npm - @mastra/auth-firebase - Versions diffs - 0.10.0 - Mend

@mastra/auth-firebase 0.10.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (23) hide show

package/.turbo/turbo-build.log +30 -0
package/CHANGELOG.md +1 -0
package/LICENSE.md +7 -0
package/README.md +67 -0
package/dist/_tsup-dts-rollup.d.cts +20 -0
package/dist/_tsup-dts-rollup.d.ts +20 -0
package/dist/chunk-JLXWUSDO.js +972 -0
package/dist/chunk-N62AETLJ.js +7 -0
package/dist/getMachineId-bsd-IPBZSYCM.js +21 -0
package/dist/getMachineId-darwin-UJH25LDA.js +22 -0
package/dist/getMachineId-linux-YF3RLZNP.js +17 -0
package/dist/getMachineId-unsupported-UOUTBEEW.js +9 -0
package/dist/getMachineId-win-PKATJI4A.js +23 -0
package/dist/index.cjs +1533 -0
package/dist/index.d.cts +1 -0
package/dist/index.d.ts +1 -0
package/dist/index.js +356 -0
package/eslint.config.js +6 -0
package/package.json +40 -0
package/src/index.test.ts +157 -0
package/src/index.ts +51 -0
package/tsconfig.json +5 -0
package/vitest.config.ts +8 -0

package/dist/index.d.cts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export { MastraAuthFirebase } from './_tsup-dts-rollup.cjs';

package/dist/index.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export { MastraAuthFirebase } from './_tsup-dts-rollup.js';

package/dist/index.js ADDED Viewed

@@ -0,0 +1,356 @@
+import { SpanKind, trace, context, propagation, SpanStatusCode } from './chunk-JLXWUSDO.js';
+import admin from 'firebase-admin';
+import { getFirestore } from 'firebase-admin/firestore';
+// ../../packages/core/dist/chunk-EWDGXKOQ.js
+function hasActiveTelemetry(tracerName = "default-tracer") {
+  try {
+    return !!trace.getTracer(tracerName);
+  } catch {
+    return false;
+  }
+}
+function getBaggageValues(ctx) {
+  const currentBaggage = propagation.getBaggage(ctx);
+  const requestId = currentBaggage?.getEntry("http.request_id")?.value;
+  const componentName = currentBaggage?.getEntry("componentName")?.value;
+  const runId = currentBaggage?.getEntry("runId")?.value;
+  return {
+    requestId,
+    componentName,
+    runId
+  };
+}
+function withSpan(options) {
+  return function(_target, propertyKey, descriptor) {
+    if (!descriptor || typeof descriptor === "number") return;
+    const originalMethod = descriptor.value;
+    const methodName = String(propertyKey);
+    descriptor.value = function(...args) {
+      if (options?.skipIfNoTelemetry && !hasActiveTelemetry(options?.tracerName)) {
+        return originalMethod.apply(this, args);
+      }
+      const tracer = trace.getTracer(options?.tracerName ?? "default-tracer");
+      let spanName;
+      let spanKind;
+      if (typeof options === "string") {
+        spanName = options;
+      } else if (options) {
+        spanName = options.spanName || methodName;
+        spanKind = options.spanKind;
+      } else {
+        spanName = methodName;
+      }
+      const span = tracer.startSpan(spanName, { kind: spanKind });
+      let ctx = trace.setSpan(context.active(), span);
+      args.forEach((arg, index) => {
+        try {
+          span.setAttribute(`${spanName}.argument.${index}`, JSON.stringify(arg));
+        } catch {
+          span.setAttribute(`${spanName}.argument.${index}`, "[Not Serializable]");
+        }
+      });
+      const { requestId, componentName, runId } = getBaggageValues(ctx);
+      if (requestId) {
+        span.setAttribute("http.request_id", requestId);
+      }
+      if (componentName) {
+        span.setAttribute("componentName", componentName);
+        span.setAttribute("runId", runId);
+      } else if (this && this.name) {
+        span.setAttribute("componentName", this.name);
+        span.setAttribute("runId", this.runId);
+        ctx = propagation.setBaggage(
+          ctx,
+          propagation.createBaggage({
+            // @ts-ignore
+            componentName: { value: this.name },
+            // @ts-ignore
+            runId: { value: this.runId },
+            // @ts-ignore
+            "http.request_id": { value: requestId }
+          })
+        );
+      }
+      let result;
+      try {
+        result = context.with(ctx, () => originalMethod.apply(this, args));
+        if (result instanceof Promise) {
+          return result.then((resolvedValue) => {
+            try {
+              span.setAttribute(`${spanName}.result`, JSON.stringify(resolvedValue));
+            } catch {
+              span.setAttribute(`${spanName}.result`, "[Not Serializable]");
+            }
+            return resolvedValue;
+          }).finally(() => span.end());
+        }
+        try {
+          span.setAttribute(`${spanName}.result`, JSON.stringify(result));
+        } catch {
+          span.setAttribute(`${spanName}.result`, "[Not Serializable]");
+        }
+        return result;
+      } catch (error) {
+        span.setStatus({
+          code: SpanStatusCode.ERROR,
+          message: error instanceof Error ? error.message : "Unknown error"
+        });
+        if (error instanceof Error) {
+          span.recordException(error);
+        }
+        throw error;
+      } finally {
+        if (!(result instanceof Promise)) {
+          span.end();
+        }
+      }
+    };
+    return descriptor;
+  };
+}
+function InstrumentClass(options) {
+  return function(target) {
+    const methods = Object.getOwnPropertyNames(target.prototype);
+    methods.forEach((method) => {
+      if (options?.excludeMethods?.includes(method) || method === "constructor") return;
+      if (options?.methodFilter && !options.methodFilter(method)) return;
+      const descriptor = Object.getOwnPropertyDescriptor(target.prototype, method);
+      if (descriptor && typeof descriptor.value === "function") {
+        Object.defineProperty(
+          target.prototype,
+          method,
+          withSpan({
+            spanName: options?.prefix ? `${options.prefix}.${method}` : method,
+            skipIfNoTelemetry: true,
+            spanKind: options?.spanKind || SpanKind.INTERNAL,
+            tracerName: options?.tracerName
+          })(target, method, descriptor)
+        );
+      }
+    });
+    return target;
+  };
+}
+// ../../packages/core/dist/chunk-XXVGT7SJ.js
+var RegisteredLogger = {
+  LLM: "LLM"};
+var LogLevel = {
+  DEBUG: "debug",
+  INFO: "info",
+  WARN: "warn",
+  ERROR: "error"};
+var MastraLogger = class {
+  name;
+  level;
+  transports;
+  constructor(options = {}) {
+    this.name = options.name || "Mastra";
+    this.level = options.level || LogLevel.ERROR;
+    this.transports = new Map(Object.entries(options.transports || {}));
+  }
+  getTransports() {
+    return this.transports;
+  }
+  async getLogs(transportId) {
+    if (!transportId || !this.transports.has(transportId)) {
+      return [];
+    }
+    return this.transports.get(transportId).getLogs() ?? [];
+  }
+  async getLogsByRunId({ transportId, runId }) {
+    if (!transportId || !this.transports.has(transportId) || !runId) {
+      return [];
+    }
+    return this.transports.get(transportId).getLogsByRunId({ runId }) ?? [];
+  }
+};
+var ConsoleLogger = class extends MastraLogger {
+  constructor(options = {}) {
+    super(options);
+  }
+  debug(message, ...args) {
+    if (this.level === LogLevel.DEBUG) {
+      console.debug(message, ...args);
+    }
+  }
+  info(message, ...args) {
+    if (this.level === LogLevel.INFO || this.level === LogLevel.DEBUG) {
+      console.info(message, ...args);
+    }
+  }
+  warn(message, ...args) {
+    if (this.level === LogLevel.WARN || this.level === LogLevel.INFO || this.level === LogLevel.DEBUG) {
+      console.warn(message, ...args);
+    }
+  }
+  error(message, ...args) {
+    if (this.level === LogLevel.ERROR || this.level === LogLevel.WARN || this.level === LogLevel.INFO || this.level === LogLevel.DEBUG) {
+      console.error(message, ...args);
+    }
+  }
+  async getLogs(_transportId) {
+    return [];
+  }
+  async getLogsByRunId(_args) {
+    return [];
+  }
+};
+// ../../packages/core/dist/chunk-JOCKZ2US.js
+var MastraBase = class {
+  component = RegisteredLogger.LLM;
+  logger;
+  name;
+  telemetry;
+  constructor({ component, name }) {
+    this.component = component || RegisteredLogger.LLM;
+    this.name = name;
+    this.logger = new ConsoleLogger({ name: `${this.component} - ${this.name}` });
+  }
+  /**
+   * Set the logger for the agent
+   * @param logger
+   */
+  __setLogger(logger) {
+    this.logger = logger;
+    if (this.component !== RegisteredLogger.LLM) {
+      this.logger.debug(`Logger updated [component=${this.component}] [name=${this.name}]`);
+    }
+  }
+  /**
+   * Set the telemetry for the
+   * @param telemetry
+   */
+  __setTelemetry(telemetry) {
+    this.telemetry = telemetry;
+    if (this.component !== RegisteredLogger.LLM) {
+      this.logger.debug(`Telemetry updated [component=${this.component}] [name=${this.telemetry.name}]`);
+    }
+  }
+  /**
+   * Get the telemetry on the vector
+   * @returns telemetry
+   */
+  __getTelemetry() {
+    return this.telemetry;
+  }
+  /*
+    get experimental_telemetry config
+    */
+  get experimental_telemetry() {
+    return this.telemetry ? {
+      // tracer: this.telemetry.tracer,
+      tracer: this.telemetry.getBaggageTracer(),
+      isEnabled: !!this.telemetry.tracer
+    } : void 0;
+  }
+};
+// ../../packages/core/dist/chunk-C6A6W6XS.js
+var __create = Object.create;
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __knownSymbol = (name, symbol) => (symbol = Symbol[name]) ? symbol : Symbol.for("Symbol." + name);
+var __typeError = (msg) => {
+  throw TypeError(msg);
+};
+var __defNormalProp = (obj, key, value) => key in obj ? __defProp(obj, key, {
+  enumerable: true,
+  configurable: true,
+  writable: true,
+  value
+}) : obj[key] = value;
+var __name = (target, value) => __defProp(target, "name", {
+  value,
+  configurable: true
+});
+var __decoratorStart = (base) => [, , , __create(base?.[__knownSymbol("metadata")] ?? null)];
+var __decoratorStrings = ["class", "method", "getter", "setter", "accessor", "field", "value", "get", "set"];
+var __expectFn = (fn) => fn !== void 0 && typeof fn !== "function" ? __typeError("Function expected") : fn;
+var __decoratorContext = (kind, name, done, metadata, fns) => ({
+  kind: __decoratorStrings[kind],
+  name,
+  metadata,
+  addInitializer: (fn) => done._ ? __typeError("Already initialized") : fns.push(__expectFn(fn || null))
+});
+var __decoratorMetadata = (array, target) => __defNormalProp(target, __knownSymbol("metadata"), array[3]);
+var __runInitializers = (array, flags, self, value) => {
+  for (var i = 0, fns = array[flags >> 1], n = fns && fns.length; i < n; i++) fns[i].call(self) ;
+  return value;
+};
+var __decorateElement = (array, flags, name, decorators, target, extra) => {
+  var it, done, ctx, k = flags & 7, p = false;
+  var j = 0;
+  var extraInitializers = array[j] || (array[j] = []);
+  var desc = k && ((target = target.prototype), k < 5 && (k > 3 || !p) && __getOwnPropDesc(target , name));
+  __name(target, name);
+  for (var i = decorators.length - 1; i >= 0; i--) {
+    ctx = __decoratorContext(k, name, done = {}, array[3], extraInitializers);
+    it = (0, decorators[i])(target, ctx), done._ = 1;
+    __expectFn(it) && (target = it);
+  }
+  return __decoratorMetadata(array, target), desc && __defProp(target, name, desc), p ? k ^ 4 ? extra : desc : target;
+};
+// ../../packages/core/dist/server/index.js
+var _MastraAuthProvider_decorators;
+var _init;
+var _a;
+_MastraAuthProvider_decorators = [InstrumentClass({
+  prefix: "auth",
+  excludeMethods: ["__setTools", "__setLogger", "__setTelemetry", "#log"]
+})];
+var MastraAuthProvider = class extends (_a = MastraBase) {
+  constructor(options) {
+    super({
+      component: "AUTH",
+      name: options?.name
+    });
+    if (options?.authorizeUser) {
+      this.authorizeUser = options.authorizeUser.bind(this);
+    }
+  }
+  registerOptions(opts) {
+    if (opts?.authorizeUser) {
+      this.authorizeUser = opts.authorizeUser.bind(this);
+    }
+  }
+};
+MastraAuthProvider = /* @__PURE__ */ ((_) => {
+  _init = __decoratorStart(_a);
+  MastraAuthProvider = __decorateElement(_init, 0, "MastraAuthProvider", _MastraAuthProvider_decorators, MastraAuthProvider);
+  __runInitializers(_init, 1, MastraAuthProvider);
+  return MastraAuthProvider;
+})();
+var MastraAuthFirebase = class extends MastraAuthProvider {
+  serviceAccount;
+  databaseId;
+  constructor(options) {
+    super({ name: options?.name ?? "firebase" });
+    this.serviceAccount = options?.serviceAccount ?? process.env.FIREBASE_SERVICE_ACCOUNT;
+    this.databaseId = options?.databaseId ?? process.env.FIRESTORE_DATABASE_ID ?? process.env.FIREBASE_DATABASE_ID;
+    if (!admin.apps.length) {
+      admin.initializeApp({
+        credential: this.serviceAccount ? admin.credential.cert(this.serviceAccount) : admin.credential.applicationDefault()
+      });
+    }
+    this.registerOptions(options);
+  }
+  async authenticateToken(token) {
+    const decoded = await admin.auth().verifyIdToken(token);
+    return decoded;
+  }
+  async authorizeUser(user) {
+    const db = this.databaseId ? getFirestore(this.databaseId) : getFirestore();
+    const userAccess = await db.doc(`/user_access/${user.uid}`).get();
+    const userAccessData = userAccess.data();
+    if (!userAccessData) {
+      return false;
+    }
+    return true;
+  }
+};
+export { MastraAuthFirebase };

package/eslint.config.js ADDED Viewed

@@ -0,0 +1,6 @@
+import { createConfig } from '@internal/lint/eslint';
+const config = await createConfig();
+/** @type {import("eslint").Linter.Config[]} */
+export default [...config];

package/package.json ADDED Viewed

@@ -0,0 +1,40 @@
+{
+  "name": "@mastra/auth-firebase",
+  "version": "0.10.0",
+  "description": "Mastra Firebase Auth integration",
+  "type": "module",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "exports": {
+    ".": {
+      "import": {
+        "types": "./dist/index.d.ts",
+        "default": "./dist/index.js"
+      },
+      "require": {
+        "types": "./dist/index.d.cts",
+        "default": "./dist/index.cjs"
+      }
+    },
+    "./package.json": "./package.json"
+  },
+  "license": "Elastic-2.0",
+  "dependencies": {
+    "firebase-admin": "^13.4.0"
+  },
+  "devDependencies": {
+    "@types/node": "^22.13.1",
+    "eslint": "^9.25.1",
+    "tsup": "^8.4.0",
+    "typescript": "^5.8.3",
+    "vitest": "^2.1.9",
+    "@internal/lint": "0.0.8",
+    "@mastra/core": "0.10.2"
+  },
+  "scripts": {
+    "build": "tsup src/index.ts --format esm,cjs --experimental-dts --clean --treeshake",
+    "build:watch": "pnpm build --watch",
+    "test": "vitest run",
+    "lint": "eslint ."
+  }
+}

package/src/index.test.ts ADDED Viewed

@@ -0,0 +1,157 @@
+import admin from 'firebase-admin';
+import { getFirestore } from 'firebase-admin/firestore';
+import { describe, it, expect, vi, beforeEach } from 'vitest';
+import { MastraAuthFirebase } from './index';
+// Mock Firebase Admin
+vi.mock('firebase-admin', () => ({
+  default: {
+    apps: [],
+    initializeApp: vi.fn(),
+    auth: vi.fn(() => ({
+      verifyIdToken: vi.fn(),
+    })),
+    credential: {
+      cert: vi.fn(() => 'mock-credential'),
+      applicationDefault: vi.fn(() => 'mock-default-credential'),
+    },
+  },
+}));
+// Mock Firestore
+vi.mock('firebase-admin/firestore', () => ({
+  getFirestore: vi.fn(() => ({
+    doc: vi.fn(() => ({
+      get: vi.fn(),
+    })),
+  })),
+}));
+describe('MastraAuthFirebase', () => {
+  const mockServiceAccount = 'mock-service-account';
+  const mockDatabaseId = 'mock-database-id';
+  const mockToken = 'mock-token';
+  const mockUserId = 'mock-user-id';
+  beforeEach(() => {
+    vi.clearAllMocks();
+  });
+  describe('initialization', () => {
+    it('should initialize with provided options', () => {
+      const auth = new MastraAuthFirebase({
+        serviceAccount: mockServiceAccount,
+        databaseId: mockDatabaseId,
+      });
+      expect(auth).toBeInstanceOf(MastraAuthFirebase);
+      expect(admin.initializeApp).toHaveBeenCalledWith({
+        credential: 'mock-credential',
+      });
+      expect(admin.credential.cert).toHaveBeenCalledWith(mockServiceAccount);
+    });
+    it('should initialize with environment variables', () => {
+      process.env.FIREBASE_SERVICE_ACCOUNT = mockServiceAccount;
+      process.env.FIRESTORE_DATABASE_ID = mockDatabaseId;
+      const auth = new MastraAuthFirebase();
+      expect(auth).toBeInstanceOf(MastraAuthFirebase);
+      expect(admin.initializeApp).toHaveBeenCalledWith({
+        credential: 'mock-credential',
+      });
+      expect(admin.credential.cert).toHaveBeenCalledWith(mockServiceAccount);
+      delete process.env.FIREBASE_SERVICE_ACCOUNT;
+      delete process.env.FIRESTORE_DATABASE_ID;
+    });
+  });
+  describe('authenticateToken', () => {
+    it('should verify and return decoded token', async () => {
+      const mockDecodedToken = { uid: mockUserId };
+      const mockVerifyIdToken = vi.fn().mockResolvedValue(mockDecodedToken);
+      (admin.auth as any).mockReturnValue({
+        verifyIdToken: mockVerifyIdToken,
+      });
+      const auth = new MastraAuthFirebase();
+      const result = await auth.authenticateToken(mockToken);
+      expect(mockVerifyIdToken).toHaveBeenCalledWith(mockToken);
+      expect(result).toEqual(mockDecodedToken);
+    });
+    it('should return null when token verification fails', async () => {
+      const mockVerifyIdToken = vi.fn().mockRejectedValue(new Error('Invalid token'));
+      (admin.auth as any).mockReturnValue({
+        verifyIdToken: mockVerifyIdToken,
+      });
+      const auth = new MastraAuthFirebase();
+      const result = await auth.authenticateToken(mockToken).catch(() => null);
+      expect(mockVerifyIdToken).toHaveBeenCalledWith(mockToken);
+      expect(result).toBeNull();
+    });
+  });
+  describe('authorizeUser', () => {
+    it('should return true when user has access', async () => {
+      const mockUser = { uid: mockUserId };
+      const mockUserAccessData = { someData: 'value' };
+      const mockGet = vi.fn().mockResolvedValue({ data: () => mockUserAccessData });
+      const mockDoc = vi.fn().mockReturnValue({ get: mockGet });
+      (getFirestore as any).mockReturnValue({
+        doc: mockDoc,
+      });
+      const auth = new MastraAuthFirebase();
+      const result = await auth.authorizeUser(mockUser as any);
+      expect(mockDoc).toHaveBeenCalledWith(`/user_access/${mockUserId}`);
+      expect(result).toBe(true);
+    });
+    it('should return false when user has no access', async () => {
+      const mockUser = { uid: mockUserId };
+      const mockGet = vi.fn().mockResolvedValue({ data: () => null });
+      const mockDoc = vi.fn().mockReturnValue({ get: mockGet });
+      (getFirestore as any).mockReturnValue({
+        doc: mockDoc,
+      });
+      const auth = new MastraAuthFirebase();
+      const result = await auth.authorizeUser(mockUser as any);
+      expect(mockDoc).toHaveBeenCalledWith(`/user_access/${mockUserId}`);
+      expect(result).toBe(false);
+    });
+  });
+  it('can be overridden with custom authorization logic', async () => {
+    const firebase = new MastraAuthFirebase({
+      async authorizeUser(user: any): Promise<boolean> {
+        // Custom authorization logic that checks for specific permissions
+        return user?.permissions?.includes('admin') ?? false;
+      },
+    });
+    // Test with admin user
+    const adminUser = { sub: 'user123', permissions: ['admin'] } as unknown as DecodedIdToken;
+    expect(await firebase.authorizeUser(adminUser)).toBe(true);
+    // Test with non-admin user
+    const regularUser = { sub: 'user456', permissions: ['read'] };
+    expect(await firebase.authorizeUser(regularUser)).toBe(false);
+    // Test with user without permissions
+    const noPermissionsUser = { sub: 'user789' };
+    expect(await firebase.authorizeUser(noPermissionsUser)).toBe(false);
+  });
+});

package/src/index.ts ADDED Viewed

@@ -0,0 +1,51 @@
+import type { MastraAuthProviderOptions } from '@mastra/core/server';
+import { MastraAuthProvider } from '@mastra/core/server';
+import admin from 'firebase-admin';
+import { getFirestore } from 'firebase-admin/firestore';
+type FirebaseUser = admin.auth.DecodedIdToken;
+interface MastraAuthFirebaseOptions extends MastraAuthProviderOptions<FirebaseUser> {
+  databaseId?: string;
+  serviceAccount?: string;
+}
+export class MastraAuthFirebase extends MastraAuthProvider<FirebaseUser> {
+  private serviceAccount: string | undefined;
+  private databaseId: string | undefined;
+  constructor(options?: MastraAuthFirebaseOptions) {
+    super({ name: options?.name ?? 'firebase' });
+    this.serviceAccount = options?.serviceAccount ?? process.env.FIREBASE_SERVICE_ACCOUNT;
+    this.databaseId = options?.databaseId ?? process.env.FIRESTORE_DATABASE_ID ?? process.env.FIREBASE_DATABASE_ID;
+    if (!admin.apps.length) {
+      admin.initializeApp({
+        credential: this.serviceAccount
+          ? admin.credential.cert(this.serviceAccount)
+          : admin.credential.applicationDefault(),
+      });
+    }
+    this.registerOptions(options);
+  }
+  async authenticateToken(token: string): Promise<FirebaseUser | null> {
+    const decoded = await admin.auth().verifyIdToken(token);
+    return decoded;
+  }
+  async authorizeUser(user: FirebaseUser) {
+    const db = this.databaseId ? getFirestore(this.databaseId) : getFirestore();
+    const userAccess = await db.doc(`/user_access/${user.uid}`).get();
+    const userAccessData = userAccess.data();
+    if (!userAccessData) {
+      return false;
+    }
+    return true;
+  }
+}

package/tsconfig.json ADDED Viewed

@@ -0,0 +1,5 @@
+{
+  "extends": "../../tsconfig.node.json",
+  "include": ["src/**/*"],
+  "exclude": ["node_modules", "**/*.test.ts"]
+}

package/vitest.config.ts ADDED Viewed

@@ -0,0 +1,8 @@
+import { defineConfig } from 'vitest/config';
+export default defineConfig({
+  test: {
+    globals: true,
+    include: ['src/**/*.test.ts'],
+  },
+});