I'm using https://github.com/firebase/firebase-admin-go in my Go server application.
After looking at the documentation, I'm creating the auth.Client every time I'm checking the ID token. E. g.:
client, err := firebaseApp.Auth(ctx)
if err != nil {
return "", err
}
token, err := client.VerifyIDToken(ctx, idToken)
if err != nil {
return "", err
}
I'm already sharing the firebaseApp
(a firebase.App
) between goroutines.
My question: Is it safe to also share the auth.Client
between goroutines or do I need to create one every time I verify the ID token? That would mean I will create one for almost every authenticated request. That seems costly to me.
I couldn't find anything about it in the documentation.