-
Notifications
You must be signed in to change notification settings - Fork 373
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Improve token verification logic with Auth Emulator. #1148
Merged
+321
−173
Merged
Changes from 1 commit
Commits
Show all changes
11 commits
Select commit
Hold shift + click to select a range
512fa4f
Improve token verification logic with Auth Emulator.
yuchenshi c5b68d3
Clean up comments.
yuchenshi 2718b2c
Fix linting issues.
yuchenshi 0c6eaef
Address review comments.
yuchenshi ce83e14
Use mock for auth emulator unit test.
yuchenshi 6ba7fcf
Implement session cookies.
yuchenshi 159e0b4
Call useEmulator() only once.
yuchenshi 136f774
Update tests.
yuchenshi 1cbc812
Delete unused test helper.
yuchenshi 38c537e
Add unit tests for checking revocation.
yuchenshi 263f885
Fix typo in test comments.
yuchenshi File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Call useEmulator() only once.
commit 159e0b4943d05e56617b7ae726486fd8cc992dbe
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@yuchenshi can you give any context around why the
verifyIdToken
method always callsverifyDecodedJWTNotRevokedOrDisabled
if using emulator please?I'm in the position where I'm working with uid's that may/may not exist in Firebase.
I want to verify a token (which succeeds in prod) but the emulator checks whether there's a user and whether its been disabled regardless of the value of
checkRevoked
.If this isn't intended I can create a PR.
TIA
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@lprhodes Tokens from the Auth Emulator aren't really "verifiable" since they are not signed (compared to production), so the closest approximation we can do is to ask the Auth Emulator if they exist. It sounds like you have a specific workflow in mind that you want to emulate and please open a new issue with more context (especially why you'd like to verify tokens from non-existent users) and we'll see what we can do.