Migrate Users() API to internal.HTTPClient (#242)

* Migrating DeleteUser() API to the internal.HTTPClient

* Migrated ImportUsers() to internal.HTTPClient

* Minor clean up

* Migrated Users() API to internal.HTTPClient

Author: hiranya911

auth/auth.go

@@ -23,7 +23,6 @@ import (
 	"strings"
 
 	"firebase.google.com/go/internal"
-	"google.golang.org/api/identitytoolkit/v3"
 )
 
 const (
@@ -41,12 +40,10 @@ var reservedClaims = []string{
 // Client facilitates generating custom JWT tokens for Firebase clients, and verifying ID tokens issued
 // by Firebase backend services.
 type Client struct {
-	is *identitytoolkit.Service
 	userManagementClient
 	idTokenVerifier *tokenVerifier
 	cookieVerifier  *tokenVerifier
 	signer          cryptoSigner
-	version         string
 	clock           internal.Clock
 }
 
@@ -90,11 +87,6 @@ func NewClient(ctx context.Context, conf *internal.AuthConfig) (*Client, error)
 		return nil, err
 	}
 
-	is, err := identitytoolkit.New(hc.Client)
-	if err != nil {
-		return nil, err
-	}
-
 	idTokenVerifier, err := newIDTokenVerifier(ctx, conf.ProjectID)
 	if err != nil {
 		return nil, err
@@ -113,11 +105,9 @@ func NewClient(ctx context.Context, conf *internal.AuthConfig) (*Client, error)
 			version:    version,
 			httpClient: hc,
 		},
-		is:              is,
 		idTokenVerifier: idTokenVerifier,
 		cookieVerifier:  cookieVerifier,
 		signer:          signer,
-		version:         version, // This can be removed when userManagementClient implements all user mgt APIs.
 		clock:           internal.SystemClock,
 	}, nil
 }

auth/export_users.go

@@ -17,8 +17,11 @@ package auth
 import (
 	"context"
 	"encoding/json"
+	"fmt"
+	"net/http"
+	"net/url"
+	"strconv"
 
-	identitytoolkit "google.golang.org/api/identitytoolkit/v3"
 	"google.golang.org/api/iterator"
 )
 
@@ -28,7 +31,7 @@ const maxReturnedResults = 1000
 //
 // If nextPageToken is empty, the iterator will start at the beginning.
 // If the nextPageToken is not empty, the iterator starts after the token.
-func (c *Client) Users(ctx context.Context, nextPageToken string) *UserIterator {
+func (c *userManagementClient) Users(ctx context.Context, nextPageToken string) *UserIterator {
 	it := &UserIterator{
 		ctx:    ctx,
 		client: c,
@@ -46,7 +49,7 @@ func (c *Client) Users(ctx context.Context, nextPageToken string) *UserIterator
 //
 // Also see: https://github.com/GoogleCloudPlatform/google-cloud-go/wiki/Iterator-Guidelines
 type UserIterator struct {
-	client   *Client
+	client   *userManagementClient
 	ctx      context.Context
 	nextFunc func() error
 	pageInfo *iterator.PageInfo
@@ -70,26 +73,43 @@ func (it *UserIterator) Next() (*ExportedUserRecord, error) {
 }
 
 func (it *UserIterator) fetch(pageSize int, pageToken string) (string, error) {
-	request := &identitytoolkit.IdentitytoolkitRelyingpartyDownloadAccountRequest{
-		MaxResults:    int64(pageSize),
-		NextPageToken: pageToken,
+	query := make(url.Values)
+	query.Set("maxResults", strconv.Itoa(pageSize))
+	if pageToken != "" {
+		query.Set("nextPageToken", pageToken)
 	}
-	call := it.client.is.Relyingparty.DownloadAccount(request)
-	it.client.setHeader(call)
-	resp, err := call.Context(it.ctx).Do()
+
+	req, err := it.client.newRequest(http.MethodGet, fmt.Sprintf("/accounts:batchGet?%s", query.Encode()))
 	if err != nil {
-		return "", handleServerError(err)
+		return "", err
+	}
+
+	resp, err := it.client.httpClient.Do(it.ctx, req)
+	if err != nil {
+		return "", err
+	}
+
+	if resp.Status != http.StatusOK {
+		return "", handleHTTPError(resp)
 	}
 
-	for _, u := range resp.Users {
-		eu, err := makeExportedUser(u)
+	var parsed struct {
+		Users         []userQueryResponse `json:"users"`
+		NextPageToken string              `json:"nextPageToken"`
+	}
+	if err := json.Unmarshal(resp.Body, &parsed); err != nil {
+		return "", err
+	}
+
+	for _, u := range parsed.Users {
+		eu, err := u.makeExportedUserRecord()
 		if err != nil {
 			return "", err
 		}
 		it.users = append(it.users, eu)
 	}
-	it.pageInfo.Token = resp.NextPageToken
-	return resp.NextPageToken, nil
+	it.pageInfo.Token = parsed.NextPageToken
+	return parsed.NextPageToken, nil
 }
 
 // ExportedUserRecord is the returned user value used when listing all the users.
@@ -98,53 +118,3 @@ type ExportedUserRecord struct {
 	PasswordHash string
 	PasswordSalt string
 }
-
-func makeExportedUser(r *identitytoolkit.UserInfo) (*ExportedUserRecord, error) {
-	var cc map[string]interface{}
-	if r.CustomAttributes != "" {
-		if err := json.Unmarshal([]byte(r.CustomAttributes), &cc); err != nil {
-			return nil, err
-		}
-		if len(cc) == 0 {
-			cc = nil
-		}
-	}
-
-	var providerUserInfo []*UserInfo
-	for _, u := range r.ProviderUserInfo {
-		info := &UserInfo{
-			DisplayName: u.DisplayName,
-			Email:       u.Email,
-			PhoneNumber: u.PhoneNumber,
-			PhotoURL:    u.PhotoUrl,
-			ProviderID:  u.ProviderId,
-			UID:         u.RawId,
-		}
-		providerUserInfo = append(providerUserInfo, info)
-	}
-
-	resp := &ExportedUserRecord{
-		UserRecord: &UserRecord{
-			UserInfo: &UserInfo{
-				DisplayName: r.DisplayName,
-				Email:       r.Email,
-				PhoneNumber: r.PhoneNumber,
-				PhotoURL:    r.PhotoUrl,
-				ProviderID:  defaultProviderID,
-				UID:         r.LocalId,
-			},
-			CustomClaims:           cc,
-			Disabled:               r.Disabled,
-			EmailVerified:          r.EmailVerified,
-			ProviderUserInfo:       providerUserInfo,
-			TokensValidAfterMillis: r.ValidSince * 1000,
-			UserMetadata: &UserMetadata{
-				LastLogInTimestamp: r.LastLoginAt,
-				CreationTimestamp:  r.CreatedAt,
-			},
-		},
-		PasswordHash: r.PasswordHash,
-		PasswordSalt: r.Salt,
-	}
-	return resp, nil
-}

auth/user_mgt.go

@@ -487,11 +487,6 @@ func validatePhone(phone string) error {
 const idToolkitEndpoint = "https://identitytoolkit.googleapis.com/v1/projects"
 
 // userManagementClient is a helper for interacting with the Identity Toolkit REST API.
-//
-// Currently it is only used for some user management operations (e.g. session cookie
-// generation). We will gradually migrate all the user management functionality to this
-// type, and remove our dependency on the google.golang.org/api/identitytoolkit/v3
-// package.
 type userManagementClient struct {
 	baseURL    string
 	projectID  string

auth/user_mgt_test.go

@@ -30,7 +30,6 @@ import (
 	"time"
 
 	"firebase.google.com/go/internal"
-	"google.golang.org/api/identitytoolkit/v3"
 	"google.golang.org/api/iterator"
 )
 
@@ -181,7 +180,7 @@ func TestListUsers(t *testing.T) {
 		{UserRecord: testUser, PasswordHash: "passwordhash3", PasswordSalt: "salt3"},
 	}
 
-	testIterator := func(iter *UserIterator, token string, req map[string]interface{}) {
+	testIterator := func(iter *UserIterator, token string, req string) {
 		count := 0
 		for i := 0; i < len(want); i++ {
 			user, err := iter.Next()
@@ -209,20 +208,20 @@ func TestListUsers(t *testing.T) {
 			t.Errorf("Users(%q) = %v, want = %v", token, err, iterator.Done)
 		}
 
-		b, err := json.Marshal(req)
-		if err != nil {
-			t.Fatal(err)
-		}
-		if string(s.Rbody) != string(b) {
-			t.Errorf("Users(%q) = %v, want = %v", token, string(s.Rbody), string(b))
+		// Check the query string of the last HTTP request made.
+		gotReq := s.Req[len(s.Req)-1].URL.Query().Encode()
+		if gotReq != req {
+			t.Errorf("Users(%q) = %q, want = %v", token, gotReq, req)
 		}
 	}
 	testIterator(
 		s.Client.Users(context.Background(), ""),
-		"", map[string]interface{}{"maxResults": 1000})
+		"",
+		"maxResults=1000")
 	testIterator(
 		s.Client.Users(context.Background(), "pageToken"),
-		"pageToken", map[string]interface{}{"maxResults": 1000, "nextPageToken": "pageToken"})
+		"pageToken",
+		"maxResults=1000&nextPageToken=pageToken")
 }
 
 func TestInvalidCreateUser(t *testing.T) {
@@ -996,31 +995,31 @@ func TestInvalidDeleteUser(t *testing.T) {
 }
 
 func TestMakeExportedUser(t *testing.T) {
-	rur := &identitytoolkit.UserInfo{
-		LocalId:          "testuser",
-		Email:            "testuser@example.com",
-		PhoneNumber:      "+1234567890",
-		EmailVerified:    true,
-		DisplayName:      "Test User",
-		Salt:             "salt",
-		PhotoUrl:         "http://www.example.com/testuser/photo.png",
-		PasswordHash:     "passwordhash",
-		ValidSince:       1494364393,
-		Disabled:         false,
-		CreatedAt:        1234567890000,
-		LastLoginAt:      1233211232000,
-		CustomAttributes: `{"admin": true, "package": "gold"}`,
-		ProviderUserInfo: []*identitytoolkit.UserInfoProviderUserInfo{
+	rur := &userQueryResponse{
+		UID:                "testuser",
+		Email:              "testuser@example.com",
+		PhoneNumber:        "+1234567890",
+		EmailVerified:      true,
+		DisplayName:        "Test User",
+		PasswordSalt:       "salt",
+		PhotoURL:           "http://www.example.com/testuser/photo.png",
+		PasswordHash:       "passwordhash",
+		ValidSinceSeconds:  1494364393,
+		Disabled:           false,
+		CreationTimestamp:  1234567890000,
+		LastLogInTimestamp: 1233211232000,
+		CustomAttributes:   `{"admin": true, "package": "gold"}`,
+		ProviderUserInfo: []*UserInfo{
 			{
-				ProviderId:  "password",
+				ProviderID:  "password",
 				DisplayName: "Test User",
-				PhotoUrl:    "http://www.example.com/testuser/photo.png",
+				PhotoURL:    "http://www.example.com/testuser/photo.png",
 				Email:       "testuser@example.com",
-				RawId:       "testuid",
+				UID:         "testuid",
 			}, {
-				ProviderId:  "phone",
+				ProviderID:  "phone",
 				PhoneNumber: "+1234567890",
-				RawId:       "testuid",
+				UID:         "testuid",
 			}},
 	}
 
@@ -1029,7 +1028,7 @@ func TestMakeExportedUser(t *testing.T) {
 		PasswordHash: "passwordhash",
 		PasswordSalt: "salt",
 	}
-	exported, err := makeExportedUser(rur)
+	exported, err := rur.makeExportedUserRecord()
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -1271,7 +1270,6 @@ func echoServer(resp interface{}, t *testing.T) *mockAuthServer {
 	if err != nil {
 		t.Fatal(err)
 	}
-	authClient.is.BasePath = s.Srv.URL + "/"
 	authClient.baseURL = s.Srv.URL
 	s.Client = authClient
 	return &s