pub enum ClientMode {
Live,
Emulator {
host: String,
},
}Expand description
Selects whether an crate::auth::AuthClient talks to production
Firebase or a local emulator instance.
Variants§
Live
Talk to production Firebase Authentication.
Emulator
Talk to a local Firebase Auth Emulator at host (e.g. localhost:9099).
Implementations§
Source§impl ClientMode
impl ClientMode
Sourcepub fn resolve(explicit_emulator_host: Option<String>) -> Self
pub fn resolve(explicit_emulator_host: Option<String>) -> Self
Resolves the mode to use: an explicitly-requested emulator host takes
priority, then the FIREBASE_AUTH_EMULATOR_HOST environment variable,
and otherwise ClientMode::Live.
Sourcepub fn endpoints(&self, project_id: &str) -> IdentityToolkitEndpoints
pub fn endpoints(&self, project_id: &str) -> IdentityToolkitEndpoints
Builds the Identity Toolkit endpoint set for this mode.
Sourcepub fn requires_bearer_token(&self) -> bool
pub fn requires_bearer_token(&self) -> bool
Whether requests in this mode require an OAuth2 bearer token.
The Firebase Auth Emulator does not enforce authentication.
Sourcepub fn emulator_api_key(&self) -> Option<&'static str>
pub fn emulator_api_key(&self) -> Option<&'static str>
The dummy key= query parameter value to attach to Identity Toolkit
REST calls in emulator mode, or None in live mode.
Every Identity Toolkit v1 accounts:* endpoint requires an API key
query parameter to be present, even on the emulator — it isn’t
validated there, but its absence produces the same
PERMISSION_DENIED / “The request is missing a valid API key.” error
the production API returns for unauthenticated calls. Production
calls instead rely solely on the OAuth2 bearer token (see
Self::requires_bearer_token) and must not send this parameter.
Sourcepub fn emulator_bearer_token(&self) -> Option<&'static str>
pub fn emulator_bearer_token(&self) -> Option<&'static str>
The magic Authorization: Bearer token value the Firebase Auth
Emulator recognizes as a privileged/admin caller, or None in live
mode (where a real OAuth2 token is required instead — see
Self::requires_bearer_token).
Confirmed against the emulator’s own source
(firebase-tools/src/emulator/auth/operations.ts): several
operations, including user creation, branch on whether the request
carries recognized OAuth2 credentials (ctx.security?.Oauth2) to
decide whether to treat the caller as an admin. The literal string
"owner" is what the official Admin SDKs send as the bearer token
when FIREBASE_AUTH_EMULATOR_HOST is set, and is the value the
emulator’s Exegesis-based request validator recognizes for this
purpose. Without it, admin-only operations are instead evaluated on
the unprivileged/client path and fail with errors like
MISSING_ID_TOKEN that only make sense for that path.
Trait Implementations§
Source§impl Clone for ClientMode
impl Clone for ClientMode
Source§fn clone(&self) -> ClientMode
fn clone(&self) -> ClientMode
1.0.0 (const: unstable) · Source§fn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
source. Read more