Add a provider test

Author: hsubox76

packages/app-check/src/errors.ts

@@ -54,7 +54,7 @@ const ERRORS: ErrorMap<AppCheckError> = {
   [AppCheckError.STORAGE_WRITE]:
     'Error thrown when writing to storage. Original error: {$originalErrorMessage}.',
   [AppCheckError.RECAPTCHA_ERROR]: 'ReCAPTCHA error.',
-  [AppCheckError.THROTTLED]: `Requests throttled until {$time} due to {$httpStatus} error.`
+  [AppCheckError.THROTTLED]: `Requests throttled due to {$httpStatus} error. Attempts allowed again after {$time}`
 };
 
 interface ErrorParams {
@@ -66,7 +66,7 @@ interface ErrorParams {
   [AppCheckError.STORAGE_OPEN]: { originalErrorMessage?: string };
   [AppCheckError.STORAGE_GET]: { originalErrorMessage?: string };
   [AppCheckError.STORAGE_WRITE]: { originalErrorMessage?: string };
-  [AppCheckError.THROTTLED]: { time: string, httpStatus: number };
+  [AppCheckError.THROTTLED]: { time: string; httpStatus: number };
 }
 
 export const ERROR_FACTORY = new ErrorFactory<AppCheckError, ErrorParams>(

packages/app-check/src/internal-api.test.ts

@@ -364,6 +364,7 @@ describe('internal api', () => {
       );
       expect(token).to.deep.equal({ token: fakeRecaptchaAppCheckToken.token });
     });
+
     it('throttles exponentially on 503', async () => {
       const appCheck = initializeAppCheck(app, {
         provider: new ReCaptchaV3Provider(FAKE_SITE_KEY)
@@ -385,6 +386,7 @@ describe('internal api', () => {
       expect(token.error?.message).to.include('00m');
       expect(warnStub.args[0][0]).to.include('503');
     });
+    
     it('throttles 1d on 403', async () => {
       const appCheck = initializeAppCheck(app, {
         provider: new ReCaptchaV3Provider(FAKE_SITE_KEY)

packages/app-check/src/providers.test.ts

@@ -0,0 +1,96 @@
+import '../test/setup';
+import { getFakeGreCAPTCHA, getFullApp } from '../test/util';
+import { ReCaptchaV3Provider } from './providers';
+import * as client from './client';
+import * as reCAPTCHA from './recaptcha';
+import * as util from './util';
+import { stub, useFakeTimers } from 'sinon';
+import { expect } from 'chai';
+import { FirebaseError } from '@firebase/util';
+import { AppCheckError } from './errors';
+import { clearState } from './state';
+import { deleteApp, FirebaseApp } from '@firebase/app';
+
+describe('ReCaptchaV3Provider', () => {
+  let app: FirebaseApp;
+  let clock = useFakeTimers();
+  beforeEach(() => {
+    clock = useFakeTimers();
+    app = getFullApp();
+    stub(util, 'getRecaptcha').returns(getFakeGreCAPTCHA());
+    stub(reCAPTCHA, 'getToken').returns(
+      Promise.resolve('fake-recaptcha-token')
+    );
+  });
+
+  afterEach(() => {
+    clock.restore();
+    clearState();
+    return deleteApp(app);
+  });
+  it('getToken() gets a token from the exchange endpoint', async () => {
+    const app = getFullApp();
+    const provider = new ReCaptchaV3Provider('fake-site-key');
+    stub(client, 'exchangeToken').resolves({
+      token: 'fake-exchange-token',
+      issuedAtTimeMillis: 0,
+      expireTimeMillis: 10
+    });
+    provider.initialize(app);
+    const token = await provider.getToken();
+    expect(token.token).to.equal('fake-exchange-token');
+  });
+  it('getToken() throttles 1d on 403', async () => {
+    const app = getFullApp();
+    const provider = new ReCaptchaV3Provider('fake-site-key');
+    stub(client, 'exchangeToken').rejects(
+      new FirebaseError(AppCheckError.FETCH_STATUS_ERROR, 'some-message', {
+        httpStatus: 403
+      })
+    );
+    provider.initialize(app);
+    await expect(provider.getToken()).to.be.rejectedWith('1d');
+    // Wait 10s and try again to see if wait time string decreases.
+    clock.tick(10000);
+    await expect(provider.getToken()).to.be.rejectedWith('23h');
+  });
+  it('getToken() throttles exponentially on 503', async () => {
+    const app = getFullApp();
+    const provider = new ReCaptchaV3Provider('fake-site-key');
+    let exchangeTokenStub = stub(client, 'exchangeToken').rejects(
+      new FirebaseError(AppCheckError.FETCH_STATUS_ERROR, 'some-message', {
+        httpStatus: 503
+      })
+    );
+    provider.initialize(app);
+    await expect(provider.getToken()).to.be.rejectedWith('503');
+    expect(exchangeTokenStub).to.be.called;
+    exchangeTokenStub.resetHistory();
+    // Try again immediately, should be rejected.
+    await expect(provider.getToken()).to.be.rejectedWith('503');
+    expect(exchangeTokenStub).not.to.be.called;
+    exchangeTokenStub.resetHistory();
+    // Wait for 1.5 seconds to pass, should call exchange endpoint again
+    // (and be rejected again)
+    clock.tick(1500);
+    await expect(provider.getToken()).to.be.rejectedWith('503');
+    expect(exchangeTokenStub).to.be.called;
+    exchangeTokenStub.resetHistory();
+    // Wait for 10 seconds to pass, should call exchange endpoint again
+    // (and be rejected again)
+    clock.tick(10000);
+    await expect(provider.getToken()).to.be.rejectedWith('503');
+    expect(exchangeTokenStub).to.be.called;
+    // Wait for 10 seconds to pass, should call exchange endpoint again
+    // (and succeed)
+    clock.tick(10000);
+    exchangeTokenStub.restore();
+    exchangeTokenStub = stub(client, 'exchangeToken').resolves({
+      token: 'fake-exchange-token',
+      issuedAtTimeMillis: 0,
+      expireTimeMillis: 10
+    });
+    const token = await provider.getToken();
+    expect(token.token).to.equal('fake-exchange-token');
+  });
+});

packages/app-check/src/providers.ts

@@ -58,20 +58,8 @@ export class ReCaptchaV3Provider implements AppCheckProvider {
    * @internal
    */
   async getToken(): Promise<AppCheckTokenInternal> {
-    if (this._throttleData) {
-      if (Date.now() - this._throttleData.allowRequestsAfter > 0) {
-        // If after throttle timestamp, clear throttle data.
-        this._throttleData = null;
-      } else {
-        // If before, throw.
-        throw ERROR_FACTORY.create(AppCheckError.THROTTLED, {
-          time: new Date(
-            this._throttleData.allowRequestsAfter
-          ).toLocaleString(),
-          httpStatus: this._throttleData.httpStatus
-        });
-      }
-    }
+    throwIfThrottled(this._throttleData);
+
     if (!this._app || !this._platformLoggerProvider) {
       // This should only occur if user has not called initializeAppCheck().
       // We don't have an appName to provide if so.
@@ -92,59 +80,25 @@ export class ReCaptchaV3Provider implements AppCheckProvider {
       );
     } catch (e) {
       if ((e as FirebaseError).code === AppCheckError.FETCH_STATUS_ERROR) {
-        const throttleData = this._setBackoff(
-          Number((e as FirebaseError).customData?.httpStatus)
+        this._throttleData = setBackoff(
+          Number((e as FirebaseError).customData?.httpStatus),
+          this._throttleData
         );
         throw ERROR_FACTORY.create(AppCheckError.THROTTLED, {
-          time: getDurationString(throttleData.allowRequestsAfter - Date.now()),
-          httpStatus: throttleData.httpStatus
+          time: getDurationString(
+            this._throttleData.allowRequestsAfter - Date.now()
+          ),
+          httpStatus: this._throttleData.httpStatus
         });
       } else {
         throw e;
       }
     }
+    // If successful, clear throttle data.
+    this._throttleData = null;
     return result;
   }
 
-  /**
-   * Set throttle data to block requests until after a certain time
-   * depending on the failed request's status code.
-   * @param httpStatus - Status code of failed request.
-   * @returns Data about current throttle state and expiration time.
-   */
-  private _setBackoff(httpStatus: number): ThrottleData {
-    /**
-     * Block retries for 1 day for the following error codes:
-     * 
-     * 404: Likely malformed URL.
-     * 
-     * 403:
-     * - Attestation failed
-     * - Wrong API key
-     * - Project deleted
-     */
-    if (httpStatus === 404 || httpStatus === 403) {
-      this._throttleData = {
-        backoffCount: 1,
-        allowRequestsAfter: Date.now() + ONE_DAY,
-        httpStatus
-      };
-    } else {
-      /**
-       * For all other error codes, the time when it is ok to retry again
-       * is based on exponential backoff.
-       */
-      const backoffCount = this._throttleData ? this._throttleData.backoffCount : 0;
-      const backoffMillis = calculateBackoffMillis(backoffCount, 1000, 2);
-      this._throttleData = {
-        backoffCount: backoffCount + 1,
-        allowRequestsAfter: Date.now() + backoffMillis,
-        httpStatus
-      };
-    }
-    return this._throttleData;
-  }
-
   /**
    * @internal
    */
@@ -227,3 +181,56 @@ export class CustomProvider implements AppCheckProvider {
     }
   }
 }
+
+/**
+ * Set throttle data to block requests until after a certain time
+ * depending on the failed request's status code.
+ * @param httpStatus - Status code of failed request.
+ * @returns Data about current throttle state and expiration time.
+ */
+function setBackoff(
+  httpStatus: number,
+  throttleData: ThrottleData | null
+): ThrottleData {
+  /**
+   * Block retries for 1 day for the following error codes:
+   *
+   * 404: Likely malformed URL.
+   *
+   * 403:
+   * - Attestation failed
+   * - Wrong API key
+   * - Project deleted
+   */
+  if (httpStatus === 404 || httpStatus === 403) {
+    return {
+      backoffCount: 1,
+      allowRequestsAfter: Date.now() + ONE_DAY,
+      httpStatus
+    };
+  } else {
+    /**
+     * For all other error codes, the time when it is ok to retry again
+     * is based on exponential backoff.
+     */
+    const backoffCount = throttleData ? throttleData.backoffCount : 0;
+    const backoffMillis = calculateBackoffMillis(backoffCount, 1000, 2);
+    return {
+      backoffCount: backoffCount + 1,
+      allowRequestsAfter: Date.now() + backoffMillis,
+      httpStatus
+    };
+  }
+}
+
+function throwIfThrottled(throttleData: ThrottleData | null): void {
+  if (throttleData) {
+    if (Date.now() - throttleData.allowRequestsAfter <= 0) {
+      // If before, throw.
+      throw ERROR_FACTORY.create(AppCheckError.THROTTLED, {
+        time: getDurationString(throttleData.allowRequestsAfter - Date.now()),
+        httpStatus: throttleData.httpStatus
+      });
+    }
+  }
+}