UNPKG

firebase-admin/lib/utils/crypto-signer.d.ts

Version:

4.29 kBTypeScriptView Raw

1/*! firebase-admin v10.0.0 */
2/*!
* @license
* Copyright 2021 Google Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
*   http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
18/// <reference types="node" />
19import { App } from '../app';
20import { ServiceAccountCredential } from '../app/credential-internal';
21import { AuthorizedHttpClient } from './api-request';
22import { Algorithm } from 'jsonwebtoken';
23import { ErrorInfo } from '../utils/error';
24/**
* CryptoSigner interface represents an object that can be used to sign JWTs.
*/
27export interface CryptoSigner {
  /**
   * The name of the signing algorithm.
   */
  readonly algorithm: Algorithm;
  /**
   * Cryptographically signs a buffer of data.
   *
   * @param buffer - The data to be signed.
   * @returns A promise that resolves with the raw bytes of a signature.
   */
  sign(buffer: Buffer): Promise<Buffer>;
  /**
   * Returns the ID of the service account used to sign tokens.
   *
   * @returns A promise that resolves with a service account ID.
   */
  getAccountId(): Promise<string>;
45}
46/**
* A CryptoSigner implementation that uses an explicitly specified service account private key to
* sign data. Performs all operations locally, and does not make any RPC calls.
*/
50export declare class ServiceAccountSigner implements CryptoSigner {
  private readonly credential;
  algorithm: Algorithm;
  /**
   * Creates a new CryptoSigner instance from the given service account credential.
   *
   * @param credential - A service account credential.
   */
  constructor(credential: ServiceAccountCredential);
  /**
   * @inheritDoc
   */
  sign(buffer: Buffer): Promise<Buffer>;
  /**
   * @inheritDoc
   */
  getAccountId(): Promise<string>;
67}
68/**
* A CryptoSigner implementation that uses the remote IAM service to sign data. If initialized without
* a service account ID, attempts to discover a service account ID by consulting the local Metadata
* service. This will succeed in managed environments like Google Cloud Functions and App Engine.
*
* @see https://cloud.google.com/iam/reference/rest/v1/projects.serviceAccounts/signBlob
* @see https://cloud.google.com/compute/docs/storing-retrieving-metadata
*/
76export declare class IAMSigner implements CryptoSigner {
  algorithm: Algorithm;
  private readonly httpClient;
  private serviceAccountId?;
  constructor(httpClient: AuthorizedHttpClient, serviceAccountId?: string);
  /**
   * @inheritDoc
   */
  sign(buffer: Buffer): Promise<Buffer>;
  /**
   * @inheritDoc
   */
  getAccountId(): Promise<string>;
89}
90/**
* Creates a new CryptoSigner instance for the given app. If the app has been initialized with a
* service account credential, creates a ServiceAccountSigner.
*
* @param app - A FirebaseApp instance.
* @returns A CryptoSigner instance.
*/
97export declare function cryptoSignerFromApp(app: App): CryptoSigner;
98/**
* Defines extended error info type. This includes a code, message string, and error data.
*/
101export interface ExtendedErrorInfo extends ErrorInfo {
  cause?: Error;
103}
104/**
* CryptoSigner error code structure.
*
* @param errorInfo - The error information (code and message).
* @constructor
*/
110export declare class CryptoSignerError extends Error {
  private errorInfo;
  constructor(errorInfo: ExtendedErrorInfo);
  /** @returns The error code. */
  get code(): string;
  /** @returns The error message. */
  get message(): string;
  /** @returns The error data. */
  get cause(): Error | undefined;
119}
120/**
* Crypto Signer error codes and their default messages.
*/
123export declare class CryptoSignerErrorCode {
  static INVALID_ARGUMENT: string;
  static INTERNAL_ERROR: string;
  static INVALID_CREDENTIAL: string;
  static SERVER_ERROR: string;
128}

1	`/! firebase-admin v10.0.0 /`
2	`/*!`
3	`* @license`
4	`* Copyright 2021 Google Inc.`
5	`*`
6	`* Licensed under the Apache License, Version 2.0 (the "License");`
7	`* you may not use this file except in compliance with the License.`
8	`* You may obtain a copy of the License at`
9	`*`
10	`* http://www.apache.org/licenses/LICENSE-2.0`
11	`*`
12	`* Unless required by applicable law or agreed to in writing, software`
13	`* distributed under the License is distributed on an "AS IS" BASIS,`
14	`* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
15	`* See the License for the specific language governing permissions and`
16	`* limitations under the License.`
17	`*/`
18	`/// <reference types="node" />`
19	`import { App } from '../app';`
20	`import { ServiceAccountCredential } from '../app/credential-internal';`
21	`import { AuthorizedHttpClient } from './api-request';`
22	`import { Algorithm } from 'jsonwebtoken';`
23	`import { ErrorInfo } from '../utils/error';`
24	`/**`
25	`* CryptoSigner interface represents an object that can be used to sign JWTs.`
26	`*/`
27	`export interface CryptoSigner {`
28	`/**`
29	`* The name of the signing algorithm.`
30	`*/`
31	`readonly algorithm: Algorithm;`
32	`/**`
33	`* Cryptographically signs a buffer of data.`
34	`*`
35	`* @param buffer - The data to be signed.`
36	`* @returns A promise that resolves with the raw bytes of a signature.`
37	`*/`
38	`sign(buffer: Buffer): Promise<Buffer>;`
39	`/**`
40	`* Returns the ID of the service account used to sign tokens.`
41	`*`
42	`* @returns A promise that resolves with a service account ID.`
43	`*/`
44	`getAccountId(): Promise<string>;`
45	`}`
46	`/**`
47	`* A CryptoSigner implementation that uses an explicitly specified service account private key to`
48	`* sign data. Performs all operations locally, and does not make any RPC calls.`
49	`*/`
50	`export declare class ServiceAccountSigner implements CryptoSigner {`
51	`private readonly credential;`
52	`algorithm: Algorithm;`
53	`/**`
54	`* Creates a new CryptoSigner instance from the given service account credential.`
55	`*`
56	`* @param credential - A service account credential.`
57	`*/`
58	`constructor(credential: ServiceAccountCredential);`
59	`/**`
60	`* @inheritDoc`
61	`*/`
62	`sign(buffer: Buffer): Promise<Buffer>;`
63	`/**`
64	`* @inheritDoc`
65	`*/`
66	`getAccountId(): Promise<string>;`
67	`}`
68	`/**`
69	`* A CryptoSigner implementation that uses the remote IAM service to sign data. If initialized without`
70	`* a service account ID, attempts to discover a service account ID by consulting the local Metadata`
71	`* service. This will succeed in managed environments like Google Cloud Functions and App Engine.`
72	`*`
73	`* @see https://cloud.google.com/iam/reference/rest/v1/projects.serviceAccounts/signBlob`
74	`* @see https://cloud.google.com/compute/docs/storing-retrieving-metadata`
75	`*/`
76	`export declare class IAMSigner implements CryptoSigner {`
77	`algorithm: Algorithm;`
78	`private readonly httpClient;`
79	`private serviceAccountId?;`
80	`constructor(httpClient: AuthorizedHttpClient, serviceAccountId?: string);`
81	`/**`
82	`* @inheritDoc`
83	`*/`
84	`sign(buffer: Buffer): Promise<Buffer>;`
85	`/**`
86	`* @inheritDoc`
87	`*/`
88	`getAccountId(): Promise<string>;`
89	`}`
90	`/**`
91	`* Creates a new CryptoSigner instance for the given app. If the app has been initialized with a`
92	`* service account credential, creates a ServiceAccountSigner.`
93	`*`
94	`* @param app - A FirebaseApp instance.`
95	`* @returns A CryptoSigner instance.`
96	`*/`
97	`export declare function cryptoSignerFromApp(app: App): CryptoSigner;`
98	`/**`
99	`* Defines extended error info type. This includes a code, message string, and error data.`
100	`*/`
101	`export interface ExtendedErrorInfo extends ErrorInfo {`
102	`cause?: Error;`
103	`}`
104	`/**`
105	`* CryptoSigner error code structure.`
106	`*`
107	`* @param errorInfo - The error information (code and message).`
108	`* @constructor`
109	`*/`
110	`export declare class CryptoSignerError extends Error {`
111	`private errorInfo;`
112	`constructor(errorInfo: ExtendedErrorInfo);`
113	`/** @returns The error code. */`
114	`get code(): string;`
115	`/** @returns The error message. */`
116	`get message(): string;`
117	`/** @returns The error data. */`
118	`get cause(): Error \| undefined;`
119	`}`
120	`/**`
121	`* Crypto Signer error codes and their default messages.`
122	`*/`
123	`export declare class CryptoSignerErrorCode {`
124	`static INVALID_ARGUMENT: string;`
125	`static INTERNAL_ERROR: string;`
126	`static INVALID_CREDENTIAL: string;`
127	`static SERVER_ERROR: string;`
128	`}`