Refactor token verifier URL generation

firebase · Sep 11, 2024 · 604af8d · 604af8d
1 parent 6c999a4
commit 604af8d
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 9 deletions.
diff --git a/appcheck/appcheck.go b/appcheck/appcheck.go
@@ -36,7 +36,7 @@ var JWKSUrl = "https://firebaseappcheck.googleapis.com/v1beta/jwks"
 
 const appCheckIssuer = "https://firebaseappcheck.googleapis.com/"
 
-const tokenVerificationUrlFormat = "https://firebaseappcheck.googleapis.com/v1beta/projects/%s:verifyAppCheckToken"
+const tokenVerifierBaseUrl = "https://firebaseappcheck.googleapis.com"
 
 var (
 	// ErrIncorrectAlgorithm is returned when the token is signed with a non-RSA256 algorithm.
@@ -72,9 +72,9 @@ type DecodedAppCheckToken struct {
 
 // Client is the interface for the Firebase App Check service.
 type Client struct {
-	projectID            string
-	jwks                 *keyfunc.JWKS
-	tokenVerificationUrl string
+	projectID        string
+	jwks             *keyfunc.JWKS
+	tokenVerifierUrl string
 }
 
 // NewClient creates a new instance of the Firebase App Check Client.
@@ -92,9 +92,9 @@ func NewClient(ctx context.Context, conf *internal.AppCheckConfig) (*Client, err
 	}
 
 	return &Client{
-		projectID:            conf.ProjectID,
-		jwks:                 jwks,
-		tokenVerificationUrl: fmt.Sprintf(tokenVerificationUrlFormat, conf.ProjectID),
+		projectID:        conf.ProjectID,
+		jwks:             jwks,
+		tokenVerifierUrl: buildTokenVerifierUrl(conf.ProjectID),
 	}, nil
 }
 
@@ -212,7 +212,7 @@ func (c *Client) VerifyOneTimeToken(token string) (*DecodedAppCheckToken, error)
 
 	bodyReader := bytes.NewReader([]byte(fmt.Sprintf(`{"app_check_token":%s}`, token)))
 
-	resp, err := http.Post(c.tokenVerificationUrl, "application/json", bodyReader)
+	resp, err := http.Post(c.tokenVerifierUrl, "application/json", bodyReader)
 
 	if err != nil {
 		return nil, err
@@ -235,6 +235,10 @@ func (c *Client) VerifyOneTimeToken(token string) (*DecodedAppCheckToken, error)
 	return decodedAppCheckToken, nil
 }
 
+func buildTokenVerifierUrl(projectId string) string {
+	return fmt.Sprintf("%s/v1beta/projects/%s:verifyAppCheckToken", tokenVerifierBaseUrl, projectId)
+}
+
 func contains(s []string, str string) bool {
 	for _, v := range s {
 		if v == str {

diff --git a/appcheck/appcheck_test.go b/appcheck/appcheck_test.go
@@ -79,7 +79,7 @@ func TestVerifyOneTimeToken(t *testing.T) {
 				t.Fatalf("error creating new client: %v", err)
 			}
 
-			client.tokenVerificationUrl = appCheckVerifyMockServer.URL
+			client.tokenVerifierUrl = appCheckVerifyMockServer.URL
 
 			_, err = client.VerifyOneTimeToken(token)