feat(auth): Recognize `FIREBASE_AUTH_EMULATOR_HOST` environment variable

[maku693]

If FIREBASE_AUTH_EMULATOR_HOST is set, auth API request will be sent to the host according to the environment variable.

Discussion

409

Reflecting the comment on the issue, the behavior of signers and token verifiers are unchanged.

Now the signer is replaced to emulatedSigner, and token verifiers panic when the environment variable is set. https://github.com/firebase/firebase-admin-go/pull/414#issuecomment-754931543 https://github.com/firebase/firebase-admin-go/pull/414#issuecomment-758166352

RELEASE NOTE: The Admin SDK now supports the Firebase emulator. Developers can configure the SDK to run against the emulator by setting the FIREBASE_AUTH_EMULATOR_HOST environment variable.

[samtstern]

@maky693 thank you for the contribution! General approach LGTM but assigning to @hiranya911 for Go / Admin SDK review.

[dgpc]

@hiranya911 - as a user waiting for this feature, my 2c worth is that although token verification emulation is necessary for complete end-to-end testing, making it possible to talk to the emulator at all in this manner is still useful to release as-is, since it unblocks testing of a variety of workflows

[Michaelhobo]

@hiranya911 - as a user waiting for this feature, my 2c worth is that although token verification emulation is necessary for complete end-to-end testing, making it possible to talk to the emulator at all in this manner is still useful to release as-is, since it unblocks testing of a variety of workflows

Agreed, this would be a huge win for me.

[yuchenshi]

I'd propose a middle ground where we release a version first, where everything works but token verification panics with "not implemented" for now when the env var is set. This should ensure that SDK don't call production APIs in emulator mode and also minimize any confusion caused by the SDK verifying signatures using production public keys. (This idea can also apply to the Python SDK, using thrown exceptions instead of panics.)

[samtstern]

@yuchenshi I like that idea! SGTM

[hiranya911]

Yeah, I like that too. Any chance we can get this PR updated to incorporate that change?

[maku693]

Thank you for review! I'll update this PR this weekend.

[maku693]

@yuchenshi Is the point of the change to prevent calling production APIs in emulator mode? If so, not just the token verifier but also the signer and the tenant manager should panic at API calls, correct?

[yuchenshi]

For createCustomToken etc., when FIREBASE_AUTH_EMULATOR_HOST is set, the SDK should create unsigned tokens (i.e. the signature part being an empty string), which are in turn accepted by the Auth Emulator. In other words, signer should be short-circuited and there should not be any outgoing network call at all (no signBlob etc.).

Auth Emulator doesn't support multi-tenancy (at least for now) and I'm indifferent whether the SDK should panic or forward them to the Auth Emulator which rejects such requests. I'm fine as long as they won't reach production.

[maku693]

Ah, I understand. I'll update not to sign tokens.