Unofficial Capacitor plugin for Firebase App Check.1
npm install @capacitor-firebase/app-check firebase
npx cap sync
Add Firebase to your project if you haven't already (Android / iOS / Web).
See Set up your Firebase project and follow the instructions to set up your app correctly.
This plugin will use the following project variables (defined in your app’s variables.gradle
file):
$firebaseAppCheckPlayIntegrityVersion
version ofcom.google.firebase:firebase-appcheck-playintegrity
(default:17.0.1
)$firebaseAppCheckDebugVersion
version ofcom.google.firebase:firebase-appcheck-debug
(default:17.0.1
)
On iOS 14 and later, see Set up your Firebase project and follow the instructions to set up your app correctly.
On iOS 13, see Set up your Firebase project and follow the instructions to set up your app correctly.
Make sure that the private key (*.p8) you upload to Firebase has DeviceCheck
selected as a service.
See Set up your Firebase project and follow the instructions to set up your app correctly.
No configuration required for this plugin.
Here you can find information on how to use the plugin with the Firebase JS SDK.
A working example can be found here: robingenz/capacitor-firebase-plugin-demo
import { FirebaseAppCheck } from '@capacitor-firebase/app-check';
const getToken = async () => {
const { token } = FirebaseAppCheck.getToken({
forceRefresh: false,
});
return token;
};
const initialize = async () => {
await FirebaseAppCheck.initialize({
siteKey: 'myKey',
});
};
const setTokenAutoRefreshEnabled = async () => {
await FirebaseAppCheck.setTokenAutoRefreshEnabled({ enabled: true });
};
const addTokenChangedListener = async () => {
await FirebaseAppCheck.addListener('tokenChanged', event => {
console.log('tokenChanged', { event });
});
};
const removeAllListeners = async () => {
await FirebaseAppCheck.removeAllListeners();
};
getToken(...)
initialize(...)
setTokenAutoRefreshEnabled(...)
addListener('tokenChanged', ...)
removeAllListeners()
- Interfaces
- Type Aliases
getToken(options?: GetTokenOptions | undefined) => Promise<GetTokenResult>
Get the current App Check token.
Param | Type |
---|---|
options |
GetTokenOptions |
Returns: Promise<GetTokenResult>
Since: 1.3.0
initialize(options?: InitializeOptions | undefined) => Promise<void>
Activate App Check for the given app. Can be called only once per app.
Param | Type |
---|---|
options |
InitializeOptions |
Since: 1.3.0
setTokenAutoRefreshEnabled(options: SetTokenAutoRefreshEnabledOptions) => Promise<void>
Set whether the App Check token should be refreshed automatically or not.
Param | Type |
---|---|
options |
SetTokenAutoRefreshEnabledOptions |
Since: 1.3.0
addListener(eventName: 'tokenChanged', listenerFunc: TokenChangedListener) => Promise<PluginListenerHandle>
Called when the App Check token changed.
Only available for Web.
Param | Type |
---|---|
eventName |
'tokenChanged' |
listenerFunc |
TokenChangedListener |
Returns: Promise<PluginListenerHandle>
Since: 1.3.0
removeAllListeners() => Promise<void>
Remove all listeners for this plugin.
Only available for Web.
Since: 1.3.0
Prop | Type | Description | Since |
---|---|---|---|
token |
string |
The App Check token in JWT format. | 1.3.0 |
expireTimeMillis |
number |
The timestamp after which the token will expire in milliseconds since epoch. Only available for Android and iOS. | 1.3.0 |
Prop | Type | Description | Default | Since |
---|---|---|---|---|
forceRefresh |
boolean |
If true , will always try to fetch a fresh token. If false , will use a cached token if found in storage. |
false |
1.3.0 |
Prop | Type | Description | Default | Since |
---|---|---|---|---|
debug |
boolean |
If true , the debug provider is used. |
false |
1.3.0 |
isTokenAutoRefreshEnabled |
boolean |
If true , the SDK automatically refreshes App Check tokens as needed. |
false |
1.3.0 |
siteKey |
string |
The reCAPTCHA v3 site key (public key). Only available for Web. | 1.3.0 |
Prop | Type |
---|---|
instanceIdentifier |
string |
options |
{} |
Prop | Type | Description | Since |
---|---|---|---|
enabled |
boolean |
If true , the SDK automatically refreshes App Check tokens as needed. This overrides any value set during initializeAppCheck(). |
1.3.0 |
Prop | Type |
---|---|
remove |
() => Promise<void> |
Prop | Type | Description | Since |
---|---|---|---|
token |
string |
The App Check token in JWT format. | 1.3.0 |
Callback to receive the token change event.
(event: TokenChangedEvent): void
Follow these steps to test your implementation on a real device:
- Start your app on the Android device.
- Run the following command to grab your temporary secret from the android logs:
adb logcat | grep DebugAppCheckProvider
The output should look like this:
D DebugAppCheckProvider: Enter this debug secret into the allow list in
the Firebase Console for your project: XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX
- Next, open the App Check project in the Firebase Console and select Manage debug tokens from the overflow menu of your app. Then, register the debug secret from the output.
See CHANGELOG.md.
See LICENSE.
Footnotes
-
This project is not affiliated with, endorsed by, sponsored by, or approved by Google LLC or any of their affiliates or subsidiaries. ↩