From 25bb55e38d48ca82348be02a277d04b5d559a183 Mon Sep 17 00:00:00 2001 From: Brian Li Date: Wed, 6 Sep 2023 13:55:50 -0400 Subject: [PATCH 1/9] support deploy of new email trigger --- src/deploy/functions/release/fabricator.ts | 1 + src/deploy/functions/services/auth.ts | 24 ++++++++++++++++++++-- src/deploy/functions/services/index.ts | 1 + src/functions/constants.ts | 1 + src/functions/events/v1.ts | 8 +++++++- src/gcp/identityPlatform.ts | 1 + 6 files changed, 33 insertions(+), 3 deletions(-) diff --git a/src/deploy/functions/release/fabricator.ts b/src/deploy/functions/release/fabricator.ts index ff4556168a9..68b9ffde567 100644 --- a/src/deploy/functions/release/fabricator.ts +++ b/src/deploy/functions/release/fabricator.ts @@ -660,6 +660,7 @@ export class Fabricator { async registerBlockingTrigger( endpoint: backend.Endpoint & backend.BlockingTriggered ): Promise { + console.log("*****\nRegistering blocking trigger:", endpoint); await this.executor .run(() => services.serviceForEndpoint(endpoint).registerTrigger(endpoint)) .catch(rethrowAs(endpoint, "register blocking trigger")); diff --git a/src/deploy/functions/services/auth.ts b/src/deploy/functions/services/auth.ts index 6b2dec73cac..86f7dd52905 100644 --- a/src/deploy/functions/services/auth.ts +++ b/src/deploy/functions/services/auth.ts @@ -52,7 +52,10 @@ export class AuthBlockingService implements Service { if ( newConfig.triggers?.beforeCreate?.functionUri !== config.triggers?.beforeCreate?.functionUri || - newConfig.triggers?.beforeSignIn?.functionUri !== config.triggers?.beforeSignIn?.functionUri + newConfig.triggers?.beforeSignIn?.functionUri !== + config.triggers?.beforeSignIn?.functionUri || + newConfig.triggers?.beforeSendEmail?.functionUri !== + config.triggers?.beforeSendEmail?.functionUri ) { return true; } @@ -75,6 +78,9 @@ export class AuthBlockingService implements Service { const newBlockingConfig = await identityPlatform.getBlockingFunctionsConfig(endpoint.project); const oldBlockingConfig = cloneDeep(newBlockingConfig); + console.log("***** trigger type:", endpoint.blockingTrigger.eventType); + console.log("*****\n old config:", oldBlockingConfig); + if (endpoint.blockingTrigger.eventType === events.v1.BEFORE_CREATE_EVENT) { newBlockingConfig.triggers = { ...newBlockingConfig.triggers, @@ -82,13 +88,23 @@ export class AuthBlockingService implements Service { functionUri: endpoint.uri!, }, }; - } else { + } else if (endpoint.blockingTrigger.eventType === events.v1.BEFORE_SIGN_IN_EVENT) { newBlockingConfig.triggers = { ...newBlockingConfig.triggers, beforeSignIn: { functionUri: endpoint.uri!, }, }; + } else if (endpoint.blockingTrigger.eventType === events.v1.BEFORE_SEND_EMAIL_EVENT) { + newBlockingConfig.triggers = { + ...newBlockingConfig.triggers, + beforeSendEmail: { + functionUri: endpoint.uri!, + }, + }; + console.log("Is this changing?", newBlockingConfig.triggers); + } else { + // throw error here } newBlockingConfig.forwardInboundCredentials = { @@ -96,10 +112,14 @@ export class AuthBlockingService implements Service { ...endpoint.blockingTrigger.options, }; + console.log("*****\n new config:", newBlockingConfig); + if (!this.configChanged(newBlockingConfig, oldBlockingConfig)) { return; } + console.log("*****\nUpdating blocking functions config to:", newBlockingConfig); + await identityPlatform.setBlockingFunctionsConfig(endpoint.project, newBlockingConfig); } diff --git a/src/deploy/functions/services/index.ts b/src/deploy/functions/services/index.ts index af560ab938b..f57cda2f4ea 100644 --- a/src/deploy/functions/services/index.ts +++ b/src/deploy/functions/services/index.ts @@ -140,6 +140,7 @@ const EVENT_SERVICE_MAPPING: Record = { "google.firebase.firebasealerts.alerts.v1.published": firebaseAlertsService, "providers/cloud.auth/eventTypes/user.beforeCreate": authBlockingService, "providers/cloud.auth/eventTypes/user.beforeSignIn": authBlockingService, + "providers/cloud.auth/eventTypes/user.beforeSendEmail": authBlockingService, "google.firebase.database.ref.v1.written": databaseService, "google.firebase.database.ref.v1.created": databaseService, "google.firebase.database.ref.v1.updated": databaseService, diff --git a/src/functions/constants.ts b/src/functions/constants.ts index 99bd2bf716b..a561a6aefd4 100644 --- a/src/functions/constants.ts +++ b/src/functions/constants.ts @@ -10,4 +10,5 @@ export const BLOCKING_LABEL_KEY_TO_EVENT: Record = { "providers/cloud.auth/eventTypes/user.beforeCreate": "before-create", "providers/cloud.auth/eventTypes/user.beforeSignIn": "before-sign-in", + "providers/cloud.auth/eventTypes/user.beforeSendEmail": "before-send-email", }; diff --git a/src/functions/events/v1.ts b/src/functions/events/v1.ts index 0be24c12487..7466354633f 100644 --- a/src/functions/events/v1.ts +++ b/src/functions/events/v1.ts @@ -2,6 +2,12 @@ export const BEFORE_CREATE_EVENT = "providers/cloud.auth/eventTypes/user.beforeC export const BEFORE_SIGN_IN_EVENT = "providers/cloud.auth/eventTypes/user.beforeSignIn"; -export const AUTH_BLOCKING_EVENTS = [BEFORE_CREATE_EVENT, BEFORE_SIGN_IN_EVENT] as const; +export const BEFORE_SEND_EMAIL_EVENT = "providers/cloud.auth/eventTypes/user.beforeSendEmail"; + +export const AUTH_BLOCKING_EVENTS = [ + BEFORE_CREATE_EVENT, + BEFORE_SIGN_IN_EVENT, + BEFORE_SEND_EMAIL_EVENT, +] as const; export type Event = (typeof AUTH_BLOCKING_EVENTS)[number]; diff --git a/src/gcp/identityPlatform.ts b/src/gcp/identityPlatform.ts index 4149843c00d..347952b5e61 100644 --- a/src/gcp/identityPlatform.ts +++ b/src/gcp/identityPlatform.ts @@ -41,6 +41,7 @@ export interface BlockingFunctionsConfig { triggers?: { beforeCreate?: BlockingFunctionsEventDetails; beforeSignIn?: BlockingFunctionsEventDetails; + beforeSendEmail?: BlockingFunctionsEventDetails; }; forwardInboundCredentials?: BlockingFunctionsOptions; } From 6e32e39ba7a0981d807e370bedf9b4cbc0c050d8 Mon Sep 17 00:00:00 2001 From: Brian Li Date: Wed, 20 Sep 2023 18:53:59 -0400 Subject: [PATCH 2/9] unregister beforeemailsent triggers on delete --- src/deploy/functions/services/auth.ts | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/src/deploy/functions/services/auth.ts b/src/deploy/functions/services/auth.ts index 86f7dd52905..e3cc29a6b7e 100644 --- a/src/deploy/functions/services/auth.ts +++ b/src/deploy/functions/services/auth.ts @@ -141,7 +141,8 @@ export class AuthBlockingService implements Service { const blockingConfig = await identityPlatform.getBlockingFunctionsConfig(endpoint.project); if ( endpoint.uri !== blockingConfig.triggers?.beforeCreate?.functionUri && - endpoint.uri !== blockingConfig.triggers?.beforeSignIn?.functionUri + endpoint.uri !== blockingConfig.triggers?.beforeSignIn?.functionUri && + endpoint.uri !== blockingConfig.triggers?.beforeSendEmail?.functionUri ) { return; } @@ -155,6 +156,9 @@ export class AuthBlockingService implements Service { if (endpoint.uri === blockingConfig.triggers?.beforeSignIn?.functionUri) { delete blockingConfig.triggers?.beforeSignIn; } + if (endpoint.uri === blockingConfig.triggers?.beforeSendEmail?.functionUri) { + delete blockingConfig.triggers?.beforeSendEmail; + } await identityPlatform.setBlockingFunctionsConfig(endpoint.project, blockingConfig); } From 5a1f286545f3748378ac7a4cda3a9485ec8f25a2 Mon Sep 17 00:00:00 2001 From: Brian Li Date: Thu, 21 Sep 2023 15:56:18 -0400 Subject: [PATCH 3/9] add missing label key to event for beforeSendEmail --- src/functions/constants.ts | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/functions/constants.ts b/src/functions/constants.ts index a561a6aefd4..c6e2594008b 100644 --- a/src/functions/constants.ts +++ b/src/functions/constants.ts @@ -6,7 +6,9 @@ export const BLOCKING_LABEL = "deployment-blocking"; export const BLOCKING_LABEL_KEY_TO_EVENT: Record = { "before-create": "providers/cloud.auth/eventTypes/user.beforeCreate", "before-sign-in": "providers/cloud.auth/eventTypes/user.beforeSignIn", + "before-send-email": "providers/cloud.auth/eventTypes/user.beforeSendEmail", }; + export const BLOCKING_EVENT_TO_LABEL_KEY: Record<(typeof AUTH_BLOCKING_EVENTS)[number], string> = { "providers/cloud.auth/eventTypes/user.beforeCreate": "before-create", "providers/cloud.auth/eventTypes/user.beforeSignIn": "before-sign-in", From 812f79e3af5293d179c25216cdf0f4e07bab94a0 Mon Sep 17 00:00:00 2001 From: Brian Li Date: Tue, 7 Nov 2023 17:04:49 -0500 Subject: [PATCH 4/9] cleanup --- src/deploy/functions/release/fabricator.ts | 1 - src/deploy/functions/services/auth.ts | 12 +++--------- 2 files changed, 3 insertions(+), 10 deletions(-) diff --git a/src/deploy/functions/release/fabricator.ts b/src/deploy/functions/release/fabricator.ts index b9319f6f198..c36799ef256 100644 --- a/src/deploy/functions/release/fabricator.ts +++ b/src/deploy/functions/release/fabricator.ts @@ -684,7 +684,6 @@ export class Fabricator { async registerBlockingTrigger( endpoint: backend.Endpoint & backend.BlockingTriggered ): Promise { - console.log("*****\nRegistering blocking trigger:", endpoint); await this.executor .run(() => services.serviceForEndpoint(endpoint).registerTrigger(endpoint)) .catch(rethrowAs(endpoint, "register blocking trigger")); diff --git a/src/deploy/functions/services/auth.ts b/src/deploy/functions/services/auth.ts index e3cc29a6b7e..f60b6915ca3 100644 --- a/src/deploy/functions/services/auth.ts +++ b/src/deploy/functions/services/auth.ts @@ -78,9 +78,6 @@ export class AuthBlockingService implements Service { const newBlockingConfig = await identityPlatform.getBlockingFunctionsConfig(endpoint.project); const oldBlockingConfig = cloneDeep(newBlockingConfig); - console.log("***** trigger type:", endpoint.blockingTrigger.eventType); - console.log("*****\n old config:", oldBlockingConfig); - if (endpoint.blockingTrigger.eventType === events.v1.BEFORE_CREATE_EVENT) { newBlockingConfig.triggers = { ...newBlockingConfig.triggers, @@ -102,9 +99,10 @@ export class AuthBlockingService implements Service { functionUri: endpoint.uri!, }, }; - console.log("Is this changing?", newBlockingConfig.triggers); } else { - // throw error here + throw new FirebaseError( + `Received invalid blocking trigger event type ${endpoint.blockingTrigger.eventType}` + ); } newBlockingConfig.forwardInboundCredentials = { @@ -112,14 +110,10 @@ export class AuthBlockingService implements Service { ...endpoint.blockingTrigger.options, }; - console.log("*****\n new config:", newBlockingConfig); - if (!this.configChanged(newBlockingConfig, oldBlockingConfig)) { return; } - console.log("*****\nUpdating blocking functions config to:", newBlockingConfig); - await identityPlatform.setBlockingFunctionsConfig(endpoint.project, newBlockingConfig); } From a9b332742df010c9982d57dadb4575f8efca6b3f Mon Sep 17 00:00:00 2001 From: Brian Li Date: Mon, 19 Aug 2024 13:11:26 -0400 Subject: [PATCH 5/9] rebase --- src/deploy/functions/services/auth.ts | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/src/deploy/functions/services/auth.ts b/src/deploy/functions/services/auth.ts index 91e1663d140..3e8d47fdbb0 100644 --- a/src/deploy/functions/services/auth.ts +++ b/src/deploy/functions/services/auth.ts @@ -78,6 +78,9 @@ export class AuthBlockingService implements Service { const newBlockingConfig = await identityPlatform.getBlockingFunctionsConfig(endpoint.project); const oldBlockingConfig = cloneDeep(newBlockingConfig); + console.log("***** trigger type:", endpoint.blockingTrigger.eventType); + console.log("*****\n old config:", oldBlockingConfig); + if (endpoint.blockingTrigger.eventType === events.v1.BEFORE_CREATE_EVENT) { newBlockingConfig.triggers = { ...newBlockingConfig.triggers, @@ -101,7 +104,7 @@ export class AuthBlockingService implements Service { }; } else { throw new FirebaseError( - `Received invalid blocking trigger event type ${endpoint.blockingTrigger.eventType}` + `Received invalid blocking trigger event type ${endpoint.blockingTrigger.eventType}`, ); } @@ -110,10 +113,14 @@ export class AuthBlockingService implements Service { ...endpoint.blockingTrigger.options, }; + console.log("*****\n new config:", newBlockingConfig); + if (!this.configChanged(newBlockingConfig, oldBlockingConfig)) { return; } + console.log("*****\nUpdating blocking functions config to:", newBlockingConfig); + await identityPlatform.setBlockingFunctionsConfig(endpoint.project, newBlockingConfig); } From 5cd13513b1b8abfe0186b8d0a81d24fe90cf3bc4 Mon Sep 17 00:00:00 2001 From: Brian Li Date: Mon, 19 Aug 2024 13:11:47 -0400 Subject: [PATCH 6/9] rebase --- src/deploy/functions/services/auth.ts | 7 ------- 1 file changed, 7 deletions(-) diff --git a/src/deploy/functions/services/auth.ts b/src/deploy/functions/services/auth.ts index 3e8d47fdbb0..203c3f6a57d 100644 --- a/src/deploy/functions/services/auth.ts +++ b/src/deploy/functions/services/auth.ts @@ -78,9 +78,6 @@ export class AuthBlockingService implements Service { const newBlockingConfig = await identityPlatform.getBlockingFunctionsConfig(endpoint.project); const oldBlockingConfig = cloneDeep(newBlockingConfig); - console.log("***** trigger type:", endpoint.blockingTrigger.eventType); - console.log("*****\n old config:", oldBlockingConfig); - if (endpoint.blockingTrigger.eventType === events.v1.BEFORE_CREATE_EVENT) { newBlockingConfig.triggers = { ...newBlockingConfig.triggers, @@ -113,14 +110,10 @@ export class AuthBlockingService implements Service { ...endpoint.blockingTrigger.options, }; - console.log("*****\n new config:", newBlockingConfig); - if (!this.configChanged(newBlockingConfig, oldBlockingConfig)) { return; } - console.log("*****\nUpdating blocking functions config to:", newBlockingConfig); - await identityPlatform.setBlockingFunctionsConfig(endpoint.project, newBlockingConfig); } From 29cf6896af9f1461f489af3d31d7355e7946b4fc Mon Sep 17 00:00:00 2001 From: Brian Li Date: Mon, 19 Aug 2024 13:49:32 -0400 Subject: [PATCH 7/9] add changelog --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index e69de29bb2d..b610c2597ea 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -0,0 +1 @@ +- Add support for deploying beforeEmailSent blocking function. (#6384) From 092d810e6bd234e445dd04f8526481f44b42d154 Mon Sep 17 00:00:00 2001 From: joehan Date: Mon, 19 Aug 2024 11:05:39 -0700 Subject: [PATCH 8/9] Update CHANGELOG.md --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index b610c2597ea..aa67ce57074 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1 +1 @@ -- Add support for deploying beforeEmailSent blocking function. (#6384) +- Added support for deploying `beforeEmailSent` blocking functions. (#6384) From 576dc21c5b45541577d88ff48aa6509c30018d5e Mon Sep 17 00:00:00 2001 From: pragatimodi <110490169+pragatimodi@users.noreply.github.com> Date: Thu, 17 Oct 2024 12:39:05 -0700 Subject: [PATCH 9/9] Adding support for SMS Blocking functions CLI (#7628) * Blocking function SMS --------- Co-authored-by: Brian Li Co-authored-by: joehan Co-authored-by: Mathusan Selvarajah --- CHANGELOG.md | 7 ++----- src/deploy/functions/services/auth.ts | 16 ++++++++++++++-- src/deploy/functions/services/index.ts | 1 + src/functions/constants.ts | 2 ++ src/functions/events/v1.ts | 3 +++ src/gcp/identityPlatform.ts | 1 + 6 files changed, 23 insertions(+), 7 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 55f648867bc..35534a94a86 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,2 @@ -- Re-add a dialog to let users know TLS is being provisioned in App Hosting (#7595) -- Improve Firebase Data Connect postgres security by granting fine grained SQL privileges to the users the need it. (#7578) -- Remove `dataconnect:sql:migrate` command hard dependency on 'roles/cloudsql.admin'. (#7578) -- Add support for setting the encryption configuration of restored firestore databases (#7483) -- Added support for deploying `beforeEmailSent` blocking functions. (#6384) +- Add support for deploying `beforeEmailSent` blocking function. (#6384) +- Add support for `beforeSmsSent` auth blocking triggers. (#6733) diff --git a/src/deploy/functions/services/auth.ts b/src/deploy/functions/services/auth.ts index 203c3f6a57d..09933da65fc 100644 --- a/src/deploy/functions/services/auth.ts +++ b/src/deploy/functions/services/auth.ts @@ -55,7 +55,8 @@ export class AuthBlockingService implements Service { newConfig.triggers?.beforeSignIn?.functionUri !== config.triggers?.beforeSignIn?.functionUri || newConfig.triggers?.beforeSendEmail?.functionUri !== - config.triggers?.beforeSendEmail?.functionUri + config.triggers?.beforeSendEmail?.functionUri || + newConfig.triggers?.beforeSendSms?.functionUri !== config.triggers?.beforeSendSms?.functionUri ) { return true; } @@ -99,6 +100,13 @@ export class AuthBlockingService implements Service { functionUri: endpoint.uri!, }, }; + } else if (endpoint.blockingTrigger.eventType === events.v1.BEFORE_SEND_SMS_EVENT) { + newBlockingConfig.triggers = { + ...newBlockingConfig.triggers, + beforeSendSms: { + functionUri: endpoint.uri!, + }, + }; } else { throw new FirebaseError( `Received invalid blocking trigger event type ${endpoint.blockingTrigger.eventType}`, @@ -136,7 +144,8 @@ export class AuthBlockingService implements Service { if ( endpoint.uri !== blockingConfig.triggers?.beforeCreate?.functionUri && endpoint.uri !== blockingConfig.triggers?.beforeSignIn?.functionUri && - endpoint.uri !== blockingConfig.triggers?.beforeSendEmail?.functionUri + endpoint.uri !== blockingConfig.triggers?.beforeSendEmail?.functionUri && + endpoint.uri !== blockingConfig.triggers?.beforeSendSms?.functionUri ) { return; } @@ -153,6 +162,9 @@ export class AuthBlockingService implements Service { if (endpoint.uri === blockingConfig.triggers?.beforeSendEmail?.functionUri) { delete blockingConfig.triggers?.beforeSendEmail; } + if (endpoint.uri === blockingConfig.triggers?.beforeSendSms?.functionUri) { + delete blockingConfig.triggers?.beforeSendSms; + } await identityPlatform.setBlockingFunctionsConfig(endpoint.project, blockingConfig); } diff --git a/src/deploy/functions/services/index.ts b/src/deploy/functions/services/index.ts index 9fae648ba0b..b0f60e3092f 100644 --- a/src/deploy/functions/services/index.ts +++ b/src/deploy/functions/services/index.ts @@ -141,6 +141,7 @@ const EVENT_SERVICE_MAPPING: Record = { "providers/cloud.auth/eventTypes/user.beforeCreate": authBlockingService, "providers/cloud.auth/eventTypes/user.beforeSignIn": authBlockingService, "providers/cloud.auth/eventTypes/user.beforeSendEmail": authBlockingService, + "providers/cloud.auth/eventTypes/user.beforeSendSms": authBlockingService, "google.firebase.database.ref.v1.written": databaseService, "google.firebase.database.ref.v1.created": databaseService, "google.firebase.database.ref.v1.updated": databaseService, diff --git a/src/functions/constants.ts b/src/functions/constants.ts index c6e2594008b..744cc1cb429 100644 --- a/src/functions/constants.ts +++ b/src/functions/constants.ts @@ -7,10 +7,12 @@ export const BLOCKING_LABEL_KEY_TO_EVENT: Record = { "providers/cloud.auth/eventTypes/user.beforeCreate": "before-create", "providers/cloud.auth/eventTypes/user.beforeSignIn": "before-sign-in", "providers/cloud.auth/eventTypes/user.beforeSendEmail": "before-send-email", + "providers/cloud.auth/eventTypes/user.beforeSendSms": "before-send-sms", }; diff --git a/src/functions/events/v1.ts b/src/functions/events/v1.ts index 7466354633f..d4f201b2358 100644 --- a/src/functions/events/v1.ts +++ b/src/functions/events/v1.ts @@ -4,10 +4,13 @@ export const BEFORE_SIGN_IN_EVENT = "providers/cloud.auth/eventTypes/user.before export const BEFORE_SEND_EMAIL_EVENT = "providers/cloud.auth/eventTypes/user.beforeSendEmail"; +export const BEFORE_SEND_SMS_EVENT = "providers/cloud.auth/eventTypes/user.beforeSendSms"; + export const AUTH_BLOCKING_EVENTS = [ BEFORE_CREATE_EVENT, BEFORE_SIGN_IN_EVENT, BEFORE_SEND_EMAIL_EVENT, + BEFORE_SEND_SMS_EVENT, ] as const; export type Event = (typeof AUTH_BLOCKING_EVENTS)[number]; diff --git a/src/gcp/identityPlatform.ts b/src/gcp/identityPlatform.ts index 5afc964a07e..a4948a40b85 100644 --- a/src/gcp/identityPlatform.ts +++ b/src/gcp/identityPlatform.ts @@ -42,6 +42,7 @@ export interface BlockingFunctionsConfig { beforeCreate?: BlockingFunctionsEventDetails; beforeSignIn?: BlockingFunctionsEventDetails; beforeSendEmail?: BlockingFunctionsEventDetails; + beforeSendSms?: BlockingFunctionsEventDetails; }; forwardInboundCredentials?: BlockingFunctionsOptions; }