From 4bd3b45777475b350b714b9dfe1bdc66f0177e4a Mon Sep 17 00:00:00 2001 From: Jonathan Edey Date: Wed, 20 Nov 2024 14:31:14 -0500 Subject: [PATCH] Remove App Check headers --- appcheck/appcheck.go | 19 ------------------- appcheck/appcheck_test.go | 37 ++++++++++++++++--------------------- firebase.go | 1 - internal/internal.go | 1 - 4 files changed, 16 insertions(+), 42 deletions(-) diff --git a/appcheck/appcheck.go b/appcheck/appcheck.go index 08ce9cdb..89868916 100644 --- a/appcheck/appcheck.go +++ b/appcheck/appcheck.go @@ -18,7 +18,6 @@ package appcheck import ( "context" "errors" - "net/http" "strings" "time" @@ -78,7 +77,6 @@ func NewClient(ctx context.Context, conf *internal.AppCheckConfig) (*Client, err jwks, err := keyfunc.Get(JWKSUrl, keyfunc.Options{ Ctx: ctx, RefreshInterval: 6 * time.Hour, - RequestFactory: makeRequestFactory(conf), }) if err != nil { return nil, err @@ -90,23 +88,6 @@ func NewClient(ctx context.Context, conf *internal.AppCheckConfig) (*Client, err }, nil } -func makeRequestFactory(conf *internal.AppCheckConfig) func(ctx context.Context, url string) (*http.Request, error) { - opts := []internal.HTTPOption{ - internal.WithHeader("x-goog-api-client", internal.GetMetricsHeader(conf.Version)), - } - - return func(ctx context.Context, url string) (*http.Request, error) { - hr, err := http.NewRequestWithContext(ctx, http.MethodGet, url, nil) - if err != nil { - return nil, err - } - for _, o := range opts { - o(hr) - } - return hr, nil - } -} - // VerifyToken verifies the given App Check token. // // VerifyToken considers an App Check token string to be valid if all the following conditions are met: diff --git a/appcheck/appcheck_test.go b/appcheck/appcheck_test.go index 7e5e6026..6cd088c0 100644 --- a/appcheck/appcheck_test.go +++ b/appcheck/appcheck_test.go @@ -17,14 +17,8 @@ import ( "github.com/google/go-cmp/cmp" ) -var testAppCheckConfig = &internal.AppCheckConfig{ - ProjectID: "project_id", - Version: "test-version", -} - func TestVerifyTokenHasValidClaims(t *testing.T) { - var tr http.Request - ts, err := setupFakeJWKS(&tr) + ts, err := setupFakeJWKS() if err != nil { t.Fatalf("Error setting up fake JWKS server: %v", err) } @@ -36,17 +30,15 @@ func TestVerifyTokenHasValidClaims(t *testing.T) { } JWKSUrl = ts.URL + conf := &internal.AppCheckConfig{ + ProjectID: "project_id", + } - client, err := NewClient(context.Background(), testAppCheckConfig) + client, err := NewClient(context.Background(), conf) if err != nil { t.Errorf("Error creating NewClient: %v", err) } - xGoogAPIClientHeader := internal.GetMetricsHeader(testAppCheckConfig.Version) - if h := tr.Header.Get("x-goog-api-client"); h != xGoogAPIClientHeader { - t.Errorf("x-goog-api-client header = %q; want = %q", h, xGoogAPIClientHeader) - } - type appCheckClaims struct { Aud []string `json:"aud"` jwt.RegisteredClaims @@ -177,16 +169,18 @@ func TestVerifyTokenHasValidClaims(t *testing.T) { } func TestVerifyTokenMustExist(t *testing.T) { - var tr http.Request - ts, err := setupFakeJWKS(&tr) + ts, err := setupFakeJWKS() if err != nil { t.Fatalf("Error setting up fake JWK server: %v", err) } defer ts.Close() JWKSUrl = ts.URL + conf := &internal.AppCheckConfig{ + ProjectID: "project_id", + } - client, err := NewClient(context.Background(), testAppCheckConfig) + client, err := NewClient(context.Background(), conf) if err != nil { t.Errorf("Error creating NewClient: %v", err) } @@ -203,8 +197,7 @@ func TestVerifyTokenMustExist(t *testing.T) { } func TestVerifyTokenNotExpired(t *testing.T) { - var tr http.Request - ts, err := setupFakeJWKS(&tr) + ts, err := setupFakeJWKS() if err != nil { t.Fatalf("Error setting up fake JWKS server: %v", err) } @@ -216,8 +209,11 @@ func TestVerifyTokenNotExpired(t *testing.T) { } JWKSUrl = ts.URL + conf := &internal.AppCheckConfig{ + ProjectID: "project_id", + } - client, err := NewClient(context.Background(), testAppCheckConfig) + client, err := NewClient(context.Background(), conf) if err != nil { t.Errorf("Error creating NewClient: %v", err) } @@ -268,13 +264,12 @@ func TestVerifyTokenNotExpired(t *testing.T) { } } -func setupFakeJWKS(tr *http.Request) (*httptest.Server, error) { +func setupFakeJWKS() (*httptest.Server, error) { jwks, err := os.ReadFile("../testdata/mock.jwks.json") if err != nil { return nil, err } ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - *tr = *r w.Write(jwks) })) return ts, nil diff --git a/firebase.go b/firebase.go index cd12a502..98e04a07 100644 --- a/firebase.go +++ b/firebase.go @@ -134,7 +134,6 @@ func (a *App) Messaging(ctx context.Context) (*messaging.Client, error) { func (a *App) AppCheck(ctx context.Context) (*appcheck.Client, error) { conf := &internal.AppCheckConfig{ ProjectID: a.projectID, - Version: Version, } return appcheck.NewClient(ctx, conf) } diff --git a/internal/internal.go b/internal/internal.go index fce5fcae..9fb9e726 100644 --- a/internal/internal.go +++ b/internal/internal.go @@ -77,7 +77,6 @@ type MessagingConfig struct { // AppCheckConfig represents the configuration of App Check service. type AppCheckConfig struct { ProjectID string - Version string } // MockTokenSource is a TokenSource implementation that can be used for testing.