Skip to content

Commit

Permalink
Remove App Check headers
Browse files Browse the repository at this point in the history
  • Loading branch information
jonathanedey committed Nov 20, 2024
1 parent c04763b commit 4bd3b45
Show file tree
Hide file tree
Showing 4 changed files with 16 additions and 42 deletions.
19 changes: 0 additions & 19 deletions appcheck/appcheck.go
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,6 @@ package appcheck
import (
"context"
"errors"
"net/http"
"strings"
"time"

Expand Down Expand Up @@ -78,7 +77,6 @@ func NewClient(ctx context.Context, conf *internal.AppCheckConfig) (*Client, err
jwks, err := keyfunc.Get(JWKSUrl, keyfunc.Options{
Ctx: ctx,
RefreshInterval: 6 * time.Hour,
RequestFactory: makeRequestFactory(conf),
})
if err != nil {
return nil, err
Expand All @@ -90,23 +88,6 @@ func NewClient(ctx context.Context, conf *internal.AppCheckConfig) (*Client, err
}, nil
}

func makeRequestFactory(conf *internal.AppCheckConfig) func(ctx context.Context, url string) (*http.Request, error) {
opts := []internal.HTTPOption{
internal.WithHeader("x-goog-api-client", internal.GetMetricsHeader(conf.Version)),
}

return func(ctx context.Context, url string) (*http.Request, error) {
hr, err := http.NewRequestWithContext(ctx, http.MethodGet, url, nil)
if err != nil {
return nil, err
}
for _, o := range opts {
o(hr)
}
return hr, nil
}
}

// VerifyToken verifies the given App Check token.
//
// VerifyToken considers an App Check token string to be valid if all the following conditions are met:
Expand Down
37 changes: 16 additions & 21 deletions appcheck/appcheck_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -17,14 +17,8 @@ import (
"github.com/google/go-cmp/cmp"
)

var testAppCheckConfig = &internal.AppCheckConfig{
ProjectID: "project_id",
Version: "test-version",
}

func TestVerifyTokenHasValidClaims(t *testing.T) {
var tr http.Request
ts, err := setupFakeJWKS(&tr)
ts, err := setupFakeJWKS()
if err != nil {
t.Fatalf("Error setting up fake JWKS server: %v", err)
}
Expand All @@ -36,17 +30,15 @@ func TestVerifyTokenHasValidClaims(t *testing.T) {
}

JWKSUrl = ts.URL
conf := &internal.AppCheckConfig{
ProjectID: "project_id",
}

client, err := NewClient(context.Background(), testAppCheckConfig)
client, err := NewClient(context.Background(), conf)
if err != nil {
t.Errorf("Error creating NewClient: %v", err)
}

xGoogAPIClientHeader := internal.GetMetricsHeader(testAppCheckConfig.Version)
if h := tr.Header.Get("x-goog-api-client"); h != xGoogAPIClientHeader {
t.Errorf("x-goog-api-client header = %q; want = %q", h, xGoogAPIClientHeader)
}

type appCheckClaims struct {
Aud []string `json:"aud"`
jwt.RegisteredClaims
Expand Down Expand Up @@ -177,16 +169,18 @@ func TestVerifyTokenHasValidClaims(t *testing.T) {
}

func TestVerifyTokenMustExist(t *testing.T) {
var tr http.Request
ts, err := setupFakeJWKS(&tr)
ts, err := setupFakeJWKS()
if err != nil {
t.Fatalf("Error setting up fake JWK server: %v", err)
}
defer ts.Close()

JWKSUrl = ts.URL
conf := &internal.AppCheckConfig{
ProjectID: "project_id",
}

client, err := NewClient(context.Background(), testAppCheckConfig)
client, err := NewClient(context.Background(), conf)
if err != nil {
t.Errorf("Error creating NewClient: %v", err)
}
Expand All @@ -203,8 +197,7 @@ func TestVerifyTokenMustExist(t *testing.T) {
}

func TestVerifyTokenNotExpired(t *testing.T) {
var tr http.Request
ts, err := setupFakeJWKS(&tr)
ts, err := setupFakeJWKS()
if err != nil {
t.Fatalf("Error setting up fake JWKS server: %v", err)
}
Expand All @@ -216,8 +209,11 @@ func TestVerifyTokenNotExpired(t *testing.T) {
}

JWKSUrl = ts.URL
conf := &internal.AppCheckConfig{
ProjectID: "project_id",
}

client, err := NewClient(context.Background(), testAppCheckConfig)
client, err := NewClient(context.Background(), conf)
if err != nil {
t.Errorf("Error creating NewClient: %v", err)
}
Expand Down Expand Up @@ -268,13 +264,12 @@ func TestVerifyTokenNotExpired(t *testing.T) {
}
}

func setupFakeJWKS(tr *http.Request) (*httptest.Server, error) {
func setupFakeJWKS() (*httptest.Server, error) {
jwks, err := os.ReadFile("../testdata/mock.jwks.json")
if err != nil {
return nil, err
}
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
*tr = *r
w.Write(jwks)
}))
return ts, nil
Expand Down
1 change: 0 additions & 1 deletion firebase.go
Original file line number Diff line number Diff line change
Expand Up @@ -134,7 +134,6 @@ func (a *App) Messaging(ctx context.Context) (*messaging.Client, error) {
func (a *App) AppCheck(ctx context.Context) (*appcheck.Client, error) {
conf := &internal.AppCheckConfig{
ProjectID: a.projectID,
Version: Version,
}
return appcheck.NewClient(ctx, conf)
}
Expand Down
1 change: 0 additions & 1 deletion internal/internal.go
Original file line number Diff line number Diff line change
Expand Up @@ -77,7 +77,6 @@ type MessagingConfig struct {
// AppCheckConfig represents the configuration of App Check service.
type AppCheckConfig struct {
ProjectID string
Version string
}

// MockTokenSource is a TokenSource implementation that can be used for testing.
Expand Down

0 comments on commit 4bd3b45

Please sign in to comment.