1 |
|
2 |
|
3 |
|
4 |
|
5 |
|
6 |
|
7 |
|
8 |
|
9 |
|
10 |
|
11 |
|
12 |
|
13 |
|
14 |
|
15 |
|
16 |
|
17 |
|
18 |
|
19 | import { App } from '../app';
|
20 | import { ServiceAccountCredential } from '../app/credential-internal';
|
21 | import { AuthorizedHttpClient } from './api-request';
|
22 | import { Algorithm } from 'jsonwebtoken';
|
23 | import { ErrorInfo } from '../utils/error';
|
24 |
|
25 |
|
26 |
|
27 | export interface CryptoSigner {
|
28 | |
29 |
|
30 |
|
31 | readonly algorithm: Algorithm;
|
32 | |
33 |
|
34 |
|
35 |
|
36 |
|
37 |
|
38 | sign(buffer: Buffer): Promise<Buffer>;
|
39 | |
40 |
|
41 |
|
42 |
|
43 |
|
44 | getAccountId(): Promise<string>;
|
45 | }
|
46 |
|
47 |
|
48 |
|
49 |
|
50 | export declare class ServiceAccountSigner implements CryptoSigner {
|
51 | private readonly credential;
|
52 | algorithm: Algorithm;
|
53 | |
54 |
|
55 |
|
56 |
|
57 |
|
58 | constructor(credential: ServiceAccountCredential);
|
59 | /**
|
60 | * @inheritDoc
|
61 | */
|
62 | sign(buffer: Buffer): Promise<Buffer>;
|
63 | /**
|
64 | * @inheritDoc
|
65 | */
|
66 | getAccountId(): Promise<string>;
|
67 | }
|
68 | /**
|
69 | * A CryptoSigner implementation that uses the remote IAM service to sign data. If initialized without
|
70 | * a service account ID, attempts to discover a service account ID by consulting the local Metadata
|
71 | * service. This will succeed in managed environments like Google Cloud Functions and App Engine.
|
72 | *
|
73 | * @see https://cloud.google.com/iam/reference/rest/v1/projects.serviceAccounts/signBlob
|
74 | * @see https://cloud.google.com/compute/docs/storing-retrieving-metadata
|
75 | */
|
76 | export declare class IAMSigner implements CryptoSigner {
|
77 | algorithm: Algorithm;
|
78 | private readonly httpClient;
|
79 | private serviceAccountId?;
|
80 | constructor(httpClient: AuthorizedHttpClient, serviceAccountId?: string);
|
81 | /**
|
82 | * @inheritDoc
|
83 | */
|
84 | sign(buffer: Buffer): Promise<Buffer>;
|
85 | /**
|
86 | * @inheritDoc
|
87 | */
|
88 | getAccountId(): Promise<string>;
|
89 | }
|
90 | /**
|
91 | * Creates a new CryptoSigner instance for the given app. If the app has been initialized with a
|
92 | * service account credential, creates a ServiceAccountSigner.
|
93 | *
|
94 | * @param app - A FirebaseApp instance.
|
95 | * @returns A CryptoSigner instance.
|
96 | */
|
97 | export declare function cryptoSignerFromApp(app: App): CryptoSigner;
|
98 | /**
|
99 | * Defines extended error info type. This includes a code, message string, and error data.
|
100 | */
|
101 | export interface ExtendedErrorInfo extends ErrorInfo {
|
102 | cause?: Error;
|
103 | }
|
104 |
|
105 |
|
106 |
|
107 |
|
108 |
|
109 |
|
110 | export declare class CryptoSignerError extends Error {
|
111 | private errorInfo;
|
112 | constructor(errorInfo: ExtendedErrorInfo);
|
113 | /** @returns The error code. */
|
114 | get code(): string;
|
115 | /** @returns The error message. */
|
116 | get message(): string;
|
117 | /** @returns The error data. */
|
118 | get cause(): Error | undefined;
|
119 | }
|
120 | /**
|
121 | * Crypto Signer error codes and their default messages.
|
122 | */
|
123 | export declare class CryptoSignerErrorCode {
|
124 | static INVALID_ARGUMENT: string;
|
125 | static INTERNAL_ERROR: string;
|
126 | static INVALID_CREDENTIAL: string;
|
127 | static SERVER_ERROR: string;
|
128 | }
|