1+ import sys
2+ sys .path .append ("lib" )
3+
4+ # [START import_sdk]
5+ import firebase_admin
6+ # [END import_sdk]
7+ from firebase_admin import credentials
8+ from firebase_admin import auth
9+
10+ def initialize_sdk_with_service_account ():
11+ # [START initialize_sdk_with_service_account]
12+ import firebase_admin
13+ from firebase_admin import credentials
14+
15+ cred = credentials .Certificate ('path/to/serviceAccountKey.json' )
16+ default_app = firebase_admin .initialize_app (cred )
17+ # [END initialize_sdk_with_service_account]
18+ firebase_admin .delete_app (default_app )
19+
20+ def initialize_sdk_with_application_default ():
21+ # [START initialize_sdk_with_application_default]
22+ default_app = firebase_admin .initialize_app ()
23+ # [END initialize_sdk_with_application_default]
24+ firebase_admin .delete_app (default_app )
25+
26+ def initialize_sdk_with_refresh_token ():
27+ # [START initialize_sdk_with_refresh_token]
28+ cred = credentials .RefreshToken ('path/to/refreshToken.json' )
29+ default_app = firebase_admin .initialize_app (cred )
30+ # [END initialize_sdk_with_refresh_token]
31+ firebase_admin .delete_app (default_app )
32+
33+ def access_services_default ():
34+ cred = credentials .Certificate ('path/to/service.json' )
35+ # [START access_services_default]
36+ # Import the Firebase service
37+ from firebase_admin import auth
38+
39+ # Initialize the default app
40+ default_app = firebase_admin .initialize_app (cred )
41+ print (default_app .name ); # "[DEFAULT]"
42+
43+ # Retrieve services via the auth package...
44+ # auth.create_custom_token(...)
45+ # [END access_services_default]
46+ firebase_admin .delete_app (default_app )
47+
48+ def access_services_nondefault ():
49+ cred = credentials .Certificate ('path/to/service.json' )
50+ otherCred = credentials .Certificate ('path/to/service.json' )
51+
52+ # [START access_services_nondefault]
53+ # Initialize the default app
54+ default_app = firebase_admin .initialize_app (cred )
55+
56+ # Initialize another app with a different config
57+ other_app = firebase_admin .initialize_app (cred , name = 'other' )
58+
59+ print (default_app .name ); # "[DEFAULT]"
60+ print (other_app .name ); # "other"
61+
62+ # Retrieve default services via the auth package...
63+ # auth.create_custom_token(...)
64+
65+ # Use the `app` argument to retrieve the other app's services
66+ # auth.create_custom_token(..., app=other_app)
67+ # [END access_services_nondefault]
68+ firebase_admin .delete_app (default_app )
69+ firebase_admin .delete_app (other_app )
70+
71+ def create_token_uid ():
72+ cred = credentials .Certificate ('path/to/service.json' )
73+ default_app = firebase_admin .initialize_app (cred )
74+ # [START create_token_uid]
75+ uid = 'some-uid'
76+
77+ custom_token = auth .create_custom_token (uid )
78+ # [END create_token_uid]
79+ firebase_admin .delete_app (default_app )
80+ return custom_token
81+
82+ def create_token_with_claims ():
83+ cred = credentials .Certificate ('path/to/service.json' )
84+ default_app = firebase_admin .initialize_app (cred )
85+ # [START create_token_with_claims]
86+ uid = 'some-uid'
87+ additional_claims = {
88+ 'premiumAccount' : True
89+ }
90+
91+ custom_token = auth .create_custom_token (uid , additional_claims )
92+ # [END create_token_with_claims]
93+ firebase_admin .delete_app (default_app )
94+ return custom_token
95+
96+ def verify_token_uid (id_token ):
97+ cred = credentials .Certificate ('path/to/service.json' )
98+ default_app = firebase_admin .initialize_app (cred )
99+ # [START verify_token_uid]
100+ # id_token comes from the client app (shown above)
101+
102+ decoded_token = auth .verify_id_token (id_token )
103+ uid = decoded_token ['uid' ]
104+ # [END verify_token_uid]
105+ print (uid )
106+ firebase_admin .delete_app (default_app )
107+
108+ def verify_token_uid_check_revoke (id_token ):
109+ cred = credentials .Certificate ('path/to/service.json' )
110+ default_app = firebase_admin .initialize_app (cred )
111+ # [START verify_token_id_check_revoked]
112+ try :
113+ # Verify the ID token while checking if the token is revoked by
114+ # passing check_revoked=True.
115+ decoded_token = auth .verify_id_token (id_token , check_revoked = True )
116+ # Token is valid and not revoked.
117+ uid = decoded_token ['uid' ]
118+ except auth .AuthError as exc :
119+ if exc .code == 'ID_TOKEN_REVOKED' :
120+ # Token revoked, inform the user to reauthenticate or signOut().
121+ pass
122+ else :
123+ # Token is invalid
124+ pass
125+ # [END verify_token_id_check_revoked]
126+ firebase_admin .delete_app (default_app )
127+ return uid
128+
129+ def revoke_refresh_token_uid (id_token ):
130+ cred = credentials .Certificate ('path/to/service.json' )
131+ default_app = firebase_admin .initialize_app (cred )
132+ # [START revoke_tokens]
133+ # Revoke tokens on the backend.
134+ auth .revoke_refresh_tokens (uid )
135+ user = auth .get_user (uid )
136+ # Convert to seconds as the auth_time in the token claims is in seconds.
137+ revocation_second = user .tokens_valid_after_timestamp / 1000
138+ print 'Tokens revoked at: {0}' .format (revocation_second )
139+ # [END revoke_tokens]
140+ # [START save_revocation_in_db]
141+ metadata_ref = firebase_admin .db .reference ("metadata/" + uid )
142+ metadata_ref .set ({'revokeTime' : revocation_second })
143+ # [END save_revocation_in_db]
144+ print (uid )
145+ firebase_admin .delete_app (default_app )
146+
147+ def get_user (uid ):
148+ # [START get_user]
149+ from firebase_admin import auth
150+
151+ user = auth .get_user (uid )
152+ print 'Successfully fetched user data: {0}' .format (user .uid )
153+ # [END get_user]
154+
155+ def get_user_by_email ():
156+ email = 'user@example.com'
157+ # [START get_user_by_email]
158+ from firebase_admin import auth
159+
160+ user = auth .get_user_by_email (email )
161+ print 'Successfully fetched user data: {0}' .format (user .uid )
162+ # [END get_user_by_email]
163+
164+ def get_user_by_phone_number ():
165+ phone = '+1 555 555 0100'
166+ # [START get_user_by_phone]
167+ from firebase_admin import auth
168+
169+ user = auth .get_user_by_phone_number (phone )
170+ print 'Successfully fetched user data: {0}' .format (user .uid )
171+ # [END get_user_by_phone]
172+
173+ def create_user ():
174+ # [START create_user]
175+ user = auth .create_user (
176+ email = 'user@example.com' ,
177+ email_verified = False ,
178+ phone_number = '+15555550100' ,
179+ password = 'secretPassword' ,
180+ display_name = 'John Doe' ,
181+ photo_url = 'http://www.example.com/12345678/photo.png' ,
182+ disabled = False )
183+ print 'Sucessfully created new user: {0}' .format (user .uid )
184+ # [END create_user]
185+ return user .uid
186+
187+ def create_user_with_id ():
188+ # [START create_user_with_id]
189+ user = auth .create_user (
190+ uid = 'some-uid' , email = 'user@example.com' , phone_number = '+15555550100' )
191+ print 'Sucessfully created new user: {0}' .format (user .uid )
192+ # [END create_user_with_id]
193+
194+ def update_user (uid ):
195+ # [START update_user]
196+ user = auth .update_user (
197+ uid ,
198+ email = 'user@example.com' ,
199+ phone_number = '+15555550100' ,
200+ email_verified = True ,
201+ password = 'newPassword' ,
202+ display_name = 'John Doe' ,
203+ photo_url = 'http://www.example.com/12345678/photo.png' ,
204+ disabled = True )
205+ print 'Sucessfully updated user: {0}' .format (user .uid )
206+ # [END update_user]
207+
208+ def delete_user (uid ):
209+ # [START delete_user]
210+ auth .delete_user (uid )
211+ print 'Successfully deleted user'
212+ # [END delete_user]
213+
214+ def set_custom_user_claims (uid ):
215+ # [START set_custom_user_claims]
216+ # Set admin privilege on the user corresponding to uid.
217+ auth .set_custom_user_claims (uid , {'admin' : True })
218+ # The new custom claims will propagate to the user's ID token the
219+ # next time a new one is issued.
220+ # [END set_custom_user_claims]
221+
222+ id_token = 'id_token'
223+ # [START verify_custom_claims]
224+ # Verify the ID token first.
225+ claims = auth .verify_id_token (id_token )
226+ if claims ['admin' ] is True :
227+ # Allow access to requested admin resource.
228+ pass
229+ # [END verify_custom_claims]
230+
231+ # [START read_custom_user_claims]
232+ # Lookup the user associated with the specified uid.
233+ user = auth .get_user (uid )
234+ # The claims can be accessed on the user record.
235+ print user .custom_claims .get ('admin' )
236+ # [END read_custom_user_claims]
237+
238+ def set_custom_user_claims_script ():
239+ # [START set_custom_user_claims_script]
240+ user = auth .get_user_by_email ('user@admin.example.com' )
241+ # Confirm user is verified
242+ if user .email_verified :
243+ # Add custom claims for additional privileges.
244+ # This will be picked up by the user on token refresh or next sign in on new device.
245+ auth .set_custom_user_claims (user .uid , {
246+ 'admin' : True
247+ })
248+ # [END set_custom_user_claims_script]
249+
250+ def set_custom_user_claims_incremental ():
251+ # [START set_custom_user_claims_incremental]
252+ user = auth .get_user_by_email ('user@admin.example.com' )
253+ # Add incremental custom claim without overwriting existing claims.
254+ current_custom_claims = user .custom_claims
255+ if current_custom_claims .get ('admin' ):
256+ # Add level.
257+ current_custom_claims ['accessLevel' ] = 10
258+ # Add custom claims for additional privileges.
259+ auth .set_custom_user_claims (user .uid , current_custom_claims )
260+ # [END set_custom_user_claims_incremental]
261+
262+ def list_all_users ():
263+ # [START list_all_users]
264+ # Start listing users from the beginning, 1000 at a time.
265+ page = auth .list_users ()
266+ while page :
267+ for user in page .users :
268+ print 'User: ' + user .uid
269+ # Get next batch of users.
270+ page = page .get_next_page ()
271+
272+ # Iterate through all users. This will still retrieve users in batches,
273+ # buffering no more than 1000 users in memory at a time.
274+ for user in auth .list_users ().iterate_all ():
275+ print 'User: ' + user .uid
276+ # [END list_all_users]
277+
278+ initialize_sdk_with_service_account ()
279+ initialize_sdk_with_application_default ()
280+ #initialize_sdk_with_refresh_token()
281+ access_services_default ()
282+ access_services_nondefault ()
283+ create_token_uid ()
284+ token_with_claims = create_token_with_claims ()
285+ #verify_token_uid()
286+
287+ uid = create_user ()
288+ create_user_with_id ()
289+ get_user (uid )
290+ get_user_by_email ()
291+ get_user_by_phone_number ()
292+ update_user (uid )
293+ set_custom_user_claims (uid )
294+ list_all_users ()
295+ delete_user (uid )
0 commit comments