Skip to content

fix: Deferring credential loading until required #361

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Apr 14, 2020
Merged

fix: Deferring credential loading until required #361

merged 1 commit into from
Apr 14, 2020

Conversation

hiranya911
Copy link
Contributor

@hiranya911 hiranya911 commented Apr 10, 2020
edited
Loading

Currently the firebase.NewApp() functions attempts to load Google credentials, and fails fast if the ADC lookup fails. But some use cases (e.g. ID token verification) do not require credentials at all. This PR makes the following changes to support such use cases a little better:

  1. firebase package looks up credentials only to discover a project ID. But this is performed as a "soft" lookup, and errors at this stage are not exposed to the user.
  2. The auth package performs its own credential look up to discover service account private key. This is also performed as a soft lookup without fail fast (this was in fact the existing behavior of the auth package).

This makes it possible to do things like:

app, err := firebase.NewApp(ctx, nil, option.WithoutAuthentication())
if err != nil {
  log.Fatal(err)
}

client, err := app.Auth(ctx)
if err != nil {
  log.Fatal(err)
}

client.VerifyIDToken(ctx, idToken)

Resolves #357

RELEASE NOTE: Deferred credential loading until required, which allows some APIs like auth.VerifyIDToken() to be called without credentials.

lahirumaramba
lahirumaramba approved these changes Apr 14, 2020
View reviewed changes
Copy link
Member

@lahirumaramba lahirumaramba left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@hiranya911 hiranya911 merged commit 4f24515 into dev Apr 14, 2020
@hiranya911 hiranya911 deleted the hkj-auth-init branch April 14, 2020 18:07
hiranya911 added a commit that referenced this pull request Apr 23, 2020
@hiranya911 @rueian @178inaba
[chore] Release 3.12.1 (#364)
4343fa8 
* chore: Removed Travis CI integration (#326)

* chore: Added Actions-based release workflow (#331)

* chore: Added Actions-based release workflow

* Set GOPATH

* Fixed working directory for tests

* Decrypting credentials into the testdata directory

* Added preflight and post check scripts

* chore: Running CI workflow on pull_request (#338)

* fix(fcm): correct the iidEndpoint endpoints used for topic management (#335)

According to the document https://developers.google.com/instance-id/reference/server,
the endpoints should be:

https://iid.googleapis.com/iid/v1:batchAdd
https://iid.googleapis.com/iid/v1:batchRemove

NOT:

https://iid.googleapis.com/iid/v1/:batchAdd
https://iid.googleapis.com/iid/v1/:batchRemove

* fix(fcm): Fix documents of FCM batch request limit (#347)

Co-authored-by: Hiranya Jayathilaka <[email protected]>

* fix: Deferring credential loading until required (#361)

* Bumped version to 3.12.1 (#363)

* chore: Specifying correct working directory for staging command (#365)

Co-authored-by: Rueian <[email protected]>
Co-authored-by: 178inaba <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lahirumaramba lahirumaramba lahirumaramba approved these changes

Assignees

@hiranya911 hiranya911

Labels
release-note
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@hiranya911 @lahirumaramba