Refactoring the FirebaseAuth Token Verification #246
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Contributor
Author
|
Resolves #65 |
|
|
||
| private CallableOperation<FirebaseToken, FirebaseAuthException> verifySessionCookieOp( | ||
| final String cookie, final boolean checkRevoked) { | ||
| final String cookie, boolean checkRevoked) { |
There was a problem hiding this comment.
I see some more variables in here that can be finalized. Can we change across the board?
src/main/java/com/google/firebase/auth/RevocationCheckDecorator.java
Outdated
Show resolved
Hide resolved
src/main/java/com/google/firebase/auth/RevocationCheckDecorator.java
Outdated
Show resolved
Hide resolved
Contributor
Author
|
Thanks @ashwinraghav. I've addressed your comments. Please take a look. |
Contributor
Author
|
Lot of these methods used to have anonymous inner classes that wrap the arguments. Which is why they are marked |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The implementation of
FirebaseAuthfor the most part is a monolith without clear separation of concerns. It is currently tightly coupled with theFirebaseTokenFactory,FirebaseTokenVerifierandFirebaseUserManagerconcrete classes. Because of this it is difficult to make changes to the individual helper classes, and also it is difficult to properly unit test theFirebaseAuthAPI surface. This is evident from the lack of test coverage in the following classes/packages:This is the first of a series of refactorings I've planned in order to make the implementation more modular and more testable. In this PR I'm mostly focusing on the token verification logic, while keeping user management and custom token creation intact. The key changes include:
FirebaseTokenVerifieris now an interface. This dependency is injected into theFirebaseAuthvia a a builder. This makes it possible to test all token verification APIs by using a mockFirebaseTokenVerifierin unit tests.FirebaseTokenVerifierImplclass provides the default implementation ofFirebaseTokenVerifier. All uses of theIdTokenAPI are handled by this class as implementation details. This encapsulation enables us to easily change how we parse/verify ID tokens in the future (if the need ever arises).FirebaseTokenVerifierinterface, and engaged as needed via the decorator pattern.FirebaseTokenimplementation has been decoupled from the Google API client'sIdTokenimplementation.Supplier<T>interface to inject token verifier dependencies intoFirebaseAuth. In addition to dependency injection, this provides us an elegant way to implement lazy loading as well.Test coverage numbers after this change: