capawesome-team · robingenz · Feb 6, 2025 · Jan 27, 2025 · Jan 28, 2025 · Feb 3, 2025
diff --git a/.changeset/chilly-squids-hammer.md b/.changeset/chilly-squids-hammer.md
@@ -0,0 +1,5 @@
+---
+'@capacitor-firebase/app-check': minor
+---
+
+Adds support to use different web App Check providers
diff --git a/packages/app-check/README.md b/packages/app-check/README.md
@@ -207,11 +207,32 @@ Only available for Web.
 
 #### InitializeOptions
 
-| Prop                            | Type                 | Description                                                                                                                                                                                                                                                                                                                                     | Default            | Since |
-| ------------------------------- | -------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------ | ----- |
-| **`debug`**                     | <code>boolean</code> | If `true`, the debug provider is used. ⚠️ **Attention**: The debug provider allows access to your Firebase resources from unverified devices. Don't use the debug provider in production builds of your app, and don't share your debug builds with untrusted parties. Read more: https://firebase.google.com/docs/app-check/web/debug-provider | <code>false</code> | 1.3.0 |
-| **`isTokenAutoRefreshEnabled`** | <code>boolean</code> | If `true`, the SDK automatically refreshes App Check tokens as needed.                                                                                                                                                                                                                                                                          | <code>false</code> | 1.3.0 |
-| **`siteKey`**                   | <code>string</code>  | The reCAPTCHA v3 site key (public key). Only available for Web.                                                                                                                                                                                                                                                                                 |                    | 1.3.0 |
+| Prop                            | Type                                                                                    | Description                                                                                                                                                                                                                                                                                                                                     | Default                          | Since |
+| ------------------------------- | --------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------- | ----- |
+| **`debug`**                     | <code>boolean</code>                                                                    | If `true`, the debug provider is used. ⚠️ **Attention**: The debug provider allows access to your Firebase resources from unverified devices. Don't use the debug provider in production builds of your app, and don't share your debug builds with untrusted parties. Read more: https://firebase.google.com/docs/app-check/web/debug-provider | <code>false</code>               | 1.3.0 |
+| **`isTokenAutoRefreshEnabled`** | <code>boolean</code>                                                                    | If `true`, the SDK automatically refreshes App Check tokens as needed.                                                                                                                                                                                                                                                                          | <code>false</code>               | 1.3.0 |
+| **`provider`**                  | <code>'ReCaptchaV3Provider' \| 'ReCaptchaEnterpriseProvider' \| 'CustomProvider'</code> | Set used app check provider for Web. Only available for Web. Read more: https://firebase.google.com/docs/app-check/web/custom-provider                                                                                                                                                                                                          | <code>ReCaptchaV3Provider</code> | TBA   |
+| **`customProviderOptions`**     | <code><a href="#customprovideroptions">CustomProviderOptions</a></code>                 | Set custom app check provider options. Only available for Web. Read more: https://firebase.google.com/docs/app-check/web/custom-provider#implement-object                                                                                                                                                                                       | <code>undefined</code>           | TBA   |
+| **`siteKey`**                   | <code>string</code>                                                                     | The reCAPTCHA v3 or reCAPTCHA Enterprise site key (public key). Only available for Web.                                                                                                                                                                                                                                                         |                                  | 1.3.0 |
+
+
+#### CustomProviderOptions
+
+Options when creating a {@link CustomProvider}.
+
+| Prop           | Type                                                                            | Description                                                           |
+| -------------- | ------------------------------------------------------------------------------- | --------------------------------------------------------------------- |
+| **`getToken`** | <code>() =&gt; Promise&lt;<a href="#appchecktoken">AppCheckToken</a>&gt;</code> | Function to get an App Check token through a custom provider service. |
+
+
+#### AppCheckToken
+
+The token returned from an App Check provider.
+
+| Prop                   | Type                | Description                                            |
+| ---------------------- | ------------------- | ------------------------------------------------------ |
+| **`token`**            | <code>string</code> |                                                        |
+| **`expireTimeMillis`** | <code>number</code> | The local timestamp after which the token will expire. |
 
 
 #### InstanceFactoryOptions

diff --git a/packages/app-check/src/definitions.ts b/packages/app-check/src/definitions.ts
@@ -1,4 +1,5 @@
 import type { PluginListenerHandle } from '@capacitor/core';
+import type { CustomProviderOptions } from 'firebase/app-check';
 
 export interface FirebaseAppCheckPlugin {
   /**
@@ -101,7 +102,29 @@ export interface InitializeOptions {
    */
   isTokenAutoRefreshEnabled?: boolean;
   /**
-   * The reCAPTCHA v3 site key (public key).
+   * Set used app check provider for Web.
+   * 
+   * Only available for Web.
+   *
+   * Read more: https://firebase.google.com/docs/app-check/web/custom-provider
+   * 
+   * @since TBA
+   * @default ReCaptchaV3Provider
+   */
+  provider?: 'ReCaptchaV3Provider' | 'ReCaptchaEnterpriseProvider' | 'CustomProvider';
+  /**
+   * Set custom app check provider options.
+   * 
+   * Only available for Web.
+   *
+   * Read more: https://firebase.google.com/docs/app-check/web/custom-provider#implement-object
+   * 
+   * @since TBA
+   * @default undefined
+   */
+  customProviderOptions?: CustomProviderOptions;
+  /**
+   * The reCAPTCHA v3 or reCAPTCHA Enterprise site key (public key).
    *
    * Only available for Web.
    *

diff --git a/packages/app-check/src/web.ts b/packages/app-check/src/web.ts
@@ -2,14 +2,15 @@ import { WebPlugin } from '@capacitor/core';
 import { getApp } from 'firebase/app';
 import type {
   AppCheck,
+  AppCheckOptions,
   AppCheckTokenResult,
+  CustomProvider as CustomProviderType,
   Unsubscribe,
 } from 'firebase/app-check';
 import {
   getToken,
   initializeAppCheck,
   onTokenChanged,
-  ReCaptchaV3Provider,
   setTokenAutoRefreshEnabled,
 } from 'firebase/app-check';
 
@@ -28,6 +29,10 @@ declare global {
   }
 }
 
+const isCustomProvider = (_providerClass: unknown, _providerOption: InitializeOptions['provider']): _providerClass is typeof CustomProviderType => {
+  return !!_providerClass && _providerOption === 'CustomProvider';
+}
+
 export class FirebaseAppCheckWeb
   extends WebPlugin
   implements FirebaseAppCheckPlugin
@@ -36,6 +41,9 @@ export class FirebaseAppCheckWeb
   public static readonly errorNotInitialized =
     'AppCheck has not been initialized.';
   public static readonly errorSiteKeyMissing = 'siteKey must be provided.';
+  public static readonly errorProviderMissing = 'AppCheck Provider missing.';
+  public static readonly errorCustomProviderOptionsMissing =
+    'customProviderOptions must be provided when using CustomProvider option.';
 
   private _appCheckInstance: AppCheck | undefined;
   get appCheckInstance(): AppCheck | undefined {
@@ -51,6 +59,25 @@ export class FirebaseAppCheckWeb
   }
   private onTokenChangedListenerUnsubscribe: Unsubscribe | undefined;
 
+  private async getProvider(providerName: InitializeOptions['provider'] = 'ReCaptchaV3Provider') {
+    switch (providerName) {
+      case 'ReCaptchaV3Provider': {
+        const { ReCaptchaV3Provider } = await import('firebase/app-check');
+        return ReCaptchaV3Provider;
+      }
+      case 'ReCaptchaEnterpriseProvider': {
+        const { ReCaptchaEnterpriseProvider } = await import('firebase/app-check');
+        return ReCaptchaEnterpriseProvider;
+      }
+      case 'CustomProvider': {
+        const { CustomProvider } = await import('firebase/app-check');
+        return CustomProvider;
+      }
+      default:
+        throw new Error(FirebaseAppCheckWeb.errorProviderMissing);
+    }
+  }
+
   public async getToken(options?: GetTokenOptions): Promise<GetTokenResult> {
     if (!this.appCheckInstance) {
       throw new Error(FirebaseAppCheckWeb.errorNotInitialized);
@@ -62,15 +89,31 @@ export class FirebaseAppCheckWeb
   }
 
   public async initialize(options?: InitializeOptions): Promise<void> {
-    if (!options?.siteKey) {
-      throw new Error(FirebaseAppCheckWeb.errorSiteKeyMissing);
-    }
-    if (options.debug) {
+    if (options?.debug) {
       self.FIREBASE_APPCHECK_DEBUG_TOKEN = true;
     }
+    const ProviderClass = await this.getProvider(options?.provider);
+    if (!ProviderClass) {
+      throw new Error(FirebaseAppCheckWeb.errorProviderMissing);
+    }
+    let provider: AppCheckOptions['provider'];
+    if (isCustomProvider(ProviderClass, options?.provider)) {
+      if (
+        !options?.customProviderOptions ||
+        typeof options?.customProviderOptions.getToken !== 'function'
+      ) {
+        throw new Error(FirebaseAppCheckWeb.errorCustomProviderOptionsMissing);
+      }
+      provider = new ProviderClass(options.customProviderOptions);
+    } else {
+      if (!options?.siteKey) {
+        throw new Error(FirebaseAppCheckWeb.errorSiteKeyMissing);
+      }
+      provider = new ProviderClass(options.siteKey);
+    }
     const app = getApp();
     this.appCheckInstance = initializeAppCheck(app, {
-      provider: new ReCaptchaV3Provider(options.siteKey),
+      provider,
       isTokenAutoRefreshEnabled: options.isTokenAutoRefreshEnabled,
     });
   }