fix(rtdb): Apply fake credentials when getting rules for rtdb emulator

[amalej]

Hey there! So you want to contribute to a Firebase SDK?
Before you file this pull request, please read these guidelines:

Discussion

• Read the contribution guidelines (CONTRIBUTING.md).
• If this has been discussed in an issue, make sure to link to the issue here.
  If not, go file an issue about this before creating a pull request to discuss.

Testing

• Make sure all existing tests in the repository pass after your change.
• If you fixed a bug or added a feature, add a new test to cover your code.

API Changes

• At this time we cannot accept changes that affect the public API. If you'd like to help
  us make Firebase APIs better, please propose your change in an issue so that we
  can discuss it together.

---

Fixes #2034

Running the ff code:

import { initializeApp, cert } from "firebase-admin/app";
import { getDatabase } from "firebase-admin/database";

process.env.FIREBASE_DATABASE_EMULATOR_HOST = "127.0.0.1:9000";

const admin = initializeApp({
  projectId: "demo-project",
  databaseURL: "http://127.0.0.1:9000/?ns=demo-project-default-rtdb",
});
const rtdb = getDatabase(admin);

async function main() {
  const rules = await rtdb.getRules();
  console.log(rules);
}

main();

Outputs

>node .
{
  "rules": {
    ".read": true, // Message from rules json
    ".write": false
  }
}

[gemini-code-assist]

Summary of Changes

Hello @amalej, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request resolves an issue where fetching Realtime Database rules (rtdb.getRules()) would fail when connected to the Firebase emulator due to missing authentication. It introduces a specialized HTTP client that automatically provides a fake 'owner' token when an emulator host is detected, enabling seamless rule retrieval in local development environments.

Highlights

• Emulator Compatibility: The DatabaseRulesClient now correctly interacts with the Realtime Database emulator by applying a fake 'owner' credential when the FIREBASE_DATABASE_EMULATOR_HOST environment variable is detected.
• New HTTP Client for Rules: A new DatabaseRulesHttpClient class has been introduced, extending AuthorizedHttpClient, to specifically handle the authentication logic for fetching database rules, especially in emulator environments.
• Conditional Token Provisioning: The getToken() method in DatabaseRulesHttpClient is overridden to conditionally return a hardcoded 'owner' token when running against an emulator, bypassing the need for actual credentials in development.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request addresses an issue with getting Realtime Database rules when using the emulator. The fix involves creating a new DatabaseRulesHttpClient which provides a hardcoded 'owner' token when the database emulator is detected. The changes are logical and well-targeted. My review includes a suggestion to encapsulate the magic string 'owner' as a constant within the new class to improve code clarity and maintainability.

[gemini-code-assist]

To improve readability and maintainability, it's a good practice to avoid magic strings. Consider defining 'owner' as a private static constant within the class.

class DatabaseRulesHttpClient extends AuthorizedHttpClient {
  private static readonly EMULATOR_AUTH_TOKEN = 'owner';

  protected getToken(): Promise<string> {
    const emulatorHost = process.env.FIREBASE_DATABASE_EMULATOR_HOST;
    if (emulatorHost) {
      return Promise.resolve(DatabaseRulesHttpClient.EMULATOR_AUTH_TOKEN);
    }
    return super.getToken();
  }
}