From 48cd0b30602e923c88d3d68aa855be0545b50dd9 Mon Sep 17 00:00:00 2001 From: Dong Wook Kim Date: Sat, 12 Aug 2023 11:45:51 +0900 Subject: [PATCH] feat(auth): add signInWithCustomToken method --- auth/auth.go | 46 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 46 insertions(+) diff --git a/auth/auth.go b/auth/auth.go index d6299611..4eee8be7 100644 --- a/auth/auth.go +++ b/auth/auth.go @@ -20,6 +20,7 @@ import ( "context" "errors" "fmt" + "net/http" "os" "strings" "time" @@ -233,6 +234,51 @@ func (c *baseClient) CustomTokenWithClaims(ctx context.Context, uid string, devC return info.Token(ctx, c.signer) } +// SignInWithCustomTokenResponse represents a result of exchanging a custom Auth token. +type SignInWithCustomTokenResponse struct { + // An Identity Platform ID token for the authenticated user. + IdToken string `json:"idToken"` + + // An Identity Platform refresh token for the authenticated user. + RefreshToken string `json:"refreshToken"` + + // The number of seconds until the ID token expires. + ExpiresIn string `json:"expiresIn"` + + // Whether the authenticated user was created by this request. + IsNewUser bool `json:"isNewUser"` +} + +// SignInWithCustomToken signs in or signs up a user by exchanging a custom Auth token. +// Upon a successful sign-in or sign-up, a new Identity Platform ID token and refresh token are +// issued for the user. +func (c *baseClient) SignInWithCustomToken(ctx context.Context, token string, tenantId string) (resp *SignInWithCustomTokenResponse, err error) { + if token == "" { + err = errors.New("custom token must not be empty") + return + } + + payload := map[string]interface{}{ + "token": token, + "returnSecureToken": true, + } + if tenantId != "" { + payload["tenantId"] = tenantId + } + + resp = &SignInWithCustomTokenResponse{} + req := &internal.Request{ + Method: http.MethodPost, + URL: fmt.Sprintf("%s/accounts:signInWithCustomToken", c.userManagementEndpoint), + Body: internal.NewJSONEntity(payload), + } + if _, err = c.httpClient.DoAndUnmarshal(ctx, req, resp); err != nil { + resp = nil + return + } + return +} + // SessionCookie creates a new Firebase session cookie from the given ID token and expiry // duration. The returned JWT can be set as a server-side session cookie with a custom cookie // policy. Expiry duration must be at least 5 minutes but may not exceed 14 days.