Skip to content

Commit f2c7f78

Browse files
LyokoneLyokone
committed
format
1 parent cc7f12d commit f2c7f78

File tree

2 files changed

+50
-81
lines changed

2 files changed

+50
-81
lines changed

lib/src/https/auth.dart

Lines changed: 22 additions & 27 deletions
Original file line numberDiff line numberDiff line change
@@ -23,10 +23,7 @@ enum TokenStatus {
2323

2424
/// Result of checking auth and app check tokens.
2525
class TokenVerificationResult {
26-
const TokenVerificationResult({
27-
required this.auth,
28-
required this.app,
29-
});
26+
const TokenVerificationResult({required this.auth, required this.app});
3027

3128
final TokenStatus auth;
3229
final TokenStatus app;
@@ -46,7 +43,9 @@ JsonWebKeyStore? _cachedKeyStore;
4643
DateTime? _keysExpireAt;
4744

4845
/// Regular expression for validating JWT format.
49-
final _jwtRegex = RegExp(r'^[a-zA-Z0-9\-_]+\.[a-zA-Z0-9\-_]+\.[a-zA-Z0-9\-_]+$');
46+
final _jwtRegex = RegExp(
47+
r'^[a-zA-Z0-9\-_]+\.[a-zA-Z0-9\-_]+\.[a-zA-Z0-9\-_]+$',
48+
);
5049

5150
/// HTTP client for fetching keys (can be replaced for testing).
5251
http.Client? _httpClient;
@@ -79,8 +78,10 @@ Future<(TokenStatus, AuthData?)> extractAuthToken(
7978
}
8079

8180
// Parse "Bearer <token>" format
82-
final match = RegExp(r'^Bearer\s+(.*)$', caseSensitive: false)
83-
.firstMatch(authorization);
81+
final match = RegExp(
82+
r'^Bearer\s+(.*)$',
83+
caseSensitive: false,
84+
).firstMatch(authorization);
8485
if (match == null) {
8586
return (TokenStatus.invalid, null);
8687
}
@@ -98,7 +99,8 @@ Future<(TokenStatus, AuthData?)> extractAuthToken(
9899
decodedToken = await _verifyIdToken(idToken);
99100
}
100101

101-
final uid = decodedToken['uid'] as String? ??
102+
final uid =
103+
decodedToken['uid'] as String? ??
102104
decodedToken['sub'] as String? ??
103105
decodedToken['user_id'] as String?;
104106

@@ -108,11 +110,7 @@ Future<(TokenStatus, AuthData?)> extractAuthToken(
108110

109111
return (
110112
TokenStatus.valid,
111-
AuthData(
112-
uid: uid,
113-
token: decodedToken,
114-
rawToken: idToken,
115-
),
113+
AuthData(uid: uid, token: decodedToken, rawToken: idToken),
116114
);
117115
} catch (e) {
118116
return (TokenStatus.invalid, null);
@@ -148,19 +146,16 @@ Future<(TokenStatus, AppCheckData?)> extractAppCheckToken(
148146
decodedToken = _unsafeDecodeAppCheckToken(appCheckToken);
149147
}
150148

151-
final appId = decodedToken['app_id'] as String? ??
152-
decodedToken['sub'] as String?;
149+
final appId =
150+
decodedToken['app_id'] as String? ?? decodedToken['sub'] as String?;
153151

154152
if (appId == null || appId.isEmpty) {
155153
return (TokenStatus.invalid, null);
156154
}
157155

158156
return (
159157
TokenStatus.valid,
160-
AppCheckData(
161-
appId: appId,
162-
token: appCheckToken,
163-
),
158+
AppCheckData(appId: appId, token: appCheckToken),
164159
);
165160
} catch (e) {
166161
return (TokenStatus.invalid, null);
@@ -170,14 +165,14 @@ Future<(TokenStatus, AppCheckData?)> extractAppCheckToken(
170165
/// Checks both auth and app check tokens on a request.
171166
///
172167
/// Returns a record containing the verification result and extracted data.
173-
Future<({
174-
TokenVerificationResult result,
175-
AuthData? authData,
176-
AppCheckData? appCheckData,
177-
})> checkTokens(
178-
Request request, {
179-
required bool skipTokenVerification,
180-
}) async {
168+
Future<
169+
({
170+
TokenVerificationResult result,
171+
AuthData? authData,
172+
AppCheckData? appCheckData,
173+
})
174+
>
175+
checkTokens(Request request, {required bool skipTokenVerification}) async {
181176
final (authStatus, authData) = await extractAuthToken(
182177
request,
183178
skipTokenVerification: skipTokenVerification,

test/unit/https_auth_test.dart

Lines changed: 28 additions & 54 deletions
Original file line numberDiff line numberDiff line change
@@ -23,26 +23,26 @@ void main() {
2323
expect(auth, isNull);
2424
});
2525

26-
test('returns invalid when Authorization header is not Bearer format',
27-
() async {
28-
final request = _createRequest(
29-
headers: {'authorization': 'Basic abc123'},
30-
);
31-
32-
final (status, auth) = await extractAuthToken(
33-
request,
34-
skipTokenVerification: true,
35-
);
36-
37-
expect(status, TokenStatus.invalid);
38-
expect(auth, isNull);
39-
});
26+
test(
27+
'returns invalid when Authorization header is not Bearer format',
28+
() async {
29+
final request = _createRequest(
30+
headers: {'authorization': 'Basic abc123'},
31+
);
32+
33+
final (status, auth) = await extractAuthToken(
34+
request,
35+
skipTokenVerification: true,
36+
);
37+
38+
expect(status, TokenStatus.invalid);
39+
expect(auth, isNull);
40+
},
41+
);
4042

4143
test('returns invalid when token has no uid/sub claim', () async {
4244
final jwt = _createJwt({'email': 'test@example.com'});
43-
final request = _createRequest(
44-
headers: {'authorization': 'Bearer $jwt'},
45-
);
45+
final request = _createRequest(headers: {'authorization': 'Bearer $jwt'});
4646

4747
final (status, auth) = await extractAuthToken(
4848
request,
@@ -59,9 +59,7 @@ void main() {
5959
'email': 'test@example.com',
6060
'custom_claim': 'value',
6161
});
62-
final request = _createRequest(
63-
headers: {'authorization': 'Bearer $jwt'},
64-
);
62+
final request = _createRequest(headers: {'authorization': 'Bearer $jwt'});
6563

6664
final (status, auth) = await extractAuthToken(
6765
request,
@@ -78,9 +76,7 @@ void main() {
7876

7977
test('extracts uid from user_id claim as fallback', () async {
8078
final jwt = _createJwt({'user_id': 'user456'});
81-
final request = _createRequest(
82-
headers: {'authorization': 'Bearer $jwt'},
83-
);
79+
final request = _createRequest(headers: {'authorization': 'Bearer $jwt'});
8480

8581
final (status, auth) = await extractAuthToken(
8682
request,
@@ -93,9 +89,7 @@ void main() {
9389

9490
test('handles case-insensitive Bearer prefix', () async {
9591
final jwt = _createJwt({'sub': 'user123'});
96-
final request = _createRequest(
97-
headers: {'authorization': 'bearer $jwt'},
98-
);
92+
final request = _createRequest(headers: {'authorization': 'bearer $jwt'});
9993

10094
final (status, auth) = await extractAuthToken(
10195
request,
@@ -122,9 +116,7 @@ void main() {
122116

123117
test('returns invalid for JWT with empty payload', () async {
124118
final jwt = _createJwt({});
125-
final request = _createRequest(
126-
headers: {'authorization': 'Bearer $jwt'},
127-
);
119+
final request = _createRequest(headers: {'authorization': 'Bearer $jwt'});
128120

129121
final (status, auth) = await extractAuthToken(
130122
request,
@@ -151,9 +143,7 @@ void main() {
151143

152144
test('returns invalid when token has no sub claim', () async {
153145
final jwt = _createJwt({'other': 'value'});
154-
final request = _createRequest(
155-
headers: {'x-firebase-appcheck': jwt},
156-
);
146+
final request = _createRequest(headers: {'x-firebase-appcheck': jwt});
157147

158148
final (status, appCheck) = await extractAppCheckToken(
159149
request,
@@ -166,9 +156,7 @@ void main() {
166156

167157
test('returns valid with AppCheckData for valid token', () async {
168158
final jwt = _createJwt({'sub': 'app123'});
169-
final request = _createRequest(
170-
headers: {'x-firebase-appcheck': jwt},
171-
);
159+
final request = _createRequest(headers: {'x-firebase-appcheck': jwt});
172160

173161
final (status, appCheck) = await extractAppCheckToken(
174162
request,
@@ -183,9 +171,7 @@ void main() {
183171

184172
test('extracts app_id from explicit claim', () async {
185173
final jwt = _createJwt({'sub': 'sub-value', 'app_id': 'explicit-app-id'});
186-
final request = _createRequest(
187-
headers: {'x-firebase-appcheck': jwt},
188-
);
174+
final request = _createRequest(headers: {'x-firebase-appcheck': jwt});
189175

190176
final (status, appCheck) = await extractAppCheckToken(
191177
request,
@@ -208,10 +194,7 @@ void main() {
208194
},
209195
);
210196

211-
final result = await checkTokens(
212-
request,
213-
skipTokenVerification: true,
214-
);
197+
final result = await checkTokens(request, skipTokenVerification: true);
215198

216199
expect(result.result.auth, TokenStatus.valid);
217200
expect(result.result.app, TokenStatus.valid);
@@ -222,10 +205,7 @@ void main() {
222205
test('returns missing status when headers are absent', () async {
223206
final request = _createRequest();
224207

225-
final result = await checkTokens(
226-
request,
227-
skipTokenVerification: true,
228-
);
208+
final result = await checkTokens(request, skipTokenVerification: true);
229209

230210
expect(result.result.auth, TokenStatus.missing);
231211
expect(result.result.app, TokenStatus.missing);
@@ -243,10 +223,7 @@ void main() {
243223
},
244224
);
245225

246-
final result = await checkTokens(
247-
request,
248-
skipTokenVerification: true,
249-
);
226+
final result = await checkTokens(request, skipTokenVerification: true);
250227

251228
expect(result.result.auth, TokenStatus.valid);
252229
expect(result.result.app, TokenStatus.invalid);
@@ -257,10 +234,7 @@ void main() {
257234

258235
group('AuthData', () {
259236
test('rawToken field is accessible', () {
260-
const auth = AuthData(
261-
uid: 'user123',
262-
rawToken: 'raw-token-value',
263-
);
237+
const auth = AuthData(uid: 'user123', rawToken: 'raw-token-value');
264238

265239
expect(auth.rawToken, 'raw-token-value');
266240
});

0 commit comments

Comments
 (0)