Buckets:
| import { BaseExternalAccountClient, BaseExternalAccountClientOptions, ExternalAccountSupplierContext } from './baseexternalclient'; | |
| import { SnakeToCamelObject } from '../util'; | |
| export type SubjectTokenFormatType = 'json' | 'text'; | |
| export interface SubjectTokenJsonResponse { | |
| [key: string]: string; | |
| } | |
| /** | |
| * Supplier interface for subject tokens. This can be implemented to | |
| * return a subject token which can then be exchanged for a GCP token by an | |
| * {@link IdentityPoolClient}. | |
| */ | |
| export interface SubjectTokenSupplier { | |
| /** | |
| * Gets a valid subject token for the requested external account identity. | |
| * Note that these are not cached by the calling {@link IdentityPoolClient}, | |
| * so caching should be including in the implementation. | |
| * @param context {@link ExternalAccountSupplierContext} from the calling | |
| * {@link IdentityPoolClient}, contains the requested audience and subject token type | |
| * for the external account identity as well as the transport from the | |
| * calling client to use for requests. | |
| * @return A promise that resolves with the requested subject token string. | |
| */ | |
| getSubjectToken: (context: ExternalAccountSupplierContext) => Promise<string>; | |
| } | |
| /** | |
| * Url-sourced/file-sourced credentials json interface. | |
| * This is used for K8s and Azure workloads. | |
| */ | |
| export interface IdentityPoolClientOptions extends BaseExternalAccountClientOptions { | |
| /** | |
| * Object containing options to retrieve identity pool credentials. A valid credential | |
| * source or a subject token supplier must be specified. | |
| */ | |
| credential_source?: { | |
| /** | |
| * The file location to read the subject token from. Either this, a URL | |
| * or a certificate location should be specified. | |
| */ | |
| file?: string; | |
| /** | |
| * The URL to call to retrieve the subject token. Either this, a file | |
| * location or a certificate location should be specified. | |
| */ | |
| url?: string; | |
| /** | |
| * Optional headers to send on the request to the specified URL. | |
| */ | |
| headers?: { | |
| [key: string]: string; | |
| }; | |
| /** | |
| * The format that the subject token is in the file or the URL response. | |
| * If not provided, will default to reading the text string directly. | |
| */ | |
| format?: { | |
| /** | |
| * The format type. Can either be 'text' or 'json'. | |
| */ | |
| type: SubjectTokenFormatType; | |
| /** | |
| * The field name containing the subject token value if the type is 'json'. | |
| */ | |
| subject_token_field_name?: string; | |
| }; | |
| /** | |
| * The certificate location to call to retrieve the subject token. Either this, a file | |
| * location, or an url should be specified. | |
| * @example | |
| * File Format: | |
| * ```json | |
| * { | |
| * "cert_configs": { | |
| * "workload": { | |
| * "key_path": "$PATH_TO_LEAF_KEY", | |
| * "cert_path": "$PATH_TO_LEAF_CERT" | |
| * } | |
| * } | |
| * } | |
| * ``` | |
| */ | |
| certificate?: { | |
| /** | |
| * Specify whether the certificate config should be used from the default location. | |
| * Either this or the certificate_config_location must be provided. | |
| * The certificate config file must be in the following JSON format: | |
| */ | |
| use_default_certificate_config?: boolean; | |
| /** | |
| * Location to fetch certificate config from in case default config is not to be used. | |
| * Either this or use_default_certificate_config=true should be provided. | |
| */ | |
| certificate_config_location?: string; | |
| /** | |
| * TrustChainPath specifies the path to a PEM-formatted file containing the X.509 certificate trust chain. | |
| * The file should contain any intermediate certificates needed to connect | |
| * the mTLS leaf certificate to a root certificate in the trust store. | |
| */ | |
| trust_chain_path?: string; | |
| }; | |
| }; | |
| /** | |
| * The subject token supplier to call to retrieve the subject token to exchange | |
| * for a GCP access token. Either this or a valid credential source should | |
| * be specified. | |
| */ | |
| subject_token_supplier?: SubjectTokenSupplier; | |
| } | |
| /** | |
| * Defines the Url-sourced and file-sourced external account clients mainly | |
| * used for K8s and Azure workloads. | |
| */ | |
| export declare class IdentityPoolClient extends BaseExternalAccountClient { | |
| private readonly subjectTokenSupplier; | |
| /** | |
| * Instantiate an IdentityPoolClient instance using the provided JSON | |
| * object loaded from an external account credentials file. | |
| * An error is thrown if the credential is not a valid file-sourced or | |
| * url-sourced credential or a workforce pool user project is provided | |
| * with a non workforce audience. | |
| * @param options The external account options object typically loaded | |
| * from the external account JSON credential file. The camelCased options | |
| * are aliases for the snake_cased options. | |
| */ | |
| constructor(options: IdentityPoolClientOptions | SnakeToCamelObject<IdentityPoolClientOptions>); | |
| /** | |
| * Triggered when a external subject token is needed to be exchanged for a GCP | |
| * access token via GCP STS endpoint. Gets a subject token by calling | |
| * the configured {@link SubjectTokenSupplier} | |
| * @return A promise that resolves with the external subject token. | |
| */ | |
| retrieveSubjectToken(): Promise<string>; | |
| } | |
Xet Storage Details
- Size:
- 5.63 kB
- Xet hash:
- b0d8e9f1624d4c18e4dfcb2d573cd252ae8df2f6883984bd44f959de284e5e4d
·
Xet efficiently stores files, intelligently splitting them into unique chunks and accelerating uploads and downloads. More info.