From c294161591edff20a6382b4db0f81b854f37baa6 Mon Sep 17 00:00:00 2001 From: sapuri Date: Fri, 21 Jul 2023 03:16:17 +0900 Subject: [PATCH 1/7] fix(messaging): correct comment (#571) --- messaging/messaging_batch.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/messaging/messaging_batch.go b/messaging/messaging_batch.go index 536227d8..c8ed63fa 100644 --- a/messaging/messaging_batch.go +++ b/messaging/messaging_batch.go @@ -116,7 +116,7 @@ func (c *fcmClient) SendEachDryRun(ctx context.Context, messages []*Message) (*B return c.sendEachInBatch(ctx, messages, true) } -// SendMulticast sends the given multicast message to all the FCM registration tokens specified. +// SendEachForMulticast sends the given multicast message to all the FCM registration tokens specified. // // The tokens array in MulticastMessage may contain up to 500 tokens. SendMulticast uses the // SendEach() function to send the given message to all the target recipients. The From 2ec220a539e22909cfcd7ae1870045dd2120d9bb Mon Sep 17 00:00:00 2001 From: Ivan Stasiuk Date: Wed, 6 Sep 2023 19:03:08 +0100 Subject: [PATCH 2/7] fix(auth): Allow to update MFA (#530) * fix: MFA uid can be empty string * fix: update request have different structure * test: cover changes * fix: display name required for MFA * chore: link to the mfa --- auth/user_mgt.go | 20 ++++++++++++-------- auth/user_mgt_test.go | 25 +++++++++++-------------- 2 files changed, 23 insertions(+), 22 deletions(-) diff --git a/auth/user_mgt.go b/auth/user_mgt.go index fe6ac986..338a976c 100644 --- a/auth/user_mgt.go +++ b/auth/user_mgt.go @@ -68,6 +68,10 @@ type multiFactorInfoResponse struct { EnrolledAt string `json:"enrolledAt,omitempty"` } +type multiFactorEnrollments struct { + Enrollments []*multiFactorInfoResponse `json:"enrollments"` +} + // MultiFactorInfo describes a user enrolled second phone factor. // TODO : convert PhoneNumber to PhoneMultiFactorInfo struct type MultiFactorInfo struct { @@ -166,18 +170,19 @@ func (u *UserToCreate) set(key string, value interface{}) *UserToCreate { // Converts a client format second factor object to server format. func convertMultiFactorInfoToServerFormat(mfaInfo MultiFactorInfo) (multiFactorInfoResponse, error) { - var authFactorInfo multiFactorInfoResponse + authFactorInfo := multiFactorInfoResponse{DisplayName: mfaInfo.DisplayName} if mfaInfo.EnrollmentTimestamp != 0 { authFactorInfo.EnrolledAt = time.Unix(mfaInfo.EnrollmentTimestamp, 0).Format("2006-01-02T15:04:05Z07:00Z") } + if mfaInfo.UID != "" { + authFactorInfo.MFAEnrollmentID = mfaInfo.UID + } if mfaInfo.FactorID == phoneMultiFactorID { authFactorInfo.PhoneInfo = mfaInfo.PhoneNumber - authFactorInfo.DisplayName = mfaInfo.DisplayName - authFactorInfo.MFAEnrollmentID = mfaInfo.UID return authFactorInfo, nil } out, _ := json.Marshal(mfaInfo) - return multiFactorInfoResponse{}, fmt.Errorf("Unsupported second factor %s provided", string(out)) + return multiFactorInfoResponse{}, fmt.Errorf("unsupported second factor %s provided", string(out)) } func (u *UserToCreate) validatedRequest() (map[string]interface{}, error) { @@ -333,7 +338,9 @@ func (u *UserToUpdate) validatedRequest() (map[string]interface{}, error) { if err != nil { return nil, err } - req["mfaInfo"] = mfaInfo + + // https://cloud.google.com/identity-platform/docs/reference/rest/v1/accounts/update + req["mfa"] = multiFactorEnrollments{mfaInfo} } else { req[k] = v } @@ -665,9 +672,6 @@ func validateAndFormatMfaSettings(mfaSettings MultiFactorSettings, methodType st return nil, fmt.Errorf("\"uid\" is not supported when adding second factors via \"createUser()\"") } case updateUserMethod: - if multiFactorInfo.UID == "" { - return nil, fmt.Errorf("the second factor \"uid\" must be a valid non-empty string when adding second factors via \"updateUser()\"") - } default: return nil, fmt.Errorf("unsupported methodType: %s", methodType) } diff --git a/auth/user_mgt_test.go b/auth/user_mgt_test.go index 943810cd..5143a2ff 100644 --- a/auth/user_mgt_test.go +++ b/auth/user_mgt_test.go @@ -894,17 +894,6 @@ func TestInvalidUpdateUser(t *testing.T) { }, }), `the second factor "phoneNumber" for "invalid" must be a non-empty E.164 standard compliant identifier string`, - }, { - (&UserToUpdate{}).MFASettings(MultiFactorSettings{ - EnrolledFactors: []*MultiFactorInfo{ - { - PhoneNumber: "+11234567890", - FactorID: "phone", - DisplayName: "Spouse's phone number", - }, - }, - }), - `the second factor "uid" must be a valid non-empty string when adding second factors via "updateUser()"`, }, { (&UserToUpdate{}).ProviderToLink(&UserProvider{UID: "google_uid"}), "user provider must specify a provider ID", @@ -1059,10 +1048,14 @@ var updateUserCases = []struct { PhoneNumber: "+11234567890", DisplayName: "Spouse's phone number", FactorID: "phone", + }, { + PhoneNumber: "+11234567890", + DisplayName: "Spouse's phone number", + FactorID: "phone", }, }, }), - map[string]interface{}{"mfaInfo": []*multiFactorInfoResponse{ + map[string]interface{}{"mfa": multiFactorEnrollments{Enrollments: []*multiFactorInfoResponse{ { MFAEnrollmentID: "enrolledSecondFactor1", PhoneInfo: "+11234567890", @@ -1074,12 +1067,16 @@ var updateUserCases = []struct { DisplayName: "Spouse's phone number", PhoneInfo: "+11234567890", }, - }, + { + DisplayName: "Spouse's phone number", + PhoneInfo: "+11234567890", + }, + }}, }, }, { (&UserToUpdate{}).MFASettings(MultiFactorSettings{}), - map[string]interface{}{"mfaInfo": nil}, + map[string]interface{}{"mfa": multiFactorEnrollments{Enrollments: nil}}, }, { (&UserToUpdate{}).ProviderToLink(&UserProvider{ From 78879ebc15e3afc7c7394c52c089501e08f20136 Mon Sep 17 00:00:00 2001 From: Lahiru Maramba Date: Thu, 21 Sep 2023 12:47:01 -0400 Subject: [PATCH 3/7] [chore] Release 4.12.1 (#581) --- firebase.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/firebase.go b/firebase.go index fb3b0b47..368ae962 100644 --- a/firebase.go +++ b/firebase.go @@ -39,7 +39,7 @@ import ( var defaultAuthOverrides = make(map[string]interface{}) // Version of the Firebase Go Admin SDK. -const Version = "4.12.0" +const Version = "4.12.1" // firebaseEnvName is the name of the environment variable with the Config. const firebaseEnvName = "FIREBASE_CONFIG" From 19f66b9aff5038fc5e9a4f518a45bda82582c52f Mon Sep 17 00:00:00 2001 From: Lahiru Maramba Date: Mon, 25 Sep 2023 12:22:05 -0400 Subject: [PATCH 4/7] Revert "[chore] Release 4.12.1 (#581)" (#582) This reverts commit 78879ebc15e3afc7c7394c52c089501e08f20136. --- firebase.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/firebase.go b/firebase.go index 368ae962..fb3b0b47 100644 --- a/firebase.go +++ b/firebase.go @@ -39,7 +39,7 @@ import ( var defaultAuthOverrides = make(map[string]interface{}) // Version of the Firebase Go Admin SDK. -const Version = "4.12.1" +const Version = "4.12.0" // firebaseEnvName is the name of the environment variable with the Config. const firebaseEnvName = "FIREBASE_CONFIG" From 6e86ce8063609a5c2faff2c96395aa8a3f59103e Mon Sep 17 00:00:00 2001 From: Lahiru Maramba Date: Mon, 25 Sep 2023 12:35:10 -0400 Subject: [PATCH 5/7] [chore] Release 4.12.1 (#583) - Release 4.12.1 --- firebase.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/firebase.go b/firebase.go index fb3b0b47..368ae962 100644 --- a/firebase.go +++ b/firebase.go @@ -39,7 +39,7 @@ import ( var defaultAuthOverrides = make(map[string]interface{}) // Version of the Firebase Go Admin SDK. -const Version = "4.12.0" +const Version = "4.12.1" // firebaseEnvName is the name of the environment variable with the Config. const firebaseEnvName = "FIREBASE_CONFIG" From f1a8863255ad01af7fe38f8dc9b73a48c9991c1b Mon Sep 17 00:00:00 2001 From: Lahiru Maramba Date: Mon, 25 Sep 2023 16:09:15 -0400 Subject: [PATCH 6/7] [chore] Release Debugging release.yml (#584) * Debugging release.yml - Release workflow does not get triggered during the GHA release process. - Debugging the script manually to investigate the issue. * Update release.yml * Update release.yml --- .github/workflows/release.yml | 113 ++++++++++++++++++++-------------- 1 file changed, 67 insertions(+), 46 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index ee7b10a2..f2c1868f 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -70,62 +70,83 @@ jobs: # 2. to the dev branch # 3. with the label 'release:publish', and # 4. the title prefix '[chore] Release '. - if: github.event.pull_request.merged && - github.ref == 'dev' && - contains(github.event.pull_request.labels.*.name, 'release:publish') && - startsWith(github.event.pull_request.title, '[chore] Release ') +# if: github.event.pull_request.merged && +# github.ref == 'dev' && +# contains(github.event.pull_request.labels.*.name, 'release:publish') && +# startsWith(github.event.pull_request.title, '[chore] Release ') +# runs-on: ubuntu-latest steps: - - name: Checkout source for publish - uses: actions/checkout@v2 - with: - persist-credentials: false + - name: github.ref + run: echo ${{ github.ref }} + + - name: github.event.pull_request.merged + run: echo ${{ github.event.pull_request.merged }} + + - name: contains(github.event.pull_request.labels.*.name, 'release:publish') + run: echo ${{ contains(github.event.pull_request.labels.*.name, 'release:publish') }} + + - name: startsWith(github.event.pull_request.title, '[chore] Release ') + run: echo ${{ startsWith(github.event.pull_request.title, '[chore] Release ') }} - - name: Publish preflight check - id: preflight - run: ./.github/scripts/publish_preflight_check.sh + - name: check all conditions + run: echo 'all true' + if: github.event.pull_request.merged && + github.ref == 'dev' && + contains(github.event.pull_request.labels.*.name, 'release:publish') && + startsWith(github.event.pull_request.title, '[chore] Release ') + +# steps: +# - name: Checkout source for publish +# uses: actions/checkout@v2 +# with: +# persist-credentials: false + +# - name: Publish preflight check +# id: preflight +# run: ./.github/scripts/publish_preflight_check.sh # We authorize this step with an access token that has write access to the master branch. - - name: Merge to master - uses: actions/github-script@0.9.0 - with: - github-token: ${{ secrets.FIREBASE_GITHUB_TOKEN }} - script: | - github.repos.merge({ - owner: context.repo.owner, - repo: context.repo.repo, - base: 'master', - head: 'dev' - }) +# - name: Merge to master +# uses: actions/github-script@0.9.0 +# with: +# github-token: ${{ secrets.FIREBASE_GITHUB_TOKEN }} +# script: | +# github.repos.merge({ +# owner: context.repo.owner, +# repo: context.repo.repo, +# base: 'master', +# head: 'dev' +# }) # We pull this action from a custom fork of a contributor until # https://github.com/actions/create-release/pull/32 is merged. Also note that v1 of # this action does not support the "body" parameter. - - name: Create release tag - uses: fleskesvor/create-release@1a72e235c178bf2ae6c51a8ae36febc24568c5fe - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - tag_name: ${{ steps.preflight.outputs.version }} - release_name: Firebase Admin Go SDK ${{ steps.preflight.outputs.version }} - body: ${{ steps.preflight.outputs.changelog }} - commitish: master - draft: false - prerelease: false +# - name: Create release tag +# uses: fleskesvor/create-release@1a72e235c178bf2ae6c51a8ae36febc24568c5fe +# env: +# GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} +# with: +# tag_name: ${{ steps.preflight.outputs.version }} +# release_name: Firebase Admin Go SDK ${{ steps.preflight.outputs.version }} +# body: ${{ steps.preflight.outputs.changelog }} +# commitish: master +# draft: false +# prerelease: false # Post to Twitter if explicitly opted-in by adding the label 'release:tweet'. - - name: Post to Twitter - if: success() && - contains(github.event.pull_request.labels.*.name, 'release:tweet') - uses: firebase/firebase-admin-node/.github/actions/send-tweet@master - with: - status: > - ${{ steps.preflight.outputs.version }} of @Firebase Admin Go SDK is available. - https://github.com/firebase/firebase-admin-go/releases/tag/${{ steps.preflight.outputs.version }} - consumer-key: ${{ secrets.FIREBASE_TWITTER_CONSUMER_KEY }} - consumer-secret: ${{ secrets.FIREBASE_TWITTER_CONSUMER_SECRET }} - access-token: ${{ secrets.FIREBASE_TWITTER_ACCESS_TOKEN }} - access-token-secret: ${{ secrets.FIREBASE_TWITTER_ACCESS_TOKEN_SECRET }} - continue-on-error: true +# - name: Post to Twitter +# if: success() && +# contains(github.event.pull_request.labels.*.name, 'release:tweet') +# uses: firebase/firebase-admin-node/.github/actions/send-tweet@master +# with: +# status: > +# ${{ steps.preflight.outputs.version }} of @Firebase Admin Go SDK is available. +# https://github.com/firebase/firebase-admin-go/releases/tag/${{ steps.preflight.outputs.version }} +# consumer-key: ${{ secrets.FIREBASE_TWITTER_CONSUMER_KEY }} +# consumer-secret: ${{ secrets.FIREBASE_TWITTER_CONSUMER_SECRET }} +# access-token: ${{ secrets.FIREBASE_TWITTER_ACCESS_TOKEN }} +# access-token-secret: ${{ secrets.FIREBASE_TWITTER_ACCESS_TOKEN_SECRET }} +# continue-on-error: true From 5e861fd2f227914dcef56376f34d0cfaf4250ef9 Mon Sep 17 00:00:00 2001 From: Lahiru Maramba Date: Mon, 25 Sep 2023 16:41:11 -0400 Subject: [PATCH 7/7] [chore] Release 4.12.1 take 3 (#585) - Fixes the release workflow to match the updates to`github.ref`. - `github.ref` now returns a fully-formed value `refs/heads/dev` instead of just `dev`. - See https://github.blog/changelog/2023-09-13-github-actions-updates-to-github_ref-and-github-ref/ --- .github/workflows/release.yml | 113 ++++++++++++++-------------------- 1 file changed, 46 insertions(+), 67 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index f2c1868f..76d35e6b 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -70,83 +70,62 @@ jobs: # 2. to the dev branch # 3. with the label 'release:publish', and # 4. the title prefix '[chore] Release '. -# if: github.event.pull_request.merged && -# github.ref == 'dev' && -# contains(github.event.pull_request.labels.*.name, 'release:publish') && -# startsWith(github.event.pull_request.title, '[chore] Release ') -# + if: github.event.pull_request.merged && + github.ref == 'refs/heads/dev' && + contains(github.event.pull_request.labels.*.name, 'release:publish') && + startsWith(github.event.pull_request.title, '[chore] Release ') runs-on: ubuntu-latest steps: - - name: github.ref - run: echo ${{ github.ref }} - - - name: github.event.pull_request.merged - run: echo ${{ github.event.pull_request.merged }} - - - name: contains(github.event.pull_request.labels.*.name, 'release:publish') - run: echo ${{ contains(github.event.pull_request.labels.*.name, 'release:publish') }} - - - name: startsWith(github.event.pull_request.title, '[chore] Release ') - run: echo ${{ startsWith(github.event.pull_request.title, '[chore] Release ') }} - - - name: check all conditions - run: echo 'all true' - if: github.event.pull_request.merged && - github.ref == 'dev' && - contains(github.event.pull_request.labels.*.name, 'release:publish') && - startsWith(github.event.pull_request.title, '[chore] Release ') - -# steps: -# - name: Checkout source for publish -# uses: actions/checkout@v2 -# with: -# persist-credentials: false + - name: Checkout source for publish + uses: actions/checkout@v2 + with: + persist-credentials: false -# - name: Publish preflight check -# id: preflight -# run: ./.github/scripts/publish_preflight_check.sh + - name: Publish preflight check + id: preflight + run: ./.github/scripts/publish_preflight_check.sh # We authorize this step with an access token that has write access to the master branch. -# - name: Merge to master -# uses: actions/github-script@0.9.0 -# with: -# github-token: ${{ secrets.FIREBASE_GITHUB_TOKEN }} -# script: | -# github.repos.merge({ -# owner: context.repo.owner, -# repo: context.repo.repo, -# base: 'master', -# head: 'dev' -# }) + - name: Merge to master + uses: actions/github-script@0.9.0 + with: + github-token: ${{ secrets.FIREBASE_GITHUB_TOKEN }} + script: | + github.repos.merge({ + owner: context.repo.owner, + repo: context.repo.repo, + base: 'master', + head: 'dev' + }) # We pull this action from a custom fork of a contributor until # https://github.com/actions/create-release/pull/32 is merged. Also note that v1 of # this action does not support the "body" parameter. -# - name: Create release tag -# uses: fleskesvor/create-release@1a72e235c178bf2ae6c51a8ae36febc24568c5fe -# env: -# GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} -# with: -# tag_name: ${{ steps.preflight.outputs.version }} -# release_name: Firebase Admin Go SDK ${{ steps.preflight.outputs.version }} -# body: ${{ steps.preflight.outputs.changelog }} -# commitish: master -# draft: false -# prerelease: false + - name: Create release tag + uses: fleskesvor/create-release@1a72e235c178bf2ae6c51a8ae36febc24568c5fe + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + tag_name: ${{ steps.preflight.outputs.version }} + release_name: Firebase Admin Go SDK ${{ steps.preflight.outputs.version }} + body: ${{ steps.preflight.outputs.changelog }} + commitish: master + draft: false + prerelease: false # Post to Twitter if explicitly opted-in by adding the label 'release:tweet'. -# - name: Post to Twitter -# if: success() && -# contains(github.event.pull_request.labels.*.name, 'release:tweet') -# uses: firebase/firebase-admin-node/.github/actions/send-tweet@master -# with: -# status: > -# ${{ steps.preflight.outputs.version }} of @Firebase Admin Go SDK is available. -# https://github.com/firebase/firebase-admin-go/releases/tag/${{ steps.preflight.outputs.version }} -# consumer-key: ${{ secrets.FIREBASE_TWITTER_CONSUMER_KEY }} -# consumer-secret: ${{ secrets.FIREBASE_TWITTER_CONSUMER_SECRET }} -# access-token: ${{ secrets.FIREBASE_TWITTER_ACCESS_TOKEN }} -# access-token-secret: ${{ secrets.FIREBASE_TWITTER_ACCESS_TOKEN_SECRET }} -# continue-on-error: true + - name: Post to Twitter + if: success() && + contains(github.event.pull_request.labels.*.name, 'release:tweet') + uses: firebase/firebase-admin-node/.github/actions/send-tweet@master + with: + status: > + ${{ steps.preflight.outputs.version }} of @Firebase Admin Go SDK is available. + https://github.com/firebase/firebase-admin-go/releases/tag/${{ steps.preflight.outputs.version }} + consumer-key: ${{ secrets.FIREBASE_TWITTER_CONSUMER_KEY }} + consumer-secret: ${{ secrets.FIREBASE_TWITTER_CONSUMER_SECRET }} + access-token: ${{ secrets.FIREBASE_TWITTER_ACCESS_TOKEN }} + access-token-secret: ${{ secrets.FIREBASE_TWITTER_ACCESS_TOKEN_SECRET }} + continue-on-error: true