fix for latest openid_client

Author: rbellens

lib/src/app/app_extension.dart

@@ -1,5 +1,3 @@
-
-
 import 'dart:io';
 
 import 'package:firebase_admin/src/auth/credential.dart';
@@ -8,26 +6,30 @@ import '../../firebase_admin.dart';
 import '../credential.dart';
 
 extension GetProjectIdExtension on App {
-  String? get projectId => _getProjectId(this);
+  String get projectId => _getProjectId(this);
 }
 
-String? _getProjectId(App app) {
+String _getProjectId(App app) {
   final options = app.options;
   if (options.projectId != null && options.projectId!.isNotEmpty) {
-    return options.projectId;
+    return options.projectId!;
   }
 
   final cert = _tryGetCertificate(options.credential);
   if (cert != null && cert.projectId != null && cert.projectId!.isNotEmpty) {
-    return cert.projectId;
+    return cert.projectId!;
   }
 
   final projectId = Platform.environment['GOOGLE_CLOUD_PROJECT'] ??
       Platform.environment['GCLOUD_PROJECT'];
   if (projectId != null && projectId.isNotEmpty) {
     return projectId;
   }
-  return null;
+
+  throw FirebaseAuthError.invalidCredential(
+    'Must initialize app with a cert credential or set your Firebase project ID as the '
+    'GOOGLE_CLOUD_PROJECT environment variable.',
+  );
 }
 
 Certificate? _tryGetCertificate(Credential credential) {

lib/src/auth/credential.dart

@@ -78,11 +78,29 @@ class ServiceAccountCredential extends _OpenIdCredential
   @override
   final Certificate certificate;
 
-  ServiceAccountCredential(serviceAccountPathOrObject)
-      : certificate = serviceAccountPathOrObject is String
-            ? Certificate.fromPath(serviceAccountPathOrObject)
-            : Certificate.fromJson(serviceAccountPathOrObject),
-        super(null, null); // TODO two distinct constructors
+  ServiceAccountCredential.fromJson(Map<String, dynamic> json)
+      : certificate = Certificate.fromJson(json),
+        super(json['client_id']!, null);
+
+  factory ServiceAccountCredential(serviceAccountPathOrObject) {
+    {
+      if (serviceAccountPathOrObject is Map) {
+        return ServiceAccountCredential.fromJson(
+            serviceAccountPathOrObject.cast());
+      }
+      try {
+        return ServiceAccountCredential.fromJson(
+            json.decode(File(serviceAccountPathOrObject).readAsStringSync()));
+      } on FirebaseException {
+        rethrow;
+      } catch (error) {
+        // Throw a nicely formed error message if the file contents cannot be parsed
+        throw FirebaseAppError.invalidCredential(
+          'Failed to parse certificate key file: $error',
+        );
+      }
+    }
+  }
 
   String _createAuthJwt() {
     final claims = {
@@ -114,7 +132,7 @@ class ServiceAccountCredential extends _OpenIdCredential
 }
 
 abstract class _OpenIdCredential implements Credential {
-  final String? clientId;
+  final String clientId;
   final String? clientSecret;
 
   _OpenIdCredential(this.clientId, this.clientSecret);

lib/src/auth/token_verifier.dart

@@ -10,22 +10,14 @@ import '../utils/validator.dart' as validator;
 /// This verifies ID tokens and session cookies.
 class FirebaseTokenVerifier {
   final App app;
-  final String? projectId;
+  final String projectId;
 
-  final String _verifyApiName = 'verifyIdToken()';
   final String _jwtName = 'ID token';
 
   static FirebaseTokenVerifier Function(App app) factory =
       (app) => FirebaseTokenVerifier(app);
 
-  FirebaseTokenVerifier(this.app) : projectId = app.projectId {
-    if (projectId == null) {
-      throw FirebaseAuthError.invalidCredential(
-        'Must initialize app with a cert credential or set your Firebase project ID as the '
-        'GOOGLE_CLOUD_PROJECT environment variable to call $_verifyApiName.',
-      );
-    }
-  }
+  FirebaseTokenVerifier(this.app) : projectId = app.projectId;
 
   /// Verifies the format and signature of a Firebase Auth JWT token.
   Future<IdToken> verifyJwt(String jwtToken) async {
@@ -48,7 +40,7 @@ class FirebaseTokenVerifier {
 
   @visibleForTesting
   Future<Client> getOpenIdClient() async {
-    var issuer = await Issuer.discover(Issuer.firebase(projectId!));
+    var issuer = await Issuer.discover(Issuer.firebase(projectId));
     return Client(issuer, projectId);
   }
 }

lib/src/storage.dart

@@ -1,5 +1,3 @@
-
-
 import 'package:firebase_admin/firebase_admin.dart';
 import 'package:firebase_admin/src/utils/api_request.dart';
 import 'package:gcloud/storage.dart' as gcloud;
@@ -17,7 +15,7 @@ class Storage implements FirebaseService {
 
   Storage(this.app)
       : storageClient = gcloud.Storage(
-            AuthorizedHttpClient(app, Duration(seconds: 25)), app.projectId!);
+            AuthorizedHttpClient(app, Duration(seconds: 25)), app.projectId);
 
   @override
   Future<void> delete() async {}

lib/src/testing.dart

@@ -24,7 +24,7 @@ class ServiceAccountMockCredential extends ServiceAccountCredential
     });
   };
   ServiceAccountMockCredential()
-      : super({
+      : super.fromJson({
           'type': 'service_account',
           'project_id': 'project_id',
           'private_key_id': 'aaaaaaaaaabbbbbbbbbbccccccccccdddddddddd',

pubspec.yaml

@@ -11,7 +11,7 @@ dependencies:
   x509: ^0.2.2
   jose: ^0.3.2
   dotenv: ^3.0.0
-  openid_client: ^0.4.1
+  openid_client: ^0.4.3
   firebase_dart: ^1.0.0-dev.45
   path: ^1.8.0
   meta: ^1.4.0