-
Notifications
You must be signed in to change notification settings - Fork 415
Expand file tree
/
Copy pathfirebase-app.ts
More file actions
296 lines (259 loc) · 9.6 KB
/
firebase-app.ts
File metadata and controls
296 lines (259 loc) · 9.6 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
/*!
* @license
* Copyright 2017 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
import { AppOptions, App } from './core';
import { AppStore } from './lifecycle';
import { Credential } from './credential';
import { getApplicationDefault } from './credential-internal';
import * as validator from '../utils/validator';
import { deepCopy } from '../utils/deep-copy';
import { AppErrorCodes, FirebaseAppError } from '../utils/error';
const TOKEN_EXPIRY_THRESHOLD_MILLIS = 5 * 60 * 1000;
/**
* Type representing a Firebase OAuth access token (derived from a Google OAuth2 access token) which
* can be used to authenticate to Firebase services such as the Realtime Database and Auth.
*/
export interface FirebaseAccessToken {
accessToken: string;
expirationTime: number;
}
/**
* Internals of a FirebaseApp instance.
*/
export class FirebaseAppInternals {
private cachedToken_!: FirebaseAccessToken;
private promiseToCachedToken_!: Promise<FirebaseAccessToken>;
private tokenListeners_: Array<(token: string) => void>;
private isRefreshing: boolean;
// eslint-disable-next-line @typescript-eslint/naming-convention
constructor(private credential_: Credential) {
this.tokenListeners_ = [];
this.isRefreshing = false;
}
public getToken(forceRefresh = false): Promise<FirebaseAccessToken> {
if (forceRefresh || this.shouldRefresh()) {
this.promiseToCachedToken_ = this.refreshToken();
}
return this.promiseToCachedToken_
}
public getCachedToken(): FirebaseAccessToken | null {
return this.cachedToken_ || null;
}
private refreshToken(): Promise<FirebaseAccessToken> {
this.isRefreshing = true;
return Promise.resolve(this.credential_.getAccessToken())
.then((result) => {
// Since the developer can provide the credential implementation, we want to weakly verify
// the return type until the type is properly exported.
if (!validator.isNonNullObject(result) ||
typeof result.expires_in !== 'number' ||
typeof result.access_token !== 'string') {
throw new FirebaseAppError(
AppErrorCodes.INVALID_CREDENTIAL,
`Invalid access token generated: "${JSON.stringify(result)}". Valid access ` +
'tokens must be an object with the "expires_in" (number) and "access_token" ' +
'(string) properties.',
);
}
const token = {
accessToken: result.access_token,
expirationTime: Date.now() + (result.expires_in * 1000),
};
if (!this.cachedToken_
|| this.cachedToken_.accessToken !== token.accessToken
|| this.cachedToken_.expirationTime !== token.expirationTime) {
// Update the cache before firing listeners. Listeners may directly query the
// cached token state.
this.cachedToken_ = token;
this.tokenListeners_.forEach((listener) => {
listener(token.accessToken);
});
}
return token;
})
.catch((error) => {
let errorMessage = (typeof error === 'string') ? error : error.message;
errorMessage = 'Credential implementation provided to initializeApp() via the ' +
'"credential" property failed to fetch a valid Google OAuth2 access token with the ' +
`following error: "${errorMessage}".`;
if (errorMessage.indexOf('invalid_grant') !== -1) {
errorMessage += ' There are two likely causes: (1) your server time is not properly ' +
'synced or (2) your certificate key file has been revoked. To solve (1), re-sync the ' +
'time on your server. To solve (2), make sure the key ID for your key file is still ' +
'present at https://console.firebase.google.com/iam-admin/serviceaccounts/project. If ' +
'not, generate a new key file at ' +
'https://console.firebase.google.com/project/_/settings/serviceaccounts/adminsdk.';
}
throw new FirebaseAppError(AppErrorCodes.INVALID_CREDENTIAL, errorMessage);
})
.finally(() => {
this.isRefreshing = false;
})
}
private shouldRefresh(): boolean {
return (!this.cachedToken_ || (this.cachedToken_.expirationTime - Date.now()) <= TOKEN_EXPIRY_THRESHOLD_MILLIS)
&& !this.isRefreshing;
}
/**
* Adds a listener that is called each time a token changes.
*
* @param listener - The listener that will be called with each new token.
*/
public addAuthTokenListener(listener: (token: string) => void): void {
this.tokenListeners_.push(listener);
if (this.cachedToken_) {
listener(this.cachedToken_.accessToken);
}
}
/**
* Removes a token listener.
*
* @param listener - The listener to remove.
*/
public removeAuthTokenListener(listener: (token: string) => void): void {
this.tokenListeners_ = this.tokenListeners_.filter((other) => other !== listener);
}
}
/**
* Global context object for a collection of services using a shared authentication state.
*
* @internal
*/
export class FirebaseApp implements App {
public INTERNAL: FirebaseAppInternals;
private name_: string;
private options_: AppOptions;
private services_: {[name: string]: unknown} = {};
private isDeleted_ = false;
private autoInit_ = false;
private customCredential_ = true;
constructor(options: AppOptions, name: string, autoInit: boolean = false, private readonly appStore?: AppStore) {
this.name_ = name;
this.options_ = deepCopy(options);
this.autoInit_ = autoInit;
if (!validator.isNonNullObject(this.options_)) {
throw new FirebaseAppError(
AppErrorCodes.INVALID_APP_OPTIONS,
'Invalid Firebase app options passed as the first argument to initializeApp() for the ' +
`app named "${this.name_}". Options must be a non-null object.`,
);
}
const hasCredential = ('credential' in this.options_);
if (!hasCredential) {
this.customCredential_ = false;
this.options_.credential = getApplicationDefault(this.options_.httpAgent);
}
const credential = this.options_.credential;
if (typeof credential !== 'object' || credential === null || typeof credential.getAccessToken !== 'function') {
throw new FirebaseAppError(
AppErrorCodes.INVALID_APP_OPTIONS,
'Invalid Firebase app options passed as the first argument to initializeApp() for the ' +
`app named "${this.name_}". The "credential" property must be an object which implements ` +
'the Credential interface.',
);
}
this.INTERNAL = new FirebaseAppInternals(credential);
}
/**
* Returns the name of the FirebaseApp instance.
*
* @returns The name of the FirebaseApp instance.
*/
get name(): string {
this.checkDestroyed_();
return this.name_;
}
/**
* Returns the options for the FirebaseApp instance.
*
* @returns The options for the FirebaseApp instance.
*/
get options(): AppOptions {
this.checkDestroyed_();
return deepCopy(this.options_);
}
/**
* @internal
*/
public getOrInitService<T>(name: string, init: (app: FirebaseApp) => T): T {
return this.ensureService_(name, () => init(this));
}
/**
* Returns `true` if this app was initialized with auto-initialization.
*
* @internal
*/
public autoInit(): boolean {
return this.autoInit_;
}
/**
* Returns `true` if the `FirebaseApp` instance was initialized with a custom
* `Credential`.
*
* @internal
*/
public customCredential() : boolean {
return this.customCredential_;
}
/**
* Deletes the FirebaseApp instance.
*
* @returns An empty Promise fulfilled once the FirebaseApp instance is deleted.
*/
public delete(): Promise<void> {
this.checkDestroyed_();
// Also remove the instance from the AppStore. This is needed to support the existing
// app.delete() use case. In the future we can remove this API, and deleteApp() will
// become the only way to tear down an App.
this.appStore?.removeApp(this.name);
return Promise.all(Object.keys(this.services_).map((serviceName) => {
const service = this.services_[serviceName];
if (isStateful(service)) {
return service.delete();
}
return Promise.resolve();
})).then(() => {
this.services_ = {};
this.isDeleted_ = true;
});
}
// eslint-disable-next-line @typescript-eslint/naming-convention
private ensureService_<T>(serviceName: string, initializer: () => T): T {
this.checkDestroyed_();
if (!(serviceName in this.services_)) {
this.services_[serviceName] = initializer();
}
return this.services_[serviceName] as T;
}
/**
* Throws an Error if the FirebaseApp instance has already been deleted.
*/
// eslint-disable-next-line @typescript-eslint/naming-convention
private checkDestroyed_(): void {
if (this.isDeleted_) {
throw new FirebaseAppError(
AppErrorCodes.APP_DELETED,
`Firebase app named "${this.name_}" has already been deleted.`,
);
}
}
}
interface StatefulFirebaseService {
delete(): Promise<void>;
}
function isStateful(service: any): service is StatefulFirebaseService {
return typeof service.delete === 'function';
}