Skip to content

v1.0.5: Expose google cloud token lifespan #15

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
danopia merged 2 commits into from
Jan 20, 2026
Merged

v1.0.5: Expose google cloud token lifespan #15

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
a8cd1c0
Surface retrieved google cloud token lifespan
danopia Jan 13, 2026
a7cad39
1.0.5
danopia Jan 20, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion deno.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "@cloudydeno/bitesized",
"version": "1.0.4",
"version": "1.0.5",
"license": "MIT",
"exports": {
"./crypto/curve25519": "./crypto/curve25519.ts",
Expand Down
26 changes: 21 additions & 5 deletions integrations/google-cloud-auth.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,18 +1,19 @@
import { SubProcess } from "../system/sub-process.ts";
import { fetchServiceAccountToken } from "./google-metadata-service.ts";
import { fetchServiceAccountToken, type TokenResponse } from "./google-metadata-service.ts";

/**
* Attempts to get a GCP auth token from two possible sources:
* 1. A service account token from the GCP Metadata Server.
* 2. A user token from the installed `gcloud` CLI.
* If neither source is available, throws an Error.
* Returns an object including the token's remaining lifespan.
*/
export async function fetchGoogleCloudToken(): Promise<string> {
export async function fetchGoogleCloudAuth(): Promise<TokenResponse> {
const reasons = [`No Google Cloud access token found. Encountered issues:`];

try {
const resp = await fetchServiceAccountToken();
return resp.access_token;
return resp;
} catch (thrown) {
const err = thrown as Error;
const parts = err.message.split(': ');
Expand All @@ -25,11 +26,15 @@ export async function fetchGoogleCloudToken(): Promise<string> {

try {
const proc = new SubProcess('gcloud', {
cmd: ['gcloud', 'auth', 'application-default', 'print-access-token'],
cmd: ['gcloud', 'auth', 'print-access-token'],
stdin: 'null',
errorPrefix: /ERROR:/,
});
return (await proc.captureAllTextOutput()).trimEnd();
return {
access_token: (await proc.captureAllTextOutput()).trimEnd(),
expires_in: 3600, // gcloud's default
token_type: 'Bearer',
};
} catch (thrown) {
const err = thrown as Error;
reasons.push(` - gcloud CLI: ${err.message}`);
Expand All @@ -38,6 +43,17 @@ export async function fetchGoogleCloudToken(): Promise<string> {
throw new Error(reasons.join('\n'));
}

/**
* Attempts to get a GCP auth token from two possible sources:
* 1. A service account token from the GCP Metadata Server.
* 2. A user token from the installed `gcloud` CLI.
* If neither source is available, throws an Error.
*/
export async function fetchGoogleCloudToken(): Promise<string> {
const auth = await fetchGoogleCloudAuth();
return auth.access_token;
}

type ServiceAccountCredential = {
accessToken: string;
expireTime: string;
Expand Down