public async Task CreateCustomTokenWithoutServiceAccount()
{
var googleCred = FirebaseApp.DefaultInstance.Options.Credential;
var serviceAcct = (ServiceAccountCredential)googleCred.UnderlyingCredential;
var token = await((ITokenAccess)googleCred).GetAccessTokenForRequestAsync();
var app = FirebaseApp.Create(
new AppOptions()
{
Credential = GoogleCredential.FromAccessToken(token),
ServiceAccountId = serviceAcct.Id,
ProjectId = serviceAcct.ProjectId,
}, "IAMSignApp");
try
{
var auth = this.fixture.AuthFromApp(app);
var customToken = await this.Auth.CreateCustomTokenAsync("testuser");
var idToken = await AuthIntegrationUtils.SignInWithCustomTokenAsync(
customToken, this.fixture.TenantId);
await this.AssertValidIdTokenAsync(idToken);
}
finally
{
app.Delete();
}
}
public async Task RevokeRefreshTokens()
{
var customToken = await this.Auth.CreateCustomTokenAsync("testuser");
var idToken = await AuthIntegrationUtils.SignInWithCustomTokenAsync(
customToken, this.fixture.TenantId);
await this.AssertValidIdTokenAsync(idToken, true);
await Task.Delay(1000);
await this.Auth.RevokeRefreshTokensAsync("testuser");
await this.AssertValidIdTokenAsync(idToken);
var exception = await Assert.ThrowsAsync <FirebaseAuthException>(
() => this.Auth.VerifyIdTokenAsync(idToken, true));
Assert.Equal(ErrorCode.InvalidArgument, exception.ErrorCode);
Assert.Equal(AuthErrorCode.RevokedIdToken, exception.AuthErrorCode);
idToken = await AuthIntegrationUtils.SignInWithCustomTokenAsync(
customToken, this.fixture.TenantId);
await this.AssertValidIdTokenAsync(idToken, true);
}
public async Task VerifyIdTokenWithTenant()
{
var customToken = await this.Auth.CreateCustomTokenAsync("testuser");
var idToken = await AuthIntegrationUtils.SignInWithCustomTokenAsync(
customToken, this.Auth.TenantId);
// Verifies in FirebaseAuth
var decoded = await FirebaseAuth.DefaultInstance.VerifyIdTokenAsync(idToken);
Assert.Equal(this.Auth.TenantId, decoded.TenantId);
// Verifies in TenantAwareFirebaseAuth(matching-tenant)
decoded = await this.Auth.VerifyIdTokenAsync(idToken);
Assert.Equal(this.Auth.TenantId, decoded.TenantId);
// Does not verify in TenantAwareFirebaseAuth(other-tenant)
var otherTenantAuth = FirebaseAuth.DefaultInstance.TenantManager
.AuthForTenant("other-tenant");
var exception = await Assert.ThrowsAsync <FirebaseAuthException>(
() => otherTenantAuth.VerifyIdTokenAsync(idToken));
Assert.Equal(AuthErrorCode.TenantIdMismatch, exception.AuthErrorCode);
}
public async Task CreateCustomToken()
{
var customToken = await this.Auth.CreateCustomTokenAsync("testuser");
var idToken = await AuthIntegrationUtils.SignInWithCustomTokenAsync(
customToken, this.fixture.TenantId);
await this.AssertValidIdTokenAsync(idToken);
}
public async Task SessionCookie()
{
var customToken = await this.Auth.CreateCustomTokenAsync("testuser");
var idToken = await AuthIntegrationUtils.SignInWithCustomTokenAsync(customToken);
var options = new SessionCookieOptions()
{
ExpiresIn = TimeSpan.FromHours(1),
};
var sessionCookie = await this.Auth.CreateSessionCookieAsync(idToken, options);
var decoded = await this.Auth.VerifySessionCookieAsync(sessionCookie);
Assert.Equal("testuser", decoded.Uid);
await Task.Delay(1000);
await this.Auth.RevokeRefreshTokensAsync("testuser");
decoded = await this.Auth.VerifySessionCookieAsync(sessionCookie);
Assert.Equal("testuser", decoded.Uid);
var exception = await Assert.ThrowsAsync <FirebaseAuthException>(
async() => await this.Auth.VerifySessionCookieAsync(
sessionCookie, true));
Assert.Equal(ErrorCode.InvalidArgument, exception.ErrorCode);
Assert.Equal(AuthErrorCode.RevokedSessionCookie, exception.AuthErrorCode);
idToken = await AuthIntegrationUtils.SignInWithCustomTokenAsync(customToken);
sessionCookie = await this.Auth.CreateSessionCookieAsync(idToken, options);
decoded = await this.Auth.VerifySessionCookieAsync(sessionCookie, true);
Assert.Equal("testuser", decoded.Uid);
}
public async Task CreateCustomTokenWithClaims()
{
var developerClaims = new Dictionary <string, object>()
{
{ "admin", true },
{ "package", "gold" },
{ "magicNumber", 42L },
};
var customToken = await this.Auth.CreateCustomTokenAsync("testuser", developerClaims);
var idToken = await AuthIntegrationUtils.SignInWithCustomTokenAsync(
customToken, this.fixture.TenantId);
var decoded = await this.AssertValidIdTokenAsync(idToken);
foreach (var entry in developerClaims)
{
object value;
Assert.True(decoded.Claims.TryGetValue(entry.Key, out value));
Assert.Equal(entry.Value, value);
}
}
