firebase_rs_sdk/app_check/
mod.rs

1//! # Firebase Firestore module
2//!
3//! This module ports core pieces of the Firebase App Check SDK to Rust so applications can request, cache, and refresh attestation tokens that protect backend resources from abuse. It mirrors the JS SDK’s structure with an App Check façade, provider implementations, and internal wiring that other services (Firestore, Storage, etc.) can tap into via token providers.
4//!
5//! It includes error handling, configuration options, and integration with Firebase apps.
6//!
7//! ## Features
8//!
9//! - Initialize App Check for any FirebaseApp, choosing between the built-in reCAPTCHA providers or a custom provider callback.
10//! - Toggle automatic token refresh and listen for token updates through observer APIs.
11//! - Retrieve standard and limited-use App Check tokens on demand, receiving structured error details when attestation fails.
12//! - Bridge App Check tokens into dependent services via FirebaseAppCheckInternal::token_provider so HTTP clients can attach X-Firebase-AppCheck headers automatically.
13//! - Manage internal listeners (add/remove) and inspect cached token state for emulator or server-driven scenarios.
14//!
15//! ## References to the Firebase JS SDK - firestore module
16//!
17//! - QuickStart: <https://firebase.google.com/docs/app-check/web/recaptcha-provider>
18//! - API: <https://firebase.google.com/docs/reference/js/app-check.md#app-check_package>
19//! - Github Repo - Module: <https://github.com/firebase/firebase-js-sdk/tree/main/packages/app-check>
20//! - Github Repo - API: <https://github.com/firebase/firebase-js-sdk/tree/main/packages/firebase/app-check>
21//!
22//! ## Development status as of 14th October 2025
23//!
24//! - Core functionalities: Some implemented (see the module's [README.md](https://github.com/dgasparri/firebase-rs-sdk/tree/main/src/app_check) for details)
25//! - Tests: 4 tests (passed)
26//! - Documentation: Some public functions are documented
27//! - Examples: None provided
28//!
29//! DISCLAIMER: This is not an official Firebase product, nor it is guaranteed that it has no bugs or that it will work as intended.
30//!
31//! ## Example Usage
32//!
33//! ```rust
34//! use firebase_rs_sdk::app::*;
35//! use firebase_rs_sdk::app_check::*;
36//! use std::error::Error;
37//! use std::sync::Arc;
38//! use std::time::Duration;
39//!
40//! fn main() -> Result<(), Box<dyn Error>> {
41//!     // Configure the Firebase project. Replace these placeholder values with your
42//!     // own Firebase configuration when running the sample against real services.
43//!     let options = FirebaseOptions {
44//!         api_key: Some("YOUR_WEB_API_KEY".into()),
45//!         project_id: Some("your-project-id".into()),
46//!         app_id: Some("1:1234567890:web:abcdef".into()),
47//!         ..Default::default()
48//!     };
49//!
50//!     let settings = FirebaseAppSettings {
51//!         name: Some("app-check-demo".into()),
52//!         automatic_data_collection_enabled: Some(true),
53//!     };
54//!
55//!     let app = initialize_app(options, Some(settings))?;
56//!
57//!     // Create a simple provider that always returns the same demo token.
58//!     let provider = custom_provider(|| token_with_ttl("demo-app-check", Duration::from_secs(60)));
59//!     let options = AppCheckOptions::new(provider.clone()).with_auto_refresh(true);
60//!
61//!     let app_check = initialize_app_check(Some(app.clone()), options)?;
62//!
63//!     // Enable or disable automatic background refresh.
64//!     set_token_auto_refresh_enabled(&app_check, true);
65//!
66//!     // Listen for token updates. The listener fires immediately with the cached token
67//!     // (if any) and then on subsequent refreshes.
68//!     let listener: AppCheckTokenListener = Arc::new(|result| {
69//!         if !result.token.is_empty() {
70//!             println!("Received App Check token: {}", result.token);
71//!         }
72//!         if let Some(error) = &result.error {
73//!             eprintln!("App Check token error: {error}");
74//!         }
75//!     });
76//!     let handle = add_token_listener(&app_check, listener, ListenerType::External)?;
77//!
78//!     // Retrieve the current token and a limited-use token.
79//!     let token = get_token(&app_check, false)?;
80//!     println!("Immediate token fetch: {}", token.token);
81//!
82//!     let limited = get_limited_use_token(&app_check)?;
83//!     println!("Limited-use token: {}", limited.token);
84//!
85//!     // Listener handles implement Drop and automatically unsubscribe, but you can
86//!     // explicitly disconnect if desired.
87//!     handle.unsubscribe();
88//!
89//!     delete_app(&app)?;
90//!     Ok(())
91//! }
92//! ```
93
94pub mod api;
95mod errors;
96mod interop;
97mod logger;
98mod providers;
99mod state;
100mod token_provider;
101mod types;
102
103#[doc(inline)]
104pub use api::{
105    add_token_listener, custom_provider, get_limited_use_token, get_token, initialize_app_check,
106    recaptcha_enterprise_provider, recaptcha_v3_provider, remove_token_listener,
107    set_token_auto_refresh_enabled, token_with_ttl,
108};
109
110#[doc(inline)]
111pub use errors::{AppCheckError, AppCheckResult};
112
113#[doc(inline)]
114pub use interop::FirebaseAppCheckInternal;
115
116#[doc(inline)]
117pub use providers::{
118    CustomProvider, CustomProviderOptions, ReCaptchaEnterpriseProvider, ReCaptchaV3Provider,
119};
120
121#[doc(inline)]
122pub use token_provider::{app_check_token_provider_arc, AppCheckTokenProvider};
123
124#[doc(inline)]
125pub use types::{
126    AppCheck, AppCheckInternalListener, AppCheckOptions, AppCheckProvider, AppCheckToken,
127    AppCheckTokenListener, AppCheckTokenResult, ListenerHandle, ListenerType,
128    APP_CHECK_COMPONENT_NAME, APP_CHECK_INTERNAL_COMPONENT_NAME,
129};