Skip to content

Commit dae8b2c

Browse files
lahirumarambakevinthecheung
lahirumaramba
and
kevinthecheung
committed
Add FAC Verify Token API (#26)
* (feat): Add FAC Verify token API - Re-try with all the keys when kid is not present in the token header. - Add JWKS key fetcher - Add public API for FAC verify token * Add ref docs and unit tests * PR fixes * Update api extractor report * Add more tests for token-verifier * export jwks key pairs * PR fixes * More PR fixes * Update src/app-check/index.ts Co-authored-by: Kevin Cheung <[email protected]> Co-authored-by: Kevin Cheung <[email protected]>
1 parent 14c744d commit dae8b2c

16 files changed

+1148
-83
lines changed

docgen/content-sources/node/toc.yaml

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -19,6 +19,18 @@ toc:
1919
- title: "App"
2020
path: /docs/reference/admin/node/admin.app.App-1
2121

22+
- title: "admin.appCheck"
23+
path: /docs/reference/admin/node/admin.appCheck
24+
section:
25+
- title: "AppCheck"
26+
path: /docs/reference/admin/node/admin.appCheck.AppCheck-1
27+
- title: "AppCheckToken"
28+
path: /docs/reference/admin/node/admin.appCheck.AppCheckToken
29+
- title: "DecodedAppCheckToken"
30+
path: /docs/reference/admin/node/admin.appCheck.DecodedAppCheckToken
31+
- title: "VerifyAppCheckTokenResponse"
32+
path: /docs/reference/admin/node/admin.appCheck.VerifyAppCheckTokenResponse
33+
2234
- title: "admin.auth"
2335
path: /docs/reference/admin/node/admin.auth
2436
section:

etc/firebase-admin.api.md

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -52,11 +52,26 @@ export namespace appCheck {
5252
// (undocumented)
5353
app: app.App;
5454
createToken(appId: string): Promise<AppCheckToken>;
55+
verifyToken(appCheckToken: string): Promise<VerifyAppCheckTokenResponse>;
5556
}
5657
export interface AppCheckToken {
5758
token: string;
5859
ttlMillis: number;
5960
}
61+
export interface DecodedAppCheckToken {
62+
// (undocumented)
63+
[key: string]: any;
64+
app_id: string;
65+
aud: string[];
66+
exp: number;
67+
iat: number;
68+
iss: string;
69+
sub: string;
70+
}
71+
export interface VerifyAppCheckTokenResponse {
72+
appId: string;
73+
token: appCheck.DecodedAppCheckToken;
74+
}
6075
}
6176

6277
// @public

package-lock.json

Lines changed: 153 additions & 15 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

package.json

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -61,6 +61,7 @@
6161
"@types/node": "^10.10.0",
6262
"dicer": "^0.3.0",
6363
"jsonwebtoken": "^8.5.1",
64+
"jwks-rsa": "^2.0.2",
6465
"node-forge": "^0.10.0"
6566
},
6667
"optionalDependencies": {

src/app-check/app-check-api-client-internal.ts

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -205,6 +205,7 @@ export type AppCheckErrorCode =
205205
| 'permission-denied'
206206
| 'unauthenticated'
207207
| 'not-found'
208+
| 'app-check-token-expired'
208209
| 'unknown-error';
209210

210211
/**

0 commit comments

Comments
 (0)