trchopan / firebase-auth Goto Github PK

Hi! I'm working on a multi-page app using firebase auth. I'd really like to use this crate to manage authentication, but it's not possible to include the required header with every page load. Firebase does make it possible to use session cookies for similar use-cases. Is this within scope for this library?

this could cause a deadlock

    async fn start_key_update(&mut self) {
    ...
    let mut verifier = verifier_ref.lock().unwrap();

especially when only one thread is configured for async Runtime

When the app runs for an extended period, the public keys fail to update, resulting in a VerificationError::NotfoundMatchKid. This issue seems to occur specifically with the axum integration.

The root cause lies in the FirebaseAuthState. During its cloning process, it also clones FirebaseAuth. However, when one of these clones is dropped, the Drop handler of FirebaseAuth cancels the future spawned in start_key_update.

I am willing to address this issue, but it will necessitate changes that are not backward compatible. Specifically, I propose modifying FirebaseAuthState to contain Arc<FirebaseAuth> instead of FirebaseAuth, and removing the FromRef<FirebaseAuthState> for FirebaseAuth implementation.

Additionally, another issue arises within the start_key_update function. Based on the logs, it appears that there should be a loop statement somewhere, but it's missing. Upon reviewing a commit from 8 months ago, it seems that the loop was accidentally removed. It was present before.

Hi!

I am quite new to Rust so not sure if I am approaching this the wrong way.

Would it be possible to use a trait instead of a struct in FirebaseAuthState so that I can supply my own implementation of the trait in testing? For example if I want to integration-test and control which tokens passes validation or not.

I'm not sure if this is just for users who signed up through email or if it's something Firebase changed for everyone, but if name and picture aren't available for a user, it causes the authentication process to fail.

hello.
I am using firebase and hasura together.
I'm trying to create an API server with rust, and I found the firebase_auth rust.
However, I cannot get it from claims as shown below.
The reason is that the struct FirebaseUser struct is fixed.

https://github.com/trchopan/firebase-auth/blob/main/firebase-auth/src/structs.rs#L30C1-L30C26
To solve the problem, claims need to be used flexibly. What method should I use?

{
    'https://hasura.io/jwt/claims': {
        'x-hasura-default-role': 'user',
        'x-hasura-allowed-roles': ['user'],
        'x-hasura-user-id': user_id
    },
    'iss': 'https://securetoekn.google.com/example-app',
    'aud': 'example-app',
    'auth_time: 0000000,
    'user_id: firebase_auth_user_id,
    ....
};

JWT for anonymous sign-in looks like this:

{
  "provider_id": "anonymous",
  "iss": "https://securetoken.google.com/example-app-a1234",
  "aud": "example-app-a1234",
  "auth_time": 1688463060,
  "user_id": "aaaaaaaaaaaaaaaaaaaaaaaaaaaa",
  "sub": "aaaaaaaaaaaaaaaaaaaaaaaaaaaa",
  "iat": 1689243393,
  "exp": 1689246993,
  "firebase": {
    "identities": {},
    "sign_in_provider": "anonymous"
  }
}

changes:

• Add an optional provider_id string
• Make email optional
• Make email_verified optional