From 53d4d4536db49ef0f71724fad8d507cc2b9728fa Mon Sep 17 00:00:00 2001
From: mountain <mountain@action2quare.com>
Date: Wed, 10 Jul 2024 12:14:58 +0900
Subject: [PATCH] =?UTF-8?q?firebase=20=EC=84=A4=EC=A0=95=EC=97=90=20?=
 =?UTF-8?q?=EB=94=B0=EB=9D=BC=20=EC=9D=B8=EC=8A=A4=ED=84=B4=EC=8A=A4=20?=
 =?UTF-8?q?=EC=83=9D=EC=84=B1?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 core/maingate.go             | 43 +++++++++++++++++++++++++-----------
 core/platformfirebaseauth.go | 13 +++++++++--
 2 files changed, 41 insertions(+), 15 deletions(-)

diff --git a/core/maingate.go b/core/maingate.go
index 4c81add..90bcfc9 100644
--- a/core/maingate.go
+++ b/core/maingate.go
@@ -36,6 +36,7 @@ import (
 
 var devflag = flagx.Bool("dev", false, "")
 var noauth = flagx.Bool("noauth", false, "")
+var authtype = flagx.String("auth", "", "yes|no|both")
 
 var (
 	CollectionLink               = gocommon.CollectionName("link")
@@ -133,6 +134,11 @@ func (ga *globalAdmins) parse() {
 	ga.modtime = gocommon.ConfigModTime()
 }
 
+type firebaseClient struct {
+	firebaseAppClient  *auth.Client
+	firebaseAppContext context.Context
+}
+
 // Maingate :
 type Maingate struct {
 	mongoClient gocommon.MongoClient
@@ -148,8 +154,8 @@ type Maingate struct {
 	authorizationEndpoints map[string]string
 	userinfoEndpoint       map[string]string
 	jwksUri                map[string]string
-	firebaseAppClient      *auth.Client
-	firebaseAppContext     context.Context
+
+	firebase *firebaseClient
 }
 
 var config maingateConfig
@@ -186,18 +192,29 @@ func New(ctx context.Context) (*Maingate, error) {
 		return nil, err
 	}
 
-	if !*noauth {
-		opt := option.WithCredentialsFile(config.FirebaseAdminSDKCredentialFile)
-		firebaseApp, err := firebase.NewApp(context.Background(), nil, opt)
-		if err != nil {
-			logger.Error("firebase admin error initializing app failed :", err)
-			return nil, err
-		}
+	if *noauth && len(*authtype) == 0 {
+		*authtype = "no"
+	}
 
-		mg.firebaseAppContext = ctx
-		mg.firebaseAppClient, err = firebaseApp.Auth(mg.firebaseAppContext)
-		if err != nil {
-			logger.Println("FirebaseAppClient error getting Auth client:", err)
+	if *authtype == "yes" || *authtype == "both" {
+		if len(config.FirebaseAdminSDKCredentialFile) > 0 {
+			opt := option.WithCredentialsFile(config.FirebaseAdminSDKCredentialFile)
+			firebaseApp, err := firebase.NewApp(context.Background(), nil, opt)
+			if err != nil {
+				logger.Error("firebase admin error initializing app failed :", err)
+				return nil, err
+			}
+
+			firebaseAppClient, err := firebaseApp.Auth(ctx)
+			if err != nil {
+				logger.Println("FirebaseAppClient error getting Auth client:", err)
+				return nil, err
+			}
+
+			mg.firebase = &firebaseClient{
+				firebaseAppContext: ctx,
+				firebaseAppClient:  firebaseAppClient,
+			}
 		}
 	}
 
diff --git a/core/platformfirebaseauth.go b/core/platformfirebaseauth.go
index e97f63d..d7e52db 100644
--- a/core/platformfirebaseauth.go
+++ b/core/platformfirebaseauth.go
@@ -147,6 +147,11 @@ func (mg *Maingate) platform_firebaseauth_authorize_sdk(w http.ResponseWriter, r
 }
 
 func (mg *Maingate) platform_firebaseauth_authorize_raw(w http.ResponseWriter, brinfo, code, state, cookieSessionKey, memberId, nickname, provider, providerId, email, photourl, phonenumber string) (bool, string) {
+	if mg.firebase == nil {
+		logger.Println("mg.firebase is nil. check 'firebase_admin_sdk_credentialfile' config or 'authtype' parameter")
+		w.WriteHeader(http.StatusBadRequest)
+		return false, ""
+	}
 
 	found, err := mg.mongoClient.FindOne(CollectionPlatformLoginToken, bson.M{
 		"platform": AuthPlatformFirebaseAuth,
@@ -189,7 +194,7 @@ func (mg *Maingate) platform_firebaseauth_authorize_raw(w http.ResponseWriter, b
 		return false, ""
 	}
 
-	_, err = mg.firebaseAppClient.VerifyIDToken(mg.firebaseAppContext, code)
+	_, err = mg.firebase.firebaseAppClient.VerifyIDToken(mg.firebase.firebaseAppContext, code)
 	if err != nil {
 		log.Println("error verifying ID token:", err)
 		return false, ""
@@ -243,6 +248,10 @@ func (mg *Maingate) platform_firebaseauth_authorize_raw(w http.ResponseWriter, b
 }
 
 func (mg *Maingate) platform_firebase_getuserinfo(info usertokeninfo) (bool, string, string) {
+	if mg.firebase == nil {
+		logger.Println("mg.firebase is nil. check 'firebase_admin_sdk_credentialfile' config or 'authtype' parameter")
+		return false, "", ""
+	}
 
 	found, err := mg.mongoClient.FindOne(CollectionFirebaseUserInfo, bson.M{
 		"firebaseuserid": info.userid,
@@ -257,7 +266,7 @@ func (mg *Maingate) platform_firebase_getuserinfo(info usertokeninfo) (bool, str
 		return false, "", ""
 	}
 
-	_, err = mg.firebaseAppClient.VerifyIDToken(mg.firebaseAppContext, info.token)
+	_, err = mg.firebase.firebaseAppClient.VerifyIDToken(mg.firebase.firebaseAppContext, info.token)
 	if err != nil {
 		log.Println("error verifying ID token:", err)
 		return false, "", ""