Skip to content

Commit 2cc7eb9

Browse files
taeoldtaeold
committed
Make it more clear that skipping token verification is unsafe.
1 parent 2ef950d commit 2cc7eb9

File tree

2 files changed

+14
-10
lines changed

2 files changed

+14
-10
lines changed

spec/common/providers/https.spec.ts

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -20,8 +20,8 @@ import {
2020
import {
2121
CallableContext,
2222
CallableRequest,
23-
decodeAppCheckToken,
24-
decodeIdToken,
23+
unsafeDecodeAppCheckToken,
24+
unsafeDecodeIdToken,
2525
} from '../../../src/common/providers/https';
2626

2727
/**
@@ -759,13 +759,13 @@ describe('encoding/decoding', () => {
759759

760760
describe('decode tokens', () => {
761761
it('decodes valid Auth ID Token', () => {
762-
const idToken = decodeIdToken(generateIdToken('aProject'));
762+
const idToken = unsafeDecodeIdToken(generateIdToken('aProject'));
763763
expect(idToken.uid).to.equal(mocks.user_id);
764764
expect(idToken.sub).to.equal(mocks.user_id);
765765
});
766766

767767
it('decodes valid App Check Token', () => {
768-
const idToken = decodeAppCheckToken(generateIdToken('aProject'));
768+
const idToken = unsafeDecodeAppCheckToken(generateIdToken('aProject'));
769769
expect(idToken.app_id).to.equal(mocks.user_id);
770770
expect(idToken.sub).to.equal(mocks.user_id);
771771
});

src/common/providers/https.ts

Lines changed: 10 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -524,24 +524,28 @@ function decodeToken(token: string): unknown {
524524
}
525525

526526
/**
527-
* Decodes Auth ID token.
527+
* Decode, but not verify, a Auth ID token.
528+
*
529+
* Do not use in production. Token should always be verified using the Admin SDK.
528530
*
529531
* This is exposed only for testing.
530532
*/
531533
/** @internal */
532-
export function decodeIdToken(token: string): firebase.auth.DecodedIdToken {
534+
export function unsafeDecodeIdToken(token: string): firebase.auth.DecodedIdToken {
533535
const decoded = decodeToken(token) as firebase.auth.DecodedIdToken;
534536
decoded.uid = decoded.sub;
535537
return decoded;
536538
}
537539

538540
/**
539-
* Decodes App Check token.
541+
* Decode, but not verify, an App Check token.
542+
*
543+
* Do not use in production. Token should always be verified using the Admin SDK.
540544
*
541545
* This is exposed only for testing.
542546
*/
543547
/** @internal */
544-
export function decodeAppCheckToken(token: string): DecodedAppCheckToken {
548+
export function unsafeDecodeAppCheckToken(token: string): DecodedAppCheckToken {
545549
const decoded = decodeToken(token) as DecodedAppCheckToken;
546550
decoded.app_id = decoded.sub;
547551
return decoded;
@@ -578,7 +582,7 @@ async function checkTokens(
578582
}
579583
let appCheckData;
580584
if (skipTokenCheck) {
581-
const decodedToken = decodeAppCheckToken(appCheck);
585+
const decodedToken = unsafeDecodeAppCheckToken(appCheck);
582586
appCheckData = { appId: decodedToken.app_id, token: decodedToken };
583587
} else {
584588
appCheckData = await apps()
@@ -604,7 +608,7 @@ async function checkTokens(
604608
try {
605609
let authToken: firebase.auth.DecodedIdToken;
606610
if (skipTokenCheck) {
607-
authToken = decodeIdToken(idToken);
611+
authToken = unsafeDecodeIdToken(idToken);
608612
} else {
609613
authToken = await apps()
610614
.admin.auth()

0 commit comments

Comments
 (0)