fixed README

Author: Code-Hex

.github/workflows/ci.yml

@@ -18,7 +18,7 @@ jobs:
           node-version: 18
           cache: 'pnpm'
       - run: pnpm install --frozen-lockfile
-      - run: pnpm test
+      - run: pnpm test-with-emulator
         env:
           CI: true
   eslint:

README.md

@@ -110,12 +110,13 @@ $ npm i firebase-auth-cloudflare-workers
 
 ## API
 
-### `Auth.getOrInitialize(projectId: string, keyStore: KeyStorer): Auth`
+### `Auth.getOrInitialize(projectId: string, keyStore: KeyStorer, credential?: Credential): Auth`
 
 Auth is created as a singleton object. This is because the Module Worker syntax only use environment variables at the time of request.
 
 - `projectId` specifies the ID of the project for which firebase auth is used.
 - `keyStore` is used to cache the public key used to validate the Firebase ID token (JWT).
+- `credential` is an optional. This is used to utilize Admin APIs such as `createSessionCookie`. Currently, you can specify `ServiceAccountCredential` class, which allows you to use a service account.
 
 See official document for project ID: https://firebase.google.com/docs/projects/learn-more#project-identifiers
 
@@ -125,6 +126,7 @@ Verifies a Firebase ID token (JWT). If the token is valid, the promise is fulfil
 
 See the [ID Token section of the OpenID Connect spec](http://openid.net/specs/openid-connect-core-1_0.html#IDToken) for more information about the specific properties below.
 
+- `idToken` The ID token to verify.
 - `env` is an optional parameter. but this is using to detect should use emulator or not.
 
 ### `WorkersKVStoreSingle.getOrInitialize(cacheKey: string, cfKVNamespace: KVNamespace): WorkersKVStoreSingle`
@@ -138,6 +140,25 @@ This is implemented `KeyStorer` interface.
 - `cacheKey` specifies the key of the public key cache.
 - `cfKVNamespace` specifies the KV namespace which is bound your workers.
 
+### `createSessionCookie(idToken: string, sessionCookieOptions: SessionCookieOptions, env?: EmulatorEnv): Promise<string>`
+
+Creates a new Firebase session cookie with the specified options. The created JWT string can be set as a server-side session cookie with a custom cookie policy, and be used for session management. The session cookie JWT will have the same payload claims as the provided ID token. See [Manage Session Cookies](https://firebase.google.com/docs/auth/admin/manage-cookies) for code samples and detailed documentation.
+
+- `idToken` The Firebase ID token to exchange for a session cookie.
+- `sessionCookieOptions` The session cookie options which includes custom session duration.
+- `env` is an optional parameter. but this is using to detect should use emulator or not.
+
+**Required** service acccount credential to use this API. You need to set the credentials with `Auth.getOrInitialize`.
+
+### `verifySessionCookie(sessionCookie: string, env?: EmulatorEnv): Promise<FirebaseIdToken>`
+
+Verifies a Firebase session cookie. Returns a Promise with the cookie claims. Rejects the promise if the cookie could not be verified.
+
+See [Verify Session Cookies](https://firebase.google.com/docs/auth/admin/manage-cookies#verify_session_cookie_and_check_permissions) for code samples and detailed documentation.
+
+- `sessionCookie` The session cookie to verify.
+- `env` is an optional parameter. but this is using to detect should use emulator or not.
+
 ### `emulatorHost(env?: EmulatorEnv): string | undefined`
 
 Returns the host of your Firebase Auth Emulator. For example, this case returns `"127.0.0.1:9099"` if you configured like below.
@@ -193,6 +214,12 @@ I put an [example](https://github.com/Code-Hex/firebase-auth-cloudflare-workers/
 7. Get jwt for created user by `$ curl -s http://localhost:8787/get-jwt | jq .idToken -r`
 8. Try authorization with user jwt `$ curl http://localhost:8787/ -H 'Authorization: Bearer PASTE-JWT-HERE'`
 
+### for Session Cookie
+
+You can try session cookie with your browser.
+
+Access to `/admin/login` after started up Emulator and created an account (email: `[email protected]` password: `test1234`).
+
 ## Todo
 
 ### Non-required service account key.