Merge branch 'dev' into jd-event-listener

Author: johndelavega

auth/auth.go

@@ -23,7 +23,6 @@ import (
 	"strings"
 
 	"firebase.google.com/go/internal"
-	"google.golang.org/api/identitytoolkit/v3"
 )
 
 const (
@@ -41,12 +40,10 @@ var reservedClaims = []string{
 // Client facilitates generating custom JWT tokens for Firebase clients, and verifying ID tokens issued
 // by Firebase backend services.
 type Client struct {
-	is *identitytoolkit.Service
 	userManagementClient
 	idTokenVerifier *tokenVerifier
 	cookieVerifier  *tokenVerifier
 	signer          cryptoSigner
-	version         string
 	clock           internal.Clock
 }
 
@@ -90,11 +87,6 @@ func NewClient(ctx context.Context, conf *internal.AuthConfig) (*Client, error)
 		return nil, err
 	}
 
-	is, err := identitytoolkit.New(hc.Client)
-	if err != nil {
-		return nil, err
-	}
-
 	idTokenVerifier, err := newIDTokenVerifier(ctx, conf.ProjectID)
 	if err != nil {
 		return nil, err
@@ -113,11 +105,9 @@ func NewClient(ctx context.Context, conf *internal.AuthConfig) (*Client, error)
 			version:    version,
 			httpClient: hc,
 		},
-		is:              is,
 		idTokenVerifier: idTokenVerifier,
 		cookieVerifier:  cookieVerifier,
 		signer:          signer,
-		version:         version, // This can be removed when userManagementClient implements all user mgt APIs.
 		clock:           internal.SystemClock,
 	}, nil
 }

auth/export_users.go

@@ -17,8 +17,11 @@ package auth
 import (
 	"context"
 	"encoding/json"
+	"fmt"
+	"net/http"
+	"net/url"
+	"strconv"
 
-	identitytoolkit "google.golang.org/api/identitytoolkit/v3"
 	"google.golang.org/api/iterator"
 )
 
@@ -28,7 +31,7 @@ const maxReturnedResults = 1000
 //
 // If nextPageToken is empty, the iterator will start at the beginning.
 // If the nextPageToken is not empty, the iterator starts after the token.
-func (c *Client) Users(ctx context.Context, nextPageToken string) *UserIterator {
+func (c *userManagementClient) Users(ctx context.Context, nextPageToken string) *UserIterator {
 	it := &UserIterator{
 		ctx:    ctx,
 		client: c,
@@ -46,7 +49,7 @@ func (c *Client) Users(ctx context.Context, nextPageToken string) *UserIterator
 //
 // Also see: https://github.com/GoogleCloudPlatform/google-cloud-go/wiki/Iterator-Guidelines
 type UserIterator struct {
-	client   *Client
+	client   *userManagementClient
 	ctx      context.Context
 	nextFunc func() error
 	pageInfo *iterator.PageInfo
@@ -70,26 +73,43 @@ func (it *UserIterator) Next() (*ExportedUserRecord, error) {
 }
 
 func (it *UserIterator) fetch(pageSize int, pageToken string) (string, error) {
-	request := &identitytoolkit.IdentitytoolkitRelyingpartyDownloadAccountRequest{
-		MaxResults:    int64(pageSize),
-		NextPageToken: pageToken,
+	query := make(url.Values)
+	query.Set("maxResults", strconv.Itoa(pageSize))
+	if pageToken != "" {
+		query.Set("nextPageToken", pageToken)
 	}
-	call := it.client.is.Relyingparty.DownloadAccount(request)
-	it.client.setHeader(call)
-	resp, err := call.Context(it.ctx).Do()
+
+	req, err := it.client.newRequest(http.MethodGet, fmt.Sprintf("/accounts:batchGet?%s", query.Encode()))
 	if err != nil {
-		return "", handleServerError(err)
+		return "", err
+	}
+
+	resp, err := it.client.httpClient.Do(it.ctx, req)
+	if err != nil {
+		return "", err
+	}
+
+	if resp.Status != http.StatusOK {
+		return "", handleHTTPError(resp)
 	}
 
-	for _, u := range resp.Users {
-		eu, err := makeExportedUser(u)
+	var parsed struct {
+		Users         []userQueryResponse `json:"users"`
+		NextPageToken string              `json:"nextPageToken"`
+	}
+	if err := json.Unmarshal(resp.Body, &parsed); err != nil {
+		return "", err
+	}
+
+	for _, u := range parsed.Users {
+		eu, err := u.makeExportedUserRecord()
 		if err != nil {
 			return "", err
 		}
 		it.users = append(it.users, eu)
 	}
-	it.pageInfo.Token = resp.NextPageToken
-	return resp.NextPageToken, nil
+	it.pageInfo.Token = parsed.NextPageToken
+	return parsed.NextPageToken, nil
 }
 
 // ExportedUserRecord is the returned user value used when listing all the users.
@@ -98,53 +118,3 @@ type ExportedUserRecord struct {
 	PasswordHash string
 	PasswordSalt string
 }
-
-func makeExportedUser(r *identitytoolkit.UserInfo) (*ExportedUserRecord, error) {
-	var cc map[string]interface{}
-	if r.CustomAttributes != "" {
-		if err := json.Unmarshal([]byte(r.CustomAttributes), &cc); err != nil {
-			return nil, err
-		}
-		if len(cc) == 0 {
-			cc = nil
-		}
-	}
-
-	var providerUserInfo []*UserInfo
-	for _, u := range r.ProviderUserInfo {
-		info := &UserInfo{
-			DisplayName: u.DisplayName,
-			Email:       u.Email,
-			PhoneNumber: u.PhoneNumber,
-			PhotoURL:    u.PhotoUrl,
-			ProviderID:  u.ProviderId,
-			UID:         u.RawId,
-		}
-		providerUserInfo = append(providerUserInfo, info)
-	}
-
-	resp := &ExportedUserRecord{
-		UserRecord: &UserRecord{
-			UserInfo: &UserInfo{
-				DisplayName: r.DisplayName,
-				Email:       r.Email,
-				PhoneNumber: r.PhoneNumber,
-				PhotoURL:    r.PhotoUrl,
-				ProviderID:  defaultProviderID,
-				UID:         r.LocalId,
-			},
-			CustomClaims:           cc,
-			Disabled:               r.Disabled,
-			EmailVerified:          r.EmailVerified,
-			ProviderUserInfo:       providerUserInfo,
-			TokensValidAfterMillis: r.ValidSince * 1000,
-			UserMetadata: &UserMetadata{
-				LastLogInTimestamp: r.LastLoginAt,
-				CreationTimestamp:  r.CreatedAt,
-			},
-		},
-		PasswordHash: r.PasswordHash,
-		PasswordSalt: r.Salt,
-	}
-	return resp, nil
-}

auth/hash/hash.go

@@ -31,8 +31,8 @@ import (
 type Bcrypt struct{}
 
 // Config returns the validated hash configuration.
-func (b Bcrypt) Config() (*internal.HashConfig, error) {
-	return &internal.HashConfig{HashAlgorithm: "BCRYPT"}, nil
+func (b Bcrypt) Config() (internal.HashConfig, error) {
+	return internal.HashConfig{"hashAlgorithm": "BCRYPT"}, nil
 }
 
 // StandardScrypt represents the standard scrypt hash algorithm.
@@ -47,14 +47,13 @@ type StandardScrypt struct {
 }
 
 // Config returns the validated hash configuration.
-func (s StandardScrypt) Config() (*internal.HashConfig, error) {
-	return &internal.HashConfig{
-		HashAlgorithm:    "STANDARD_SCRYPT",
-		DerivedKeyLength: int64(s.DerivedKeyLength),
-		BlockSize:        int64(s.BlockSize),
-		Parallelization:  int64(s.Parallelization),
-		MemoryCost:       int64(s.MemoryCost),
-		ForceSendFields:  []string{"BlockSize", "Parallelization", "MemoryCost", "DkLen"},
+func (s StandardScrypt) Config() (internal.HashConfig, error) {
+	return internal.HashConfig{
+		"hashAlgorithm":   "STANDARD_SCRYPT",
+		"dkLen":           s.DerivedKeyLength,
+		"blockSize":       s.BlockSize,
+		"parallelization": s.Parallelization,
+		"memoryCost":      s.MemoryCost,
 	}, nil
 }
 
@@ -72,7 +71,7 @@ type Scrypt struct {
 }
 
 // Config returns the validated hash configuration.
-func (s Scrypt) Config() (*internal.HashConfig, error) {
+func (s Scrypt) Config() (internal.HashConfig, error) {
 	if len(s.Key) == 0 {
 		return nil, errors.New("signer key not specified")
 	}
@@ -82,12 +81,12 @@ func (s Scrypt) Config() (*internal.HashConfig, error) {
 	if s.MemoryCost < 1 || s.MemoryCost > 14 {
 		return nil, errors.New("memory cost must be between 1 and 14")
 	}
-	return &internal.HashConfig{
-		HashAlgorithm: "SCRYPT",
-		SignerKey:     base64.RawURLEncoding.EncodeToString(s.Key),
-		SaltSeparator: base64.RawURLEncoding.EncodeToString(s.SaltSeparator),
-		Rounds:        int64(s.Rounds),
-		MemoryCost:    int64(s.MemoryCost),
+	return internal.HashConfig{
+		"hashAlgorithm": "SCRYPT",
+		"signerKey":     base64.RawURLEncoding.EncodeToString(s.Key),
+		"saltSeparator": base64.RawURLEncoding.EncodeToString(s.SaltSeparator),
+		"rounds":        s.Rounds,
+		"memoryCost":    s.MemoryCost,
 	}, nil
 }
 
@@ -100,7 +99,7 @@ type HMACMD5 struct {
 }
 
 // Config returns the validated hash configuration.
-func (h HMACMD5) Config() (*internal.HashConfig, error) {
+func (h HMACMD5) Config() (internal.HashConfig, error) {
 	return hmacConfig("HMAC_MD5", h.Key)
 }
 
@@ -114,7 +113,7 @@ type HMACSHA1 struct {
 }
 
 // Config returns the validated hash configuration.
-func (h HMACSHA1) Config() (*internal.HashConfig, error) {
+func (h HMACSHA1) Config() (internal.HashConfig, error) {
 	return hmacConfig("HMAC_SHA1", h.Key)
 }
 
@@ -128,7 +127,7 @@ type HMACSHA256 struct {
 }
 
 // Config returns the validated hash configuration.
-func (h HMACSHA256) Config() (*internal.HashConfig, error) {
+func (h HMACSHA256) Config() (internal.HashConfig, error) {
 	return hmacConfig("HMAC_SHA256", h.Key)
 }
 
@@ -142,7 +141,7 @@ type HMACSHA512 struct {
 }
 
 // Config returns the validated hash configuration.
-func (h HMACSHA512) Config() (*internal.HashConfig, error) {
+func (h HMACSHA512) Config() (internal.HashConfig, error) {
 	return hmacConfig("HMAC_SHA512", h.Key)
 }
 
@@ -156,7 +155,7 @@ type MD5 struct {
 }
 
 // Config returns the validated hash configuration.
-func (h MD5) Config() (*internal.HashConfig, error) {
+func (h MD5) Config() (internal.HashConfig, error) {
 	return basicConfig("MD5", h.Rounds)
 }
 
@@ -170,7 +169,7 @@ type PBKDF2SHA256 struct {
 }
 
 // Config returns the validated hash configuration.
-func (h PBKDF2SHA256) Config() (*internal.HashConfig, error) {
+func (h PBKDF2SHA256) Config() (internal.HashConfig, error) {
 	return basicConfig("PBKDF2_SHA256", h.Rounds)
 }
 
@@ -184,7 +183,7 @@ type PBKDFSHA1 struct {
 }
 
 // Config returns the validated hash configuration.
-func (h PBKDFSHA1) Config() (*internal.HashConfig, error) {
+func (h PBKDFSHA1) Config() (internal.HashConfig, error) {
 	return basicConfig("PBKDF_SHA1", h.Rounds)
 }
 
@@ -198,7 +197,7 @@ type SHA1 struct {
 }
 
 // Config returns the validated hash configuration.
-func (h SHA1) Config() (*internal.HashConfig, error) {
+func (h SHA1) Config() (internal.HashConfig, error) {
 	return basicConfig("SHA1", h.Rounds)
 }
 
@@ -212,7 +211,7 @@ type SHA256 struct {
 }
 
 // Config returns the validated hash configuration.
-func (h SHA256) Config() (*internal.HashConfig, error) {
+func (h SHA256) Config() (internal.HashConfig, error) {
 	return basicConfig("SHA256", h.Rounds)
 }
 
@@ -226,27 +225,26 @@ type SHA512 struct {
 }
 
 // Config returns the validated hash configuration.
-func (h SHA512) Config() (*internal.HashConfig, error) {
+func (h SHA512) Config() (internal.HashConfig, error) {
 	return basicConfig("SHA512", h.Rounds)
 }
 
-func hmacConfig(name string, key []byte) (*internal.HashConfig, error) {
+func hmacConfig(name string, key []byte) (internal.HashConfig, error) {
 	if len(key) == 0 {
 		return nil, errors.New("signer key not specified")
 	}
-	return &internal.HashConfig{
-		HashAlgorithm: name,
-		SignerKey:     base64.RawURLEncoding.EncodeToString(key),
+	return internal.HashConfig{
+		"hashAlgorithm": name,
+		"signerKey":     base64.RawURLEncoding.EncodeToString(key),
 	}, nil
 }
 
-func basicConfig(name string, rounds int) (*internal.HashConfig, error) {
+func basicConfig(name string, rounds int) (internal.HashConfig, error) {
 	if rounds < 0 || rounds > 120000 {
 		return nil, errors.New("rounds must be between 0 and 120000")
 	}
-	return &internal.HashConfig{
-		HashAlgorithm:   name,
-		Rounds:          int64(rounds),
-		ForceSendFields: []string{"Rounds"},
+	return internal.HashConfig{
+		"hashAlgorithm": name,
+		"rounds":        rounds,
 	}, nil
 }