1 | /*! firebase-admin v12.0.0 */
|
2 | ;
|
3 | /*!
|
4 | * @license
|
5 | * Copyright 2021 Google Inc.
|
6 | *
|
7 | * Licensed under the Apache License, Version 2.0 (the "License");
|
8 | * you may not use this file except in compliance with the License.
|
9 | * You may obtain a copy of the License at
|
10 | *
|
11 | * http://www.apache.org/licenses/LICENSE-2.0
|
12 | *
|
13 | * Unless required by applicable law or agreed to in writing, software
|
14 | * distributed under the License is distributed on an "AS IS" BASIS,
|
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
16 | * See the License for the specific language governing permissions and
|
17 | * limitations under the License.
|
18 | */
|
19 | Object.defineProperty(exports, "__esModule", { value: true });
|
20 | exports.clearGlobalAppDefaultCred = exports.refreshToken = exports.cert = exports.applicationDefault = void 0;
|
21 | const credential_internal_1 = require("./credential-internal");
|
22 | let globalAppDefaultCred;
|
23 | const globalCertCreds = {};
|
24 | const globalRefreshTokenCreds = {};
|
25 | /**
|
26 | * Returns a credential created from the
|
27 | * {@link https://developers.google.com/identity/protocols/application-default-credentials |
|
28 | * Google Application Default Credentials}
|
29 | * that grants admin access to Firebase services. This credential can be used
|
30 | * in the call to {@link firebase-admin.app#initializeApp}.
|
31 | *
|
32 | * Google Application Default Credentials are available on any Google
|
33 | * infrastructure, such as Google App Engine and Google Compute Engine.
|
34 | *
|
35 | * See
|
36 | * {@link https://firebase.google.com/docs/admin/setup#initialize_the_sdk | Initialize the SDK}
|
37 | * for more details.
|
38 | *
|
39 | * @example
|
40 | * ```javascript
|
41 | * initializeApp({
|
42 | * credential: applicationDefault(),
|
43 | * databaseURL: "https://<DATABASE_NAME>.firebaseio.com"
|
44 | * });
|
45 | * ```
|
46 | *
|
47 | * @param httpAgent - Optional {@link https://nodejs.org/api/http.html#http_class_http_agent | HTTP Agent}
|
48 | * to be used when retrieving access tokens from Google token servers.
|
49 | *
|
50 | * @returns A credential authenticated via Google
|
51 | * Application Default Credentials that can be used to initialize an app.
|
52 | */
|
53 | function applicationDefault(httpAgent) {
|
54 | if (typeof globalAppDefaultCred === 'undefined') {
|
55 | globalAppDefaultCred = (0, credential_internal_1.getApplicationDefault)(httpAgent);
|
56 | }
|
57 | return globalAppDefaultCred;
|
58 | }
|
59 | exports.applicationDefault = applicationDefault;
|
60 | /**
|
61 | * Returns a credential created from the provided service account that grants
|
62 | * admin access to Firebase services. This credential can be used in the call
|
63 | * to {@link firebase-admin.app#initializeApp}.
|
64 | *
|
65 | * See
|
66 | * {@link https://firebase.google.com/docs/admin/setup#initialize_the_sdk | Initialize the SDK}
|
67 | * for more details.
|
68 | *
|
69 | * @example
|
70 | * ```javascript
|
71 | * // Providing a path to a service account key JSON file
|
72 | * const serviceAccount = require("path/to/serviceAccountKey.json");
|
73 | * initializeApp({
|
74 | * credential: cert(serviceAccount),
|
75 | * databaseURL: "https://<DATABASE_NAME>.firebaseio.com"
|
76 | * });
|
77 | * ```
|
78 | *
|
79 | * @example
|
80 | * ```javascript
|
81 | * // Providing a service account object inline
|
82 | * initializeApp({
|
83 | * credential: cert({
|
84 | * projectId: "<PROJECT_ID>",
|
85 | * clientEmail: "foo@<PROJECT_ID>.iam.gserviceaccount.com",
|
86 | * privateKey: "-----BEGIN PRIVATE KEY-----<KEY>-----END PRIVATE KEY-----\n"
|
87 | * }),
|
88 | * databaseURL: "https://<DATABASE_NAME>.firebaseio.com"
|
89 | * });
|
90 | * ```
|
91 | *
|
92 | * @param serviceAccountPathOrObject - The path to a service
|
93 | * account key JSON file or an object representing a service account key.
|
94 | * @param httpAgent - Optional {@link https://nodejs.org/api/http.html#http_class_http_agent | HTTP Agent}
|
95 | * to be used when retrieving access tokens from Google token servers.
|
96 | *
|
97 | * @returns A credential authenticated via the
|
98 | * provided service account that can be used to initialize an app.
|
99 | */
|
100 | function cert(serviceAccountPathOrObject, httpAgent) {
|
101 | const stringifiedServiceAccount = JSON.stringify(serviceAccountPathOrObject);
|
102 | if (!(stringifiedServiceAccount in globalCertCreds)) {
|
103 | globalCertCreds[stringifiedServiceAccount] = new credential_internal_1.ServiceAccountCredential(serviceAccountPathOrObject, httpAgent);
|
104 | }
|
105 | return globalCertCreds[stringifiedServiceAccount];
|
106 | }
|
107 | exports.cert = cert;
|
108 | /**
|
109 | * Returns a credential created from the provided refresh token that grants
|
110 | * admin access to Firebase services. This credential can be used in the call
|
111 | * to {@link firebase-admin.app#initializeApp}.
|
112 | *
|
113 | * See
|
114 | * {@link https://firebase.google.com/docs/admin/setup#initialize_the_sdk | Initialize the SDK}
|
115 | * for more details.
|
116 | *
|
117 | * @example
|
118 | * ```javascript
|
119 | * // Providing a path to a refresh token JSON file
|
120 | * const refreshToken = require("path/to/refreshToken.json");
|
121 | * initializeApp({
|
122 | * credential: refreshToken(refreshToken),
|
123 | * databaseURL: "https://<DATABASE_NAME>.firebaseio.com"
|
124 | * });
|
125 | * ```
|
126 | *
|
127 | * @param refreshTokenPathOrObject - The path to a Google
|
128 | * OAuth2 refresh token JSON file or an object representing a Google OAuth2
|
129 | * refresh token.
|
130 | * @param httpAgent - Optional {@link https://nodejs.org/api/http.html#http_class_http_agent | HTTP Agent}
|
131 | * to be used when retrieving access tokens from Google token servers.
|
132 | *
|
133 | * @returns A credential authenticated via the
|
134 | * provided service account that can be used to initialize an app.
|
135 | */
|
136 | function refreshToken(refreshTokenPathOrObject, httpAgent) {
|
137 | const stringifiedRefreshToken = JSON.stringify(refreshTokenPathOrObject);
|
138 | if (!(stringifiedRefreshToken in globalRefreshTokenCreds)) {
|
139 | globalRefreshTokenCreds[stringifiedRefreshToken] = new credential_internal_1.RefreshTokenCredential(refreshTokenPathOrObject, httpAgent);
|
140 | }
|
141 | return globalRefreshTokenCreds[stringifiedRefreshToken];
|
142 | }
|
143 | exports.refreshToken = refreshToken;
|
144 | /**
|
145 | * Clears the global ADC cache. Exported for testing.
|
146 | */
|
147 | function clearGlobalAppDefaultCred() {
|
148 | globalAppDefaultCred = undefined;
|
149 | }
|
150 | exports.clearGlobalAppDefaultCred = clearGlobalAppDefaultCred;
|