firebase-admin 0.1.1 → 0.1.5

Sign up to get free protection for your applications and to get access to all the features.
Files changed (12) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile.lock +19 -5
  3. data/lib/firebase-admin/client/accounts.rb +46 -8
  4. data/lib/firebase-admin/connection.rb +1 -1
  5. data/lib/firebase-admin/error.rb +3 -0
  6. data/lib/firebase-admin/version.rb +1 -1
  7. data/spec/firebase-admin/client/accounts_spec.rb +78 -0
  8. data/spec/fixtures/example_key +1 -0
  9. data/spec/fixtures/google_credentials.json +12 -0
  10. data/spec/fixtures/google_credentials_invalid.json +1 -0
  11. data/spec/fixtures/update_account.json +6 -0
  12. metadata +10 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: e8ff8b5b882e80cee049010198961bde97f52c64dc5a5e6d5902bcab4dd40060
4
- data.tar.gz: 35e4530ed48199101dd666743c959af4890b161e594545470a1a37dec02993ff
3
+ metadata.gz: cef0674854fe33d6dd681638d9827eb360c8125922afd84d717072f3d2c0a359
4
+ data.tar.gz: 2729536a92a94c68cf977b608c8f948c4af965280b3820b3012bb882e774142c
5
5
  SHA512:
6
- metadata.gz: 54cd5fc99fd435c7f5151ca76b47456da8cdee6b38eaaf3afcb72048adb9219d329ceec054e1e8634881fd9326f8ddece9ea0d7801c686a509b11d2c269137b1
7
- data.tar.gz: 5c117435a3122766517027c076faf2591cc5b66e38964e9e881d2f3bf64a0a9dd902ae572585d7bba2c2e7c681a9a169daf15e90e1a1a0f1cc62655794f70911
6
+ metadata.gz: dd2bba2ad71b970ad58d1f6eda5cc5a82d39ebb21bbb7b3756c021af9cc541d7653f6bef9e36380ed6cae5a86d9aec498e6c169daa5741b8a3532313ca32257a
7
+ data.tar.gz: 7aafdeb40669eb59443585d1627ac29d7233f90b7ef09f195a918866908956c132ce7f7578628ee814dda51cc8e2cc0fd82ff5531189cae95ccf8ecf8637e2ec
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- firebase-admin (0.1.1)
4
+ firebase-admin (0.1.4)
5
5
  addressable (~> 2.7)
6
6
  faraday (~> 1.3)
7
7
  faraday_middleware (~> 1.0)
@@ -18,11 +18,25 @@ GEM
18
18
  crack (0.4.5)
19
19
  rexml
20
20
  diff-lcs (1.4.4)
21
- faraday (1.3.0)
21
+ faraday (1.8.0)
22
+ faraday-em_http (~> 1.0)
23
+ faraday-em_synchrony (~> 1.0)
24
+ faraday-excon (~> 1.1)
25
+ faraday-httpclient (~> 1.0.1)
22
26
  faraday-net_http (~> 1.0)
27
+ faraday-net_http_persistent (~> 1.1)
28
+ faraday-patron (~> 1.0)
29
+ faraday-rack (~> 1.0)
23
30
  multipart-post (>= 1.2, < 3)
24
- ruby2_keywords
31
+ ruby2_keywords (>= 0.0.4)
32
+ faraday-em_http (1.0.0)
33
+ faraday-em_synchrony (1.0.0)
34
+ faraday-excon (1.1.0)
35
+ faraday-httpclient (1.0.1)
25
36
  faraday-net_http (1.0.1)
37
+ faraday-net_http_persistent (1.2.0)
38
+ faraday-patron (1.0.0)
39
+ faraday-rack (1.0.0)
26
40
  faraday_middleware (1.0.0)
27
41
  faraday (~> 1.0)
28
42
  hashdiff (1.0.1)
@@ -63,7 +77,7 @@ GEM
63
77
  rubocop-ast (1.4.1)
64
78
  parser (>= 2.7.1.5)
65
79
  ruby-progressbar (1.11.0)
66
- ruby2_keywords (0.0.4)
80
+ ruby2_keywords (0.0.5)
67
81
  unicode-display_width (2.0.0)
68
82
  webmock (3.11.2)
69
83
  addressable (>= 2.3.6)
@@ -81,4 +95,4 @@ DEPENDENCIES
81
95
  webmock (~> 3.11)
82
96
 
83
97
  BUNDLED WITH
84
- 2.2.6
98
+ 2.2.22
data/lib/firebase-admin/client/accounts.rb CHANGED
@@ -93,6 +93,20 @@ module FirebaseAdmin
93
93
  post('v1/accounts:signInWithCustomToken', { token: token, returnSecureToken: true })
94
94
  end
95
95
 
96
+ # Sign in based on the UID of an account
97
+ # This generates a custom token for the UID and signs in using the custom token
98
+ #
99
+ # @param uid [String] The uid of a user
100
+ #
101
+ # @return [Resource] with idToken
102
+ #
103
+ # @example
104
+ # FirebaseAdmin.sign_in_for_uid("...")
105
+ def sign_in_for_uid(uid)
106
+ custom_token = create_custom_token(uid)
107
+ sign_in_with_custom_token(custom_token)
108
+ end
109
+
96
110
  # Create a custom JWT token for a UID
97
111
  #
98
112
  # @param uid [String] The uid of a user
@@ -103,11 +117,6 @@ module FirebaseAdmin
103
117
  # @example
104
118
  # FirebaseAdmin.create_custom_token('...')
105
119
  def create_custom_token(uid)
106
- credentials = default_credentials
107
-
108
- service_account_email = credentials.fetch('client_email', ENV['GOOGLE_CLIENT_EMAIL'])
109
- private_key = OpenSSL::PKey::RSA.new credentials.fetch('private_key', unescape(ENV['GOOGLE_PRIVATE_KEY']))
110
-
111
120
  now_seconds = Time.now.to_i
112
121
  payload = {
113
122
  iss: service_account_email,
@@ -118,7 +127,6 @@ module FirebaseAdmin
118
127
  uid: uid
119
128
  }
120
129
  JWT.encode(payload, private_key, 'RS256')
121
- JWT.decode()
122
130
  end
123
131
 
124
132
  # Get user by email/phone/uid
@@ -156,10 +164,40 @@ module FirebaseAdmin
156
164
  str
157
165
  end
158
166
 
167
+ def service_account_email
168
+ email = default_credentials.fetch('client_email') { ENV['GOOGLE_CLIENT_EMAIL'] }
169
+ if email.nil? || email == ''
170
+ raise InvalidCredentials,
171
+ "No client email provided via 'GOOGLE_APPLICATION_CREDENTIALS' or 'GOOGLE_CLIENT_EMAIL'"
172
+ end
173
+
174
+ email
175
+ end
176
+
177
+ def private_key
178
+ key = default_credentials.fetch('private_key') { unescape(ENV['GOOGLE_PRIVATE_KEY']) }
179
+ if key.nil? || key == ''
180
+ raise InvalidCredentials,
181
+ "No private key provided via 'GOOGLE_APPLICATION_CREDENTIALS' or 'GOOGLE_PRIVATE_KEY'"
182
+ end
183
+
184
+ OpenSSL::PKey::RSA.new(key)
185
+ end
186
+
159
187
  def default_credentials
160
- return {} if ENV['GOOGLE_APPLICATION_CREDENTIALS'].nil?
188
+ @default_credentials ||= read_default_credentials
189
+ end
161
190
 
162
- JSON.parse(File.read(ENV['GOOGLE_APPLICATION_CREDENTIALS']))
191
+ def read_default_credentials
192
+ credentials_path = ENV['GOOGLE_APPLICATION_CREDENTIALS']
193
+ if credentials_path && File.exist?(credentials_path)
194
+ JSON.parse(File.read(credentials_path))
195
+ else
196
+ {}
197
+ end
198
+ rescue StandardError => e
199
+ raise InvalidCredentials,
200
+ "Failed reading credentials from '#{ENV['GOOGLE_APPLICATION_CREDENTIALS']}'. Error: #{e.message}"
163
201
  end
164
202
  end
165
203
  end
data/lib/firebase-admin/connection.rb CHANGED
@@ -17,7 +17,7 @@ module FirebaseAdmin
17
17
  }.merge(connection_options)
18
18
 
19
19
  Faraday::Connection.new(options) do |connection|
20
- connection.authorization :Bearer, access_token if access_token
20
+ connection.request :authorization, 'Bearer', access_token if access_token
21
21
  connection.use Faraday::Request::UrlEncoded
22
22
  connection.use FaradayMiddleware::Mashify
23
23
  connection.use Faraday::Response::ParseJson
data/lib/firebase-admin/error.rb CHANGED
@@ -25,4 +25,7 @@ module FirebaseAdmin
25
25
 
26
26
  # Raised when Firebase returns the HTTP status code 429
27
27
  class RateLimitExceeded < Error; end
28
+
29
+ # Raised when no valid credentials are found
30
+ class InvalidCredentials < Error; end
28
31
  end
data/lib/firebase-admin/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module FirebaseAdmin
2
- VERSION = '0.1.1'.freeze unless defined?(::FirebaseAdmin::VERSION)
2
+ VERSION = '0.1.5'.freeze unless defined?(::FirebaseAdmin::VERSION)
3
3
  end
data/spec/firebase-admin/client/accounts_spec.rb CHANGED
@@ -20,4 +20,82 @@ describe FirebaseAdmin::Client do
20
20
  ).to have_been_made
21
21
  end
22
22
  end
23
+
24
+ describe '.update_account' do
25
+ before do
26
+ stub_post('v1/projects/test-project/accounts:update')
27
+ .to_return(body: fixture('update_account.json'), headers: { content_type: 'application/json; charset=utf-8' })
28
+ end
29
+
30
+ it 'should post to the update endpoint' do
31
+ @client.update_account(email: 'john@smith.com', password: 'supersecret')
32
+ expect(
33
+ a_post('v1/projects/test-project/accounts:update')
34
+ .with(body: { email: 'john@smith.com', password: 'supersecret' }.to_json)
35
+ .with(headers: { 'Authorization' => 'Bearer owner' })
36
+ ).to have_been_made
37
+ end
38
+ end
39
+
40
+ describe '.create_custom_token' do
41
+ context 'when credentials are set via GOOGLE_APPLICATION_CREDENTIALS' do
42
+ before do
43
+ ENV['GOOGLE_APPLICATION_CREDENTIALS'] = fixture('google_credentials.json').path
44
+ end
45
+
46
+ it 'returns a valid JWT token' do
47
+ token = @client.create_custom_token('user-123')
48
+ token_data, _alg = JWT.decode(token, nil, false)
49
+ expect(token_data['uid']).to eq('user-123')
50
+ end
51
+ end
52
+
53
+ context 'when GOOGLE_APPLICATION_CREDENTIALS points to an invalid file' do
54
+ before do
55
+ ENV['GOOGLE_APPLICATION_CREDENTIALS'] = fixture('google_credentials_invalid.json').path
56
+ end
57
+
58
+ it 'raises an error' do
59
+ expect { @client.create_custom_token('user-123') }.to raise_error FirebaseAdmin::InvalidCredentials
60
+ end
61
+ end
62
+
63
+ context 'when credentials are set via GOOGLE_CLIENT_EMAIL / GOOGLE_PRIVATE_KEY' do
64
+ let(:email) { 'example@example.com' }
65
+ let(:private_key) { fixture('example_key').read }
66
+
67
+ before do
68
+ ENV['GOOGLE_APPLICATION_CREDENTIALS'] = nil
69
+ ENV['GOOGLE_CLIENT_EMAIL'] = email
70
+ ENV['GOOGLE_PRIVATE_KEY'] = private_key
71
+ end
72
+
73
+ it 'returns a valid JWT token' do
74
+ token = @client.create_custom_token('user-123')
75
+ token_data, _alg = JWT.decode(token, nil, false)
76
+ expect(token_data['uid']).to eq('user-123')
77
+ end
78
+ end
79
+
80
+ context 'when no credentials are provided' do
81
+ before do
82
+ ENV['GOOGLE_APPLICATION_CREDENTIALS'] = nil
83
+ ENV['GOOGLE_CLIENT_EMAIL'] = nil
84
+ ENV['GOOGLE_PRIVATE_KEY'] = nil
85
+ end
86
+
87
+ it 'raises an error' do
88
+ expect { @client.create_custom_token('user-123') }.to raise_error FirebaseAdmin::InvalidCredentials
89
+ end
90
+ end
91
+ end
92
+
93
+ describe '.sign_in_for_uid' do
94
+ it 'should post to the update endpoint' do
95
+ expect(@client).to receive(:create_custom_token).with('user-123').and_return('token')
96
+ expect(@client).to receive(:sign_in_with_custom_token).with('token').and_return('result')
97
+ result = @client.sign_in_for_uid('user-123')
98
+ expect(result).to eq('result')
99
+ end
100
+ end
23
101
  end
data/spec/fixtures/example_key ADDED
@@ -0,0 +1 @@
1
+ -----BEGIN PRIVATE KEY-----\nMIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDW04sWbA5qIYUQ\nLU+dVoEf0ipYYmu9/2Z+Teobkhd9f6ZQ++1a0hnpelIx3vulrO0uPU/CZIh75cPR\nl/UGg2wxB2QnQcznUCJylOKoV412L7nTauYolNkI71X95npQyQtP+i3E7mQHAEJc\nOqF+cd6ufH5KouKtkJvSioHVKMr1YWDAmCfvQdYQ9Chv4K3Fvr1yniFk7OqcB1Td\nf9XcMpCaC6XokOzgvZ0TbNoqG2ceR66E04J33nRenqiRv8I/jmzsvYb692CuzKEL\nf/F4eY8bnIRYrMgT+7qgBkLMbNN/7m95uoBvJASvosx9+Fp3h6q9DhdphyV0iFjL\nHtvFpH1PAgMBAAECggEACJhCEk2Ubg6VQkZtzv+s/tbrtsmJQfq74QXA/gVkRzMa\nNlc98cpCGyM3sqMXMlOu0ZDGZiKbi0lwAiywMuiDJZsEGMX7Kq38EtV+E/ocwMO8\nDYdTWgBKhp78s8HK1vyUJUj/F8fp3JXYEdSOrX5kyFpWuym1I/iLI2tDMoIFTLfb\n3+NGAZQti7jXO8HMPTBhTj9X4wunCHucc6zd7QwRMmAyNITK+q9gOWoH3ruhN0/h\nj58USy5CuUAXuhQWoNxUPZlUiXg7ei2bSTH+tMBoCyqcDi4TKEXAHKXKS5Fd5he4\nXOQVsobqwCDKCoVGoaH+QdSru7TLVWqRox0RQY/NkQKBgQDwOXI2zQsrVnrSqS+X\nl0r+G21H5NkjjY5x1aOAG0BIBW6OK5MAbP1bUbOVA00hfey2kaSR69/7px134Lsi\ntgC9JziyjIpyS6yMlYisTKuqg3SY1GjKkGrZkdCO+xcY/Jiamo6VNGzuwJzmjWQ5\n3cfaZDcgo/4bqtGI9QbQ6rW06wKBgQDk7x2OPlCHMusVq0DOa7TraRelhTMDYco5\nNvzJ8r27W0NoHrmgvPFgVkzE+rkwDf2LO5D5TwPyzw1+lnqxaNmKF2EU/OXoGTUG\ntqu1xPu0NXr8bZn5YRwR1Zc+6cbXqUFIm5BtBlKXfc+Yrg7XFw1Y28aakSa3Kvft\n8GL9g+8QLQKBgQCdDvH9olGLJB9pW/QhyGjfek8Ykibld8eJ5YPgXfDJJcQCb7rM\nrHV5HxGqe14SZ6I8Ozy9qtnmTnyVw/iV2SjigqIvGnPqBk/qGlohTH9wHEI/KaDZ\nz1IMrakN0lxnmb6sViCirIQMFSKAGjFNJBNmVd81GAMrU6NrR8gND2d9wQKBgEbF\ntPlYQkTJdOtJ+crWeSOdZXYB63dML9voJ9W2ePkGiZwSg4gxYN1LUIhEiiNU7+Cv\nFW49Axd48s8DbgKSS03pVFXMqLZLtJzSs9qJftaDAfYvW75ASxEoWo1Ub+gTpt7v\nWIKbxcSXXCnzBRtxQOsLZiY6YSGW4vZnrfJ5atoxAoGBAJF9oxseUWLFi8G9jaMD\nBnGqha7wCrQE6rFjgG9olbYxVB0IYN6hnPoelkrJWDJDz9bpvXSsbO7lwFv0x3Ks\n6ehj1fDjibTz9BNiqNwFzoPWq4Th2TqHrYY34ohtcW4tQdtLYPgQyhmNASUytAlG\nzipYnskyVze/3An/VEFrhSdy\n-----END PRIVATE KEY-----\n
data/spec/fixtures/google_credentials.json ADDED
@@ -0,0 +1,12 @@
1
+ {
2
+ "type": "service_account",
3
+ "project_id": "example-project",
4
+ "private_key_id": "123",
5
+ "private_key": "-----BEGIN PRIVATE KEY-----\nMIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDW04sWbA5qIYUQ\nLU+dVoEf0ipYYmu9/2Z+Teobkhd9f6ZQ++1a0hnpelIx3vulrO0uPU/CZIh75cPR\nl/UGg2wxB2QnQcznUCJylOKoV412L7nTauYolNkI71X95npQyQtP+i3E7mQHAEJc\nOqF+cd6ufH5KouKtkJvSioHVKMr1YWDAmCfvQdYQ9Chv4K3Fvr1yniFk7OqcB1Td\nf9XcMpCaC6XokOzgvZ0TbNoqG2ceR66E04J33nRenqiRv8I/jmzsvYb692CuzKEL\nf/F4eY8bnIRYrMgT+7qgBkLMbNN/7m95uoBvJASvosx9+Fp3h6q9DhdphyV0iFjL\nHtvFpH1PAgMBAAECggEACJhCEk2Ubg6VQkZtzv+s/tbrtsmJQfq74QXA/gVkRzMa\nNlc98cpCGyM3sqMXMlOu0ZDGZiKbi0lwAiywMuiDJZsEGMX7Kq38EtV+E/ocwMO8\nDYdTWgBKhp78s8HK1vyUJUj/F8fp3JXYEdSOrX5kyFpWuym1I/iLI2tDMoIFTLfb\n3+NGAZQti7jXO8HMPTBhTj9X4wunCHucc6zd7QwRMmAyNITK+q9gOWoH3ruhN0/h\nj58USy5CuUAXuhQWoNxUPZlUiXg7ei2bSTH+tMBoCyqcDi4TKEXAHKXKS5Fd5he4\nXOQVsobqwCDKCoVGoaH+QdSru7TLVWqRox0RQY/NkQKBgQDwOXI2zQsrVnrSqS+X\nl0r+G21H5NkjjY5x1aOAG0BIBW6OK5MAbP1bUbOVA00hfey2kaSR69/7px134Lsi\ntgC9JziyjIpyS6yMlYisTKuqg3SY1GjKkGrZkdCO+xcY/Jiamo6VNGzuwJzmjWQ5\n3cfaZDcgo/4bqtGI9QbQ6rW06wKBgQDk7x2OPlCHMusVq0DOa7TraRelhTMDYco5\nNvzJ8r27W0NoHrmgvPFgVkzE+rkwDf2LO5D5TwPyzw1+lnqxaNmKF2EU/OXoGTUG\ntqu1xPu0NXr8bZn5YRwR1Zc+6cbXqUFIm5BtBlKXfc+Yrg7XFw1Y28aakSa3Kvft\n8GL9g+8QLQKBgQCdDvH9olGLJB9pW/QhyGjfek8Ykibld8eJ5YPgXfDJJcQCb7rM\nrHV5HxGqe14SZ6I8Ozy9qtnmTnyVw/iV2SjigqIvGnPqBk/qGlohTH9wHEI/KaDZ\nz1IMrakN0lxnmb6sViCirIQMFSKAGjFNJBNmVd81GAMrU6NrR8gND2d9wQKBgEbF\ntPlYQkTJdOtJ+crWeSOdZXYB63dML9voJ9W2ePkGiZwSg4gxYN1LUIhEiiNU7+Cv\nFW49Axd48s8DbgKSS03pVFXMqLZLtJzSs9qJftaDAfYvW75ASxEoWo1Ub+gTpt7v\nWIKbxcSXXCnzBRtxQOsLZiY6YSGW4vZnrfJ5atoxAoGBAJF9oxseUWLFi8G9jaMD\nBnGqha7wCrQE6rFjgG9olbYxVB0IYN6hnPoelkrJWDJDz9bpvXSsbO7lwFv0x3Ks\n6ehj1fDjibTz9BNiqNwFzoPWq4Th2TqHrYY34ohtcW4tQdtLYPgQyhmNASUytAlG\nzipYnskyVze/3An/VEFrhSdy\n-----END PRIVATE KEY-----\n",
6
+ "client_email": "example@example.iam.gserviceaccount.com",
7
+ "client_id": "456",
8
+ "auth_uri": "https://accounts.google.com/o/oauth2/auth",
9
+ "token_uri": "https://oauth2.googleapis.com/token",
10
+ "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
11
+ "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/example%40example.iam.gserviceaccount.com"
12
+ }
data/spec/fixtures/google_credentials_invalid.json ADDED
@@ -0,0 +1 @@
1
+ invalid
data/spec/fixtures/update_account.json ADDED
@@ -0,0 +1,6 @@
1
+ {
2
+ "kind": "identitytoolkit#SignupNewUserResponse",
3
+ "localId": "abcdefghijklmnopqrstuvwxyzab",
4
+ "displayName": "John Smith",
5
+ "email": "john@smith.com"
6
+ }
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: firebase-admin
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.1
4
+ version: 0.1.5
5
5
  platform: ruby
6
6
  authors:
7
7
  - Colin Harris
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-03-11 00:00:00.000000000 Z
11
+ date: 2021-10-31 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rake
@@ -185,7 +185,11 @@ files:
185
185
  - spec/fixtures/400_error.json
186
186
  - spec/fixtures/bad_gateway.html
187
187
  - spec/fixtures/create_account.json
188
+ - spec/fixtures/example_key
188
189
  - spec/fixtures/gateway_timeout.html
190
+ - spec/fixtures/google_credentials.json
191
+ - spec/fixtures/google_credentials_invalid.json
192
+ - spec/fixtures/update_account.json
189
193
  - spec/spec_helper.rb
190
194
  homepage: https://github.com/col/firebase-admin
191
195
  licenses:
@@ -219,5 +223,9 @@ test_files:
219
223
  - spec/fixtures/400_error.json
220
224
  - spec/fixtures/bad_gateway.html
221
225
  - spec/fixtures/create_account.json
226
+ - spec/fixtures/example_key
222
227
  - spec/fixtures/gateway_timeout.html
228
+ - spec/fixtures/google_credentials.json
229
+ - spec/fixtures/google_credentials_invalid.json
230
+ - spec/fixtures/update_account.json
223
231
  - spec/spec_helper.rb