googleapis / node-gtoken Goto Github PK

:key: Google Auth Service Account Tokens for Node.js

License: MIT License

TypeScript 89.60% JavaScript 8.44% Python 1.96%

node-gtoken's Introduction

node-gtoken

Node.js Google Authentication Service Account Tokens

This is a low level utility library used to interact with Google Authentication services. In most cases, you probably want to use the google-auth-library instead.

Installation

npm install gtoken

Usage

Use with a `.pem` or `.json` key file:

const { GoogleToken } = require('gtoken');
const gtoken = new GoogleToken({
  keyFile: 'path/to/key.pem', // or path to .json key file
  email: '[email protected]',
  scope: ['https://scope1', 'https://scope2'], // or space-delimited string of scopes
  eagerRefreshThresholdMillis: 5 * 60 * 1000
});

gtoken.getToken((err, tokens) => {
  if (err) {
    console.log(err);
    return;
  }
  console.log(tokens);
  // {
  //   access_token: 'very-secret-token',
  //   expires_in: 3600,
  //   token_type: 'Bearer'
  // }
});

You can also use the async/await style API:

const tokens = await gtoken.getToken()
console.log(tokens);

Or use promises:

gtoken.getToken()
  .then(tokens => {
    console.log(tokens)
  })
  .catch(console.error);

Use with a service account `.json` key file:

const { GoogleToken } = require('gtoken');
const gtoken = new GoogleToken({
  keyFile: 'path/to/key.json',
  scope: ['https://scope1', 'https://scope2'], // or space-delimited string of scopes
  eagerRefreshThresholdMillis: 5 * 60 * 1000
});

gtoken.getToken((err, tokens) => {
  if (err) {
    console.log(err);
    return;
  }
  console.log(tokens);
});

Pass the private key as a string directly:

const key = '-----BEGIN RSA PRIVATE KEY-----\nXXXXXXXXXXX...';
const { GoogleToken } = require('gtoken');
const gtoken = new GoogleToken({
  email: '[email protected]',
  scope: ['https://scope1', 'https://scope2'], // or space-delimited string of scopes
  key: key,
  eagerRefreshThresholdMillis: 5 * 60 * 1000
});

Options

Various options that can be set when creating initializing the gtoken object.

options.email or options.iss: The service account email address.
options.scope: An array of scope strings or space-delimited string of scopes.
options.sub: The email address of the user requesting delegated access.
options.keyFile: The filename of .json key or .pem key.
options.key: The raw RSA private key value, in place of using options.keyFile.
options.additionalClaims: Additional claims to include in the JWT when requesting a token.
options.eagerRefreshThresholdMillis: How long must a token be valid for in order to return it from the cache. Defaults to 0.

.getToken(callback)

Returns the cached tokens or requests a new one and returns it.

gtoken.getToken((err, token) => {
  console.log(err || token);
  // gtoken.rawToken value is also set
});

.getCredentials('path/to/key.json')

Given a keyfile, returns the key and (if available) the client email.

const creds = await gtoken.getCredentials('path/to/key.json');

Properties

Various properties set on the gtoken object after call to .getToken().

gtoken.idToken: The OIDC token returned (if any).
gtoken.accessToken: The access token.
gtoken.expiresAt: The expiry date as milliseconds since 1970/01/01
gtoken.key: The raw key value.
gtoken.rawToken: Most recent raw token data received from Google.

.hasExpired()

Returns true if the token has expired, or token does not exist.

const tokens = await gtoken.getToken();
gtoken.hasExpired(); // false

.revokeToken()

Revoke the token if set.

await gtoken.revokeToken();
console.log('Token revoked!');

Downloading your private `.json` key from Google

Open the Google Developer Console.
Open your project and under "APIs & auth", click Credentials.
Generate a new .json key and download it into your project.

Converting your `.p12` key to a `.pem` key

If you'd like to convert to a .pem for use later, use OpenSSL if you have it installed.

$ openssl pkcs12 -in key.p12 -nodes -nocerts > key.pem

Don't forget, the passphrase when converting these files is the string 'notasecret'

License

MIT

node-gtoken's People

Contributors

Stargazers

Watchers

node-gtoken's Issues

Upgrade google-p12-pem to latest version v3.1.3 to resolve node-forge security vulnerability

Upgrade google-p12-pem to latest version v3.1.3 to resolve node-forge security vulnerability issue fixed in google-p12-pem#382

more info on node-forge security vulnerability can be found on GHSA-8fr3-hfg3-gpgp

invalid response when using with additionalClaims / targetAudience

        .then(r => {
          const body = r.data;
          this.rawToken = body;
          this.token = body.access_token;
          this.expiresAt = (iat + body.expires_in) * 1000;
          return this.token;
        })

That part of the code assumes that body has access_token, however, this is not the case when we want to auth through IAP and set targetAudience as an additionalClaim. Resulting body would simply
contain the following:

{ id_token: 'signed-jwt-token' }

Please provide a way to deal with it

HTTPS Over HTTP Proxy Tunneling Issue

Environment details

OS: Ubuntu Linux 16.04
Node.js version: 8.10.0
npm version: 5.10.0
gtoken version: 2.3.0

Steps to reproduce

Be behind a corporate proxy doing HTTPS over HTTP tunneling. The HTTPS_PROXY environment variable will be set to http://xxxxxx:8080 or some other unsecured port to capture local traffic for retention.
Use Google Dialogflow 0.5.0, 0.6.0 or other Google Cloud Service library that relies on google-gax 0.17.1 -> google-auth-library 1.6.1 -> gtoken 2.3.0 in its dependency tree as determined by npm ls gtoken
Notice that there will be an error from openssl dumped to the console along the lines of "invalid protocol". (One example is Auth error:Error: write EPROTO 140533291190080:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:../deps/openssl/openssl/ssl/s23_clnt.c:827:)

I am not an expert in the Google API architecture, but it appears that the issue is caused when GToken uses axios to facilitate its underlying HTTPS connection to authenticate with Google APIs. Axios documentation covers a lot of ground, but the basic feature necessary is to not assume that the proxy protocol is HTTPS just because the destination URL is. Maybe there is a way to use Axios differently in this case? Maybe use whatever HTTP library other areas of the google-gax / grpc projects use to successfully capture project metadata etc. through a proxy configured this way? Maybe this problem has already been fixed? I don't know, but hopefully this report helps someone other than me 😄

Switch all internal async methods to async/await

Document the API better and add to Google Cloud docs

This library should be mentioned in Google Cloud documents:

Warning: a recent release failed

The release PR #202 is still in a pending state after several hours

Release a new build

With #35 landing, we need to cut 2.0.1 to fix the path issues.

unasyncify the signJWT method

Address this PR feedback #17 (comment)

v2.3.1 introduces undocumented breaking changes, which flow downstream

Environment details

OS: any
Node.js version: 4.x.x
npm version: any
gtoken version: 2.3.1

Steps to reproduce

Install something that depends on gtoken and supports Node v4, such as [email protected]
npm will fetch a version of gtoken that has silently dropped support for node v4

In more detail

In cdc2819, Node v4 support was removed from gtoken. This is a breaking change, as it means that gtoken will no longer work in environments where it previously worked, however the change appears to have been introduced as gtoken updated from v2.3.0 to v2.3.1.

No reference to this change is included in the v2.3.1 changelog. (In fact, PR #71 is not referenced in any release changelog.) PR #71 is tagged as a semver: major however it looks like it slipped undocumented into the v2.3.1 patch instead.

The implications of this are that, despite the fact that google-auth-library-nodejs doesn't drop support for Node v4 until v2.0.0, the prior release (v1.6.1) also no longer supports Node v4. google-auth-library-nodejs has set its gtoken dependency version as ^2.3.0, meaning npm satisfies that dependency with gtoken v2.3.3 currently.

Workaround 🤓

For anybody else out there maintaining a legacy Node v4 system that relies on gtoken somewhere in the dependency tree, I've found that the best workaround is to make use of npm shrinkwrap here to force npm to satisfy the gtoken dependency using v2.3.0.

Your .repo-metadata.json file has a problem 🤒

You have a problem with your .repo-metadata.json file:

Result of scan 📈:

must have required property 'library_type' in .repo-metadata.json
release_level must be equal to one of the allowed values in .repo-metadata.json

☝️ Once you address these problems, you can close this issue.

Need help?

Schema definition: lists valid options for each field.
API index: for gRPC libraries api_shortname should match the subdomain of an API's hostName.
Reach out to go/github-automation if you have any questions.

gtoken system tests: should acquire an access token failed

Note: #443 was also for this test, but it was closed more than 10 days ago. So, I didn't mark it flaky.

commit: ee9abc8
buildURL: Build Status, Sponge
status: failed

Test output

invalid_grant: Invalid JWT Signature.
Error: invalid_grant: Invalid JWT Signature.
    at Gaxios._request (node_modules/gaxios/build/src/gaxios.js:130:23)
        -> /workspace/node_modules/gaxios/src/gaxios.ts:158:15
    at processTicksAndRejections (internal/process/task_queues.js:97:5)
    at async GoogleToken.requestToken (build/src/index.js:238:23)
        -> /workspace/src/index.ts:334:17
    at async GoogleToken.getTokenAsync (build/src/index.js:145:20)
        -> /workspace/src/index.ts:227:14
    at async Context. (build/system-test/system.js:18:23)
        -> /workspace/system-test/system.ts:18:19

'invalid_grant': report a more complete error message back to JS

I witnessed the following error from the oauth endpoint:

body.error: 
{ error: 'invalid_grant',
  error_description: 'Invalid JWT: Token must be a short-lived token and in a reasonable timeframe',
  stack_trace: 'com.google.security.lso.protocol.oauth2.common.OAuth2ErrorException: invalid_grant: Invalid JWT: Token must be a short-lived token and in a reasonable timeframe\n\tat co
m.google.security.lso.protocol.oauth2.common.OAuth2ErrorException$Builder.build(OAuth2ErrorException.java:162)\n\tat com.google.security.lso.auth.oauth2.token.GetTokenConverter.convertE
rrors(GetTokenConverter.java:287)\n...

We construct a JavaScript error with:

      err = err || body.error && new Error(body.error);

This loses the error description and returns a rather less friendly invalid_grant as the message.

gtoken system tests: should acquire an id token failed

Note: #444 was also for this test, but it was closed more than 10 days ago. So, I didn't mark it flaky.

commit: ee9abc8
buildURL: Build Status, Sponge
status: failed

Test output

invalid_grant: Invalid JWT Signature.
Error: invalid_grant: Invalid JWT Signature.
    at Gaxios._request (node_modules/gaxios/build/src/gaxios.js:130:23)
        -> /workspace/node_modules/gaxios/src/gaxios.ts:158:15
    at processTicksAndRejections (internal/process/task_queues.js:97:5)
    at async GoogleToken.requestToken (build/src/index.js:238:23)
        -> /workspace/src/index.ts:334:17
    at async GoogleToken.getTokenAsync (build/src/index.js:145:20)
        -> /workspace/src/index.ts:227:14
    at async Context. (build/system-test/system.js:29:23)
        -> /workspace/system-test/system.ts:30:19

Vulnerability in node-forge dependency

A dependency of node-gtoken, the node-forge package, has a vulnerability which is fixed in version 1.0.0 (or later). The vulnerability is rated as low severity but it'd be nice to get it fix nonetheless since this affects other libraries upstream that are widely used, for instance, googleapis.
node-forge is a dependency via the google-p12-pem package, which has released version 3.1.3 with the patched version of the package. Updating node-gtoken to use version 3.1.3 of google-p12-pem should remove the vulnerability.

.revokeToken(): should return appropriate error with HTTP 404s failed

This test failed!

To configure my behavior, see the Flaky Bot documentation.

If I'm commenting on this issue too often, add the flakybot: quiet label and
I will stop commenting.

commit: 6fd700c
buildURL: Build Status, Sponge
status: failed

Test output

Timeout of 10000ms exceeded. For async tests and hooks, ensure "done()" is called; if returning a Promise, ensure it resolves. (/workspace/build/test/index.js)
Error: Timeout of 10000ms exceeded. For async tests and hooks, ensure "done()" is called; if returning a Promise, ensure it resolves. (/workspace/build/test/index.js)
    at listOnTimeout (internal/timers.js:554:17)
    at processTimers (internal/timers.js:497:7)

Warning: a recent release failed

The release PR #144 is still in a pending state after several hours

Warning: a recent release failed

The following release PRs may have failed:

#441 - The release job was triggered, but has not reported back success.

Synthesis failed for node-gtoken

Hello! Autosynth couldn't regenerate node-gtoken. 💔

Here's the output from running synth.py:

sk=IN_MODIFY, cookie=0, name=docs-devsite.sh>
DEBUG:watchdog.observers.inotify_buffer:in-event <InotifyEvent: src_path=b'./.kokoro/release/docs-devsite.sh', wd=29, mask=IN_ATTRIB, cookie=0, name=docs-devsite.sh>
DEBUG:watchdog.observers.inotify_buffer:in-event <InotifyEvent: src_path=b'./.kokoro/release/docs-devsite.sh', wd=29, mask=IN_ATTRIB, cookie=0, name=docs-devsite.sh>
DEBUG:watchdog.observers.inotify_buffer:in-event <InotifyEvent: src_path=b'./.kokoro/release/publish.cfg', wd=29, mask=IN_MODIFY, cookie=0, name=publish.cfg>
DEBUG:watchdog.observers.inotify_buffer:in-event <InotifyEvent: src_path=b'./.kokoro/release/publish.cfg', wd=29, mask=IN_MODIFY, cookie=0, name=publish.cfg>
DEBUG:watchdog.observers.inotify_buffer:in-event <InotifyEvent: src_path=b'./.kokoro/release/publish.cfg', wd=29, mask=IN_ATTRIB, cookie=0, name=publish.cfg>
DEBUG:watchdog.observers.inotify_buffer:in-event <InotifyEvent: src_path=b'./.kokoro/release/docs.cfg', wd=29, mask=IN_MODIFY, cookie=0, name=docs.cfg>
DEBUG:watchdog.observers.inotify_buffer:in-event <InotifyEvent: src_path=b'./.kokoro/release/docs.cfg', wd=29, mask=IN_ATTRIB, cookie=0, name=docs.cfg>
DEBUG:watchdog.observers.inotify_buffer:in-event <InotifyEvent: src_path=b'./.kokoro/continuous/node10/samples-test.cfg', wd=34, mask=IN_MODIFY, cookie=0, name=samples-test.cfg>
DEBUG:watchdog.observers.inotify_buffer:in-event <InotifyEvent: src_path=b'./.kokoro/continuous/node10/samples-test.cfg', wd=34, mask=IN_MODIFY, cookie=0, name=samples-test.cfg>
DEBUG:watchdog.observers.inotify_buffer:in-event <InotifyEvent: src_path=b'./.kokoro/continuous/node10/samples-test.cfg', wd=34, mask=IN_ATTRIB, cookie=0, name=samples-test.cfg>
DEBUG:watchdog.observers.inotify_buffer:in-event <InotifyEvent: src_path=b'./.kokoro/continuous/node10/lint.cfg', wd=34, mask=IN_MODIFY, cookie=0, name=lint.cfg>
DEBUG:watchdog.observers.inotify_buffer:in-event <InotifyEvent: src_path=b'./.kokoro/continuous/node10/lint.cfg', wd=34, mask=IN_MODIFY, cookie=0, name=lint.cfg>
DEBUG:watchdog.observers.inotify_buffer:in-event <InotifyEvent: src_path=b'./.kokoro/continuous/node10/lint.cfg', wd=34, mask=IN_ATTRIB, cookie=0, name=lint.cfg>
DEBUG:watchdog.observers.inotify_buffer:in-event <InotifyEvent: src_path=b'./.kokoro/continuous/node10/lint.cfg', wd=34, mask=IN_ATTRIB, cookie=0, name=lint.cfg>
DEBUG:watchdog.observers.inotify_buffer:in-event <InotifyEvent: src_path=b'./.kokoro/continuous/node10/test.cfg', wd=34, mask=IN_MODIFY, cookie=0, name=test.cfg>
DEBUG:watchdog.observers.inotify_buffer:in-event <InotifyEvent: src_path=b'./.kokoro/continuous/node10/test.cfg', wd=34, mask=IN_MODIFY, cookie=0, name=test.cfg>
DEBUG:watchdog.observers.inotify_buffer:in-event <InotifyEvent: src_path=b'./.kokoro/continuous/node10/test.cfg', wd=34, mask=IN_ATTRIB, cookie=0, name=test.cfg>
DEBUG:watchdog.observers.inotify_buffer:in-event <InotifyEvent: src_path=b'./.kokoro/continuous/node10/test.cfg', wd=34, mask=IN_ATTRIB, cookie=0, name=test.cfg>
DEBUG:watchdog.observers.inotify_buffer:in-event <InotifyEvent: src_path=b'./.kokoro/continuous/node10/common.cfg', wd=34, mask=IN_MODIFY, cookie=0, name=common.cfg>
DEBUG:watchdog.observers.inotify_buffer:in-event <InotifyEvent: src_path=b'./.kokoro/continuous/node10/common.cfg', wd=34, mask=IN_MODIFY, cookie=0, name=common.cfg>
DEBUG:watchdog.observers.inotify_buffer:in-event <InotifyEvent: src_path=b'./.kokoro/continuous/node10/common.cfg', wd=34, mask=IN_ATTRIB, cookie=0, name=common.cfg>
DEBUG:watchdog.observers.inotify_buffer:in-event <InotifyEvent: src_path=b'./.kokoro/continuous/node10/system-test.cfg', wd=34, mask=IN_MODIFY, cookie=0, name=system-test.cfg>
DEBUG:watchdog.observers.inotify_buffer:in-event <InotifyEvent: src_path=b'./.kokoro/continuous/node10/system-test.cfg', wd=34, mask=IN_MODIFY, cookie=0, name=system-test.cfg>
DEBUG:watchdog.observers.inotify_buffer:in-event <InotifyEvent: src_path=b'./.kokoro/continuous/node10/system-test.cfg', wd=34, mask=IN_ATTRIB, cookie=0, name=system-test.cfg>
DEBUG:watchdog.observers.inotify_buffer:in-event <InotifyEvent: src_path=b'./.kokoro/continuous/node10/docs.cfg', wd=34, mask=IN_MODIFY, cookie=0, name=docs.cfg>
DEBUG:watchdog.observers.inotify_buffer:in-event <InotifyEvent: src_path=b'./.kokoro/continuous/node10/docs.cfg', wd=34, mask=IN_MODIFY, cookie=0, name=docs.cfg>
DEBUG:watchdog.observers.inotify_buffer:in-event <InotifyEvent: src_path=b'./.kokoro/continuous/node10/docs.cfg', wd=34, mask=IN_ATTRIB, cookie=0, name=docs.cfg>
DEBUG:watchdog.observers.inotify_buffer:in-event <InotifyEvent: src_path=b'./.kokoro/continuous/node12/test.cfg', wd=36, mask=IN_MODIFY, cookie=0, name=test.cfg>
DEBUG:watchdog.observers.inotify_buffer:in-event <InotifyEvent: src_path=b'./.kokoro/continuous/node12/test.cfg', wd=36, mask=IN_ATTRIB, cookie=0, name=test.cfg>
DEBUG:watchdog.observers.inotify_buffer:in-event <InotifyEvent: src_path=b'./.kokoro/continuous/node12/common.cfg', wd=36, mask=IN_MODIFY, cookie=0, name=common.cfg>
DEBUG:watchdog.observers.inotify_buffer:in-event <InotifyEvent: src_path=b'./.kokoro/continuous/node12/common.cfg', wd=36, mask=IN_MODIFY, cookie=0, name=common.cfg>
2020-08-06 04:10:34,374 synthtool [DEBUG] > Installing dependencies...
DEBUG:synthtool:Installing dependencies...
DEBUG:watchdog.observers.inotify_buffer:in-event <InotifyEvent: src_path=b'./.kokoro/continuous/node12/common.cfg', wd=36, mask=IN_ATTRIB, cookie=0, name=common.cfg>
npm ERR! code E404
npm ERR! 404 Not Found - GET https://registry.npmjs.org/@compodoc%2fcompodoc - Not found
npm ERR! 404 
npm ERR! 404  '@compodoc/compodoc@^1.1.7' is not in the npm registry.
npm ERR! 404 You should bug the author to publish it (or use the name yourself!)
npm ERR! 404 It was specified as a dependency of 'node-gtoken'
npm ERR! 404 
npm ERR! 404 Note that you can also install from a
npm ERR! 404 tarball, folder, http url, or git url.

npm ERR! A complete log of this run can be found in:
npm ERR!     /home/kbuilder/.npm/_logs/2020-08-06T11_10_38_560Z-debug.log
2020-08-06 04:10:38,573 synthtool [ERROR] > Failed executing npm install:

None
ERROR:synthtool:Failed executing npm install:

None
2020-08-06 04:10:38,593 synthtool [DEBUG] > Wrote metadata to synth.metadata.
DEBUG:synthtool:Wrote metadata to synth.metadata.
Traceback (most recent call last):
  File "/home/kbuilder/.pyenv/versions/3.6.9/lib/python3.6/runpy.py", line 193, in _run_module_as_main
    "__main__", mod_spec)
  File "/home/kbuilder/.pyenv/versions/3.6.9/lib/python3.6/runpy.py", line 85, in _run_code
    exec(code, run_globals)
  File "/tmpfs/src/github/synthtool/synthtool/__main__.py", line 102, in <module>
    main()
  File "/tmpfs/src/github/synthtool/env/lib/python3.6/site-packages/click/core.py", line 829, in __call__
    return self.main(*args, **kwargs)
  File "/tmpfs/src/github/synthtool/env/lib/python3.6/site-packages/click/core.py", line 782, in main
    rv = self.invoke(ctx)
  File "/tmpfs/src/github/synthtool/env/lib/python3.6/site-packages/click/core.py", line 1066, in invoke
    return ctx.invoke(self.callback, **ctx.params)
  File "/tmpfs/src/github/synthtool/env/lib/python3.6/site-packages/click/core.py", line 610, in invoke
    return callback(*args, **kwargs)
  File "/tmpfs/src/github/synthtool/synthtool/__main__.py", line 94, in main
    spec.loader.exec_module(synth_module)  # type: ignore
  File "<frozen importlib._bootstrap_external>", line 678, in exec_module
  File "<frozen importlib._bootstrap>", line 219, in _call_with_frames_removed
  File "/home/kbuilder/.cache/synthtool/node-gtoken/synth.py", line 12, in <module>
    node.install()
  File "/tmpfs/src/github/synthtool/synthtool/languages/node.py", line 167, in install
    shell.run(["npm", "install"], hide_output=hide_output)
  File "/tmpfs/src/github/synthtool/synthtool/shell.py", line 39, in run
    raise exc
  File "/tmpfs/src/github/synthtool/synthtool/shell.py", line 33, in run
    encoding="utf-8",
  File "/home/kbuilder/.pyenv/versions/3.6.9/lib/python3.6/subprocess.py", line 438, in run
    output=stdout, stderr=stderr)
subprocess.CalledProcessError: Command '['npm', 'install']' returned non-zero exit status 1.
2020-08-06 04:10:38,641 autosynth [ERROR] > Synthesis failed
2020-08-06 04:10:38,642 autosynth [DEBUG] > Running: git reset --hard HEAD
HEAD is now at eb2f727 chore(node): fix kokoro build path for cloud-rad (#324)
2020-08-06 04:10:38,649 autosynth [DEBUG] > Running: git checkout autosynth
Switched to branch 'autosynth'
2020-08-06 04:10:38,654 autosynth [DEBUG] > Running: git clean -fdx
Removing __pycache__/
Traceback (most recent call last):
  File "/home/kbuilder/.pyenv/versions/3.6.9/lib/python3.6/runpy.py", line 193, in _run_module_as_main
    "__main__", mod_spec)
  File "/home/kbuilder/.pyenv/versions/3.6.9/lib/python3.6/runpy.py", line 85, in _run_code
    exec(code, run_globals)
  File "/tmpfs/src/github/synthtool/autosynth/synth.py", line 690, in <module>
    main()
  File "/tmpfs/src/github/synthtool/autosynth/synth.py", line 539, in main
    return _inner_main(temp_dir)
  File "/tmpfs/src/github/synthtool/autosynth/synth.py", line 670, in _inner_main
    commit_count = synthesize_loop(x, multiple_prs, change_pusher, synthesizer)
  File "/tmpfs/src/github/synthtool/autosynth/synth.py", line 375, in synthesize_loop
    has_changes = toolbox.synthesize_version_in_new_branch(synthesizer, youngest)
  File "/tmpfs/src/github/synthtool/autosynth/synth.py", line 273, in synthesize_version_in_new_branch
    synthesizer.synthesize(synth_log_path, self.environ)
  File "/tmpfs/src/github/synthtool/autosynth/synthesizer.py", line 120, in synthesize
    synth_proc.check_returncode()  # Raise an exception.
  File "/home/kbuilder/.pyenv/versions/3.6.9/lib/python3.6/subprocess.py", line 389, in check_returncode
    self.stderr)
subprocess.CalledProcessError: Command '['/tmpfs/src/github/synthtool/env/bin/python3', '-m', 'synthtool', '--metadata', 'synth.metadata', 'synth.py', '--']' returned non-zero exit status 1.

Google internal developers can see the full log here.

feat: consider moving eager refresh logic into gtoken from auth

@stephenplusplus suggested it might be worth considering moving eager refresh logic from the auth library into gtoken itself, let's investigate this at some point and see what a hassle it would be.

#229

DeprecationWarning: .data is not a valid RequestInit property, use .body instead

When using library with node-fetch I get following warning: [https://github.com/node-fetch/node-fetch/issues/1000 (request)] DeprecationWarning: .data is not a valid RequestInit property, use .body instead

node-gtoken/src/index.ts

Line 334 in c313d4c

data: {

It seems this.transporter.request if just wrapper over fetch and it passes request descriptor as is.

Drop dependency on request

Request is really bulky for such a tiny library, and we are trying to get rid of it from the entire stack of modules we use on Google Cloud Platform. We should replace it with another module that is lighter, and for bonus points, works transparently in the browser.

Action Required: Fix Renovate Configuration

There is an error with this repository's Renovate configuration that needs to be fixed. As a precaution, Renovate will stop PRs until it is resolved.

Error type: undefined. Note: this is a nested preset so please contact the preset author if you are unable to fix it yourself.

For v2.3.0 -> v2.3.1, the inclusion of gaxios was temporarily breaking.

For three days (Dec 11 - Dec 14), installing gtoken would install gaxios v1.0.3, which incorrectly returns JSON responses as a string, and not the parsed object (fixed in v1.0.4).

This broke google authentication for us until today. Just a heads up for anyone else that may be having authentication issues.

v2.3.3 breaks as dependency of google-auth-library 1.6.1

Environment details

OS: Google App Engine Flex (Debian 4.9.144-3.1)
Node.js version: 6.11.1
npm version: 3.10.10
gtoken version: 2.3.3

Steps to reproduce

npm install node app using google-auth-library 1.6.1, which has dependency "gtoken": "^2.3.0", which since March 13 2019 pulls in v2.3.3
call auth.JWT.authorize(callback) in node app
receive below error, resolvable by manually requiring gtoken 2.3.0

TypeError: URL is not a constructor, at Gaxios.validateOpts (/app/node_modules/gaxios/build/src/gaxios.js:126:27), at Gaxios.<anonymous (/app/node_modules/gaxios/build/src/gaxios.js:61:25), at next (native), at /app/node_modules/gaxios/build/src/gaxios.js:19:71, at __awaiter (/app/node_modules/gaxios/build/src/gaxios.js:15:12), at Gaxios.request (/app/node_modules/gaxios/build/src/gaxios.js:60:16), at Object. (/app/node_modules/gaxios/build/src/index.js:38:33), at next (native), at /app/node_modules/gaxios/build/src/index.js:19:71, at __awaiter (/app/node_modules/gaxios/build/src/index.js:15:12), at Object.request (/app/node_modules/gaxios/build/src/index.js:37:12), at GoogleToken. (/app/node_modules/gtoken/build/src/index.js:191:29), at next (native), at /app/node_modules/gtoken/build/src/index.js:13:71, at __awaiter (/app/node_modules/gtoken/build/src/index.js:9:12), at GoogleToken.requestToken (/app/node_modules/gtoken/build/src/index.js:179:16)], message=URL is not a constructor

Module not found: Error: Can't resolve './types/other'

Don't know if this is you guys, mime or me. Below is the error and the fix I applied.

ref: +-- [email protected]
-- [email protected]

WARNING in ./node_modules/gtoken/node_modules/Mime/index.js
There are multiple modules with names that only differ in casing.
This can lead to unexpected behavior when compiling on a filesystem with other case-semantic.
Use equal casing. Compare these module identifiers:

F:\app\bc\node_modules\gtoken\node_modules\Mime\index.js
Used by 2 module(s), i. e.
F:\app\bc\node_modules\gtoken\node_modules\mime\index.js
F:\app\bc\node_modules\gtoken\node_modules\mime\index.js
Used by 1 module(s), i. e.
F:\app\bc\node_modules\gtoken\build\src\index.js

ERROR in ./node_modules/gtoken/node_modules/Mime/index.js
Module not found: Error: Can't resolve './types/other' in 'F:\app\bc\node_modules\gtoken\node_modules\Mime'
ERROR in ./node_modules/gtoken/node_modules/mime/index.js
Module not found: Error: Can't resolve './types/other' in 'F:\app\bc\node_modules\gtoken\node_modules\mime'
ERROR in ./node_modules/gtoken/node_modules/Mime/index.js
Module not found: Error: Can't resolve './types/standard' in 'F:\app\bc\node_modules\gtoken\node_modules\Mime'
ERROR in ./node_modules/gtoken/node_modules/mime/index.js
Module not found: Error: Can't resolve './types/standard' in 'F:\app\bc\node_modules\gtoken\node_modules\mime'

Fix: add ".json" extension to json file reference in gtoken/node_modules/mime/index.js

was: module.exports = new Mime(require('./types/standard'), require('./types/other'));
fix applied: module.exports = new Mime(require('./types/standard.json'), require('./types/other.json'));

I know I shouldn't have to muck with it but it is what it is. Btw, I didn't attempt to modify the casing.

gtoken system tests: should acquire an access token failed

This test failed!

To configure my behavior, see the Flaky Bot documentation.

If I'm commenting on this issue too often, add the flakybot: quiet label and
I will stop commenting.

commit: 7a988db
buildURL: Build Status, Sponge
status: failed

Test output

invalid_grant: Invalid JWT Signature.
Error: invalid_grant: Invalid JWT Signature.
    at Gaxios._request (node_modules/gaxios/build/src/gaxios.js:130:23)
        -> /workspace/node_modules/gaxios/src/gaxios.ts:158:15
    at processTicksAndRejections (internal/process/task_queues.js:97:5)
    at async GoogleToken.requestToken (build/src/index.js:238:23)
        -> /workspace/src/index.ts:334:17
    at async GoogleToken.getTokenAsync (build/src/index.js:145:20)
        -> /workspace/src/index.ts:227:14
    at async Context. (build/system-test/system.js:18:23)
        -> /workspace/system-test/system.ts:18:19

Stop using buffer-equal-constant-time

I noticed you use buffer-equal-constant-time indirectly through jws and gtoken.
buffer-equal-constant-time is a legacy and unsupported package since 2017. (salesforce/buffer-equal-constant-time#6)
It causes some issues in combination with docker and some other environments.
I'd appreciate if you can consider switching it.
A solid alternative for jwt purposes is fast-jwt.

I'm willing to work on it.

Move away from /v4 token endpoint to https://oauth2.googleapis.com/token

Nit: we're trying to centralize the different token exchange endpoints to 'https://oauth2.googleapis.com/token', even though this is a mock, it might be good for new code to just show that one, unless you think it would be confusing to have different endpoints in the code if elsewhere you're using the one you have here.

CC: @silvolu
Refs: https://github.com/googleapis/google-auth-library-nodejs/pull/1207/files#r674094849

gtoken system tests: should acquire an id token failed

This test failed!

To configure my behavior, see the Flaky Bot documentation.

If I'm commenting on this issue too often, add the flakybot: quiet label and
I will stop commenting.

commit: 7a988db
buildURL: Build Status, Sponge
status: failed

Test output

invalid_grant: Invalid JWT Signature.
Error: invalid_grant: Invalid JWT Signature.
    at Gaxios._request (node_modules/gaxios/build/src/gaxios.js:130:23)
        -> /workspace/node_modules/gaxios/src/gaxios.ts:158:15
    at processTicksAndRejections (internal/process/task_queues.js:97:5)
    at async GoogleToken.requestToken (build/src/index.js:238:23)
        -> /workspace/src/index.ts:334:17
    at async GoogleToken.getTokenAsync (build/src/index.js:145:20)
        -> /workspace/src/index.ts:227:14
    at async Context. (build/system-test/system.js:29:23)
        -> /workspace/system-test/system.ts:30:19

.revokeToken(): should run accept config properties with async failed

This test failed!

To configure my behavior, see the Flaky Bot documentation.

If I'm commenting on this issue too often, add the flakybot: quiet label and
I will stop commenting.

commit: 6fd700c
buildURL: Build Status, Sponge
status: failed

Test output

request to https://accounts.google.com/o/oauth2/revoke?token=w00t failed, reason: Nock: No match for request {
  "method": "GET",
  "url": "https://accounts.google.com/o/oauth2/revoke",
  "headers": {
    "accept": [
      "application/json"
    ],
    "user-agent": [
      "node-fetch/1.0 (+https://github.com/bitinn/node-fetch)"
    ],
    "accept-encoding": [
      "gzip,deflate"
    ],
    "connection": [
      "close"
    ]
  }
}
FetchError: request to https://accounts.google.com/o/oauth2/revoke?token=w00t failed, reason: Nock: No match for request {
  "method": "GET",
  "url": "https://accounts.google.com/o/oauth2/revoke",
  "headers": {
    "accept": [
      "application/json"
    ],
    "user-agent": [
      "node-fetch/1.0 (+https://github.com/bitinn/node-fetch)"
    ],
    "accept-encoding": [
      "gzip,deflate"
    ],
    "connection": [
      "close"
    ]
  }
}
    at OverriddenClientRequest. (node_modules/node-fetch/lib/index.js:1494:11)
    at Socket. (node_modules/propagate/index.js:64:17)
    at /workspace/node_modules/nock/lib/socket.js:100:14
    at processTicksAndRejections (internal/process/task_queues.js:79:11)

Vulnerability of dependency node-forge

A dependency of node-gtoken, the node-forge package, has a vulnerability and that it is fixed in v0.10.0. The vulnerability is rated as high severity and is described in CVE-2020-7720.

node-forge is a dependency of node-token via the google-p12-pem package, which has released version 3.0.3 with the patched version of the package. Updating node-gtoken to use version 3.0.3 of google-p12-pem should remove the vulnerability.

feat: dedupe concurrent requests

Thanks for stopping by to let us know something could be better!

Is your feature request related to a problem? Please describe.

Multiple parallel processes on startup (or multiple parallel requests on token expiry) can lead to un-necessary duplicated requests to load fresh tokens.

Describe the solution you'd like

When forceRefresh is false it should dedupe requests. It may even make sense to dedupe requests when forceRefresh is true

Describe alternatives you've considered

This can be done outside of gtoken, but then you lose all the benefits of gtoken's builtin cache.

No plans to set a proxy setting?

I want to use your library under proxy environment. But I assume your code doesn't have proxy options currently. Do you have any plans to support proxy?
your request module's code

Dezalgo the callbacks

Feedback from PR #17

Latest version (v6) requires outdated `gaxios` (v4)

The latest (at this moment - v6.0) version of gtoken requires axios v4 -

    "gaxios": "^4.0.0",

while the latest of axios is v5. At the same time, the latest of google-auth-library already requires v5+.

We use both gtoken and google-auth-library in our project, and cannot bump to the latest of google-auth-library due to the gaxios version mismatch.

Please advise.

.revokeToken(): should run accept config properties failed

This test failed!

To configure my behavior, see the Flaky Bot documentation.

If I'm commenting on this issue too often, add the flakybot: quiet label and
I will stop commenting.

commit: 6fd700c
buildURL: Build Status, Sponge
status: failed

Test output

Timeout of 10000ms exceeded. For async tests and hooks, ensure "done()" is called; if returning a Promise, ensure it resolves. (/workspace/build/test/index.js)
Error: Timeout of 10000ms exceeded. For async tests and hooks, ensure "done()" is called; if returning a Promise, ensure it resolves. (/workspace/build/test/index.js)
    at listOnTimeout (internal/timers.js:554:17)
    at processTimers (internal/timers.js:497:7)

Better detection of keyfile type

From @yonah-codefresh:

We ran into a very perplexing issue.
Our code suddenly started throwing:
"Error: email is required."
Assuming we missed some api change we added an email configuration property and hit the following error:
"Error: error:0906D06C:PEM routines:PEM_read_bio:no start line"
That error led us to issue #261 after which I double checked our service key files which were fine.
Long story short, our key file did not have a suffix of .json so it was apparently parsed as a PEM file.
I suggest either better parsing heuristics or else an explicit error if the key file name doesn't end in .json, .pem, or .p12

googleapis/google-cloud-node#1021 (comment)

Warning: a recent release failed

The following release PRs may have failed:

#378

Consider supporting Async/Promise APIs with 2.0.0

Since we're doing a version bump, it's worth considering adding promise/async support to the API.

Can return tokens that will expire before the request is successfully sent

Because new tokens are not fetched until the old one has expired, it is possible to have some requests fail when they happen right in the moment when a token expires. I suggest we allow a leeway of 60 seconds for the actual request to be prepared, sent and authenticated. Given that the tokens are valid for 60 minutes, we will still be making use of the vast majority of the time that a token is valid for.

4.1.2 breaks our build with " error TS1086: An accessor cannot be declared in an ambient context."

We do not use gtoken directly and this started happening just after 4.1.2 rolled out. It seems to be a very similar issue we reported here for google-gax.

.../node_modules/gtoken/build/src/index.d.ts:32:9 - error TS1086: An accessor cannot be declared in an ambient context.

32     get accessToken(): string | undefined;
           ~~~~~~~~~~~

.../node_modules/gtoken/build/src/index.d.ts:33:9 - error TS1086: An accessor cannot be declared in an ambient context.

33     get idToken(): string | undefined;
           ~~~~~~~

.../node_modules/gtoken/build/src/index.d.ts:34:9 - error TS1086: An accessor cannot be declared in an ambient context.

34     get tokenType(): string | undefined;
           ~~~~~~~~~

.../node_modules/gtoken/build/src/index.d.ts:35:9 - error TS1086: An accessor cannot be declared in an ambient context.

35     get refreshToken(): string | undefined;
           ~~~~~~~~~~~~

Our environment:

$ node --version
v10.16.2
$ yarn --version
1.17.3
$ tsc --version
Version 3.5.3

Workaround:
In package.json add:

"resolutions": {
    "gtoken": "4.1.1"
  }

Warning: a recent release failed

The following release PRs may have failed:

#378

Synthesis failed for node-gtoken

Hello! Autosynth couldn't regenerate node-gtoken. 💔

Here's the output from running synth.py:

2020-05-15 10:27:02,252 autosynth [INFO] > logs will be written to: /usr/local/google/home/rennie/gitrepos/synthtool/logs/googleapis/node-gtoken
2020-05-15 10:27:03,408 autosynth [DEBUG] > Running: git config --global core.excludesfile /usr/local/google/home/rennie/.autosynth-gitignore
2020-05-15 10:27:03,413 autosynth [DEBUG] > Running: git config user.name Jeffrey Rennie
2020-05-15 10:27:03,418 autosynth [DEBUG] > Running: git config user.email [email protected]
2020-05-15 10:27:03,424 autosynth [DEBUG] > Running: git config push.default simple
2020-05-15 10:27:03,430 autosynth [DEBUG] > Running: git branch -f autosynth
2020-05-15 10:27:03,437 autosynth [DEBUG] > Running: git checkout autosynth
Switched to branch 'autosynth'
2020-05-15 10:27:03,785 autosynth [DEBUG] > Running: git rev-parse --show-toplevel
2020-05-15 10:27:03,795 autosynth [DEBUG] > Running: git log -1 --pretty=%H
2020-05-15 10:27:03,804 autosynth [DEBUG] > Running: git remote get-url origin
2020-05-15 10:27:04,293 autosynth [DEBUG] > Running: git log be74d3e532faa47eb59f1a0eaebde0860d1d8ab4..HEAD --pretty=%H --no-decorate
2020-05-15 10:27:04,303 autosynth [DEBUG] > Running: git log -1 --pretty=%at be74d3e532faa47eb59f1a0eaebde0860d1d8ab4
2020-05-15 10:27:04,309 autosynth [DEBUG] > Running: git log -1 --pretty=%at 4674113712c0c7ada19e6a8219d7963ff174b392
2020-05-15 10:27:04,315 autosynth [DEBUG] > Running: git log -1 --pretty=%at 5bbfd095faedfe273819d266f21e402192a29041
2020-05-15 10:27:04,322 autosynth [DEBUG] > Running: git log -1 --pretty=%at 4fa923bd3dafb91df8613accbe2230299cc5b98e
2020-05-15 10:27:04,329 autosynth [DEBUG] > Running: git log -1 --pretty=%at 55cdc844877d97139f25004229842624a6a86a02
2020-05-15 10:27:04,337 autosynth [DEBUG] > Running: git log -1 --pretty=%at 98c50772ec23295c64cf0d2ddf199ea52961fd4c
2020-05-15 10:27:04,344 autosynth [DEBUG] > Running: git log -1 --pretty=%at ba909fca409f6b38eae0fa735614e127d1fc0deb
2020-05-15 10:27:04,350 autosynth [DEBUG] > Running: git log -1 --pretty=%at 7482e79a82e353248769d819788adc1213e8c207
2020-05-15 10:27:04,355 autosynth [DEBUG] > Running: git log -1 --pretty=%at a7759f81c25396207d46532ed389ad4d34879857
2020-05-15 10:27:04,362 autosynth [DEBUG] > Running: git log -1 --pretty=%at 5b48b0716a36ca069db3038da7e205c87a22ed19
2020-05-15 10:27:04,369 autosynth [DEBUG] > Running: git log -1 --pretty=%at c585ac3b5eff5cd2097a5315ffd9cf4823cc1ed2
2020-05-15 10:27:04,376 autosynth [DEBUG] > Running: git log -1 --pretty=%at b0461724be19443075b08c10d4a345cb217002b5
2020-05-15 10:27:04,383 autosynth [DEBUG] > Running: git log -1 --pretty=%at 84c4156c49be9dcabacc8fd7b0585b6fd789ae47
2020-05-15 10:27:04,389 autosynth [DEBUG] > Running: git log -1 --pretty=%at f503622985e230a6792730bbc3b7746c11fce09e
2020-05-15 10:27:04,396 autosynth [DEBUG] > Running: git log -1 --pretty=%at 3d2a7d0e21387ed455c966da9f9897b0a4bc5bb8
2020-05-15 10:27:04,402 autosynth [DEBUG] > Running: git log -1 --pretty=%at 7b7f386b393947a542b87707499f4458136f4f61
2020-05-15 10:27:04,409 autosynth [DEBUG] > Running: git log -1 --pretty=%at f395615039665af6599f69305efcd886685e74f9
2020-05-15 10:27:04,416 autosynth [DEBUG] > Running: git log -1 --pretty=%at b6bdd4783f396f9252ce28af43f7215834a55c3c
2020-05-15 10:27:04,422 autosynth [DEBUG] > Running: git log -1 --pretty=%at 3593e3a995510c0570648d9a48fc756ab2bfc2cb
2020-05-15 10:27:04,429 autosynth [DEBUG] > Running: git log -1 --pretty=%at cb3433f7f554ea751584bdd3631d45ec56a32eb5
2020-05-15 10:27:04,437 autosynth [DEBUG] > Running: git checkout 60c1b3517de08fa7e38db47f0dc6261241a46125
Note: switching to '60c1b3517de08fa7e38db47f0dc6261241a46125'.

You are in 'detached HEAD' state. You can look around, make experimental
changes and commit them, and you can discard any commits you make in this
state without impacting any branches by switching back to a branch.

If you want to create a new branch to retain commits you create, you may
do so (now or later) by using -c with the switch command. Example:

  git switch -c <new-branch-name>

Or undo this operation with:

  git switch -

Turn off this advice by setting config variable advice.detachedHead to false

HEAD is now at 60c1b35 chore(deps): update dependency js-green-licenses to v2 (#302)
2020-05-15 10:27:04,446 autosynth [DEBUG] > Running: git checkout cb3433f7f554ea751584bdd3631d45ec56a32eb5
Note: switching to 'cb3433f7f554ea751584bdd3631d45ec56a32eb5'.

You are in 'detached HEAD' state. You can look around, make experimental
changes and commit them, and you can discard any commits you make in this
state without impacting any branches by switching back to a branch.

If you want to create a new branch to retain commits you create, you may
do so (now or later) by using -c with the switch command. Example:

  git switch -c <new-branch-name>

Or undo this operation with:

  git switch -

Turn off this advice by setting config variable advice.detachedHead to false

HEAD is now at cb3433f fix: uses http for links to internal logs (#556)
2020-05-15 10:27:04,456 autosynth [DEBUG] > Running: git branch -f autosynth-20
2020-05-15 10:27:04,463 autosynth [DEBUG] > Running: git checkout autosynth-20
Switched to branch 'autosynth-20'
2020-05-15 10:27:04,471 autosynth [INFO] > Running synthtool
2020-05-15 10:27:04,472 autosynth [INFO] > ['/usr/local/google/home/rennie/env3.6/bin/python', '-m', 'synthtool', '--metadata', 'synth.metadata', 'synth.py', '--']
2020-05-15 10:27:04,474 autosynth [DEBUG] > Running: /usr/local/google/home/rennie/env3.6/bin/python -m synthtool --metadata synth.metadata synth.py --
/usr/local/google/home/rennie/env3.6/bin/python: No module named synthtool
2020-05-15 10:27:04,507 autosynth [ERROR] > Synthesis failed
2020-05-15 10:27:04,507 autosynth [DEBUG] > Running: git reset --hard HEAD
HEAD is now at 60c1b35 chore(deps): update dependency js-green-licenses to v2 (#302)
2020-05-15 10:27:04,515 autosynth [DEBUG] > Running: git checkout autosynth
Switched to branch 'autosynth'
2020-05-15 10:27:04,523 autosynth [DEBUG] > Running: git clean -fdx
Traceback (most recent call last):
  File "/usr/local/lib/python3.6/runpy.py", line 193, in _run_module_as_main
    "__main__", mod_spec)
  File "/usr/local/lib/python3.6/runpy.py", line 85, in _run_code
    exec(code, run_globals)
  File "/usr/local/google/home/rennie/gitrepos/synthtool/autosynth/synth.py", line 612, in <module>
    main()
  File "/usr/local/google/home/rennie/gitrepos/synthtool/autosynth/synth.py", line 473, in main
    return _inner_main(temp_dir)
  File "/usr/local/google/home/rennie/gitrepos/synthtool/autosynth/synth.py", line 592, in _inner_main
    commit_count = synthesize_loop(x, multiple_prs, change_pusher, synthesizer)
  File "/usr/local/google/home/rennie/gitrepos/synthtool/autosynth/synth.py", line 368, in synthesize_loop
    synthesize_inner_loop(toolbox, synthesizer)
  File "/usr/local/google/home/rennie/gitrepos/synthtool/autosynth/synth.py", line 378, in synthesize_inner_loop
    synthesizer, len(toolbox.versions) - 1
  File "/usr/local/google/home/rennie/gitrepos/synthtool/autosynth/synth.py", line 266, in synthesize_version_in_new_branch
    synthesizer.synthesize(synth_log_path, self.environ)
  File "/usr/local/google/home/rennie/gitrepos/synthtool/autosynth/synthesizer.py", line 119, in synthesize
    synth_proc.check_returncode()  # Raise an exception.
  File "/usr/local/lib/python3.6/subprocess.py", line 389, in check_returncode
    self.stderr)
subprocess.CalledProcessError: Command '['/usr/local/google/home/rennie/env3.6/bin/python', '-m', 'synthtool', '--metadata', 'synth.metadata', 'synth.py', '--']' returned non-zero exit status 1.

Google internal developers can see the full log here.

Cloning into 'working_repo'...
Switched to branch 'autosynth'
Traceback (most recent call last):
  File "/home/kbuilder/.pyenv/versions/3.6.1/lib/python3.6/runpy.py", line 193, in _run_module_as_main
    "__main__", mod_spec)
  File "/home/kbuilder/.pyenv/versions/3.6.1/lib/python3.6/runpy.py", line 85, in _run_code
    exec(code, run_globals)
  File "/tmpfs/src/git/autosynth/autosynth/synth.py", line 256, in <module>
    main()
  File "/tmpfs/src/git/autosynth/autosynth/synth.py", line 196, in main
    last_synth_commit_hash = get_last_metadata_commit(args.metadata_path)
  File "/tmpfs/src/git/autosynth/autosynth/synth.py", line 149, in get_last_metadata_commit
    text=True,
  File "/home/kbuilder/.pyenv/versions/3.6.1/lib/python3.6/subprocess.py", line 403, in run
    with Popen(*popenargs, **kwargs) as process:
TypeError: __init__() got an unexpected keyword argument 'text'

Google internal developers can see the full log here.

Synthesis failed for node-gtoken

Hello! Autosynth couldn't regenerate node-gtoken. 💔

Here's the output from running synth.py:

s with dots (#896)
2021-01-07 01:54:28,490 autosynth [DEBUG] > Running: git branch -f autosynth-9
2021-01-07 01:54:28,493 autosynth [DEBUG] > Running: git checkout autosynth-9
Switched to branch 'autosynth-9'
2021-01-07 01:54:28,499 autosynth [INFO] > Running synthtool
2021-01-07 01:54:28,499 autosynth [INFO] > ['/tmpfs/src/github/synthtool/env/bin/python3', '-m', 'synthtool', '--metadata', 'synth.metadata', 'synth.py', '--']
2021-01-07 01:54:28,499 autosynth [DEBUG] > log_file_path: /tmpfs/src/logs/node-gtoken/9/sponge_log.log
2021-01-07 01:54:28,501 autosynth [DEBUG] > Running: /tmpfs/src/github/synthtool/env/bin/python3 -m synthtool --metadata synth.metadata synth.py --
2021-01-07 01:54:28,730 synthtool [DEBUG] > Executing /home/kbuilder/.cache/synthtool/node-gtoken/synth.py.
On branch autosynth-9
nothing to commit, working tree clean
2021-01-07 01:54:28,865 synthtool [DEBUG] > Using precloned repo /home/kbuilder/.cache/synthtool/synthtool
DEBUG:synthtool:Using precloned repo /home/kbuilder/.cache/synthtool/synthtool
.eslintignore
.eslintrc.json
.gitattributes
.github/ISSUE_TEMPLATE/bug_report.md
.github/ISSUE_TEMPLATE/feature_request.md
.github/ISSUE_TEMPLATE/support_request.md
.github/PULL_REQUEST_TEMPLATE.md
.github/release-please.yml
.github/workflows/ci.yaml
.kokoro/.gitattributes
.kokoro/common.cfg
.kokoro/continuous/node10/common.cfg
.kokoro/continuous/node10/docs.cfg
.kokoro/continuous/node10/test.cfg
.kokoro/continuous/node12/common.cfg
.kokoro/continuous/node12/lint.cfg
.kokoro/continuous/node12/samples-test.cfg
.kokoro/continuous/node12/system-test.cfg
.kokoro/continuous/node12/test.cfg
.kokoro/docs.sh
.kokoro/lint.sh
.kokoro/populate-secrets.sh
.kokoro/presubmit/node10/common.cfg
.kokoro/presubmit/node12/common.cfg
.kokoro/presubmit/node12/samples-test.cfg
.kokoro/presubmit/node12/system-test.cfg
.kokoro/presubmit/node12/test.cfg
.kokoro/publish.sh
.kokoro/release/docs-devsite.cfg
.kokoro/release/docs-devsite.sh
.kokoro/release/docs.cfg
.kokoro/release/docs.sh
.kokoro/release/publish.cfg
.kokoro/samples-test.sh
.kokoro/system-test.sh
.kokoro/test.bat
.kokoro/test.sh
.kokoro/trampoline.sh
.kokoro/trampoline_v2.sh
.mocharc.js
.nycrc
.prettierignore
.prettierrc.js
.trampolinerc
CODE_OF_CONDUCT.md
CONTRIBUTING.md
LICENSE
README.md
api-extractor.json
renovate.json
Skipping: samples/README.md
2021-01-07 01:54:28,986 synthtool [DEBUG] > Installing dependencies...
DEBUG:synthtool:Installing dependencies...
npm WARN deprecated [email protected]: NOTICE: ts-simple-ast has been renamed to ts-morph and version reset to 1.0.0. Switch at your leisure...
npm WARN deprecated [email protected]: Debug versions >=3.2.0 <3.2.7 || >=4 <4.3.1 have a low-severity ReDos regression when used in a Node.js environment. It is recommended you upgrade to 3.2.7 or 4.3.1. (https://github.com/visionmedia/debug/issues/797)
npm WARN deprecated [email protected]: Use cheerio-select instead
npm WARN deprecated [email protected]: Chokidar 2 will break on node v14+. Upgrade to chokidar 3 with 15x less dependencies.
npm WARN deprecated [email protected]: The package has been renamed to `open`
npm WARN deprecated [email protected]: "Please update to latest v2.3 or v2.2"
npm WARN deprecated [email protected]: fsevents 1 will break on node v14+ and could be using insecure binaries. Upgrade to fsevents 2.
npm WARN deprecated [email protected]: core-js@<3 is no longer maintained and not recommended for usage due to the number of issues. Please, upgrade your dependencies to the actual version of core-js@3.
npm WARN deprecated [email protected]: Please see https://github.com/lydell/urix#deprecated
npm WARN deprecated [email protected]: https://github.com/lydell/resolve-url#deprecated

> [email protected] postinstall /home/kbuilder/.cache/synthtool/node-gtoken/node_modules/core-js
> node -e "try{require('./postinstall')}catch(e){}"


> @compodoc/[email protected] postinstall /home/kbuilder/.cache/synthtool/node-gtoken/node_modules/@compodoc/compodoc
> opencollective-postinstall || exit 0

�[96m�[1mThank you for using @compodoc/compodoc!�[96m�[1m
�[0m�[96mIf you rely on this package, please consider supporting our open collective:�[22m�[39m
> �[94mhttps://opencollective.com/compodoc/donate�[0m


> [email protected] prepare /home/kbuilder/.cache/synthtool/node-gtoken
> npm run compile


> [email protected] precompile /home/kbuilder/.cache/synthtool/node-gtoken
> gts clean

/home/kbuilder/.cache/synthtool/node-gtoken/node_modules/meow/index.js:61
		throw new Error(`Flag keys may not contain '-': ${invalidFlags.join(', ')}`);
		^

Error: Flag keys may not contain '-': dry-run
    at validateOptions (/home/kbuilder/.cache/synthtool/node-gtoken/node_modules/meow/index.js:61:9)
    at meow (/home/kbuilder/.cache/synthtool/node-gtoken/node_modules/meow/index.js:136:2)
    at Object.<anonymous> (/home/kbuilder/.cache/synthtool/node-gtoken/node_modules/gts/build/src/cli.js:30:13)
    at Module._compile (internal/modules/cjs/loader.js:1063:30)
    at Object.Module._extensions..js (internal/modules/cjs/loader.js:1092:10)
    at Module.load (internal/modules/cjs/loader.js:928:32)
    at Function.Module._load (internal/modules/cjs/loader.js:769:14)
    at Function.executeUserEntryPoint [as runMain] (internal/modules/run_main.js:72:12)
    at internal/main/run_main_module.js:17:47
npm ERR! code ELIFECYCLE
npm ERR! errno 1
npm ERR! [email protected] precompile: `gts clean`
npm ERR! Exit status 1
npm ERR! 
npm ERR! Failed at the [email protected] precompile script.
npm ERR! This is probably not a problem with npm. There is likely additional logging output above.

npm ERR! A complete log of this run can be found in:
npm ERR!     /home/kbuilder/.npm/_logs/2021-01-07T09_54_49_350Z-debug.log
npm ERR! code ELIFECYCLE
npm ERR! errno 1
npm ERR! [email protected] prepare: `npm run compile`
npm ERR! Exit status 1
npm ERR! 
npm ERR! Failed at the [email protected] prepare script.
npm ERR! This is probably not a problem with npm. There is likely additional logging output above.

npm ERR! A complete log of this run can be found in:
npm ERR!     /home/kbuilder/.npm/_logs/2021-01-07T09_54_49_413Z-debug.log
2021-01-07 01:54:49,546 synthtool [ERROR] > Failed executing npm install:

None
ERROR:synthtool:Failed executing npm install:

None
Traceback (most recent call last):
  File "/home/kbuilder/.pyenv/versions/3.6.9/lib/python3.6/runpy.py", line 193, in _run_module_as_main
    "__main__", mod_spec)
  File "/home/kbuilder/.pyenv/versions/3.6.9/lib/python3.6/runpy.py", line 85, in _run_code
    exec(code, run_globals)
  File "/tmpfs/src/github/synthtool/synthtool/__main__.py", line 102, in <module>
    main()
  File "/tmpfs/src/github/synthtool/env/lib/python3.6/site-packages/click/core.py", line 829, in __call__
    return self.main(*args, **kwargs)
  File "/tmpfs/src/github/synthtool/env/lib/python3.6/site-packages/click/core.py", line 782, in main
    rv = self.invoke(ctx)
  File "/tmpfs/src/github/synthtool/env/lib/python3.6/site-packages/click/core.py", line 1066, in invoke
    return ctx.invoke(self.callback, **ctx.params)
  File "/tmpfs/src/github/synthtool/env/lib/python3.6/site-packages/click/core.py", line 610, in invoke
    return callback(*args, **kwargs)
  File "/tmpfs/src/github/synthtool/synthtool/__main__.py", line 94, in main
    spec.loader.exec_module(synth_module)  # type: ignore
  File "<frozen importlib._bootstrap_external>", line 678, in exec_module
  File "<frozen importlib._bootstrap>", line 219, in _call_with_frames_removed
  File "/home/kbuilder/.cache/synthtool/node-gtoken/synth.py", line 12, in <module>
    node.install()
  File "/tmpfs/src/github/synthtool/synthtool/languages/node.py", line 167, in install
    shell.run(["npm", "install"], hide_output=hide_output)
  File "/tmpfs/src/github/synthtool/synthtool/shell.py", line 39, in run
    raise exc
  File "/tmpfs/src/github/synthtool/synthtool/shell.py", line 33, in run
    encoding="utf-8",
  File "/home/kbuilder/.pyenv/versions/3.6.9/lib/python3.6/subprocess.py", line 438, in run
    output=stdout, stderr=stderr)
subprocess.CalledProcessError: Command '['npm', 'install']' returned non-zero exit status 1.
2021-01-07 01:54:49,592 autosynth [ERROR] > Synthesis failed
2021-01-07 01:54:49,592 autosynth [DEBUG] > Running: git reset --hard HEAD
HEAD is now at fc6a204 docs: add instructions for authenticating for system tests (#354)
2021-01-07 01:54:49,600 autosynth [DEBUG] > Running: git checkout autosynth
Switched to branch 'autosynth'
2021-01-07 01:54:49,605 autosynth [DEBUG] > Running: git clean -fdx
Removing __pycache__/
Removing node_modules/
Traceback (most recent call last):
  File "/home/kbuilder/.pyenv/versions/3.6.9/lib/python3.6/runpy.py", line 193, in _run_module_as_main
    "__main__", mod_spec)
  File "/home/kbuilder/.pyenv/versions/3.6.9/lib/python3.6/runpy.py", line 85, in _run_code
    exec(code, run_globals)
  File "/tmpfs/src/github/synthtool/autosynth/synth.py", line 354, in <module>
    main()
  File "/tmpfs/src/github/synthtool/autosynth/synth.py", line 189, in main
    return _inner_main(temp_dir)
  File "/tmpfs/src/github/synthtool/autosynth/synth.py", line 334, in _inner_main
    commit_count = synthesize_loop(x, multiple_prs, change_pusher, synthesizer)
  File "/tmpfs/src/github/synthtool/autosynth/synth.py", line 65, in synthesize_loop
    has_changes = toolbox.synthesize_version_in_new_branch(synthesizer, youngest)
  File "/tmpfs/src/github/synthtool/autosynth/synth_toolbox.py", line 259, in synthesize_version_in_new_branch
    synthesizer.synthesize(synth_log_path, self.environ)
  File "/tmpfs/src/github/synthtool/autosynth/synthesizer.py", line 120, in synthesize
    synth_proc.check_returncode()  # Raise an exception.
  File "/home/kbuilder/.pyenv/versions/3.6.9/lib/python3.6/subprocess.py", line 389, in check_returncode
    self.stderr)
subprocess.CalledProcessError: Command '['/tmpfs/src/github/synthtool/env/bin/python3', '-m', 'synthtool', '--metadata', 'synth.metadata', 'synth.py', '--']' returned non-zero exit status 1.

Google internal developers can see the full log here.

googleapis / node-gtoken Goto Github PK

node-gtoken's Introduction

Installation

Usage

Use with a .pem or .json key file:

Use with a service account .json key file:

Pass the private key as a string directly:

Options

.getToken(callback)

.getCredentials('path/to/key.json')

Properties

.hasExpired()

.revokeToken()

Downloading your private .json key from Google

Converting your .p12 key to a .pem key

License

node-gtoken's People

Contributors

Stargazers

Watchers

Forkers

node-gtoken's Issues

Environment details

Steps to reproduce

Environment details

Steps to reproduce

In more detail

Workaround 🤓

Need help?

Environment details

Steps to reproduce

Recommend Projects

Recommend Topics

Recommend Org

Jobs

Use with a `.pem` or `.json` key file:

Use with a service account `.json` key file:

Downloading your private `.json` key from Google

Converting your `.p12` key to a `.pem` key