Skip to content

Allow callable functions to skip token verification in debug mode #983

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 39 commits into from
Oct 28, 2021
Merged

Allow callable functions to skip token verification in debug mode #983

merged 39 commits into from
Oct 28, 2021

Conversation

taeold
Copy link
Contributor

@taeold taeold commented Sep 29, 2021
edited
Loading

To replace monkey-patching of the Firebase Functions SDK in the Functions Emulator (code), we provide native support for bypassing token verification for onCall handlers.

Using the new debug mode introduced in #992, Auth/App Check token included in the request will be decoded but no verified.

@google-cla google-cla bot added the cla: yes label Sep 29, 2021
colerogers
colerogers approved these changes Sep 29, 2021
View reviewed changes
Copy link
Contributor

@colerogers colerogers left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm, but I'd hold off merging until you get another set of eyes on it

inlined
inlined reviewed Sep 30, 2021
View reviewed changes
Copy link
Member

@inlined inlined left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Excited!

@taeold taeold changed the title Allow requests from the emulator to bypass token verifications [WIP] Allow requests from the emulator to bypass token verifications Oct 2, 2021
@taeold taeold force-pushed the dl-cf3-emulator-callable branch from 1a51023 to a30b2ab Compare October 14, 2021 23:14
taeold added 23 commits October 18, 2021 15:43
@taeold
Add module to determine whether a debug feature is enabled.
8781162
@taeold
Try to be more clever.
99d1a3b
@taeold
Minor cleanups.
1567bbd
@taeold
Meaningless nits.
77c15c3
@taeold
Prettier.
c0ecb9d
@taeold
Use one env var for feature toggle.
8ab4672
@taeold
Allow reloading debug feature config in env var.
5cb4849
@taeold
Shorten comments.
c4746bf
@taeold
Skip auth token verification if request is from the emulator.
a500177
@taeold
Decode ID Token.
393976e
@taeold
Prettier
eeae9ea
@taeold
Fix import path.
b31ea7e
@taeold
Refactor, apply skip policy to app check.
988a1bf
@taeold
Nits.
9981857
@taeold
Refactor function name for clarity.
a37ece0
@taeold
Add more tests.
107ed68
@taeold
Refactor to reduce code dupes.
63e8319
@taeold
Prefer uid/app_id in token payload if it exists.
9754f58
@taeold
Uninstall jws package.
9951e9b
@taeold
Prettier.
aa4ed8f
@taeold
More fake app ids.
ce7b993
@taeold
Internal instead of hidden.
fc39f8e
@taeold
toString defaults to utf8
b841366
@taeold taeold force-pushed the dl-cf3-emulator-callable branch from 8cb5e1e to 2cc7eb9 Compare October 18, 2021 22:49
@taeold taeold changed the title [WIP] Allow requests from the emulator to bypass token verifications Allow callable functions to skip token verification in debug mode Oct 18, 2021
@taeold taeold requested a review from inlined October 18, 2021 23:09
inlined
inlined approved these changes Oct 18, 2021
View reviewed changes
Copy link
Member

@inlined inlined left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Minor questions; still LGTM. Feedback I should have given last time though: I'm not sure if the debug flag should be about "callable" functions or just a flag to disable token checks. I feel like we'd want to disable token verification everywhere if we do it anywhere (not that I have another case in mind yet)

src/common/providers/https.ts
*
* Do not use in production. Token should always be verified using the Admin SDK.
*
* This is exposed only for testing.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

And for debug mode/emulator, right?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think the comment is correct - this function will only be called internally. It will be executed in debug mode but will never be invoked directly.

@taeold taeold merged commit 9c2142b into master Oct 28, 2021
@taeold taeold deleted the dl-cf3-emulator-callable branch October 28, 2021 06:29
@taeold taeold mentioned this pull request Oct 28, 2021
Merged
taeold added a commit to firebase/firebase-tools that referenced this pull request Oct 29, 2021
@taeold
Enable Functions SDK debug mode. (#3873)
56b6096 
Functions SDK now includes a debug mode that can be enabled via environment variables to operate in ways that's useful during development. See firebase/firebase-functions#983 for an example.

We will turn on Debug Mode and enable `skipTokenVerification` feature on the Functions Emulator. This means that callable functions will decode but not verify the signature of Auth and App Check tokens which is more or less what the monkey-patching of Firebase Functions SDK achieves. For some function triggers, we will now rely on the debug mode instead of the monkey patching to bypass the token verification.
devpeerapong pushed a commit to devpeerapong/firebase-tools that referenced this pull request Dec 14, 2021
@taeold @devpeerapong
Enable Functions SDK debug mode. (firebase#3873)
3d746d6 
Functions SDK now includes a debug mode that can be enabled via environment variables to operate in ways that's useful during development. See firebase/firebase-functions#983 for an example.

We will turn on Debug Mode and enable `skipTokenVerification` feature on the Functions Emulator. This means that callable functions will decode but not verify the signature of Auth and App Check tokens which is more or less what the monkey-patching of Firebase Functions SDK achieves. For some function triggers, we will now rely on the debug mode instead of the monkey patching to bypass the token verification.
kroikie pushed a commit to firebase/firebase-tools that referenced this pull request Mar 4, 2022
@taeold @kroikie
Enable Functions SDK debug mode. (#3873)
13d0400 
Functions SDK now includes a debug mode that can be enabled via environment variables to operate in ways that's useful during development. See firebase/firebase-functions#983 for an example.

We will turn on Debug Mode and enable `skipTokenVerification` feature on the Functions Emulator. This means that callable functions will decode but not verify the signature of Auth and App Check tokens which is more or less what the monkey-patching of Firebase Functions SDK achieves. For some function triggers, we will now rely on the debug mode instead of the monkey patching to bypass the token verification.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@inlined inlined inlined approved these changes

@colerogers colerogers colerogers approved these changes

Assignees
No one assigned
Labels
cla: yes
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@taeold @inlined @colerogers