public async Task CreateCustomTokenWithoutServiceAccount() { var googleCred = FirebaseApp.DefaultInstance.Options.Credential; var serviceAcct = (ServiceAccountCredential)googleCred.UnderlyingCredential; var token = await((ITokenAccess)googleCred).GetAccessTokenForRequestAsync(); var app = FirebaseApp.Create( new AppOptions() { Credential = GoogleCredential.FromAccessToken(token), ServiceAccountId = serviceAcct.Id, ProjectId = serviceAcct.ProjectId, }, "IAMSignApp"); try { var auth = this.fixture.AuthFromApp(app); var customToken = await this.Auth.CreateCustomTokenAsync("testuser"); var idToken = await AuthIntegrationUtils.SignInWithCustomTokenAsync( customToken, this.fixture.TenantId); await this.AssertValidIdTokenAsync(idToken); } finally { app.Delete(); } }
public async Task RevokeRefreshTokens() { var customToken = await this.Auth.CreateCustomTokenAsync("testuser"); var idToken = await AuthIntegrationUtils.SignInWithCustomTokenAsync( customToken, this.fixture.TenantId); await this.AssertValidIdTokenAsync(idToken, true); await Task.Delay(1000); await this.Auth.RevokeRefreshTokensAsync("testuser"); await this.AssertValidIdTokenAsync(idToken); var exception = await Assert.ThrowsAsync <FirebaseAuthException>( () => this.Auth.VerifyIdTokenAsync(idToken, true)); Assert.Equal(ErrorCode.InvalidArgument, exception.ErrorCode); Assert.Equal(AuthErrorCode.RevokedIdToken, exception.AuthErrorCode); idToken = await AuthIntegrationUtils.SignInWithCustomTokenAsync( customToken, this.fixture.TenantId); await this.AssertValidIdTokenAsync(idToken, true); }
public async Task VerifyIdTokenWithTenant() { var customToken = await this.Auth.CreateCustomTokenAsync("testuser"); var idToken = await AuthIntegrationUtils.SignInWithCustomTokenAsync( customToken, this.Auth.TenantId); // Verifies in FirebaseAuth var decoded = await FirebaseAuth.DefaultInstance.VerifyIdTokenAsync(idToken); Assert.Equal(this.Auth.TenantId, decoded.TenantId); // Verifies in TenantAwareFirebaseAuth(matching-tenant) decoded = await this.Auth.VerifyIdTokenAsync(idToken); Assert.Equal(this.Auth.TenantId, decoded.TenantId); // Does not verify in TenantAwareFirebaseAuth(other-tenant) var otherTenantAuth = FirebaseAuth.DefaultInstance.TenantManager .AuthForTenant("other-tenant"); var exception = await Assert.ThrowsAsync <FirebaseAuthException>( () => otherTenantAuth.VerifyIdTokenAsync(idToken)); Assert.Equal(AuthErrorCode.TenantIdMismatch, exception.AuthErrorCode); }
public async Task CreateCustomToken() { var customToken = await this.Auth.CreateCustomTokenAsync("testuser"); var idToken = await AuthIntegrationUtils.SignInWithCustomTokenAsync( customToken, this.fixture.TenantId); await this.AssertValidIdTokenAsync(idToken); }
public async Task SessionCookie() { var customToken = await this.Auth.CreateCustomTokenAsync("testuser"); var idToken = await AuthIntegrationUtils.SignInWithCustomTokenAsync(customToken); var options = new SessionCookieOptions() { ExpiresIn = TimeSpan.FromHours(1), }; var sessionCookie = await this.Auth.CreateSessionCookieAsync(idToken, options); var decoded = await this.Auth.VerifySessionCookieAsync(sessionCookie); Assert.Equal("testuser", decoded.Uid); await Task.Delay(1000); await this.Auth.RevokeRefreshTokensAsync("testuser"); decoded = await this.Auth.VerifySessionCookieAsync(sessionCookie); Assert.Equal("testuser", decoded.Uid); var exception = await Assert.ThrowsAsync <FirebaseAuthException>( async() => await this.Auth.VerifySessionCookieAsync( sessionCookie, true)); Assert.Equal(ErrorCode.InvalidArgument, exception.ErrorCode); Assert.Equal(AuthErrorCode.RevokedSessionCookie, exception.AuthErrorCode); idToken = await AuthIntegrationUtils.SignInWithCustomTokenAsync(customToken); sessionCookie = await this.Auth.CreateSessionCookieAsync(idToken, options); decoded = await this.Auth.VerifySessionCookieAsync(sessionCookie, true); Assert.Equal("testuser", decoded.Uid); }
public async Task CreateCustomTokenWithClaims() { var developerClaims = new Dictionary <string, object>() { { "admin", true }, { "package", "gold" }, { "magicNumber", 42L }, }; var customToken = await this.Auth.CreateCustomTokenAsync("testuser", developerClaims); var idToken = await AuthIntegrationUtils.SignInWithCustomTokenAsync( customToken, this.fixture.TenantId); var decoded = await this.AssertValidIdTokenAsync(idToken); foreach (var entry in developerClaims) { object value; Assert.True(decoded.Claims.TryGetValue(entry.Key, out value)); Assert.Equal(entry.Value, value); } }