diff --git a/src/firebase_functions/identity_fn.py b/src/firebase_functions/identity_fn.py index 453707b..dfe4e2a 100644 --- a/src/firebase_functions/identity_fn.py +++ b/src/firebase_functions/identity_fn.py @@ -18,6 +18,7 @@ import functools as _functools import datetime as _dt import dataclasses as _dataclasses +from enum import Enum import firebase_functions.options as _options import firebase_functions.private.util as _util @@ -238,17 +239,23 @@ class Credential: """The user's sign-in method.""" +class EmailType(str, Enum): + EMAIL_SIGN_IN = "EMAIL_SIGN_IN" + PASSWORD_RESET = "PASSWORD_RESET" + + +class SmsType(str, Enum): + SIGN_IN_OR_SIGN_UP = "SIGN_IN_OR_SIGN_UP" + MULTI_FACTOR_SIGN_IN = "MULTI_FACTOR_SIGN_IN" + MULTI_FACTOR_ENROLLMENT = "MULTI_FACTOR_ENROLLMENT" + + @_dataclasses.dataclass(frozen=True) class AuthBlockingEvent: """ Defines an auth event for identitytoolkit v2 auth blocking events. """ - data: AuthUserRecord - """ - The UserRecord passed to auth blocking functions from the identity platform. - """ - locale: str | None """ The application locale. You can set the locale using the client SDK, @@ -262,6 +269,13 @@ class AuthBlockingEvent: Example: 'rWsyPtolplG2TBFoOkkgyg' """ + event_type: str + """ + The event type. This provides information on the event name, such as + beforeSignIn or beforeCreate, and the associated sign-in method used, + like Google or email/password. + """ + ip_address: str """ The IP address of the device the end user is registering or signing in from. @@ -280,10 +294,21 @@ class AuthBlockingEvent: credential: Credential | None """An object containing information about the user's credential.""" + email_type: EmailType | None + """The type of email event.""" + + sms_type: SmsType | None + """The type of SMS event.""" + timestamp: _dt.datetime """ The time the event was triggered.""" + data: AuthUserRecord + """ + The UserRecord passed to auth blocking functions from the identity platform. + """ + RecaptchaActionOptions = _typing.Literal["ALLOW", "BLOCK"] """ diff --git a/src/firebase_functions/private/_identity_fn.py b/src/firebase_functions/private/_identity_fn.py index 2a8f516..f13d150 100644 --- a/src/firebase_functions/private/_identity_fn.py +++ b/src/firebase_functions/private/_identity_fn.py @@ -200,17 +200,21 @@ def _credential_from_token_data(token_data: dict[str, _typing.Any], ) -def _auth_blocking_event_from_token_data(token_data: dict[str, _typing.Any]): +def _auth_blocking_event_from_token_data(event_type: str, + token_data: dict[str, _typing.Any]): from firebase_functions.identity_fn import AuthBlockingEvent return AuthBlockingEvent( data=_auth_user_record_from_token_data(token_data["user_record"]), locale=token_data.get("locale"), + event_type=event_type, event_id=token_data["event_id"], ip_address=token_data["ip_address"], user_agent=token_data["user_agent"], timestamp=_dt.datetime.fromtimestamp(token_data["iat"]), additional_user_info=_additional_user_info_from_token_data(token_data), credential=_credential_from_token_data(token_data, _time.time()), + email_type=token_data.get("email_type"), + sms_type=token_data.get("sms_type"), ) @@ -351,7 +355,7 @@ def before_operation_handler( raise HttpsError(FunctionsErrorCode.INVALID_ARGUMENT, "Bad Request") jwt_token = request.json["data"]["jwt"] decoded_token = _token_verifier.verify_auth_blocking_token(jwt_token) - event = _auth_blocking_event_from_token_data(decoded_token) + event = _auth_blocking_event_from_token_data(event_type, decoded_token) auth_response: BeforeCreateResponse | BeforeSignInResponse | None = _with_init( func)(event) if not auth_response: