Update google-auth-library to the latest version 🚀

[greenkeeper[bot]]

Version 1.0.0 of google-auth-library was just published.

Dependency	google-auth-library
Current Version	0.12.0
Type	dependency

The version 1.0.0 is not covered by your current version range.

If you don’t accept this pull request, your project will work just like it did before. However, you might be missing out on a bunch of new features, fixes and/or performance improvements from the dependency update.

It might be worth looking into these changes and trying to get this project onto the latest version of google-auth-library.

If you have a solid test suite and good coverage, a passing build is a strong indicator that you can take advantage of these changes directly by merging the proposed change into your project. If the build fails or you don’t have such unconditional trust in your tests, this branch is a great starting point for you to work on the update.

---

Release Notes

1.0.0

TL;DR - This release includes a variety of bug fixes, new features, and breaking changes. Please take care.

New Features

TypeScript support

This library now includes a d.ts file by default - no @types package needed.

Promise & Async/Await style APIs

Previous versions of the API were callback only. For every API that was callback based, there is also a Promise or Async/Await style variant. For example:

/**
 * You can use an errback style API
 **/
auth.getApplicationDefault(function(err, client) {
  if (err) {
    console.log('Authentication failed because of ', err);
    return;
  }
  // make request...
});
/**
 * Or if you're using Babel, TypeScript, or Node.js 8+ you can use async/await
 /
try {
const client = await auth.getApplicationDefault();
// make request...
} catch (err) {
console.log('Authentication failed because of ', err);
}
/**
 * Or, you can just use promises
 /
auth.getApplicationDefault()
.then(client => {
// make request
})
.catch(err => {
console.log('Authentication failed because of ', err);
});

Ability to set maxExpiry when verifying tokens

The OAuth2Client.verifyIdToken method now accepts an optional maxExpiry field:

const result = await client.verifyIdToken({
  idToken: <id Token>, 
  audience: <audience>, 
  maxExpiry: <max expiry>
});

Support for code_verifier and code_challenge with OAuth2

The OAuth2Client.generateAuthUrl method has been extended to support the code_challenge_method and code_challenge fields. There is also a convenience method to generate a verifier:

// Generate a code_verifier and code_challenge
const codes = oAuth2Client.generateCodeVerifier();
// Generate the url that will be used for the consent dialog.
const authorizeUrl = oAuth2Client.generateAuthUrl({
access_type: 'offline',
scope: 'https://www.googleapis.com/auth/plus.me',
code_challenge_method: 'S256',
code_challenge: codes.codeChallenge
});

Breaking changes

There have been multiple API breaking changes with this release. Please test your code accordingly after upgrading.

Default exports

The exports on the google-auth-library have changed. The default export of the library was previously a reference to the GoogleAuth type, which was instantiated as a starting point for all consumers. Now, the module has no default export, but exports several other types common used.

// OLD CODE
var GoogleAuth = require('google-auth-library');
var auth = new GoogleAuth();
var jwtClient = new auth.JWT();
var oAuth2Client = new auth.OAuth2();
...
// NEW CODE
const gal = require('google-auth-library');
const auth = new gal.GoogleAuth();
const jwtClient = new gal.JWT();
const oAuth2Client = new gal.OAuth2Client();
...
// if you're using Node 6+, you might find this convenient:
const {GoogleAuth, JWT, OAuth2Client} = require('google-auth-library');

If you're using es6 imports via TypeScript or Babel, you can use es6 style as well:

import {GoogleAuth, OAuth2Client} from 'google-auth-library';
const auth = new GoogleAuth();
...

Synchronous methods

Several public methods were switched from asynchronous to synchronous APIs. In all cases, the APIs were not doing anything asynchronous - they were just providing errors in callback form. This has been changed.

// OLD CODE
var auth = new GoogleAuth();
auth.fromJSON(input, function (err, client) {
  if (err) {
    console.error('Error acquiring client: ' + err);
  }
  // make request with client ...
});
// NEW CODE
const auth = new GoogleAuth();
const client = auth.fromJSON(input);
// make request with client ...

This change was made with the following methods:

• GoogleAuth.fromJSON
• GoogleAuth.fromAPIKey
• JWTAccess. getRequestMetadata
• JWTAccess.fromJSON
• JWTClient.fromJSON
• JWTClient.fromAPIKey
• UserRefreshClient.fromJSON

Request -> Axios

The underlying transport used for HTTP requests was changed from request to axios. This will result in a number of breaking changes.

Any calls to the client.request(opts) method will both accept different parameters, and have different return types. For the options passed to these methods, they are changing from a request options object to an axios request options object.

In addition to the properties on the opts object changing, the signature of the callback is changing as well. The previous version of the library would return objects with a callback that reversed request's default order: function (err, body, response). The signature of that callback has simply been changed to function (err, response), where the body of the response is available by looking at response.data.

// OLD CODE
oAuth2Client.request({
  uri: 'https://www.googleapis.com/plus/v1/people?query=pizza'
}, function (err, body, res) {
  console.log('The body of the response was ' + body);
});
// NEW CODE (using callbacks)
oAuth2Client.request({
// note that we're using url instead of uri here, per the Axios request config. 
url: 'https://www.googleapis.com/plus/v1/people?query=pizza'
}, function (err, res) {
// The body isn't returned as part of the callback, and is available from res.data
console.log(</span>The body of the response was <span class="pl-s1"><span class="pl-pse">${</span><span class="pl-smi">res</span>.<span class="pl-c1">data</span><span class="pl-pse">}</span></span><span class="pl-pds">);
});
// NEW CODE (using async/await)
const res = await oAuth2Client.request({
url:  'https://www.googleapis.com/plus/v1/people?query=pizza'
});
console.log(</span>The body of the response was <span class="pl-s1"><span class="pl-pse">${</span><span class="pl-smi">res</span>.<span class="pl-c1">data</span><span class="pl-pse">}</span></span><span class="pl-pds">);

In addition to these changes - the request and axios libraries handle errors differently. request treats any completed request, even if it returns a non 2xx response code, as a success. The err parameter will be null or undefined. axios treats any non 2xx response as an error. Code which may have previous not worked, but also not thrown errors - may now start throwing errors.

Parameter change for verifyIdToken

The parameters to the verifyIdToken method of OAuth2Client have been changed. The function now accepts a single options object, and an optional callback. A function that used to look like this:

oAuth2Client.verifyIdToken(idToken, audience, callback);

Would now be rewritten as this:

oAuth2Client.verifyIdToken({
  idToken: idToken,
  audience: audience
}, callback);

Commits

The new version differs by 35 commits.

• b6324ce 1.0.0
• 10b4d5d feat: generate reference docs (#237)
• 0bc61e3 chore: cleanup samples and readme (#240)
• b8a47ca chore(package): update @types/node to version 9.3.0 (#238)
• bc5ddd6 chore: accept options objects in constructors (#230)
• f388b8c chore(package): regen package-lock after merge
• 811293a fix: cache promise instead of ProjectId (#216)
• c2af227 chore: apply code style rules to javascript (#233)
• a2fc08c fix: improve typing around tokens and add sample (#219)
• c717429 chore: license check as posttest (#232)
• d248a00 chore: update deps (#229)
• 83ed61c feat: add support for code_verifier in getToken (#218)
• 92d5fc2 chore: docs and samples for refresh token, update uris (#215)
• bb9a74b feat: allow passing maxExpiry to verifyIdToken (#223)
• a9ab95e docs: document proxy behavior and verify with a test (#221)

There are 35 commits in total.

See the full diff

FAQ and help

There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.

---

Your Greenkeeper bot :palm_tree: