1,25 @@
 "use strict";
+// The MIT License (MIT)
+//
+// Copyright (c) 2017 Firebase
+//
+// Permission is hereby granted, free of charge, to any person obtaining a copy
+// of this software and associated documentation files (the "Software"), to deal
+// in the Software without restriction, including without limitation the rights
+// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+// copies of the Software, and to permit persons to whom the Software is
+// furnished to do so, subject to the following conditions:
+//
+// The above copyright notice and this permission notice shall be included in all
+// copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+// SOFTWARE.
 var _a, _b, _c;
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.UNPATCHED_CONSOLE = exports.CONSOLE_SEVERITY = exports.SUPPORTS_STRUCTURED_LOGS = void 0;

package/lib/logger/compat.js

@@ -1,4 +1,25 @@
 "use strict";
+// The MIT License (MIT)
+//
+// Copyright (c) 2017 Firebase
+//
+// Permission is hereby granted, free of charge, to any person obtaining a copy
+// of this software and associated documentation files (the "Software"), to deal
+// in the Software without restriction, including without limitation the rights
+// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+// copies of the Software, and to permit persons to whom the Software is
+// furnished to do so, subject to the following conditions:
+//
+// The above copyright notice and this permission notice shall be included in all
+// copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+// SOFTWARE.
 Object.defineProperty(exports, "__esModule", { value: true });
 const util_1 = require("util");
 const common_1 = require("./common");
@@ -6,7 +27,7 @@ const common_1 = require("./common");
 function patchedConsole(severity) {
     return function (data, ...args) {
         if (common_1.SUPPORTS_STRUCTURED_LOGS) {
-            common_1.UNPATCHED_CONSOLE[common_1.CONSOLE_SEVERITY[severity]](JSON.stringify({ severity, message: util_1.format(data, ...args) }));
+            common_1.UNPATCHED_CONSOLE[common_1.CONSOLE_SEVERITY[severity]](JSON.stringify({ severity, message: (0, util_1.format)(data, ...args) }));
             return;
         }
         common_1.UNPATCHED_CONSOLE[common_1.CONSOLE_SEVERITY[severity]](data, ...args);

package/lib/logger/index.d.ts

@@ -1,11 +1,13 @@
 /**
  * `LogSeverity` indicates the detailed severity of the log entry. See [LogSeverity](https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry#logseverity).
+ * @public
  */
 export declare type LogSeverity = 'DEBUG' | 'INFO' | 'NOTICE' | 'WARNING' | 'ERROR' | 'CRITICAL' | 'ALERT' | 'EMERGENCY';
 /**
  * `LogEntry` represents a [structured Cloud Logging](https://cloud.google.com/logging/docs/structured-logging)
  * entry. All keys aside from `severity` and `message` are
  * included in the `jsonPayload` of the logged entry.
+ * @public
  */
 export interface LogEntry {
     severity: LogSeverity;
@@ -14,36 +16,42 @@ export interface LogEntry {
 }
 /**
  * Writes a `LogEntry` to `stdout`/`stderr` (depending on severity).
- * @param entry The `LogEntry` including severity, message, and any additional structured metadata.
+ * @param entry - The `LogEntry` including severity, message, and any additional structured metadata.
+ * @public
  */
 export declare function write(entry: LogEntry): void;
 /**
  * Writes a `DEBUG` severity log. If the last argument provided is a plain object,
  * it is added to the `jsonPayload` in the Cloud Logging entry.
- * @param args Arguments, concatenated into the log message with space separators.
+ * @param args - Arguments, concatenated into the log message with space separators.
+ * @public
  */
 export declare function debug(...args: any[]): void;
 /**
  * Writes an `INFO` severity log. If the last argument provided is a plain object,
  * it is added to the `jsonPayload` in the Cloud Logging entry.
- * @param args Arguments, concatenated into the log message with space separators.
+ * @param args - Arguments, concatenated into the log message with space separators.
+ * @public
  */
 export declare function log(...args: any[]): void;
 /**
  * Writes an `INFO` severity log. If the last argument provided is a plain object,
  * it is added to the `jsonPayload` in the Cloud Logging entry.
- * @param args Arguments, concatenated into the log message with space separators.
+ * @param args - Arguments, concatenated into the log message with space separators.
+ * @public
  */
 export declare function info(...args: any[]): void;
 /**
  * Writes a `WARNING` severity log. If the last argument provided is a plain object,
  * it is added to the `jsonPayload` in the Cloud Logging entry.
- * @param args Arguments, concatenated into the log message with space separators.
+ * @param args - Arguments, concatenated into the log message with space separators.
+ * @public
  */
 export declare function warn(...args: any[]): void;
 /**
  * Writes an `ERROR` severity log. If the last argument provided is a plain object,
  * it is added to the `jsonPayload` in the Cloud Logging entry.
- * @param args Arguments, concatenated into the log message with space separators.
+ * @param args - Arguments, concatenated into the log message with space separators.
+ * @public
  */
 export declare function error(...args: any[]): void;