Helper library to perfrorm requests to OIDC-authenticated resources (Cloud Identity-Aware Proxy)
npm install @rtbhouse/google-iap-auth
To use this library you must have the following:
- Identity Aware Proxy protected resource
- Service account with permissions to read protected resource
- OAuth credentials with key file in JSON format ( more on generating Service Account json keys)
Example usage with got:
import fs from 'fs';
import got from "got";
import { GoogleIapAuth } from "@rtbhouse/google-iap-auth";
const keyStr = fs.readFileSync('key.json', 'utf-8');
const keyData = JSON.parse(keyStr);
const googleIapAuth = new GoogleIapAuth("<oauth_client_id>", keyData);
const authorizedGot = got.extend({
hooks: {
beforeRequest: [
async options => {
options.headers.Authorization = `Bearer ${await googleIapAuth.getToken()}`;
}
]
},
responseType: "json",
followRedirect: false,
mutableDefaults: true
});
(async () => {
const response = await authorizedGot(
"https://some.iap.protected.resource.com/"
);
console.log(response.statusCode);
console.log(response.body);
})();