2018-11-03 08:50



I'm using in my Go server application.

After looking at the documentation, I'm creating the auth.Client every time I'm checking the ID token. E. g.:

client, err := firebaseApp.Auth(ctx)
if err != nil {
    return "", err
token, err := client.VerifyIDToken(ctx, idToken)
if err != nil {
    return "", err

I'm already sharing the firebaseApp (a firebase.App) between goroutines.

My question: Is it safe to also share the auth.Client between goroutines or do I need to create one every time I verify the ID token? That would mean I will create one for almost every authenticated request. That seems costly to me. I couldn't find anything about it in the documentation.

  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 复制链接分享
  • 邀请回答


  • duan1983 duan1983 3年前

    Yes, it is goroutine safe.

    auth.Client is intended to be shared among goroutines and reused. Specifically, the VerifyIDToken() function will cache the public keys between invocations. You should reuse the client instance to benefit from this. auth.Client performs its own locking/synchronization internally, when required (e.g.).

    点赞 评论 复制链接分享