fix(auth): Removing tenant-aware session cookie APIs (#237)

Author: hiranya911

FirebaseAdmin/FirebaseAdmin.Tests/Auth/AuthBuilder.cs

@@ -77,8 +77,16 @@ private void PopulateArgs(AbstractFirebaseAuth.Args args, TestOptions options)
 
             if (options.SessionCookieVerifier)
             {
-                args.SessionCookieVerifier = new Lazy<FirebaseTokenVerifier>(
-                    this.CreateSessionCookieVerifier());
+                if (args is FirebaseAuth.Args)
+                {
+                    (args as FirebaseAuth.Args).SessionCookieVerifier =
+                        new Lazy<FirebaseTokenVerifier>(this.CreateSessionCookieVerifier());
+                }
+                else
+                {
+                    throw new InvalidOperationException(
+                        $"Session cookie verification not supported on {args.GetType()}");
+                }
             }
         }
 
@@ -116,7 +124,7 @@ private FirebaseTokenVerifier CreateIdTokenVerifier()
         private FirebaseTokenVerifier CreateSessionCookieVerifier()
         {
             return FirebaseTokenVerifier.CreateSessionCookieVerifier(
-                this.ProjectId, this.KeySource, this.Clock, this.TenantId);
+                this.ProjectId, this.KeySource, this.Clock);
         }
     }
 }

FirebaseAdmin/FirebaseAdmin.Tests/Auth/Jwt/SessionCookieVerificationTest.cs

@@ -28,7 +28,7 @@ public class SessionCookieVerificationTest
         public static readonly IEnumerable<object[]> TestConfigs = new List<object[]>()
         {
             new object[] { TestConfig.ForFirebaseAuth() },
-            new object[] { TestConfig.ForTenantAwareFirebaseAuth("test-tenant") },
+            // TODO(hkj): Add tenant-aware tests when the support is available.
         };
 
         private const long ClockSkewSeconds = 5 * 60;
@@ -234,7 +234,7 @@ public async Task InvalidIssuer(TestConfig config)
         [MemberData(nameof(TestConfigs))]
         public async Task IdToken(TestConfig config)
         {
-            var tokenBuilder = JwtTestUtils.IdTokenBuilder(config.TenantId);
+            var tokenBuilder = JwtTestUtils.IdTokenBuilder();
             var idToken = await tokenBuilder.CreateTokenAsync();
             var auth = config.CreateAuth();
 
@@ -330,7 +330,7 @@ public async Task RevokedToken(TestConfig config)
             var expectedMessage = "Firebase session cookie has been revoked.";
             this.CheckException(exception, expectedMessage, AuthErrorCode.RevokedSessionCookie);
             Assert.Equal(1, handler.Calls);
-            JwtTestUtils.AssertRevocationCheckRequest(config.TenantId, handler.Requests[0].Url);
+            JwtTestUtils.AssertRevocationCheckRequest(null, handler.Requests[0].Url);
         }
 
         [Theory]
@@ -354,7 +354,7 @@ public async Task ValidUnrevokedToken(TestConfig config)
 
             Assert.Equal("testuser", decoded.Uid);
             Assert.Equal(1, handler.Calls);
-            JwtTestUtils.AssertRevocationCheckRequest(config.TenantId, handler.Requests[0].Url);
+            JwtTestUtils.AssertRevocationCheckRequest(null, handler.Requests[0].Url);
         }
 
         [Theory]
@@ -380,7 +380,7 @@ public async Task CheckRevokedError(TestConfig config)
             Assert.Null(exception.InnerException);
             Assert.NotNull(exception.HttpResponse);
             Assert.Equal(1, handler.Calls);
-            JwtTestUtils.AssertRevocationCheckRequest(config.TenantId, handler.Requests[0].Url);
+            JwtTestUtils.AssertRevocationCheckRequest(null, handler.Requests[0].Url);
         }
 
         [Theory]
@@ -423,32 +423,25 @@ public class TestConfig
             private readonly AuthBuilder authBuilder;
             private readonly MockTokenBuilder tokenBuilder;
 
-            private TestConfig(string tenantId = null)
+            private TestConfig()
             {
-                this.authBuilder = JwtTestUtils.AuthBuilderForTokenVerification(tenantId);
-                this.tokenBuilder = JwtTestUtils.SessionCookieBuilder(tenantId);
+                this.authBuilder = JwtTestUtils.AuthBuilderForTokenVerification();
+                this.tokenBuilder = JwtTestUtils.SessionCookieBuilder();
             }
 
-            public string TenantId => this.authBuilder.TenantId;
-
             public static TestConfig ForFirebaseAuth()
             {
                 return new TestConfig();
             }
 
-            public static TestConfig ForTenantAwareFirebaseAuth(string tenantId)
-            {
-                return new TestConfig(tenantId);
-            }
-
-            public AbstractFirebaseAuth CreateAuth(HttpMessageHandler handler = null)
+            public FirebaseAuth CreateAuth(HttpMessageHandler handler = null)
             {
                 var options = new TestOptions
                 {
                     UserManagerRequestHandler = handler,
                     SessionCookieVerifier = true,
                 };
-                return this.authBuilder.Build(options);
+                return (FirebaseAuth)this.authBuilder.Build(options);
             }
 
             public async Task<string> CreateSessionCookieAsync(

FirebaseAdmin/FirebaseAdmin.Tests/Auth/Multitenancy/TenantAwareFirebaseAuthTest.cs

@@ -48,7 +48,6 @@ public void UseAfterDelete()
 
             Assert.Throws<InvalidOperationException>(() => auth.TokenFactory);
             Assert.Throws<InvalidOperationException>(() => auth.IdTokenVerifier);
-            Assert.Throws<InvalidOperationException>(() => auth.SessionCookieVerifier);
             Assert.Throws<InvalidOperationException>(() => auth.UserManager);
             Assert.Throws<InvalidOperationException>(() => auth.ProviderConfigManager);
         }
@@ -63,7 +62,6 @@ public void TenantId()
             Assert.Equal(MockTenantId, auth.TenantId);
             Assert.Equal(MockTenantId, auth.TokenFactory.TenantId);
             Assert.Equal(MockTenantId, auth.IdTokenVerifier.TenantId);
-            Assert.Equal(MockTenantId, auth.SessionCookieVerifier.TenantId);
             Assert.Equal(MockTenantId, auth.UserManager.TenantId);
             Assert.Equal(MockTenantId, auth.ProviderConfigManager.TenantId);
         }

FirebaseAdmin/FirebaseAdmin.Tests/Auth/UserRecordTest.cs

@@ -85,6 +85,7 @@ public void AllProperties()
                 CreatedAt = 100,
                 LastLoginAt = 150,
                 CustomClaims = @"{""admin"": true, ""level"": 10}",
+                TenantId = "tenant1",
                 Providers = new List<GetAccountInfoResponse.Provider>()
                 {
                     new GetAccountInfoResponse.Provider()
@@ -121,6 +122,7 @@ public void AllProperties()
                 { "level", 10L },
             };
             Assert.Equal(claims, user.CustomClaims);
+            Assert.Equal("tenant1", user.TenantId);
 
             Assert.Equal(2, user.ProviderData.Length);
             var provider = user.ProviderData[0];