Skip to content

Add firebase auth destroy check before tenant operations. #386

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Apr 4, 2020
Merged

Add firebase auth destroy check before tenant operations. #386

merged 3 commits into from
Apr 4, 2020

Conversation

micahstairs
Copy link
Contributor

This is part of the initiative to adding multi-tenancy support (see issue #332).

hiranya911
hiranya911 suggested changes Apr 1, 2020
View reviewed changes
Copy link
Contributor

@hiranya911 hiranya911 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we should try to manage this within TenantManager it self. Here's what I'd suggest:

  1. Add a destroy() method to the TenantManager class.
  2. Call it from FirebaseAuth.destroy().
  3. Handle the checkNotDestroyed() check entirely within the TenantManager class.

I think that results in a cleaner flow of control, without AbstractFirebaseAuth leaking into TenantManager. WDYT?

@hiranya911 hiranya911 assigned micahstairs and unassigned hiranya911 Apr 1, 2020
@micahstairs
Copy link
Contributor Author

I think we should try to manage this within TenantManager it self. Here's what I'd suggest:

  1. Add a destroy() method to the TenantManager class.
  2. Call it from FirebaseAuth.destroy().
  3. Handle the checkNotDestroyed() check entirely within the TenantManager class.

I think that results in a cleaner flow of control, without AbstractFirebaseAuth leaking into TenantManager. WDYT?

By #3, I assume you mean "Call it from FirebaseAuth.destroy()".

I like the idea of not leaking the firebase auth into TenantManager, however, it's not straightforward to call TenantManager.destroy() method from FirebaseAuth.destroy(), is it? I would need to override AbstractFirebaseAuth.destroy()'s method in FirebaseAuth. I believe overriding this would require me to expose the lock that it is used to synchronize on.

@micahstairs
Copy link
Contributor Author

It's worth noting that I'm currently working on implementing TenantAwareFirebaseAuth, so perhaps that will shape our decision here.

@micahstairs micahstairs assigned hiranya911 and unassigned micahstairs Apr 1, 2020
@hiranya911
Copy link
Contributor

hiranya911 commented Apr 1, 2020
edited
Loading

You can do something like the following in AbstractFirebaseAuth:

protected abstract void doDestroy();

void destroy() {
   // Call doDestroy() while holding the lock
}

Now FirebaseAuth can implement doDestroy() to implement any child-specific cleanup logic.

Basically, pass control in one direction: AbstractFirebaseAuth --> FirebaseAuth --> TenantManager and never in both directions.

@hiranya911 hiranya911 assigned micahstairs and unassigned hiranya911 Apr 1, 2020
@micahstairs
Copy link
Contributor Author

You can do something like the following in AbstractFirebaseAuth:

protected abstract void doDestroy();

void destroy() {
   // Call doDestroy() while holding the lock
}

Now FirebaseAuth can implement doDestroy() to implement any child-specific cleanup logic.

Basically, pass control in one direction: AbstractFirebaseAuth --> FirebaseAuth --> TenantManager and never in both directions.

Okay, this makes sense, but there's an issue. The TenantManager is lazily instantiated since it's a supplier. So if I call getTaskManager().destroy() and it hasn't been instantiated yet, then we end up invoking the destroyed app. The workaround (which I've pushed) isn't particularly elegant.

tenantManager = threadSafeMemoize(new Supplier<TenantManager>() {                               
      @Override                                                                                     
      public TenantManager get() {                                                                  
        return new TenantManager(builder.firebaseApp, getUserManager());                            
      }                                                                                             
});

@micahstairs micahstairs assigned hiranya911 and unassigned micahstairs Apr 1, 2020
hiranya911
hiranya911 suggested changes Apr 1, 2020
View reviewed changes
Copy link
Contributor

@hiranya911 hiranya911 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @micahstairs. Couple of suggestions on how to improve things a bit.

@hiranya911 hiranya911 assigned micahstairs and unassigned hiranya911 Apr 1, 2020
@micahstairs micahstairs assigned hiranya911 and unassigned micahstairs Apr 3, 2020
hiranya911
hiranya911 approved these changes Apr 3, 2020
View reviewed changes
Copy link
Contributor

@hiranya911 hiranya911 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 👍

@hiranya911 hiranya911 removed their assignment Apr 3, 2020
@micahstairs micahstairs merged commit 0a09db1 into tenant-mgt Apr 4, 2020
@micahstairs micahstairs deleted the micahstairs-check-destroy branch April 4, 2020 01:14
hiranya911 pushed a commit that referenced this pull request Jul 16, 2020
@micahstairs
feat(auth): Add tenant operations, tenant-aware user operations, and …
0a0662e 
…provider config operations (#395)

* Pull parts of FirebaseAuth into an abstract class. (#352)

This moves parts of FirebaseAuth into an abstract class as part of adding multi-tenancy support.

* Add Tenant class and its create and update request classes. (#344)

This pull request adds the Tenant class (including it's create/update inner classes) as part of adding multi-tenancy support.

* Add ListTenantsPage class. (#358)

Add ListTenantsPage and some supporting code as part of adding multi-tenancy support. This code was very largely based off of ListUsersPage and ListUsersPageTest.

* Add updateRequest method to Tenant class and add unit tests. (#361)

Added some things to the Tenant class and added a few unit tests. This is part of the initiative to adding multi-tenancy support (see issue #332).

* Create TenantManager class and wire through listTenants operation. (#369)

Add the TenantManager class and wire through the listTenants operation. Also add unit tests to FirebaseUserManagerTest.

* Add deleteTenant operation to TenantManager. (#372)

This adds deleteTenant to the TenantManager class. I've added the relevant unit tests to FirebaseUserManagerTest. This is part of the initiative to adding multi-tenancy support (see issue #332).

* Add getTenant operation to TenantManager. (#371)

Added getTenant to the TenantManager class. Also added the relevant unit tests to FirebaseUserManagerTest. This is part of the initiative to adding multi-tenancy support (see issue #332).

* Add createTenant and updateTenant operations. (#377)

Added createTenant and updateTenant to the TenantManager class. Also added the relevant unit tests to FirebaseUserManagerTest. This is part of the initiative to adding multi-tenancy support (see issue #332).

* Add integration tests for TenantManager operations. (#385)

This adds some integration testing for all of the tenant operations in TenantManager. Several bugs were uncovered after running the tests, so these have been fixed. This is part of the initiative to adding multi-tenancy support (see issue #332).

* Add firebase auth destroy check before tenant operations. (#386)

This addresses some TODOs left as part of the initiative to add multi-tenancy support (see issue #332).

* Make user operations tenant-aware. (#387)

This makes user operations tenant-aware. I've added some integration tests to ensure that this is working correctly. This is part of the initiative to adding multi-tenancy support (see issue #332).

* Remove unused AutoValue dependency. (#392)

Remove unused AutoValue dependency (and remove Java 8 API dependency which was accidentally introduced).

* Indicate how to get set up for the multitenancy integration tests. (#393)

This documentation is based off of the instructions in https://github.com/firebase/firebase-admin-node/blob/master/CONTRIBUTING.md.

* Add tenant-aware token generation and verification. (#391)

This incorporates the tenant ID into the token generation and validation when using a tenant-aware client. This is part of the initiative to add multi-tenancy support (see issue #332).

* Fix javadoc comment.

* Trigger CI

* Make several Op methods private.

* Move createSessionCookie and verifySessionCookie back to FirebaseAuth.

* Make verifySessionCookieOp private.

* Fix a few javadoc comments.

* Address Kevin's feedback.

* Make TenantAwareFirebaseAuth final.

* chore: Merging master into tenant-mgt (#422)

* Fixed a bad merge

* Add provider config management operations. (#433)

Adds all of the OIDC and SAML provider config operations, related to adding multi-tenancy support.

* Stop using deprecated MockHttpTransport.builder() method.

* Moved tenant management code into a new package (#449)

* Multi-tenancy refactor experiment

* fix(auth): Completed tenant mgt refactor

* Added license header to new class

* Responding to code review comments: Consolidated error codes in AuthHttpClient

* Improve unit test coverage of tenant/provider-related code (#453)

I've improved the unit test coverage of tenant/provider-related code, and I've also removed a number of unused imports.

* Fix integration tests.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lahirumaramba lahirumaramba lahirumaramba approved these changes

@hiranya911 hiranya911 hiranya911 approved these changes

Assignees

@micahstairs micahstairs

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@micahstairs @hiranya911 @lahirumaramba