firebase-admin 0.1.4 → 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitignore +3 -0
- data/Gemfile.lock +37 -22
- data/firebase-admin.gemspec +1 -1
- data/lib/firebase-admin/client/accounts.rb +11 -37
- data/lib/firebase-admin/configuration.rb +34 -0
- data/lib/firebase-admin/connection.rb +1 -1
- data/lib/firebase-admin/version.rb +1 -1
- data/spec/firebase-admin/api_spec.rb +3 -1
- data/spec/firebase-admin/client/accounts_spec.rb +18 -12
- metadata +6 -6
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: e17ee3117fba2303b9994810707260adc620a0df6856fafcab5f2d91ae73d198
|
4
|
+
data.tar.gz: 1b8cb745fdcb281555ba1210ae46de28d88adbe32fd0a3eb4f28b4dffa0bf579
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 3b477554cecc66c68eca389b9a6b1b1b406e3279c73fab7be20c1435f53e688338c8df6093e7ea2196a27ef21b82335ff7345cbb15670b2bc33b187fd76d94f6
|
7
|
+
data.tar.gz: eeb3c9e88e13fb973c051d3c8d389f0870b48fb27f372ab36733a0f51247291499afaee4a971c2a18ef2068aa5fd4fc619983a985550d5b6ab96e4443ad4b091
|
data/.gitignore
CHANGED
data/Gemfile.lock
CHANGED
@@ -1,43 +1,57 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
firebase-admin (0.
|
4
|
+
firebase-admin (0.2.0)
|
5
5
|
addressable (~> 2.7)
|
6
6
|
faraday (~> 1.3)
|
7
7
|
faraday_middleware (~> 1.0)
|
8
8
|
hashie (~> 4.1)
|
9
|
-
jwt (
|
9
|
+
jwt (>= 2.2)
|
10
10
|
multi_json (~> 1.15)
|
11
11
|
|
12
12
|
GEM
|
13
13
|
remote: https://rubygems.org/
|
14
14
|
specs:
|
15
|
-
addressable (2.
|
15
|
+
addressable (2.8.0)
|
16
16
|
public_suffix (>= 2.0.2, < 5.0)
|
17
17
|
ast (2.4.2)
|
18
18
|
crack (0.4.5)
|
19
19
|
rexml
|
20
20
|
diff-lcs (1.4.4)
|
21
|
-
faraday (1.
|
21
|
+
faraday (1.8.0)
|
22
|
+
faraday-em_http (~> 1.0)
|
23
|
+
faraday-em_synchrony (~> 1.0)
|
24
|
+
faraday-excon (~> 1.1)
|
25
|
+
faraday-httpclient (~> 1.0.1)
|
22
26
|
faraday-net_http (~> 1.0)
|
27
|
+
faraday-net_http_persistent (~> 1.1)
|
28
|
+
faraday-patron (~> 1.0)
|
29
|
+
faraday-rack (~> 1.0)
|
23
30
|
multipart-post (>= 1.2, < 3)
|
24
|
-
ruby2_keywords
|
31
|
+
ruby2_keywords (>= 0.0.4)
|
32
|
+
faraday-em_http (1.0.0)
|
33
|
+
faraday-em_synchrony (1.0.0)
|
34
|
+
faraday-excon (1.1.0)
|
35
|
+
faraday-httpclient (1.0.1)
|
25
36
|
faraday-net_http (1.0.1)
|
26
|
-
|
37
|
+
faraday-net_http_persistent (1.2.0)
|
38
|
+
faraday-patron (1.0.0)
|
39
|
+
faraday-rack (1.0.0)
|
40
|
+
faraday_middleware (1.2.0)
|
27
41
|
faraday (~> 1.0)
|
28
42
|
hashdiff (1.0.1)
|
29
43
|
hashie (4.1.0)
|
30
|
-
jwt (2.
|
44
|
+
jwt (2.3.0)
|
31
45
|
multi_json (1.15.0)
|
32
46
|
multipart-post (2.1.1)
|
33
|
-
parallel (1.
|
34
|
-
parser (3.0.
|
47
|
+
parallel (1.21.0)
|
48
|
+
parser (3.0.3.1)
|
35
49
|
ast (~> 2.4.1)
|
36
50
|
public_suffix (4.0.6)
|
37
51
|
rainbow (3.0.0)
|
38
|
-
rake (13.0.
|
39
|
-
regexp_parser (2.0
|
40
|
-
rexml (3.2.
|
52
|
+
rake (13.0.6)
|
53
|
+
regexp_parser (2.2.0)
|
54
|
+
rexml (3.2.5)
|
41
55
|
rspec (3.10.0)
|
42
56
|
rspec-core (~> 3.10.0)
|
43
57
|
rspec-expectations (~> 3.10.0)
|
@@ -50,27 +64,28 @@ GEM
|
|
50
64
|
rspec-mocks (3.10.2)
|
51
65
|
diff-lcs (>= 1.2.0, < 2.0)
|
52
66
|
rspec-support (~> 3.10.0)
|
53
|
-
rspec-support (3.10.
|
54
|
-
rubocop (1.
|
67
|
+
rspec-support (3.10.3)
|
68
|
+
rubocop (1.23.0)
|
55
69
|
parallel (~> 1.10)
|
56
70
|
parser (>= 3.0.0.0)
|
57
71
|
rainbow (>= 2.2.2, < 4.0)
|
58
72
|
regexp_parser (>= 1.8, < 3.0)
|
59
73
|
rexml
|
60
|
-
rubocop-ast (>= 1.
|
74
|
+
rubocop-ast (>= 1.12.0, < 2.0)
|
61
75
|
ruby-progressbar (~> 1.7)
|
62
76
|
unicode-display_width (>= 1.4.0, < 3.0)
|
63
|
-
rubocop-ast (1.
|
64
|
-
parser (>=
|
77
|
+
rubocop-ast (1.14.0)
|
78
|
+
parser (>= 3.0.1.1)
|
65
79
|
ruby-progressbar (1.11.0)
|
66
|
-
ruby2_keywords (0.0.
|
67
|
-
unicode-display_width (2.
|
68
|
-
webmock (3.
|
69
|
-
addressable (>= 2.
|
80
|
+
ruby2_keywords (0.0.5)
|
81
|
+
unicode-display_width (2.1.0)
|
82
|
+
webmock (3.14.0)
|
83
|
+
addressable (>= 2.8.0)
|
70
84
|
crack (>= 0.3.2)
|
71
85
|
hashdiff (>= 0.4.0, < 2.0.0)
|
72
86
|
|
73
87
|
PLATFORMS
|
88
|
+
arm64-darwin-21
|
74
89
|
x86_64-darwin-20
|
75
90
|
|
76
91
|
DEPENDENCIES
|
@@ -81,4 +96,4 @@ DEPENDENCIES
|
|
81
96
|
webmock (~> 3.11)
|
82
97
|
|
83
98
|
BUNDLED WITH
|
84
|
-
2.
|
99
|
+
2.3.17
|
data/firebase-admin.gemspec
CHANGED
@@ -10,7 +10,7 @@ Gem::Specification.new do |s|
|
|
10
10
|
s.add_runtime_dependency('faraday_middleware', '~> 1.0')
|
11
11
|
s.add_runtime_dependency('hashie', '~> 4.1')
|
12
12
|
s.add_runtime_dependency('multi_json', '~> 1.15')
|
13
|
-
s.add_runtime_dependency('jwt', '
|
13
|
+
s.add_runtime_dependency('jwt', '>= 2.2')
|
14
14
|
s.authors = ['Colin Harris']
|
15
15
|
s.description = 'A Ruby wrapper for the Firebase Admin APIs'
|
16
16
|
s.email = ['colin@jiva.ag']
|
@@ -117,6 +117,16 @@ module FirebaseAdmin
|
|
117
117
|
# @example
|
118
118
|
# FirebaseAdmin.create_custom_token('...')
|
119
119
|
def create_custom_token(uid)
|
120
|
+
if service_account_email.nil? || service_account_email == ''
|
121
|
+
raise InvalidCredentials,
|
122
|
+
"No client email provided via options, 'GOOGLE_APPLICATION_CREDENTIALS' or 'GOOGLE_CLIENT_EMAIL'"
|
123
|
+
end
|
124
|
+
|
125
|
+
if service_account_private_key.nil? || service_account_private_key == ''
|
126
|
+
raise InvalidCredentials,
|
127
|
+
"No private key provided via options, 'GOOGLE_APPLICATION_CREDENTIALS' or 'GOOGLE_PRIVATE_KEY'"
|
128
|
+
end
|
129
|
+
|
120
130
|
now_seconds = Time.now.to_i
|
121
131
|
payload = {
|
122
132
|
iss: service_account_email,
|
@@ -126,7 +136,7 @@ module FirebaseAdmin
|
|
126
136
|
exp: now_seconds + (60 * 60), # Maximum expiration time is one hour
|
127
137
|
uid: uid
|
128
138
|
}
|
129
|
-
JWT.encode(payload,
|
139
|
+
JWT.encode(payload, OpenSSL::PKey::RSA.new(unescape(service_account_private_key)), 'RS256')
|
130
140
|
end
|
131
141
|
|
132
142
|
# Get user by email/phone/uid
|
@@ -163,42 +173,6 @@ module FirebaseAdmin
|
|
163
173
|
str = str[1..-2] if str.start_with?('"') && str.end_with?('"')
|
164
174
|
str
|
165
175
|
end
|
166
|
-
|
167
|
-
def service_account_email
|
168
|
-
email = default_credentials.fetch('client_email') { ENV['GOOGLE_CLIENT_EMAIL'] }
|
169
|
-
if email.nil? || email == ''
|
170
|
-
raise InvalidCredentials,
|
171
|
-
"No client email provided via 'GOOGLE_APPLICATION_CREDENTIALS' or 'GOOGLE_CLIENT_EMAIL'"
|
172
|
-
end
|
173
|
-
|
174
|
-
email
|
175
|
-
end
|
176
|
-
|
177
|
-
def private_key
|
178
|
-
key = default_credentials.fetch('private_key') { unescape(ENV['GOOGLE_PRIVATE_KEY']) }
|
179
|
-
if key.nil? || key == ''
|
180
|
-
raise InvalidCredentials,
|
181
|
-
"No private key provided via 'GOOGLE_APPLICATION_CREDENTIALS' or 'GOOGLE_PRIVATE_KEY'"
|
182
|
-
end
|
183
|
-
|
184
|
-
OpenSSL::PKey::RSA.new(key)
|
185
|
-
end
|
186
|
-
|
187
|
-
def default_credentials
|
188
|
-
@default_credentials ||= read_default_credentials
|
189
|
-
end
|
190
|
-
|
191
|
-
def read_default_credentials
|
192
|
-
credentials_path = ENV['GOOGLE_APPLICATION_CREDENTIALS']
|
193
|
-
if credentials_path && File.exist?(credentials_path)
|
194
|
-
JSON.parse(File.read(credentials_path))
|
195
|
-
else
|
196
|
-
{}
|
197
|
-
end
|
198
|
-
rescue StandardError => e
|
199
|
-
raise InvalidCredentials,
|
200
|
-
"Failed reading credentials from '#{ENV['GOOGLE_APPLICATION_CREDENTIALS']}'. Error: #{e.message}"
|
201
|
-
end
|
202
176
|
end
|
203
177
|
end
|
204
178
|
end
|
@@ -13,6 +13,8 @@ module FirebaseAdmin
|
|
13
13
|
user_agent
|
14
14
|
project_id
|
15
15
|
loud_logger
|
16
|
+
service_account_email
|
17
|
+
service_account_private_key
|
16
18
|
].freeze
|
17
19
|
|
18
20
|
# By default, don't set a user access token
|
@@ -47,6 +49,18 @@ module FirebaseAdmin
|
|
47
49
|
# @private
|
48
50
|
attr_accessor(*VALID_OPTIONS_KEYS)
|
49
51
|
|
52
|
+
def service_account_email
|
53
|
+
@service_account_email ||= service_account_credentials.fetch('client_email') do
|
54
|
+
ENV['GOOGLE_CLIENT_EMAIL']
|
55
|
+
end
|
56
|
+
end
|
57
|
+
|
58
|
+
def service_account_private_key
|
59
|
+
@service_account_private_key ||= service_account_credentials.fetch('private_key') do
|
60
|
+
ENV['GOOGLE_PRIVATE_KEY']
|
61
|
+
end
|
62
|
+
end
|
63
|
+
|
50
64
|
# When this module is extended, set all configuration options to their default values
|
51
65
|
def self.extended(base)
|
52
66
|
base.reset
|
@@ -64,6 +78,23 @@ module FirebaseAdmin
|
|
64
78
|
end
|
65
79
|
end
|
66
80
|
|
81
|
+
def service_account_credentials
|
82
|
+
return {} unless ENV['GOOGLE_APPLICATION_CREDENTIALS']
|
83
|
+
|
84
|
+
@service_account_credentials ||= read_service_account_credentials(ENV['GOOGLE_APPLICATION_CREDENTIALS'])
|
85
|
+
end
|
86
|
+
|
87
|
+
def read_service_account_credentials(credentials_path)
|
88
|
+
if credentials_path && File.exist?(credentials_path)
|
89
|
+
JSON.parse(File.read(credentials_path))
|
90
|
+
else
|
91
|
+
{}
|
92
|
+
end
|
93
|
+
rescue StandardError => e
|
94
|
+
raise InvalidCredentials,
|
95
|
+
"Failed reading credentials from '#{ENV['GOOGLE_APPLICATION_CREDENTIALS']}'. Error: #{e.message}"
|
96
|
+
end
|
97
|
+
|
67
98
|
# Reset all configuration options to defaults
|
68
99
|
def reset
|
69
100
|
self.access_token = DEFAULT_ACCESS_TOKEN
|
@@ -73,6 +104,9 @@ module FirebaseAdmin
|
|
73
104
|
self.user_agent = DEFAULT_USER_AGENT
|
74
105
|
self.project_id = DEFAULT_PROJECT_ID
|
75
106
|
self.loud_logger = DEFAULT_LOUD_LOGGER
|
107
|
+
@service_account_credentials = nil
|
108
|
+
self.service_account_email = nil
|
109
|
+
self.service_account_private_key = nil
|
76
110
|
end
|
77
111
|
end
|
78
112
|
end
|
@@ -17,7 +17,7 @@ module FirebaseAdmin
|
|
17
17
|
}.merge(connection_options)
|
18
18
|
|
19
19
|
Faraday::Connection.new(options) do |connection|
|
20
|
-
connection.authorization
|
20
|
+
connection.request :authorization, 'Bearer', access_token if access_token
|
21
21
|
connection.use Faraday::Request::UrlEncoded
|
22
22
|
connection.use FaradayMiddleware::Mashify
|
23
23
|
connection.use Faraday::Response::ParseJson
|
@@ -34,7 +34,9 @@ describe FirebaseAdmin::API do
|
|
34
34
|
endpoint: 'http://tumblr.com/',
|
35
35
|
user_agent: 'Custom User Agent',
|
36
36
|
project_id: 'test-project',
|
37
|
-
loud_logger: true
|
37
|
+
loud_logger: true,
|
38
|
+
service_account_email: 'example@gmail.com',
|
39
|
+
service_account_private_key: '===private key==='
|
38
40
|
}
|
39
41
|
end
|
40
42
|
|
@@ -1,9 +1,7 @@
|
|
1
1
|
require File.expand_path('../../spec_helper', __dir__)
|
2
2
|
|
3
3
|
describe FirebaseAdmin::Client do
|
4
|
-
|
5
|
-
@client = FirebaseAdmin::Client.new(project_id: 'test-project')
|
6
|
-
end
|
4
|
+
let(:client) { FirebaseAdmin::Client.new(project_id: 'test-project') }
|
7
5
|
|
8
6
|
describe '.create_account' do
|
9
7
|
before do
|
@@ -12,7 +10,7 @@ describe FirebaseAdmin::Client do
|
|
12
10
|
end
|
13
11
|
|
14
12
|
it 'should get the correct resource' do
|
15
|
-
|
13
|
+
client.create_account(email: 'john@smith.com', password: 'supersecret')
|
16
14
|
expect(
|
17
15
|
a_post('v1/projects/test-project/accounts')
|
18
16
|
.with(body: { email: 'john@smith.com', password: 'supersecret' }.to_json)
|
@@ -28,7 +26,7 @@ describe FirebaseAdmin::Client do
|
|
28
26
|
end
|
29
27
|
|
30
28
|
it 'should post to the update endpoint' do
|
31
|
-
|
29
|
+
client.update_account(email: 'john@smith.com', password: 'supersecret')
|
32
30
|
expect(
|
33
31
|
a_post('v1/projects/test-project/accounts:update')
|
34
32
|
.with(body: { email: 'john@smith.com', password: 'supersecret' }.to_json)
|
@@ -41,10 +39,11 @@ describe FirebaseAdmin::Client do
|
|
41
39
|
context 'when credentials are set via GOOGLE_APPLICATION_CREDENTIALS' do
|
42
40
|
before do
|
43
41
|
ENV['GOOGLE_APPLICATION_CREDENTIALS'] = fixture('google_credentials.json').path
|
42
|
+
FirebaseAdmin.reset
|
44
43
|
end
|
45
44
|
|
46
45
|
it 'returns a valid JWT token' do
|
47
|
-
token =
|
46
|
+
token = client.create_custom_token('user-123')
|
48
47
|
token_data, _alg = JWT.decode(token, nil, false)
|
49
48
|
expect(token_data['uid']).to eq('user-123')
|
50
49
|
end
|
@@ -53,10 +52,13 @@ describe FirebaseAdmin::Client do
|
|
53
52
|
context 'when GOOGLE_APPLICATION_CREDENTIALS points to an invalid file' do
|
54
53
|
before do
|
55
54
|
ENV['GOOGLE_APPLICATION_CREDENTIALS'] = fixture('google_credentials_invalid.json').path
|
55
|
+
FirebaseAdmin.reset
|
56
56
|
end
|
57
57
|
|
58
58
|
it 'raises an error' do
|
59
|
-
expect {
|
59
|
+
expect {
|
60
|
+
client.create_custom_token('user-123')
|
61
|
+
}.to raise_error FirebaseAdmin::InvalidCredentials
|
60
62
|
end
|
61
63
|
end
|
62
64
|
|
@@ -68,10 +70,11 @@ describe FirebaseAdmin::Client do
|
|
68
70
|
ENV['GOOGLE_APPLICATION_CREDENTIALS'] = nil
|
69
71
|
ENV['GOOGLE_CLIENT_EMAIL'] = email
|
70
72
|
ENV['GOOGLE_PRIVATE_KEY'] = private_key
|
73
|
+
FirebaseAdmin.reset
|
71
74
|
end
|
72
75
|
|
73
76
|
it 'returns a valid JWT token' do
|
74
|
-
token =
|
77
|
+
token = client.create_custom_token('user-123')
|
75
78
|
token_data, _alg = JWT.decode(token, nil, false)
|
76
79
|
expect(token_data['uid']).to eq('user-123')
|
77
80
|
end
|
@@ -82,19 +85,22 @@ describe FirebaseAdmin::Client do
|
|
82
85
|
ENV['GOOGLE_APPLICATION_CREDENTIALS'] = nil
|
83
86
|
ENV['GOOGLE_CLIENT_EMAIL'] = nil
|
84
87
|
ENV['GOOGLE_PRIVATE_KEY'] = nil
|
88
|
+
FirebaseAdmin.reset
|
85
89
|
end
|
86
90
|
|
87
91
|
it 'raises an error' do
|
88
|
-
expect {
|
92
|
+
expect {
|
93
|
+
client.create_custom_token('user-123')
|
94
|
+
}.to raise_error FirebaseAdmin::InvalidCredentials
|
89
95
|
end
|
90
96
|
end
|
91
97
|
end
|
92
98
|
|
93
99
|
describe '.sign_in_for_uid' do
|
94
100
|
it 'should post to the update endpoint' do
|
95
|
-
expect(
|
96
|
-
expect(
|
97
|
-
result =
|
101
|
+
expect(client).to receive(:create_custom_token).with('user-123').and_return('token')
|
102
|
+
expect(client).to receive(:sign_in_with_custom_token).with('token').and_return('result')
|
103
|
+
result = client.sign_in_for_uid('user-123')
|
98
104
|
expect(result).to eq('result')
|
99
105
|
end
|
100
106
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: firebase-admin
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.2.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Colin Harris
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2022-07-22 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rake
|
@@ -140,16 +140,16 @@ dependencies:
|
|
140
140
|
name: jwt
|
141
141
|
requirement: !ruby/object:Gem::Requirement
|
142
142
|
requirements:
|
143
|
-
- - "
|
143
|
+
- - ">="
|
144
144
|
- !ruby/object:Gem::Version
|
145
|
-
version: 2.2
|
145
|
+
version: '2.2'
|
146
146
|
type: :runtime
|
147
147
|
prerelease: false
|
148
148
|
version_requirements: !ruby/object:Gem::Requirement
|
149
149
|
requirements:
|
150
|
-
- - "
|
150
|
+
- - ">="
|
151
151
|
- !ruby/object:Gem::Version
|
152
|
-
version: 2.2
|
152
|
+
version: '2.2'
|
153
153
|
description: A Ruby wrapper for the Firebase Admin APIs
|
154
154
|
email:
|
155
155
|
- colin@jiva.ag
|