UNPKG

8.78 kBJavaScriptView Raw
1/*! firebase-admin v12.0.0 */
2"use strict";
3/*!
4 * @license
5 * Copyright 2017 Google Inc.
6 *
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
10 *
11 * http://www.apache.org/licenses/LICENSE-2.0
12 *
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 */
19Object.defineProperty(exports, "__esModule", { value: true });
20exports.FirebaseApp = exports.FirebaseAppInternals = void 0;
21const credential_internal_1 = require("./credential-internal");
22const validator = require("../utils/validator");
23const deep_copy_1 = require("../utils/deep-copy");
24const error_1 = require("../utils/error");
25const TOKEN_EXPIRY_THRESHOLD_MILLIS = 5 * 60 * 1000;
26/**
27 * Internals of a FirebaseApp instance.
28 */
29class FirebaseAppInternals {
30 // eslint-disable-next-line @typescript-eslint/naming-convention
31 constructor(credential_) {
32 this.credential_ = credential_;
33 this.tokenListeners_ = [];
34 }
35 getToken(forceRefresh = false) {
36 if (forceRefresh || this.shouldRefresh()) {
37 return this.refreshToken();
38 }
39 return Promise.resolve(this.cachedToken_);
40 }
41 getCachedToken() {
42 return this.cachedToken_ || null;
43 }
44 refreshToken() {
45 return Promise.resolve(this.credential_.getAccessToken())
46 .then((result) => {
47 // Since the developer can provide the credential implementation, we want to weakly verify
48 // the return type until the type is properly exported.
49 if (!validator.isNonNullObject(result) ||
50 typeof result.expires_in !== 'number' ||
51 typeof result.access_token !== 'string') {
52 throw new error_1.FirebaseAppError(error_1.AppErrorCodes.INVALID_CREDENTIAL, `Invalid access token generated: "${JSON.stringify(result)}". Valid access ` +
53 'tokens must be an object with the "expires_in" (number) and "access_token" ' +
54 '(string) properties.');
55 }
56 const token = {
57 accessToken: result.access_token,
58 expirationTime: Date.now() + (result.expires_in * 1000),
59 };
60 if (!this.cachedToken_
61 || this.cachedToken_.accessToken !== token.accessToken
62 || this.cachedToken_.expirationTime !== token.expirationTime) {
63 // Update the cache before firing listeners. Listeners may directly query the
64 // cached token state.
65 this.cachedToken_ = token;
66 this.tokenListeners_.forEach((listener) => {
67 listener(token.accessToken);
68 });
69 }
70 return token;
71 })
72 .catch((error) => {
73 let errorMessage = (typeof error === 'string') ? error : error.message;
74 errorMessage = 'Credential implementation provided to initializeApp() via the ' +
75 '"credential" property failed to fetch a valid Google OAuth2 access token with the ' +
76 `following error: "${errorMessage}".`;
77 if (errorMessage.indexOf('invalid_grant') !== -1) {
78 errorMessage += ' There are two likely causes: (1) your server time is not properly ' +
79 'synced or (2) your certificate key file has been revoked. To solve (1), re-sync the ' +
80 'time on your server. To solve (2), make sure the key ID for your key file is still ' +
81 'present at https://console.firebase.google.com/iam-admin/serviceaccounts/project. If ' +
82 'not, generate a new key file at ' +
83 'https://console.firebase.google.com/project/_/settings/serviceaccounts/adminsdk.';
84 }
85 throw new error_1.FirebaseAppError(error_1.AppErrorCodes.INVALID_CREDENTIAL, errorMessage);
86 });
87 }
88 shouldRefresh() {
89 return !this.cachedToken_ || (this.cachedToken_.expirationTime - Date.now()) <= TOKEN_EXPIRY_THRESHOLD_MILLIS;
90 }
91 /**
92 * Adds a listener that is called each time a token changes.
93 *
94 * @param listener - The listener that will be called with each new token.
95 */
96 addAuthTokenListener(listener) {
97 this.tokenListeners_.push(listener);
98 if (this.cachedToken_) {
99 listener(this.cachedToken_.accessToken);
100 }
101 }
102 /**
103 * Removes a token listener.
104 *
105 * @param listener - The listener to remove.
106 */
107 removeAuthTokenListener(listener) {
108 this.tokenListeners_ = this.tokenListeners_.filter((other) => other !== listener);
109 }
110}
111exports.FirebaseAppInternals = FirebaseAppInternals;
112/**
113 * Global context object for a collection of services using a shared authentication state.
114 *
115 * @internal
116 */
117class FirebaseApp {
118 constructor(options, name, appStore) {
119 this.appStore = appStore;
120 this.services_ = {};
121 this.isDeleted_ = false;
122 this.name_ = name;
123 this.options_ = (0, deep_copy_1.deepCopy)(options);
124 if (!validator.isNonNullObject(this.options_)) {
125 throw new error_1.FirebaseAppError(error_1.AppErrorCodes.INVALID_APP_OPTIONS, 'Invalid Firebase app options passed as the first argument to initializeApp() for the ' +
126 `app named "${this.name_}". Options must be a non-null object.`);
127 }
128 const hasCredential = ('credential' in this.options_);
129 if (!hasCredential) {
130 this.options_.credential = (0, credential_internal_1.getApplicationDefault)(this.options_.httpAgent);
131 }
132 const credential = this.options_.credential;
133 if (typeof credential !== 'object' || credential === null || typeof credential.getAccessToken !== 'function') {
134 throw new error_1.FirebaseAppError(error_1.AppErrorCodes.INVALID_APP_OPTIONS, 'Invalid Firebase app options passed as the first argument to initializeApp() for the ' +
135 `app named "${this.name_}". The "credential" property must be an object which implements ` +
136 'the Credential interface.');
137 }
138 this.INTERNAL = new FirebaseAppInternals(credential);
139 }
140 /**
141 * Returns the name of the FirebaseApp instance.
142 *
143 * @returns The name of the FirebaseApp instance.
144 */
145 get name() {
146 this.checkDestroyed_();
147 return this.name_;
148 }
149 /**
150 * Returns the options for the FirebaseApp instance.
151 *
152 * @returns The options for the FirebaseApp instance.
153 */
154 get options() {
155 this.checkDestroyed_();
156 return (0, deep_copy_1.deepCopy)(this.options_);
157 }
158 /**
159 * @internal
160 */
161 getOrInitService(name, init) {
162 return this.ensureService_(name, () => init(this));
163 }
164 /**
165 * Deletes the FirebaseApp instance.
166 *
167 * @returns An empty Promise fulfilled once the FirebaseApp instance is deleted.
168 */
169 delete() {
170 this.checkDestroyed_();
171 // Also remove the instance from the AppStore. This is needed to support the existing
172 // app.delete() use case. In the future we can remove this API, and deleteApp() will
173 // become the only way to tear down an App.
174 this.appStore?.removeApp(this.name);
175 return Promise.all(Object.keys(this.services_).map((serviceName) => {
176 const service = this.services_[serviceName];
177 if (isStateful(service)) {
178 return service.delete();
179 }
180 return Promise.resolve();
181 })).then(() => {
182 this.services_ = {};
183 this.isDeleted_ = true;
184 });
185 }
186 // eslint-disable-next-line @typescript-eslint/naming-convention
187 ensureService_(serviceName, initializer) {
188 this.checkDestroyed_();
189 if (!(serviceName in this.services_)) {
190 this.services_[serviceName] = initializer();
191 }
192 return this.services_[serviceName];
193 }
194 /**
195 * Throws an Error if the FirebaseApp instance has already been deleted.
196 */
197 // eslint-disable-next-line @typescript-eslint/naming-convention
198 checkDestroyed_() {
199 if (this.isDeleted_) {
200 throw new error_1.FirebaseAppError(error_1.AppErrorCodes.APP_DELETED, `Firebase app named "${this.name_}" has already been deleted.`);
201 }
202 }
203}
204exports.FirebaseApp = FirebaseApp;
205function isStateful(service) {
206 return typeof service.delete === 'function';
207}