@ydbjs/auth
Version:
Authentication providers for YDB: static credentials, tokens, anonymous, and cloud metadata. Integrates with the core driver for secure access.
41 lines • 1.92 kB
TypeScript
import { CredentialsProvider } from './index.js';
export type MetadataCredentialsToken = {
value: string;
expired_at: number;
};
export type MetadataCredentials = {
endpoint?: string;
flavor?: string;
};
/**
* A credentials provider that retrieves tokens from a metadata service.
*
* This class extends the `CredentialsProvider` class and implements the `getToken` method
* to fetch tokens from a specified metadata endpoint. It supports optional retry logic
* and allows customization of the metadata flavor and endpoint.
*
* @extends CredentialsProvider
*/
export declare class MetadataCredentialsProvider extends CredentialsProvider {
#private;
/**
* Creates an instance of `MetadataCredentialsProvider`.
*
* @param credentials - An optional object containing metadata credentials.
* @param credentials.flavor - The metadata flavor (default: 'Google').
* @param credentials.endpoint - The metadata endpoint URL (default: 'http://169.254.169.254/computeMetadata/v1/instance/service-accounts/default/token').
*/
constructor(credentials?: MetadataCredentials);
/**
* Retrieves an authentication token from the specified endpoint.
* If a valid token is already available and `force` is not true, it returns the cached token.
* Otherwise, it fetches a new token with optional retry logic based on the provided configuration.
*
* @param force - A flag indicating whether to force fetching a new token regardless of the existing one's validity.
* @param signal - An AbortSignal to cancel the operation if needed.
* @returns A promise resolving to the authentication token as a string.
* @throws Will throw an error if the token fetch fails, the response is not OK, or the content type is incorrect.
*/
getToken(force?: boolean, signal?: AbortSignal): Promise<string>;
}
//# sourceMappingURL=metadata.d.ts.map