Giters

firebase / firebase-admin-go

Firebase Admin Go SDK

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

FR: add sign_in_second_factor claim to FirebaseInfo

cainelli opened this issue · comments

commented

Environment

  • Firebase SDK version: v4.13.0
  • Firebase Product: auth

Describe the problem

I would like to have access to sign_in_second_factor to perform extra authorization based on this claim. It would be much cleaner if given by the SDK already instead of the workaround I'm using:

type FirebaseInfo struct {
	auth.FirebaseInfo
	SignInSecondFactor string `json:"sign_in_second_factor,omitempty"`
}

func verifyMFA(claims map[string]any) error {
	b, err := json.Marshal(claims["firebase"])
	if err != nil {
		return fmt.Errorf("could not marshal firebase info: %w", err)
	}
	var firebaseInfo FirebaseInfo
	if err := json.Unmarshal(b, &firebaseInfo); err != nil {
		return fmt.Errorf("could not unmarshal firebase info: %w", err)
	}
	if firebaseInfo.SignInSecondFactor == "" {
		return fmt.Errorf("2FA enforced but not enrolled")
	}
        return nil
}