firebase-functions icon indicating copy to clipboard operation
firebase-functions copied to clipboard

Published 20 hours ago verified publisher icon firebase

v2 Functions Auth Context does not carry tenant information when using Identity Platform

Open arndtvoges opened this issue 1 year ago • 2 comments

[REQUIRED] Version info

node: 20.14.0

firebase-functions: 5.0.1

firebase-tools: 13.11.2

firebase-admin: 12.1.1

[REQUIRED] Test case

See below

[REQUIRED] Steps to reproduce

  1. Create a Firebase v2 Function with Auth Context that listens to a document
import { onDocumentCreatedWithAuthContext } from "firebase-functions/v2/firestore"

exports.syncUser = onDocumentCreatedWithAuthContext("users/{userId}", (event) => {
   const { authType, authId } = event; // These are the only two strings related to auth and do not contain tenant information
   console.log(authType, authId};
});
  1. Authenticate client-side as a tentant-scoped user via Identify Platform
  2. Observe that auth context (as documented here) is not tenant aware.

[REQUIRED] Expected behavior

Tenant id should be in Auth Context of v2 Functions. This seems to be a regression from v1 Functions where the tenantId is carried in context.

[REQUIRED] Actual behavior

Auth Context of v2 Functions does not carry tenant information. This makes it impossible to access a tenant-scoped user's information unless tenantId is tracked outside of the auth stack because Firebase Auth is tenant specific and requires to be initiated with tenantId.

Were you able to successfully deploy your functions?

Yes

arndtvoges avatar Jun 11 '24 20:06 arndtvoges