Firestore Emulator Security Rule `request.auth` is always null even after authed

[canatella]

Please fill in the following fields:

Pre-built SDK from the website or open-source from this repo: prebuild
Firebase C++ SDK version: 6.14.0
Firebase plugins in use (Auth, Database, etc.): auth, firestore
Additional SDKs you are using (Facebook, AdMob, etc.): n/a
Platform you are using the C++ SDK on (Mac, Windows, or Linux): Mac
Platform you are targeting (iOS, Android, and/or desktop): all

Please describe the issue here:

I'm experiencing the same behaviour as described there: firebase/firebase-ios-sdk#5072. I updated the iOS sdk to 6.24.0 and it is working on iOS now but the exact same code running on Mac:

DEBUG: WriteStream (613000031ca0) Stream error: 'Permission denied: 
Null value error. for 'create' @ L67'

Which maps to

66:            allow write: if
67:               request.auth.uid != null && request.auth.uid == id

in my rules.js.

As it seems this is due to the way grpc is used, could it be possible that we have the same issue on desktop ?

Please answer the following, if applicable:

Have you been able to reproduce this issue with just the [Firebase C++ quickstarts]
Yes, reproduceable 100%:

Initialize Firebase Firestore.
Attempt to initialize Firebase Firestore.
Successfully initialized Firebase Firestore.
Successfully set Firestore settings.
Testing non-wrapping types.
Tested non-wrapping types.
Testing collections.
Tested collections.
Testing documents.
Testing Set().
WARNING: Write at foo/bar failed:
Null value error. for 'create' @ L5
ERROR: document.Set returned an invalid result.
ERROR: failed to write document.
Testing Update().
WARNING: Write at foo/bar failed:
Null value error. for 'update' @ L5
ERROR: document.Update returned an invalid result.
ERROR: failed to write document.
Testing Get().
WARNING: Listen for query at foo/bar failed:
Null value error. for 'get' @ L5
ERROR: document.Get returned an invalid result.
Testing Delete().
WARNING: Write at foo/bar failed:
Null value error. for 'delete' @ L5

From the emulator log:

[info] ✔  firestore: firestore emulator started at http://0.0.0.0:26235
[info] i  firestore: For testing set FIRESTORE_EMULATOR_HOST=0.0.0.0:26235
[info] ✔  emulators: All emulators started, it is now safe to connect.

[debug] [2020-05-14T12:15:23.149Z] May 14, 2020 2:15:23 PM io.gapi.emulators.netty.HttpVersionRoutingHandler channelRead
INFO: Detected HTTP/2 connection.

[debug] [2020-05-14T12:15:23.837Z] May 14, 2020 2:15:23 PM com.google.cloud.datastore.emulator.impl.util.WrappedStreamObserver onError
INFO: operation failed:
Null value error. for 'create' @ L5

[debug] [2020-05-14T12:15:28.288Z] May 14, 2020 2:15:28 PM com.google.cloud.datastore.emulator.impl.util.WrappedStreamObserver onError
INFO: operation failed:
Null value error. for 'update' @ L5

[debug] [2020-05-14T12:15:38.513Z] May 14, 2020 2:15:38 PM com.google.cloud.datastore.emulator.impl.util.WrappedStreamObserver onError
INFO: operation failed:
Null value error. for 'delete' @ L5

[debug] [2020-05-14T12:15:43.652Z] May 14, 2020 2:15:43 PM com.google.cloud.datastore.emulator.impl.util.WrappedStreamObserver onError
INFO: operation failed:
Null value error. for 'create' @ L5

[debug] [2020-05-14T12:15:48.741Z] May 14, 2020 2:15:48 PM com.google.cloud.datastore.emulator.impl.util.WrappedStreamObserver onError
INFO: operation failed:
Null value error. for 'delete' @ L5

The rules.js

rules_version = '2';
service cloud.firestore {
  match /databases/{database}/documents {
    match /{document=**} {
      allow read, write: if request.auth.uid != null;
    }
  }
}

The diff to the quick start app:

diff --git a/firestore/testapp/src/common_main.cc b/firestore/testapp/src/common_main.cc
index e13abe1..0c5c42b 100644
--- a/firestore/testapp/src/common_main.cc
+++ b/firestore/testapp/src/common_main.cc
@@ -65,7 +65,7 @@ class TestEventListener : public Countable,
   void OnEvent(const T& value,
                const firebase::firestore::Error error) override {
     event_count_++;
-    if (error != firebase::firestore::Ok) {
+    if (error != firebase::firestore::kOk) {
       LogMessage("ERROR: EventListener %s got %d.", name_.c_str(), error);
     }
   }
@@ -170,13 +170,16 @@ extern "C" int common_main(int argc, const char* argv[]) {
   }
   LogMessage("Successfully initialized Firebase Firestore.");

-  firestore->set_logging_enabled(true);
+  //  firestore->set_logging_enabled(true);

   if (firestore->app() != app) {
     LogMessage("ERROR: failed to get App the Firestore was created with.");
   }

   firebase::firestore::Settings settings = firestore->settings();
+  settings.set_host("localhost:26235");
+  settings.set_ssl_enabled(false);
+  settings.set_persistence_enabled(false);
   firestore->set_settings(settings);
   LogMessage("Successfully set Firestore settings.");

@@ -306,7 +309,7 @@ extern "C" int common_main(int argc, const char* argv[]) {
             collection.Document("three"),
             firebase::firestore::MapFieldValue{
                 {"int", firebase::firestore::FieldValue::FromInteger(321LL)}});
-        return firebase::firestore::Ok;
+        return firebase::firestore::kOk;
       });
   Await(firestore->RunTransactionLastResult(), "firestore.RunTransaction");
   if (firestore->RunTransactionLastResult().status() !=

[canatella]

If it is of any help it is working OK on Android.

[morganchen12]

This is a result of firebase/firebase-ios-sdk#5072, which was fixed in the iOS SDK upstream but has not been propagated to the C++ SDK yet.

[patm1987]

It looks like this should be resolved with the latest release (6.15). Feel free to re-open if you're still running into issues.