feat(auth): Added CreateSessionCookieAsync() API (#176)

* feat(auth): Added CreateSessionCookieAsync() API

* Added newline at eof

Author: hiranya911

FirebaseAdmin/FirebaseAdmin.Tests/Auth/FirebaseUserManagerTest.cs

@@ -1575,6 +1575,100 @@ public void RevokeRefreshTokensInvalidUid()
                 async () => await auth.RevokeRefreshTokensAsync(uid));
         }
 
+        [Fact]
+        public void CreateSessionCookieNoIdToken()
+        {
+            var handler = new MockMessageHandler() { Response = "{}" };
+            var auth = this.CreateFirebaseAuth(handler);
+            var options = new SessionCookieOptions()
+            {
+                ExpiresIn = TimeSpan.FromHours(1),
+            };
+
+            Assert.ThrowsAsync<ArgumentException>(
+                async () => await auth.CreateSessionCookieAsync(null, options));
+            Assert.ThrowsAsync<ArgumentException>(
+                async () => await auth.CreateSessionCookieAsync(string.Empty, options));
+        }
+
+        [Fact]
+        public void CreateSessionCookieNoOptions()
+        {
+            var handler = new MockMessageHandler() { Response = "{}" };
+            var auth = this.CreateFirebaseAuth(handler);
+
+            Assert.ThrowsAsync<ArgumentNullException>(
+                async () => await auth.CreateSessionCookieAsync("idToken", null));
+        }
+
+        [Fact]
+        public void CreateSessionCookieNoExpiresIn()
+        {
+            var handler = new MockMessageHandler() { Response = "{}" };
+            var auth = this.CreateFirebaseAuth(handler);
+
+            Assert.ThrowsAsync<ArgumentException>(
+                async () => await auth.CreateSessionCookieAsync(
+                    "idToken", new SessionCookieOptions()));
+        }
+
+        [Fact]
+        public void CreateSessionCookieExpiresInTooLow()
+        {
+            var handler = new MockMessageHandler() { Response = "{}" };
+            var auth = this.CreateFirebaseAuth(handler);
+            var fiveMinutesInSeconds = TimeSpan.FromMinutes(5).TotalSeconds;
+            var options = new SessionCookieOptions()
+            {
+                ExpiresIn = TimeSpan.FromSeconds(fiveMinutesInSeconds - 1),
+            };
+
+            Assert.ThrowsAsync<ArgumentException>(
+                async () => await auth.CreateSessionCookieAsync("idToken", options));
+        }
+
+        [Fact]
+        public void CreateSessionCookieExpiresInTooHigh()
+        {
+            var handler = new MockMessageHandler() { Response = "{}" };
+            var auth = this.CreateFirebaseAuth(handler);
+            var fourteenDaysInSeconds = TimeSpan.FromDays(14).TotalSeconds;
+            var options = new SessionCookieOptions()
+            {
+                ExpiresIn = TimeSpan.FromSeconds(fourteenDaysInSeconds + 1),
+            };
+
+            Assert.ThrowsAsync<ArgumentException>(
+                async () => await auth.CreateSessionCookieAsync("idToken", options));
+        }
+
+        [Fact]
+        public async Task CreateSessionCookie()
+        {
+            var handler = new MockMessageHandler()
+            {
+                Response = @"{
+                    ""sessionCookie"": ""cookie""
+                }",
+            };
+            var auth = this.CreateFirebaseAuth(handler);
+            var options = new SessionCookieOptions()
+            {
+                ExpiresIn = TimeSpan.FromHours(1),
+            };
+
+            var result = await auth.CreateSessionCookieAsync("idToken", options);
+
+            Assert.Equal("cookie", result);
+            Assert.Equal(1, handler.Requests.Count);
+            var request = NewtonsoftJsonSerializer.Instance.Deserialize<JObject>(handler.LastRequestBody);
+            Assert.Equal(2, request.Count);
+            Assert.Equal("idToken", request["idToken"]);
+            Assert.Equal(3600, request["validDuration"]);
+
+            this.AssertClientVersion(handler.LastRequestHeaders);
+        }
+
         [Fact]
         public async Task ServiceUnvailable()
         {

FirebaseAdmin/FirebaseAdmin/Auth/FirebaseAuth.cs

@@ -811,6 +811,39 @@ public async Task<string> GenerateSignInWithEmailLinkAsync(
                 .ConfigureAwait(false);
         }
 
+        /// <summary>
+        /// Creates a new Firebase session cookie from the given ID token and options. The returned JWT can
+        /// be set as a server-side session cookie with a custom cookie policy.
+        /// </summary>
+        /// <exception cref="FirebaseAuthException">If an error occurs while creating the cookie.</exception>
+        /// <param name="idToken">The Firebase ID token to exchange for a session cookie.</param>
+        /// <param name="options">Additional options required to create the cookie.</param>
+        /// <returns>A task that completes with the Firebase session cookie.</returns>
+        public async Task<string> CreateSessionCookieAsync(
+            string idToken, SessionCookieOptions options)
+        {
+            return await this.CreateSessionCookieAsync(idToken, options, default(CancellationToken))
+                .ConfigureAwait(false);
+        }
+
+        /// <summary>
+        /// Creates a new Firebase session cookie from the given ID token and options. The returned JWT can
+        /// be set as a server-side session cookie with a custom cookie policy.
+        /// </summary>
+        /// <exception cref="FirebaseAuthException">If an error occurs while creating the cookie.</exception>
+        /// <param name="idToken">The Firebase ID token to exchange for a session cookie.</param>
+        /// <param name="options">Additional options required to create the cookie.</param>
+        /// <param name="cancellationToken">A cancellation token to monitor the asynchronous
+        /// operation.</param>
+        /// <returns>A task that completes with the Firebase session cookie.</returns>
+        public async Task<string> CreateSessionCookieAsync(
+            string idToken, SessionCookieOptions options, CancellationToken cancellationToken)
+        {
+            var userManager = this.IfNotDeleted(() => this.userManager.Value);
+            return await userManager.CreateSessionCookieAsync(idToken, options, cancellationToken)
+                .ConfigureAwait(false);
+        }
+
         /// <summary>
         /// Deletes this <see cref="FirebaseAuth"/> service instance.
         /// </summary>

FirebaseAdmin/FirebaseAdmin/Auth/FirebaseUserManager.cs

@@ -272,6 +272,32 @@ internal async Task<string> GenerateEmailActionLinkAsync(
             return (string)response.Result["oobLink"];
         }
 
+        internal async Task<string> CreateSessionCookieAsync(
+            string idToken,
+            SessionCookieOptions options,
+            CancellationToken cancellationToken = default(CancellationToken))
+        {
+            if (string.IsNullOrEmpty(idToken))
+            {
+                throw new ArgumentException("idToken must not be null or empty");
+            }
+
+            var validOptions = options.ThrowIfNull(nameof(options)).CopyAndValidate();
+            var request = new Dictionary<string, object>()
+            {
+                { "idToken", idToken },
+                { "validDuration", (long)validOptions.ExpiresIn.TotalSeconds },
+            };
+            var response = await this.PostAndDeserializeAsync<JObject>(
+                ":createSessionCookie", request, cancellationToken).ConfigureAwait(false);
+            if (response.Result == null || (string)response.Result["sessionCookie"] == null)
+            {
+                throw UnexpectedResponseException("Failed to generate session cookie");
+            }
+
+            return (string)response.Result["sessionCookie"];
+        }
+
         private static FirebaseAuthException UnexpectedResponseException(
             string message, Exception inner = null, HttpResponseMessage resp = null)
         {

FirebaseAdmin/FirebaseAdmin/Auth/SessionCookieOptions.cs

@@ -0,0 +1,48 @@
+// Copyright 2020, Google Inc. All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+using System;
+
+namespace FirebaseAdmin.Auth
+{
+    /// <summary>
+    /// Options for the <see cref="FirebaseAuth.CreateSessionCookieAsync(string, SessionCookieOptions)"/> API.
+    /// </summary>
+    public sealed class SessionCookieOptions
+    {
+        /// <summary>
+        /// Gets or sets the duration until the cookie is expired. Must be between 5 minutes
+        /// and 14 days. The backend service uses seconds precision for this parameter.
+        /// </summary>
+        public TimeSpan ExpiresIn { get; set; }
+
+        internal SessionCookieOptions CopyAndValidate()
+        {
+            var copy = new SessionCookieOptions()
+            {
+                ExpiresIn = this.ExpiresIn,
+            };
+            if (copy.ExpiresIn < TimeSpan.FromMinutes(5))
+            {
+                throw new ArgumentException("ExpiresIn must be at least 5 minutes");
+            }
+            else if (copy.ExpiresIn > TimeSpan.FromDays(14))
+            {
+                throw new ArgumentException("ExpiresIn must be at most 14 days");
+            }
+
+            return copy;
+        }
+    }
+}