Issue-26 - Accept Explicit Project Id.

README.md

@@ -34,4 +34,33 @@ let user = auth_admin.get_user(
 println!("User id: {}", user.uid);
 ```
 
+# Example with an explicit project ID
+Use `App::live_with_project_id` when your Firebase project differs from the GCP project in
+`GOOGLE_CLOUD_PROJECT` — for example when identity management runs in a separate project from
+Cloud Storage and other infrastructure services.
+
+```rust
+use rs_firebase_admin_sdk::{
+    auth::{FirebaseAuthService, UserIdentifiers},
+    client::ApiHttpClient,
+    App,
+};
+
+// Supply the Firebase project ID directly instead of reading GOOGLE_CLOUD_PROJECT
+let live_app = App::live_with_project_id("my-firebase-project-id").await.unwrap();
+
+let auth_admin = live_app.auth();
+
+let user = auth_admin.get_user(
+    UserIdentifiers::builder()
+        .with_email("me@email.com".into())
+        .build()
+)
+.await
+.expect("Error while fetching user")
+.expect("User does not exist");
+
+println!("User id: {}", user.uid);
+```
+
 For more examples please see https://github.com/expl/rs-firebase-admin-sdk/tree/main/examples

lib/src/lib.rs

@@ -52,6 +52,24 @@ impl App<EmulatorCredentials> {
 }
 
 impl App<AccessTokenCredentials> {
+    /// Create instance of Firebase app for live project with an explicit project ID,
+    /// bypassing environment variable and credential header resolution.
+    pub async fn live_with_project_id(
+        project_id: &str,
+    ) -> Result<Self, Report<GCPCredentialsError>> {
+        let credentials: Credentials = Builder::default()
+            .with_scopes(FIREBASE_AUTH_SCOPES)
+            .build_access_token_credentials()
+            .change_context(GCPCredentialsError)?
+            .into();
+
+        Ok(Self {
+            credentials,
+            project_id: project_id.to_string(),
+            _credentials_provider: PhantomData,
+        })
+    }
+
     /// Create instance of Firebase app for live project
     pub async fn live() -> Result<Self, Report<GCPCredentialsError>> {
         let credentials: Credentials = Builder::default()
@@ -83,9 +101,7 @@ impl App<AccessTokenCredentials> {
     pub async fn id_token_verifier(
         &self,
     ) -> Result<impl jwt::TokenValidator, Report<credentials::GCPCredentialsError>> {
-        let project_id = credentials::get_project_id(&self.credentials).await?;
-
-        jwt::LiveValidator::new_jwt_validator(project_id)
+        jwt::LiveValidator::new_jwt_validator(self.project_id.clone())
             .change_context(credentials::GCPCredentialsError)
     }
 
@@ -94,9 +110,7 @@ impl App<AccessTokenCredentials> {
     pub async fn cookie_token_verifier(
         &self,
     ) -> Result<impl jwt::TokenValidator, Report<credentials::GCPCredentialsError>> {
-        let project_id = credentials::get_project_id(&self.credentials).await?;
-
-        jwt::LiveValidator::new_cookie_validator(project_id)
+        jwt::LiveValidator::new_cookie_validator(self.project_id.clone())
             .change_context(credentials::GCPCredentialsError)
     }
 }