def get_client(self, db_url=None):
"""Creates a client based on the db_url. Clients may be cached."""
if db_url is None:
db_url = self._db_url
if not db_url or not isinstance(db_url, str):
raise ValueError(
'Invalid database URL: "{0}". Database URL must be a non-empty '
'URL string.'.format(db_url))
parsed_url = parse.urlparse(db_url)
if not parsed_url.netloc:
raise ValueError(
'Invalid database URL: "{0}". Database URL must be a wellformed '
'URL string.'.format(db_url))
emulator_config = self._get_emulator_config(parsed_url)
if emulator_config:
credential = _utils.EmulatorAdminCredentials()
base_url = emulator_config.base_url
params = {'ns': emulator_config.namespace}
else:
# Defer credential lookup until we are certain it's going to be prod connection.
credential = self._credential.get_credential()
base_url = 'https://{0}'.format(parsed_url.netloc)
params = {}
if self._auth_override:
params['auth_variable_override'] = self._auth_override
client_cache_key = (base_url, json.dumps(params, sort_keys=True))
if client_cache_key not in self._clients:
client = _Client(credential, base_url, self._timeout, params)
self._clients[client_cache_key] = client
return self._clients[client_cache_key]
def __init__(self, app, tenant_id=None):
if not app.project_id:
raise ValueError(
"""A project ID is required to access the auth service.
1. Use a service account credential, or
2. set the project ID explicitly via Firebase App options, or
3. set the project ID via the GOOGLE_CLOUD_PROJECT environment variable."""
)
credential = None
version_header = 'Python/Admin/{0}'.format(firebase_admin.__version__)
timeout = app.options.get('httpTimeout',
_http_client.DEFAULT_TIMEOUT_SECONDS)
# Non-default endpoint URLs for emulator support are set in this dict later.
endpoint_urls = {}
self.emulated = False
# If an emulator is present, check that the given value matches the expected format and set
# endpoint URLs to use the emulator. Additionally, use a fake credential.
emulator_host = _auth_utils.get_emulator_host()
if emulator_host:
base_url = 'http://{0}/identitytoolkit.googleapis.com'.format(
emulator_host)
endpoint_urls['v1'] = base_url + '/v1'
endpoint_urls['v2beta1'] = base_url + '/v2beta1'
credential = _utils.EmulatorAdminCredentials()
self.emulated = True
else:
# Use credentials if provided
credential = app.credential.get_credential()
http_client = _http_client.JsonHttpClient(
credential=credential,
headers={'X-Client-Version': version_header},
timeout=timeout)
self._tenant_id = tenant_id
self._token_generator = _token_gen.TokenGenerator(
app, http_client, url_override=endpoint_urls.get('v1'))
self._token_verifier = _token_gen.TokenVerifier(app)
self._user_manager = _user_mgt.UserManager(
http_client,
app.project_id,
tenant_id,
url_override=endpoint_urls.get('v1'))
self._provider_manager = _auth_providers.ProviderConfigClient(
http_client,
app.project_id,
tenant_id,
url_override=endpoint_urls.get('v2beta1'))