Merge pull request #220 from firebase/modular-admin

Update to new modular Admin SDK

Author: egilmorez

.github/workflows/node.yml

@@ -13,7 +13,6 @@ jobs:
     strategy:
       matrix:
         node-version:
-          - 10.x
           - 12.x
     steps:
       - uses: actions/checkout@v1

auth/create_custom_tokens.js

@@ -1,23 +1,23 @@
 'use strict';
-const admin = require('firebase-admin');
+const { initializeApp } = require('firebase-admin/app');
+const { getAuth } = require('firebase-admin/auth');
 
 // Initialize the Admin app with the default appication credentials
 // [START initialize_sdk_with_default_config]
-admin.initializeApp();
+initializeApp();
 // [END initialize_sdk_with_default_config]
 
 // Initialize the Admin app by providing a service accoune key
 // [START initialize_sdk_with_service_account_id]
-admin.initializeApp({
+initializeApp({
   serviceAccountId: 'my-client-id@my-project-id.iam.gserviceaccount.com',
 });
 // [END initialize_sdk_with_service_account_id]
 
 // [START custom_token]
 const uid = 'some-uid';
 
-admin
-  .auth()
+getAuth()
   .createCustomToken(uid)
   .then((customToken) => {
     // Send token back to client
@@ -33,8 +33,7 @@ const additionalClaims = {
   premiumAccount: true,
 };
 
-admin
-  .auth()
+getAuth()
   .createCustomToken(userId, additionalClaims)
   .then((customToken) => {
     // Send token back to client

auth/custom_claims.js

@@ -1,17 +1,18 @@
 'use strict';
-const express = require('express');
+const { initializeApp } = require('firebase-admin/app');
+const { getAuth } = require('firebase-admin/auth');
+const { getDatabase } = require('firebase-admin/database');
+initializeApp();
 
-const admin = require('firebase-admin');
-admin.initializeApp();
+const express = require('express');
 
 const uid = 'firebaseUserId123';
 const idToken = 'some-invalid-token';
 
 // [START set_custom_user_claims]
 // Set admin privilege on the user corresponding to uid.
 
-admin
-  .auth()
+getAuth()
   .setCustomUserClaims(uid, { admin: true })
   .then(() => {
     // The new custom claims will propagate to the user's ID token the
@@ -21,8 +22,7 @@ admin
 
 // [START verify_custom_claims]
 // Verify the ID token first.
-admin
-  .auth()
+getAuth()
   .verifyIdToken(idToken)
   .then((claims) => {
     if (claims.admin === true) {
@@ -33,8 +33,7 @@ admin
 
 // [START read_custom_user_claims]
 // Lookup the user associated with the specified uid.
-admin
-  .auth()
+getAuth()
   .getUser(uid)
   .then((userRecord) => {
     // The claims can be accessed on the user record.
@@ -43,15 +42,14 @@ admin
 // [END read_custom_user_claims]
 
 // [START set_custom_user_claims_script]
-admin
-  .auth()
+getAuth()
   .getUserByEmail('user@admin.example.com')
   .then((user) => {
     // Confirm user is verified.
     if (user.emailVerified) {
       // Add custom claims for additional privileges.
       // This will be picked up by the user on token refresh or next sign in on new device.
-      return admin.auth().setCustomUserClaims(user.uid, {
+      return getAuth().setCustomUserClaims(user.uid, {
         admin: true,
       });
     }
@@ -62,8 +60,7 @@ admin
 // [END set_custom_user_claims_script]
 
 // [START set_custom_user_claims_incremental]
-admin
-  .auth()
+getAuth()
   .getUserByEmail('user@admin.example.com')
   .then((user) => {
     // Add incremental custom claim without overwriting existing claims.
@@ -72,52 +69,14 @@ admin
       // Add level.
       currentCustomClaims['accessLevel'] = 10;
       // Add custom claims for additional privileges.
-      return admin.auth().setCustomUserClaims(user.uid, currentCustomClaims);
+      return getAuth().setCustomUserClaims(user.uid, currentCustomClaims);
     }
   })
   .catch((error) => {
     console.log(error);
   });
 // [END set_custom_user_claims_incremental]
 
-function customClaimsCloudFunction() {
-  // [START auth_custom_claims_cloud_function]
-  const functions = require('firebase-functions');
-
-  const admin = require('firebase-admin');
-  admin.initializeApp();
-
-  // On sign up.
-  exports.processSignUp = functions.auth.user().onCreate(async (user) => {
-    // Check if user meets role criteria.
-    if (
-      user.email &&
-      user.email.endsWith('@admin.example.com') &&
-      user.emailVerified
-    ) {
-      const customClaims = {
-        admin: true,
-        accessLevel: 9
-      };
-
-      try {
-        // Set custom user claims on this newly created user.
-        await admin.auth().setCustomUserClaims(user.uid, customClaims);
-
-        // Update real-time database to notify client to force refresh.
-        const metadataRef = admin.database().ref('metadata/' + user.uid);
-
-        // Set the refresh time to the current UTC timestamp.
-        // This will be captured on the client to force a token refresh.
-        await  metadataRef.set({refreshTime: new Date().getTime()});
-      } catch (error) {
-        console.log(error);
-      }
-    }
-  });
-  // [END auth_custom_claims_cloud_function]
-}
-
 function customClaimsServer() {
   const app = express();
 
@@ -127,7 +86,7 @@ function customClaimsServer() {
     const idToken = req.body.idToken;
 
     // Verify the ID token and decode its payload.
-    const claims = await admin.auth().verifyIdToken(idToken);
+    const claims = await getAuth().verifyIdToken(idToken);
 
     // Verify user is eligible for additional privileges.
     if (
@@ -137,7 +96,7 @@ function customClaimsServer() {
       claims.email.endsWith('@admin.example.com')
     ) {
       // Add custom claims for additional privileges.
-      await admin.auth().setCustomUserClaims(claims.sub, {
+      await getAuth().setCustomUserClaims(claims.sub, {
         admin: true
       });
 

auth/email_action_links.js

@@ -1,6 +1,7 @@
 'use strict';
-const admin = require('firebase-admin');
-admin.initializeApp();
+const { initializeApp } = require('firebase-admin/app');
+const { getAuth } = require('firebase-admin/auth');
+initializeApp();
 
 // [START init_action_code_settings]
 const actionCodeSettings = {
@@ -25,8 +26,7 @@ const actionCodeSettings = {
 // [START password_reset_link]
 // Admin SDK API to generate the password reset link.
 const userEmail = 'user@example.com';
-admin
-  .auth()
+getAuth()
   .generatePasswordResetLink(userEmail, actionCodeSettings)
   .then((link) => {
     // Construct password reset email template, embed the link and send
@@ -41,8 +41,7 @@ admin
 // [START email_verification_link]
 // Admin SDK API to generate the email verification link.
 const useremail = 'user@example.com';
-admin
-  .auth()
+getAuth()
   .generateEmailVerificationLink(useremail, actionCodeSettings)
   .then((link) => {
     // Construct email verification template, embed the link and send
@@ -57,8 +56,7 @@ admin
 // [START sign_in_with_email_link]
 // Admin SDK API to generate the sign in with email link.
 const usremail = 'user@example.com';
-admin
-  .auth()
+getAuth()
   .generateSignInWithEmailLink(usremail, actionCodeSettings)
   .then((link) => {
     // Construct sign-in with email link template, embed the link and

auth/functions/custom_claims.js

@@ -0,0 +1,37 @@
+// [START auth_custom_claims_cloud_function]
+const functions = require('firebase-functions');
+const { initializeApp } = require('firebase-admin/app');
+const { getAuth } = require('firebase-admin/auth');
+const { getDatabase } = require('firebase-admin/database');
+
+initializeApp();
+
+// On sign up.
+exports.processSignUp = functions.auth.user().onCreate(async (user) => {
+  // Check if user meets role criteria.
+  if (
+    user.email &&
+    user.email.endsWith('@admin.example.com') &&
+    user.emailVerified
+  ) {
+    const customClaims = {
+      admin: true,
+      accessLevel: 9
+    };
+
+    try {
+      // Set custom user claims on this newly created user.
+      await getAuth().setCustomUserClaims(user.uid, customClaims);
+
+      // Update real-time database to notify client to force refresh.
+      const metadataRef = getDatabase().ref('metadata/' + user.uid);
+
+      // Set the refresh time to the current UTC timestamp.
+      // This will be captured on the client to force a token refresh.
+      await  metadataRef.set({refreshTime: new Date().getTime()});
+    } catch (error) {
+      console.log(error);
+    }
+  }
+});
+// [END auth_custom_claims_cloud_function]