firebase-functions 7.2.1 → 7.2.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/lib/common/providers/identity.js +11 -1
  2. package/lib/esm/common/providers/identity.mjs +11 -1
  3. package/package.json +1 -1
package/lib/common/providers/identity.js CHANGED
@@ -392,7 +392,17 @@ function wrapHandler(eventType, handler) {
392
392
  if (!firebase_admin_auth.getAuth(require_common_app.getApp())._verifyAuthBlockingToken) {
393
393
  throw new Error("Cannot validate Auth Blocking token. Please update Firebase Admin SDK to >= v10.1.0");
394
394
  }
395
- const decodedPayload = require_common_debug.isDebugFeatureEnabled("skipTokenVerification") ? unsafeDecodeAuthBlockingToken(req.body.data.jwt) : handler.platform === "gcfv1" ? await firebase_admin_auth.getAuth(require_common_app.getApp())._verifyAuthBlockingToken(req.body.data.jwt) : await firebase_admin_auth.getAuth(require_common_app.getApp())._verifyAuthBlockingToken(req.body.data.jwt, "run.app");
395
+ let decodedPayload;
396
+ if (require_common_debug.isDebugFeatureEnabled("skipTokenVerification")) {
397
+ decodedPayload = unsafeDecodeAuthBlockingToken(req.body.data.jwt);
398
+ } else {
399
+ const unverified = unsafeDecodeAuthBlockingToken(req.body.data.jwt);
400
+ if (handler.platform === "gcfv2" && unverified.aud && unverified.aud.includes("run.app")) {
401
+ decodedPayload = await firebase_admin_auth.getAuth(require_common_app.getApp())._verifyAuthBlockingToken(req.body.data.jwt, "run.app");
402
+ } else {
403
+ decodedPayload = await firebase_admin_auth.getAuth(require_common_app.getApp())._verifyAuthBlockingToken(req.body.data.jwt);
404
+ }
405
+ }
396
406
  let authUserRecord;
397
407
  if (decodedPayload.event_type === "beforeCreate" || decodedPayload.event_type === "beforeSignIn") {
398
408
  authUserRecord = parseAuthUserRecord(decodedPayload.user_record);
package/lib/esm/common/providers/identity.mjs CHANGED
@@ -390,7 +390,17 @@ function wrapHandler(eventType, handler) {
390
390
  if (!auth.getAuth(getApp())._verifyAuthBlockingToken) {
391
391
  throw new Error("Cannot validate Auth Blocking token. Please update Firebase Admin SDK to >= v10.1.0");
392
392
  }
393
- const decodedPayload = isDebugFeatureEnabled("skipTokenVerification") ? unsafeDecodeAuthBlockingToken(req.body.data.jwt) : handler.platform === "gcfv1" ? await auth.getAuth(getApp())._verifyAuthBlockingToken(req.body.data.jwt) : await auth.getAuth(getApp())._verifyAuthBlockingToken(req.body.data.jwt, "run.app");
393
+ let decodedPayload;
394
+ if (isDebugFeatureEnabled("skipTokenVerification")) {
395
+ decodedPayload = unsafeDecodeAuthBlockingToken(req.body.data.jwt);
396
+ } else {
397
+ const unverified = unsafeDecodeAuthBlockingToken(req.body.data.jwt);
398
+ if (handler.platform === "gcfv2" && unverified.aud && unverified.aud.includes("run.app")) {
399
+ decodedPayload = await auth.getAuth(getApp())._verifyAuthBlockingToken(req.body.data.jwt, "run.app");
400
+ } else {
401
+ decodedPayload = await auth.getAuth(getApp())._verifyAuthBlockingToken(req.body.data.jwt);
402
+ }
403
+ }
394
404
  let authUserRecord;
395
405
  if (decodedPayload.event_type === "beforeCreate" || decodedPayload.event_type === "beforeSignIn") {
396
406
  authUserRecord = parseAuthUserRecord(decodedPayload.user_record);
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "firebase-functions",
3
- "version": "7.2.1",
3
+ "version": "7.2.2",
4
4
  "description": "Firebase SDK for Cloud Functions",
5
5
  "keywords": [
6
6
  "firebase",