The configuration object.
The quota project ID. The quota project can be used by client libraries for the billing purpose. See Working with quotas
Generates an OpenID Connect ID token for a service account.
the audience for the fetched ID token.
the for the request
an OpenID Connect ID token
Generates URL for consent page landing.
Options.
URL to consent page.
Convenience method to automatically generate a code_verifier, and its resulting SHA256. If used, this must be paired with a S256 code_challenge_method.
Get a non-expired access token, after refreshing if necessary
Gets federated sign-on certificates to use for verifying identity tokens. Returns certs as array structure, where keys are key ids, and values are certificates in either PEM or JWK format.
Gets federated sign-on certificates to use for verifying identity tokens. Returns certs as array structure, where keys are key ids, and values are certificates in either PEM or JWK format.
The main authentication interface. It takes an optional url which when present is the endpoint being accessed, and returns a Promise which resolves with authorization header fields.
In OAuth2Client, the result has the form:
{ Authorization: 'Bearer
The optional url being authorized
Gets the access token for the given code.
The authorization code.
Obtains information about the provisioned access token. Especially useful if you want to check the scopes that were provisioned to a given token.
Required. The Access Token for which you want to get user info.
Subscribes a listener to the tokens event triggered when a token is generated.
Retrieves the access token using refresh token
Provides a request implementation with OAuth 2.0 flow. If credentials have a refresh_token, in cases of HTTP 401 and 403 responses, it automatically asks for a new access token and replays the unsuccessful request.
Request options.
Request object
Revokes access token and clears the credentials object
Revokes the access given to token.
The existing token to be revoked.
Sets the auth credentials.
Verify id token is token by checking the certs and audience
that contains all options.
Verify the id token is signed with the correct certificate and is from the correct audience.
The jwt to verify (The ID Token in this case).
The array of certs to test the jwt against.
The audience to test the jwt against.
The allowed issuers of the jwt (Optional).
The max expiry the certificate can be (Optional).
Returns a promise resolving to LoginTicket on verification.
Generates an URL to revoke the given token.
The existing token to be revoked.
Impersonated service account credentials.
Create a new access token by impersonating another service account.
Impersonated Credentials allowing credentials issued to a user or service account to impersonate another. The source project using Impersonated Credentials must enable the "IAMCredentials" API. Also, the target service account must grant the orginating principal the "Service Account Token Creator" IAM role.