diff --git a/README.md b/README.md index 11a0aa3..c3aedd0 100644 --- a/README.md +++ b/README.md @@ -30,7 +30,7 @@ const getToken = async ({ privateKeyPEM, payload, alg = 'RS256', - cryptoImppl = null, + cryptoImpl = null, headerAdditions = {}, }) => { ... } ``` @@ -52,7 +52,7 @@ const getTokenFromGCPServiceAccount = async ({ serviceAccountJSON, aud, alg = 'RS256', - cryptoImppl = null, + cryptoImpl = null, expiredAfter = 3600, headerAdditions = {}, payloadAdditions = {} diff --git a/index.d.ts b/index.d.ts new file mode 100644 index 0000000..5c27eb1 --- /dev/null +++ b/index.d.ts @@ -0,0 +1,141 @@ +interface HeaderAdditions { + /** + * Cryptographic algorithm used to secure the JWT + * @example "RS256" + */ + alg?: string, + /** + * Type of token + * @example "JWT" + */ + typ?: string, + /** + * Service account's private key ID + */ + kid?: string, +} + +/** + * General purpose JWT generation + */ +declare function getToken ({ + privateKeyPEM, + payload, + alg, + headerAdditions, + cryptoImpl +}: { + /** + * The private key string in PEM format + */ + privateKeyPEM: string, + payload: { + /** + * Service account's email address (sa.client_email) + */ + iss: string, + /** + * Service account's email address (sa.client_email) + */ + sub: string, + /** + * Current Unix timem when the token was issued (in seconds since epoch) + */ + iat: number, + /** + * The time exactly 3600 seconds after the token was issued, when the JWT expires + */ + exp: number, + /** + * The API endpoint. + * @example https://.googleapis.com/ + */ + aud: string, + /** + * The scope of the token + */ + scope: string + }, + /** + * Cryptographic algorithm used to secure the JWT + * @default "RS256" + */ + alg?: string, + /** + * An object with keys and string values to be added to the header of the JWT. + */ + headerAdditions?: HeaderAdditions, + /** + * The crypto implementation to use. Use `null` to use the default implementation. + * @see https://w3c.github.io/webcrypto/#crypto-interface + * @default null + */ + cryptoImpl?: Crypto +}): Promise + +/** + * Generate a JWT from a service account JSON + */ +declare function getTokenFromGCPServiceAccount ({ + serviceAccountJSON, + aud, + alg, + cryptoImpl, + headerAdditions, + payloadAdditions +}: { + /** + * Structure of a service account JSON + */ + serviceAccountJSON: { + type: string; + project_id: string; + private_key_id: string; + private_key: string; + client_email: string; + client_id: string; + auth_uri: string; + token_uri: string; + auth_provider_x509_cert_url: string; + client_x509_cert_url: string; + }, + /** + * The API endpoint. + * @example https://.googleapis.com/ + */ + aud: string, + /** + * Cryptographic algorithm used to secure the JWT + * @default "RS256" + */ + alg?: string, + /** + * The crypto implementation to use. Use `null` to use the default implementation. + * @see https://w3c.github.io/webcrypto/#crypto-interface + * @default null + */ + cryptoImpl?: Crypto, + /** + * The time in seconds after the token was issued when the JWT expires + * @default 3600 + */ + expiredAfter?: number, + /** + * An object with keys and string values to be added to the header of the JWT. + */ + headerAdditions?: HeaderAdditions, + /** + * an object with keys and string values to be added to the payload of the JWT. + * @example { scope: 'https://www.googleapis.com/auth/chat.bot' } + */ + payloadAdditions?: Record +}): Promise + +export { getTokenFromGCPServiceAccount, getToken } + +interface commonjsModule { + getTokenFromGCPServiceAccount, + getToken +} + +export default commonjsModule; diff --git a/package.json b/package.json index 55d5d99..e8012ba 100644 --- a/package.json +++ b/package.json @@ -5,6 +5,8 @@ "author": "Sagi Kedmi (https://sagi.io)", "homepage": "https://sagi.io", "main": "index.js", + "type": "commonjs", + "types": "index.d.ts", "license": "MIT", "private": false, "scripts": {