firebase-functions 0.4.0__tar.gz → 0.4.2__tar.gz

{firebase_functions-0.4.0 → firebase_functions-0.4.2}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: firebase_functions
-Version: 0.4.0
+Version: 0.4.2
 Summary: Firebase Functions Python SDK
 Home-page: https://github.com/firebase/firebase-functions-python
 Author: Firebase Team

{firebase_functions-0.4.0 → firebase_functions-0.4.2}/src/firebase_functions/__init__.py

@@ -15,4 +15,4 @@
 Firebase Functions for Python.
 """
 
-__version__ = "0.4.0"
+__version__ = "0.4.2"

{firebase_functions-0.4.0 → firebase_functions-0.4.2}/src/firebase_functions/firestore_fn.py

@@ -134,8 +134,6 @@ def _firestore_endpoint_handler(
     event_namespace = event_attributes["namespace"]
     event_document = event_attributes["document"]
     event_database = event_attributes["database"]
-    event_auth_type = event_attributes["authtype"]
-    event_auth_id = event_attributes["authid"]
 
     time = event_attributes["time"]
     event_time = _util.timestamp_conversion(time)
@@ -208,6 +206,8 @@ def _firestore_endpoint_handler(
     func = _core._with_init(func)
 
     if event_type.endswith(".withAuthContext"):
+        event_auth_type = event_attributes["authtype"]
+        event_auth_id = event_attributes["authid"]
         database_event_with_auth_context = AuthEvent(**vars(database_event),
                                                      auth_type=event_auth_type,
                                                      auth_id=event_auth_id)
@@ -270,7 +270,7 @@ def on_document_written_with_auth_context(**kwargs
                                          ) -> _typing.Callable[[_C1], _C1]:
     """
     Event handler that triggers when a document is created, updated, or deleted in Firestore.
-    This trigger will also provide the authentication context of the principal who triggered 
+    This trigger will also provide the authentication context of the principal who triggered
     the event.
 
     Example:
@@ -369,7 +369,7 @@ def on_document_updated_with_auth_context(**kwargs
                                          ) -> _typing.Callable[[_C1], _C1]:
     """
     Event handler that triggers when a document is updated in Firestore.
-    This trigger will also provide the authentication context of the principal who triggered 
+    This trigger will also provide the authentication context of the principal who triggered
     the event.
 
     Example:
@@ -468,7 +468,7 @@ def on_document_created_with_auth_context(**kwargs
                                          ) -> _typing.Callable[[_C2], _C2]:
     """
     Event handler that triggers when a document is created in Firestore.
-    This trigger will also provide the authentication context of the principal who triggered 
+    This trigger will also provide the authentication context of the principal who triggered
     the event.
 
     Example:
@@ -567,7 +567,7 @@ def on_document_deleted_with_auth_context(**kwargs
                                          ) -> _typing.Callable[[_C2], _C2]:
     """
     Event handler that triggers when a document is deleted in Firestore.
-    This trigger will also provide the authentication context of the principal who triggered 
+    This trigger will also provide the authentication context of the principal who triggered
     the event.
 
     Example:

{firebase_functions-0.4.0 → firebase_functions-0.4.2}/src/firebase_functions/https_fn.py

@@ -352,10 +352,8 @@ _C1 = _typing.Callable[[Request], Response]
 _C2 = _typing.Callable[[CallableRequest[_typing.Any]], _typing.Any]
 
 
-def _on_call_handler(func: _C2,
-                     request: Request,
-                     enforce_app_check: bool,
-                     verify_token: bool = True) -> Response:
+def _on_call_handler(func: _C2, request: Request,
+                     enforce_app_check: bool) -> Response:
     try:
         if not _util.valid_on_call_request(request):
             _logging.error("Invalid request, unable to process.")
@@ -365,8 +363,7 @@ def _on_call_handler(func: _C2,
             data=_json.loads(request.data)["data"],
         )
 
-        token_status = _util.on_call_check_tokens(request,
-                                                  verify_token=verify_token)
+        token_status = _util.on_call_check_tokens(request)
 
         if token_status.auth == _util.OnCallTokenState.INVALID:
             raise HttpsError(FunctionsErrorCode.UNAUTHENTICATED,
@@ -420,7 +417,7 @@ def _on_call_handler(func: _C2,
 def on_request(**kwargs) -> _typing.Callable[[_C1], _C1]:
     """
     Handler which handles HTTPS requests.
-    Requires a function that takes a ``Request`` and ``Response`` object, 
+    Requires a function that takes a ``Request`` and ``Response`` object,
     the same signature as a Flask app.
 
     Example:

{firebase_functions-0.4.0 → firebase_functions-0.4.2}/src/firebase_functions/logger.py

@@ -44,9 +44,8 @@ def _entry_from_args(severity: LogSeverity, *args, **kwargs) -> LogEntry:
     """
 
     message: str = " ".join([
-        value
-        if isinstance(value, str) else _json.dumps(_remove_circular(value))
-        for value in args
+        value if isinstance(value, str) else _json.dumps(
+            _remove_circular(value), ensure_ascii=False) for value in args
     ])
 
     other: _typing.Dict[str, _typing.Any] = {
@@ -95,7 +94,8 @@ def _get_write_file(severity: LogSeverity) -> _typing.TextIO:
 
 def write(entry: LogEntry) -> None:
     write_file = _get_write_file(entry["severity"])
-    print(_json.dumps(_remove_circular(entry)), file=write_file)
+    print(_json.dumps(_remove_circular(entry), ensure_ascii=False),
+          file=write_file)
 
 
 def debug(*args, **kwargs) -> None:

{firebase_functions-0.4.0 → firebase_functions-0.4.2}/src/firebase_functions/private/util.py

@@ -212,11 +212,10 @@ class _OnCallTokenVerification:
 
 
 def _on_call_check_auth_token(
-    request: _Request,
-    verify_token: bool = True,
+    request: _Request
 ) -> None | _typing.Literal[OnCallTokenState.INVALID] | dict[str, _typing.Any]:
     """
-        Validates the auth token in a callable request. 
+        Validates the auth token in a callable request.
         If verify_token is False, the token will be decoded without verification.
     """
     authorization = request.headers.get("Authorization")
@@ -227,10 +226,7 @@ def _on_call_check_auth_token(
         return OnCallTokenState.INVALID
     try:
         id_token = authorization.replace("Bearer ", "")
-        if verify_token:
-            auth_token = _auth.verify_id_token(id_token)
-        else:
-            auth_token = _unsafe_decode_id_token(id_token)
+        auth_token = _auth.verify_id_token(id_token)
         return auth_token
     # pylint: disable=broad-except
     except Exception as err:
@@ -273,25 +269,23 @@ def _unsafe_decode_id_token(token: str):
     return payload
 
 
-def on_call_check_tokens(request: _Request,
-                         verify_token: bool = True) -> _OnCallTokenVerification:
+def on_call_check_tokens(request: _Request) -> _OnCallTokenVerification:
     """Check tokens"""
     verifications = _OnCallTokenVerification()
 
-    auth_token = _on_call_check_auth_token(request, verify_token=verify_token)
+    auth_token = _on_call_check_auth_token(request)
     if auth_token is None:
         verifications.auth = OnCallTokenState.MISSING
     elif isinstance(auth_token, dict):
         verifications.auth = OnCallTokenState.VALID
         verifications.auth_token = auth_token
 
-    if verify_token:
-        app_token = _on_call_check_app_token(request)
-        if app_token is None:
-            verifications.app = OnCallTokenState.MISSING
-        elif isinstance(app_token, dict):
-            verifications.app = OnCallTokenState.VALID
-            verifications.app_token = app_token
+    app_token = _on_call_check_app_token(request)
+    if app_token is None:
+        verifications.app = OnCallTokenState.MISSING
+    elif isinstance(app_token, dict):
+        verifications.app = OnCallTokenState.VALID
+        verifications.app_token = app_token
 
     log_payload = {
         **verifications.as_dict(),
@@ -301,7 +295,7 @@ def on_call_check_tokens(request: _Request,
     }
 
     errs = []
-    if verify_token and verifications.app == OnCallTokenState.INVALID:
+    if verifications.app == OnCallTokenState.INVALID:
         errs.append(("AppCheck token was rejected.", log_payload))
 
     if verifications.auth == OnCallTokenState.INVALID:

{firebase_functions-0.4.0 → firebase_functions-0.4.2}/src/firebase_functions/pubsub_fn.py

@@ -105,6 +105,13 @@ def _message_handler(
     data = event_dict["data"]
     message_dict = data["message"]
 
+    # if no microseconds are present, we should set them to 0 to prevent parsing from failing
+    if "." not in event_dict["time"]:
+        event_dict["time"] = event_dict["time"].replace("Z", ".000000Z")
+    if "." not in message_dict["publish_time"]:
+        message_dict["publish_time"] = message_dict["publish_time"].replace(
+            "Z", ".000000Z")
+
     time = _dt.datetime.strptime(
         event_dict["time"],
         "%Y-%m-%dT%H:%M:%S.%f%z",

{firebase_functions-0.4.0 → firebase_functions-0.4.2}/src/firebase_functions/tasks_fn.py

@@ -16,14 +16,55 @@
 # pylint: disable=protected-access
 import typing as _typing
 import functools as _functools
+import dataclasses as _dataclasses
+import json as _json
 
-from flask import Request, Response
+from flask import Request, Response, make_response as _make_response, jsonify as _jsonify
 
+import firebase_functions.core as _core
 import firebase_functions.options as _options
 import firebase_functions.private.util as _util
-from firebase_functions.https_fn import CallableRequest, _on_call_handler
+from firebase_functions.https_fn import CallableRequest, HttpsError, FunctionsErrorCode
+
+from functions_framework import logging as _logging
 
 _C = _typing.Callable[[CallableRequest[_typing.Any]], _typing.Any]
+_C1 = _typing.Callable[[Request], Response]
+_C2 = _typing.Callable[[CallableRequest[_typing.Any]], _typing.Any]
+
+
+def _on_call_handler(func: _C2, request: Request) -> Response:
+    try:
+        if not _util.valid_on_call_request(request):
+            _logging.error("Invalid request, unable to process.")
+            raise HttpsError(FunctionsErrorCode.INVALID_ARGUMENT, "Bad Request")
+        context: CallableRequest = CallableRequest(
+            raw_request=request,
+            data=_json.loads(request.data)["data"],
+        )
+
+        instance_id = request.headers.get("Firebase-Instance-ID-Token")
+        if instance_id is not None:
+            # Validating the token requires an http request, so we don't do it.
+            # If the user wants to use it for something, it will be validated then.
+            # Currently, the only real use case for this token is for sending
+            # pushes with FCM. In that case, the FCM APIs will validate the token.
+            context = _dataclasses.replace(
+                context,
+                instance_id_token=request.headers.get(
+                    "Firebase-Instance-ID-Token"),
+            )
+        result = _core._with_init(func)(context)
+        return _jsonify(result=result)
+    # Disable broad exceptions lint since we want to handle all exceptions here
+    # and wrap as an HttpsError.
+    # pylint: disable=broad-except
+    except Exception as err:
+        if not isinstance(err, HttpsError):
+            _logging.error("Unhandled error: %s", err)
+            err = HttpsError(FunctionsErrorCode.INTERNAL, "INTERNAL")
+        status = err._http_error_code.status
+        return _make_response(_jsonify(error=err._as_dict()), status)
 
 
 @_util.copy_func_kwargs(_options.TaskQueueOptions)
@@ -53,10 +94,7 @@ def on_task_dispatched(**kwargs) -> _typing.Callable[[_C], Response]:
 
         @_functools.wraps(func)
         def on_task_dispatched_wrapped(request: Request) -> Response:
-            return _on_call_handler(func,
-                                    request,
-                                    enforce_app_check=False,
-                                    verify_token=False)
+            return _on_call_handler(func, request)
 
         _util.set_func_endpoint_attr(
             on_task_dispatched_wrapped,

{firebase_functions-0.4.0 → firebase_functions-0.4.2}/src/firebase_functions.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: firebase-functions
-Version: 0.4.0
+Version: 0.4.2
 Summary: Firebase Functions Python SDK
 Home-page: https://github.com/firebase/firebase-functions-python
 Author: Firebase Team

{firebase_functions-0.4.0 → firebase_functions-0.4.2}/tests/test_pubsub_fn.py

@@ -129,3 +129,32 @@ class TestPubSub(unittest.TestCase):
         _message_handler(func, raw_event)
 
         self.assertEqual("world", hello)
+
+    def test_datetime_without_mircroseconds_doesnt_throw(self):
+        time = "2023-03-11T13:25:37Z"
+        raw_event = _CloudEvent(
+            attributes={
+                "id": "test-message",
+                "source": "https://example.com/pubsub",
+                "specversion": "1.0",
+                "time": time,
+                "type": "com.example.pubsub.message",
+            },
+            data={
+                "message": {
+                    "attributes": {
+                        "key": "value"
+                    },
+                    "data": "eyJ0ZXN0IjogInZhbHVlIn0=",
+                    "message_id": "message-id-123",
+                    "publish_time": time,
+                },
+                "subscription": "my-subscription",
+            },
+        )
+        try:
+            _message_handler(lambda _: None, raw_event)
+        # pylint: disable=broad-except
+        except Exception:
+            self.fail(
+                "Datetime without microseconds should not throw an exception")

{firebase_functions-0.4.0 → firebase_functions-0.4.2}/tests/test_tasks_fn.py

@@ -71,41 +71,6 @@ class TestTasks(unittest.TestCase):
                 '{"result":"Hello World"}\n',
             )
 
-    def test_token_is_decoded(self):
-        """
-        Test that the token is decoded instead of verifying auth first.
-        """
-        app = Flask(__name__)
-
-        @on_task_dispatched()
-        def example(request: CallableRequest[object]) -> str:
-            auth = request.auth
-            # Make mypy happy
-            if auth is None:
-                self.fail("Auth is None")
-                return "No Auth"
-            self.assertEqual(auth.token["sub"], "firebase")
-            self.assertEqual(auth.token["name"], "John Doe")
-            return "Hello World"
-
-        with app.test_request_context("/"):
-            # pylint: disable=line-too-long
-            test_token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJmaXJlYmFzZSIsIm5hbWUiOiJKb2huIERvZSJ9.74A24Y821E7CZx8aYCsCKo0Y-W0qXwqME-14QlEMcB0"
-            environ = EnvironBuilder(
-                method="POST",
-                headers={
-                    "Authorization": f"Bearer {test_token}"
-                },
-                json={
-                    "data": {
-                        "test": "value"
-                    },
-                },
-            ).get_environ()
-            request = Request(environ)
-            response = example(request)
-            self.assertEqual(response.status_code, 200)
-
     def test_calls_init(self):
         hello = None