diff --git a/functions/composer-storage-trigger/index.js b/functions/composer-storage-trigger/index.js
index 8ebe15e186..ade0ffccc2 100644
--- a/functions/composer-storage-trigger/index.js
+++ b/functions/composer-storage-trigger/index.js
@@ -53,13 +53,7 @@ exports.triggerDag = async data => {
   try {
     const iap = await authorizeIap(CLIENT_ID, PROJECT_ID, USER_AGENT);
 
-    return makeIapPostRequest(
-      WEBSERVER_URL,
-      BODY,
-      iap.idToken,
-      USER_AGENT,
-      iap.jwt
-    );
+    return makeIapPostRequest(WEBSERVER_URL, BODY, iap.idToken, USER_AGENT);
   } catch (err) {
     console.error('Error authorizing IAP:', err.message);
     throw new Error(err);
@@ -142,7 +136,6 @@ const authorizeIap = async (clientId, projectId, userAgent) => {
   }
 
   return {
-    jwt: jwt,
     idToken: tokenJson.id_token,
   };
 };
diff --git a/functions/spanner/package.json b/functions/spanner/package.json
index a343573c79..5bfd0ae5ef 100644
--- a/functions/spanner/package.json
+++ b/functions/spanner/package.json
@@ -15,7 +15,7 @@
     "test": "mocha test/*.test.js --timeout=20000"
   },
   "dependencies": {
-    "@google-cloud/spanner": "^3.1.0"
+    "@google-cloud/spanner": "^4.0.0"
   },
   "devDependencies": {
     "@google-cloud/nodejs-repo-tools": "^3.3.0",
diff --git a/functions/tokenservice/functions/.eslintrc.json b/functions/tokenservice/functions/.eslintrc.json
deleted file mode 100644
index ea4352b993..0000000000
--- a/functions/tokenservice/functions/.eslintrc.json
+++ /dev/null
@@ -1,123 +0,0 @@
-{
-  "parserOptions": {
-    // Required for certain syntax usages
-    "ecmaVersion": 8
-  },
-  "plugins": [
-    "promise"
-  ],
-  "extends": "eslint:recommended",
-  "rules": {
-    // Removed rule "disallow the use of console" from recommended eslint rules
-    "no-console": "off",
-
-    // Removed rule "disallow multiple spaces in regular expressions" from recommended eslint rules
-    "no-regex-spaces": "off",
-
-    // Removed rule "disallow the use of debugger" from recommended eslint rules
-    "no-debugger": "off",
-
-    // Removed rule "disallow unused variables" from recommended eslint rules
-    "no-unused-vars": "off",
-
-    // Removed rule "disallow mixed spaces and tabs for indentation" from recommended eslint rules
-    "no-mixed-spaces-and-tabs": "off",
-
-    // Removed rule "disallow the use of undeclared variables unless mentioned in /*global */ comments" from recommended eslint rules
-    "no-undef": "off",
-
-    // Warn against template literal placeholder syntax in regular strings
-    "no-template-curly-in-string": 1,
-
-    // Warn if return statements do not either always or never specify values
-    "consistent-return": 1,
-
-    // Warn if no return statements in callbacks of array methods
-    "array-callback-return": 1,
-
-    // Require the use of === and !==
-    "eqeqeq": 2,
-
-    // Disallow the use of alert, confirm, and prompt
-    "no-alert": 2,
-
-    // Disallow the use of arguments.caller or arguments.callee
-    "no-caller": 2,
-
-    // Disallow null comparisons without type-checking operators
-    "no-eq-null": 2,
-
-    // Disallow the use of eval()
-    "no-eval": 2,
-
-    // Warn against extending native types
-    "no-extend-native": 1,
-
-    // Warn against unnecessary calls to .bind()
-    "no-extra-bind": 1,
-
-    // Warn against unnecessary labels    
-    "no-extra-label": 1,
-
-    // Disallow leading or trailing decimal points in numeric literals
-    "no-floating-decimal": 2,
-
-    // Warn against shorthand type conversions
-    "no-implicit-coercion": 1,
-
-    // Warn against function declarations and expressions inside loop statements
-    "no-loop-func": 1,
-
-    // Disallow new operators with the Function object
-    "no-new-func": 2,
-
-    // Warn against new operators with the String, Number, and Boolean objects
-    "no-new-wrappers": 1,
-
-    // Disallow throwing literals as exceptions
-    "no-throw-literal": 2,
-
-    // Require using Error objects as Promise rejection reasons
-    "prefer-promise-reject-errors": 2,
-
-    // Enforce “for” loop update clause moving the counter in the right direction
-    "for-direction": 2,
-
-    // Enforce return statements in getters
-    "getter-return": 2,
-
-    // Disallow await inside of loops
-    "no-await-in-loop": 2,
-
-    // Disallow comparing against -0
-    "no-compare-neg-zero": 2,
-
-    // Warn against catch clause parameters from shadowing variables in the outer scope
-    "no-catch-shadow": 1,
-
-    // Disallow identifiers from shadowing restricted names
-    "no-shadow-restricted-names": 2,
-
-    // Enforce return statements in callbacks of array methods
-    "callback-return": 2,
-
-    // Require error handling in callbacks
-    "handle-callback-err": 2,
-
-    // Warn against string concatenation with __dirname and __filename
-    "no-path-concat": 1,
-
-    // Prefer using arrow functions for callbacks
-    "prefer-arrow-callback": 1,
-
-    // Return inside each then() to create readable and reusable Promise chains.
-    // Forces developers to return console logs and http calls in promises. 
-    "promise/always-return": 2,
-
-    //Enforces the use of catch() on un-returned promises
-    "promise/catch-or-return": 2,
-
-    // Warn against nested then() or catch() statements
-    "promise/no-nesting": 1
-  }
-}
diff --git a/functions/tokenservice/functions/package.json b/functions/tokenservice/functions/package.json
index 1583ab1590..d48cfabd77 100644
--- a/functions/tokenservice/functions/package.json
+++ b/functions/tokenservice/functions/package.json
@@ -2,17 +2,16 @@
   "name": "functions",
   "description": "Cloud Functions for Firebase",
   "scripts": {
+    "test": "mocha test/*.test.js --timeout=5000",
     "lint": "eslint .",
     "serve": "firebase serve --only functions",
     "shell": "firebase functions:shell",
     "deploy": "firebase deploy --only functions",
     "logs": "firebase functions:log",
     "local-test": "mocha test/index.test.js",
-    "test": "npm run local-test",
     "start": "functions-framework --target=getOAuthToken"
   },
   "dependencies": {
-    "child-process-promise": "^2.2.1",
     "firebase-admin": "^8.0.0",
     "firebase-functions": "^3.0.0",
     "request": "^2.88.0",
@@ -22,6 +21,7 @@
     "@google-cloud/functions-framework": "^1.1.1",
     "@google-cloud/nodejs-repo-tools": "^3.3.0",
     "babel-eslint": "^10.0.2",
+    "child-process-promise": "^2.2.1",
     "eslint": "^6.0.0",
     "eslint-config-prettier": "^6.0.0",
     "eslint-plugin-node": "^9.1.0",
@@ -32,7 +32,7 @@
     "supertest": "^4.0.0"
   },
   "engines": {
-    "node": "8"
+    "node": ">=8.0.0"
   },
   "private": true
 }
diff --git a/functions/tokenservice/functions/test/index.test.js b/functions/tokenservice/functions/test/index.test.js
index 2137f52664..1bd2adf90b 100644
--- a/functions/tokenservice/functions/test/index.test.js
+++ b/functions/tokenservice/functions/test/index.test.js
@@ -1,21 +1,31 @@
+/**
+ * Copyright 2019, Google, LLC
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/* eslint-env node, mocha */
+
 const assert = require('assert');
-const index = require('../index.js');
 const execPromise = require('child-process-promise').exec;
 const path = require('path');
 const cwd = path.join(__dirname, '..');
 const BASE_URL = process.env.BASE_URL || 'http://localhost:8080';
 const FF_TIMEOUT = 3000;
+const PORT = 8080;
 let requestRetry = require('requestretry');
 
-// let requestRetryForCredentials = require('requestretry');
-
-const defaults = {
-  uri: `${BASE_URL}/getOAuthToken`,
-  maxAttempts: 1,
-  fullResponse: true,
-};
-
 requestRetry = requestRetry.defaults({
+  retryDelay: 500,
   retryStrategy: requestRetry.RetryStrategies.NetworkError,
   method: 'GET',
   json: true,
@@ -33,30 +43,34 @@ const contextValue = (uid = 'test-uid', email_verified = true) => ({
   },
 });
 
+const handleLinuxFailures = async proc => {
+  try {
+    return await proc;
+  } catch (err) {
+    // Timeouts always cause errors on Linux, so catch them
+    // Don't return proc, as await-ing it re-throws the error
+    if (!err.name || err.name !== 'ChildProcessError') {
+      throw err;
+    }
+  }
+};
+
 describe('getOAuthToken tests', () => {
   let ffProc;
   before(() => {
     ffProc = execPromise(
-      `functions-framework --target=getOAuthToken --signature-type=http`,
+      `functions-framework --target=getOAuthToken --signature-type=http --port=${PORT}`,
       {timeout: FF_TIMEOUT, shell: true, cwd}
     );
   });
+
   after(async () => {
-    try {
-      await ffProc;
-    } catch (err) {
-      // Timeouts always cause errors on Linux, so catch them
-      if (err.name && err.name === 'ChildProcessError') {
-        return;
-      }
-      throw err;
-    }
+    await handleLinuxFailures(ffProc);
   });
 
   describe('Firebase OAuth Token', () => {
     // no argument 400 error
     it('should give 400 if no Context is provided', async () => {
-      //new requestRetry(defaults, (error, response, body) => done())
       const response = await requestRetry({
         body: {
           deviceID: '',
@@ -68,7 +82,6 @@ describe('getOAuthToken tests', () => {
     });
 
     it('should give 400 if no deviceID is provided', async () => {
-      //new requestRetry(defaults, (error, response, body) => done())
       const response = await requestRetry({
         contextValue,
       });