Auth cookie persistence #8839
Auth cookie persistence #8839
Conversation
|
| @@ -241,6 +242,9 @@ export async function _performSignInRequest<T, V extends IdTokenResponse>( | |||
| request?: T, | |||
| customErrorMap: Partial<ServerErrorMap<ServerError>> = {} | |||
| ): Promise<V> { | |||
| // TODO(jamedaniels) if auth persistence is cookie, proxy through the server endpoint | |||
There was a problem hiding this comment.
Could you remove the completed TODO comments from the source if they're actually done. It would help with the review.
| @@ -44,6 +44,8 @@ export class UserCredentialImpl | |||
| this.operationType = params.operationType; | |||
| } | |||
|
|
|||
| // TODO(jamesdaniels) fetch the user credential from the cookie and response returned from the | |||
| @@ -62,6 +62,8 @@ export interface UserInternal extends User { | |||
|
|
|||
| auth: AuthInternal; | |||
| providerId: ProviderId.FIREBASE; | |||
| // TODO(jamesdaniels): refreshToken should either be optional or a sentinel value for COOKIE | |||
| @@ -0,0 +1,82 @@ | |||
| /** | |||
| * @license | |||
| * Copyright 2019 Google LLC | |||
| export class CookiePersistence implements PersistenceInternal { | ||
| static type: 'COOKIE' = 'COOKIE'; | ||
| readonly type = PersistenceType.COOKIE; | ||
| listeners: Map<StorageEventListener, (e: any) => void> = new Map(); |
There was a problem hiding this comment.
I think our linter frowns up on the use of any.
| readonly type = PersistenceType.COOKIE; | ||
| listeners: Map<StorageEventListener, (e: any) => void> = new Map(); | ||
|
|
||
| async _isAvailable(): Promise<boolean> { |
There was a problem hiding this comment.
Could you add class and method comments?
| } | ||
|
|
||
| /** | ||
| * An implementation of {@link Persistence} of type 'NONE'. |
There was a problem hiding this comment.
Isn't this of type COOKIE?
There was a problem hiding this comment.
heh, yeah copy-pasta
| @@ -1,5 +1,5 @@ | |||
| { | |||
| "extends": "../../config/api-extractor.json", | |||
| // Point it to your entry point d.ts file. | |||
| "mainEntryPointFilePath": "<projectFolder>/dist/rules-unit-testing/index.d.ts" | |||
| "mainEntryPointFilePath": "<projectFolder>/dist/index.d.ts" | |||
There was a problem hiding this comment.
Why is this change in here?
There was a problem hiding this comment.
No idea, I should have left a comment this was to fix the build
| @@ -241,6 +242,9 @@ export async function _performSignInRequest<T, V extends IdTokenResponse>( | |||
| request?: T, | |||
| customErrorMap: Partial<ServerErrorMap<ServerError>> = {} | |||
| ): Promise<V> { | |||
| // TODO(jamedaniels) if auth persistence is cookie, proxy through the server endpoint | |||
There was a problem hiding this comment.
Could you remove the completed TODO comments from the source if they're actually done. It would help with the review.
| return null; | ||
| } | ||
| if (typeof blob === 'string') { | ||
| const response = await getAccountInfo(this.auth, { idToken: blob }); |
There was a problem hiding this comment.
Should we check if the token is still valid and return null if it's not? We already have validateTokenTTL in app/src/firebaseServerApp.ts which could be brought into our utils package.
There was a problem hiding this comment.
Have you tested this with an invalid token to see how it behaves?
There was a problem hiding this comment.
Thinking about this, in normal operation this shouldn't happen, as the server-side route should be covered by middleware which will return set-cookie—but if the developer made a mistake and didn't cover the route with middleware then this could expire—so we should handle & log a sensible error.
| if (blob) { | ||
| const user = UserImpl._fromJSON(auth, blob); // throws for unparsable blob (wrong format) | ||
| let user: UserInternal; |
There was a problem hiding this comment.
Same here, what if the token isn't valid or has expired?
| @@ -845,6 +845,7 @@ export class AuthImpl implements AuthInternal, _FirebaseService { | |||
| } | |||
|
|
|||
| async _getAppCheckToken(): Promise<string | undefined> { | |||
| // @ts-ignore | |||
There was a problem hiding this comment.
Should not be needed, my local build was broken without it.
| listeners: Map<StorageEventListener, (e: any) => void> = new Map(); | ||
|
|
||
| async _isAvailable(): Promise<boolean> { | ||
| return navigator.hasOwnProperty('cookieEnabled') ? |
There was a problem hiding this comment.
Probably need a check on typeof navigator !== 'undefined' just in case. IndexedDB persistence has a check on if (!indexedDB) inside a try/catch which I think also works.
| (path.startsWith('/v1/accounts:signIn') || path === Endpoint.TOKEN) | ||
| ) { | ||
| const params = new URLSearchParams({ finalTarget }); | ||
| return `${window.location.origin}/__cookies__?${params.toString()}`; |
There was a problem hiding this comment.
I think this function can be called in Node so we may have to make sure window doesn't throw. I'm not sure if the === PersistenceType.COOKIE is a guarantee that we're in browser, maybe safer to explicitly check for window. What's the "don't use startsWith v1/accounts" comment about?
Proof-of-concept of go/firebase-auth-cookie-persistence, pair with this NextJS middleware.
Demo here—login restricted to
@google.comGoogle accounts. Only confirmed working in desktop Chrome ATM.Principles of operation:
COOKIE/__cookie__, which is handled by the NextJS middleware. The middleware this redacts the refreshToken and stores it in an HTTP-only cookie, the idToken is stored in an JS-readable cookiegetCurrentUser()internally can accept an idToken and will initiated a fetch request to get the user-details""and will make a best-effort attempt to hit/__cookie__, the middleware treats the blank string as a logout and will delete the refreshToken cookie if seenThere's a lot to clean up here, some high level things that need to be addressed
/__cookie__URL, this should come from the persistence manager and be configurablesetPersistence(auth, cookiePersistence)was acting up, need to look into this, probably something to do with upgradesFor the middleware:
@firebase/auth