getFirebaseToken Auth Interop method for BYO-CIAM

Author: mansisampat

packages/auth-interop-types/index.d.ts

@@ -21,6 +21,7 @@ export interface FirebaseAuthTokenData {
 
 export interface FirebaseAuthInternal {
   getToken(refreshToken?: boolean): Promise<FirebaseAuthTokenData | null>;
+  getFirebaseToken(): Promise<FirebaseAuthTokenData | null>;
   getUid(): string | null;
   addAuthTokenListener(fn: (token: string | null) => void): void;
   removeAuthTokenListener(fn: (token: string | null) => void): void;

packages/auth/src/core/auth/firebase_internal.ts

@@ -28,6 +28,7 @@ interface TokenListener {
 }
 
 export class AuthInterop implements FirebaseAuthInternal {
+  private readonly TOKEN_EXPIRATION_BUFFER = 30_000;
   private readonly internalListeners: Map<TokenListener, Unsubscribe> =
     new Map();
 
@@ -51,6 +52,26 @@ export class AuthInterop implements FirebaseAuthInternal {
     return { accessToken };
   }
 
+  async getFirebaseToken(): Promise<{ accessToken: string } | null> {
+    this.assertAuthConfigured();
+    this.assertRegionalAuthConfigured();
+    if (!this.auth.firebaseToken) {
+      return null;
+    }
+
+    if (
+      !this.auth.firebaseToken.expirationTime ||
+      Date.now() >
+        this.auth.firebaseToken.expirationTime - this.TOKEN_EXPIRATION_BUFFER
+    ) {
+      await this.auth._updateFirebaseToken(null);
+      return null;
+    }
+
+    const accessToken = await this.auth.firebaseToken.token;
+    return { accessToken };
+  }
+
   addAuthTokenListener(listener: TokenListener): void {
     this.assertAuthConfigured();
     if (this.internalListeners.has(listener)) {
@@ -85,6 +106,10 @@ export class AuthInterop implements FirebaseAuthInternal {
     );
   }
 
+  private assertRegionalAuthConfigured(): void {
+    _assert(this.auth.tenantConfig, AuthErrorCode.OPERATION_NOT_ALLOWED);
+  }
+
   private updateProactiveRefresh(): void {
     if (this.internalListeners.size > 0) {
       this.auth._startProactiveRefresh();