CHANGELOG.md

@@ -1,4 +1,2 @@
-- Allow Functions to specify vpcConnector as a string parameter (#1329)
-- Upgrade jsonwebtoken to version 9 (#1336)
-- Adds 'eventarcpublishing' as required API to custom event function
-- Hide type information of defineFloat in params module - it's not supported yet (#1341)
+- Fixes an emulator issue where snapshot.ref could not point to multiple databases (#1339).
+- Fixes emulated v1 callable functions that use a monorepo setup (#1345).

package.json

@@ -1,6 +1,6 @@
 {
   "name": "firebase-functions",
-  "version": "4.2.0",
+  "version": "4.2.1",
   "description": "Firebase SDK for Cloud Functions",
   "keywords": [
     "firebase",

spec/fixtures/mockrequest.ts

@@ -28,7 +28,8 @@ export function mockRequest(
     authorization?: string;
     instanceIdToken?: string;
     appCheckToken?: string;
-  } = {}
+  } = {},
+  reqHeaders?: Record<string, string>,
 ) {
   const body: any = {};
   if (typeof data !== 'undefined') {
@@ -41,6 +42,7 @@ export function mockRequest(
     'firebase-instance-id-token': context.instanceIdToken,
     'x-firebase-appcheck': context.appCheckToken,
     origin: 'example.com',
+    ...reqHeaders,
   };
 
   return new MockRequest(body, headers);

spec/v1/providers/https.spec.ts

@@ -24,9 +24,17 @@ import { expect } from "chai";
 
 import * as functions from "../../../src/v1";
 import * as https from "../../../src/v1/providers/https";
-import { expectedResponseHeaders, MockRequest } from "../../fixtures/mockrequest";
+import * as debug from "../../../src/common/debug";
+import * as sinon from "sinon";
+import {
+  expectedResponseHeaders,
+  generateUnsignedIdToken,
+  MockRequest,
+  mockRequest,
+} from "../../fixtures/mockrequest";
 import { runHandler } from "../../helper";
 import { MINIMAL_V1_ENDPOINT } from "../../fixtures";
+import { CALLABLE_AUTH_HEADER, ORIGINAL_AUTH_HEADER } from "../../../src/common/providers/https";
 
 describe("CloudHttpsBuilder", () => {
   describe("#onRequest", () => {
@@ -66,6 +74,10 @@ describe("CloudHttpsBuilder", () => {
 });
 
 describe("#onCall", () => {
+  afterEach(() => {
+    sinon.verifyAndRestore();
+  });
+
   it("should return a trigger/endpoint with appropriate values", () => {
     const result = https.onCall(() => {
       return "response";
@@ -139,6 +151,45 @@ describe("#onCall", () => {
     expect(response.status).to.equal(200);
     expect(gotData).to.deep.equal({ foo: "bar" });
   });
+
+  // Test for firebase-tools#5210
+  it("should create context.auth for v1 emulated functions", async () => {
+    sinon.stub(debug, "isDebugFeatureEnabled").withArgs("skipTokenVerification").returns(true);
+
+    let gotData: Record<string, any>;
+    let gotContext: Record<string, any>;
+    const reqData = { hello: "world" };
+    const authContext = {
+      uid: "SomeUID",
+      token: {
+        aud: "123456",
+        sub: "SomeUID",
+        uid: "SomeUID",
+      },
+    };
+    const originalAuth = "Bearer " + generateUnsignedIdToken("123456");
+    const func = https.onCall((data, context) => {
+      gotData = data;
+      gotContext = context;
+    });
+    const mockReq = mockRequest(
+      reqData,
+      "application/json",
+      {},
+      {
+        [CALLABLE_AUTH_HEADER]: encodeURIComponent(JSON.stringify(authContext)),
+        [ORIGINAL_AUTH_HEADER]: originalAuth,
+      }
+    );
+
+    const response = await runHandler(func, mockReq as any);
+
+    expect(response.status).to.equal(200);
+    expect(gotData).to.deep.eq(reqData);
+    expect(gotContext.rawRequest).to.deep.eq(mockReq);
+    expect(gotContext.rawRequest.headers["authorization"]).to.eq(originalAuth);
+    expect(gotContext.auth).to.deep.eq(authContext);
+  });
 });
 
 describe("callable CORS", () => {

src/common/providers/database.ts

@@ -50,10 +50,7 @@ export class DataSnapshot implements database.DataSnapshot {
     instance?: string
   ) {
     const config = firebaseConfig();
-    if (app?.options?.databaseURL?.startsWith("http:")) {
-      // In this case we're dealing with an emulator
-      this.instance = app.options.databaseURL;
-    } else if (instance) {
+    if (instance) {
       // SDK always supplies instance, but user's unit tests may not
       this.instance = instance;
     } else if (app) {

src/common/providers/https.ts

@@ -36,6 +36,11 @@ import { TaskContext } from "./tasks";
 
 const JWT_REGEX = /^[a-zA-Z0-9\-_=]+?\.[a-zA-Z0-9\-_=]+?\.([a-zA-Z0-9\-_=]+)?$/;
 
+/** @internal */
+export const CALLABLE_AUTH_HEADER = "x-callable-context-auth";
+/** @internal */
+export const ORIGINAL_AUTH_HEADER = "x-original-auth";
+
 /** An express request with the wire format representation of the request body. */
 export interface Request extends express.Request {
   /** The wire format representation of the request body. */
@@ -661,6 +666,32 @@ function wrapOnCallHandler<Req = any, Res = any>(
       }
 
       const context: CallableContext = { rawRequest: req };
+
+      // TODO(colerogers): yank this when we release a breaking change of the CLI that removes
+      // our monkey-patching code referenced below and increases the minimum supported SDK version.
+      //
+      // Note: This code is needed to fix v1 callable functions in the emulator with a monorepo setup.
+      // The original monkey-patched code lived in the functionsEmulatorRuntime
+      // (link: https://github.com/firebase/firebase-tools/blob/accea7abda3cc9fa6bb91368e4895faf95281c60/src/emulator/functionsEmulatorRuntime.ts#L480)
+      // and was not compatible with how monorepos separate out packages (see https://github.com/firebase/firebase-tools/issues/5210).
+      if (isDebugFeatureEnabled("skipTokenVerification") && handler.length === 2) {
+        const authContext = context.rawRequest.header(CALLABLE_AUTH_HEADER);
+        if (authContext) {
+          logger.debug("Callable functions auth override", {
+            key: CALLABLE_AUTH_HEADER,
+            value: authContext,
+          });
+          context.auth = JSON.parse(decodeURIComponent(authContext));
+          delete context.rawRequest.headers[CALLABLE_AUTH_HEADER];
+        }
+
+        const originalAuth = context.rawRequest.header(ORIGINAL_AUTH_HEADER);
+        if (originalAuth) {
+          context.rawRequest.headers["authorization"] = originalAuth;
+          delete context.rawRequest.headers[ORIGINAL_AUTH_HEADER];
+        }
+      }
+
       const tokenStatus = await checkTokens(req, context);
       if (tokenStatus.auth === "INVALID") {
         throw new HttpsError("unauthenticated", "Unauthenticated");

src/v1/providers/testLab.ts

@@ -221,7 +221,7 @@ export class ResultStorage {
  * - `USE_DESTINATION_ARTIFACTS`: One or more of the test targets defined in the
  *   .xctestrun file specifies "UseDestinationArtifacts", which is disallowed.
  *
- * - `TEST_NON_APP_HOSTED`: XC tests which run on physical devices must have
+ * - `TEST_NOT_APP_HOSTED`: XC tests which run on physical devices must have
  *   "IsAppHostedTestBundle" == "true" in the xctestrun file.
  *
  * - `PLIST_CANNOT_BE_PARSED`: An Info.plist file in the XCTest zip could not be

src/v2/providers/database.ts

@@ -465,7 +465,7 @@ export function onChangedOperation<Ref extends string>(
   // wrap the handler
   const func = (raw: CloudEvent<unknown>) => {
     const event = raw as RawRTDBCloudEvent;
-    const instanceUrl = `https://${event.instance}.${event.firebasedatabasehost}`;
+    const instanceUrl = getInstance(event);
     const params = makeParams(event, pathPattern, instancePattern) as unknown as ParamsOf<Ref>;
     const databaseEvent = makeChangedDatabaseEvent(event, instanceUrl, params);
     return wrapTraceContext(handler)(databaseEvent);
@@ -492,7 +492,7 @@ export function onOperation<Ref extends string>(
   // wrap the handler
   const func = (raw: CloudEvent<unknown>) => {
     const event = raw as RawRTDBCloudEvent;
-    const instanceUrl = `https://${event.instance}.${event.firebasedatabasehost}`;
+    const instanceUrl = getInstance(event);
     const params = makeParams(event, pathPattern, instancePattern) as unknown as ParamsOf<Ref>;
     const data = eventType === deletedEventType ? event.data.data : event.data.delta;
     const databaseEvent = makeDatabaseEvent(event, data, instanceUrl, params);
@@ -505,3 +505,10 @@ export function onOperation<Ref extends string>(
 
   return func;
 }
+
+function getInstance(event: RawRTDBCloudEvent) {
+  const emuHost = process.env.FIREBASE_DATABASE_EMULATOR_HOST;
+  return emuHost
+    ? `http://${emuHost}/?ns=${event.instance}`
+    : `https://${event.instance}.${event.firebasedatabasehost}`;
+}