Firebase App Check MCP Server

# generated by fastapi-codegen: # filename: openapi.yaml # timestamp: 2025-06-29T02:06:44+00:00 from __future__ import annotations from enum import Enum from typing import List, Optional from pydantic import BaseModel, Field, RootModel class GoogleFirebaseAppcheckV1AppAttestConfig(BaseModel): name: Optional[str] = Field( None, description='Required. The relative resource name of the App Attest configuration object, in the format: ``` projects/{project_number}/apps/{app_id}/appAttestConfig ```', ) tokenTtl: Optional[str] = Field( None, description='Specifies the duration for which App Check tokens exchanged from App Attest artifacts will be valid. If unset, a default value of 1 hour is assumed. Must be between 30 minutes and 7 days, inclusive.', ) class GoogleFirebaseAppcheckV1AppCheckToken(BaseModel): token: Optional[str] = Field( None, description='The App Check token. App Check tokens are signed [JWTs](https://tools.ietf.org/html/rfc7519) containing claims that identify the attested app and Firebase project. This token is used to access Firebase services protected by App Check. These tokens can also be [verified by your own custom backends](https://firebase.google.com/docs/app-check/custom-resource-backend) using the Firebase Admin SDK.', ) ttl: Optional[str] = Field( None, description='The duration from the time this token is minted until its expiration. This field is intended to ease client-side token management, since the client may have clock skew, but is still able to accurately measure a duration.', ) class GoogleFirebaseAppcheckV1BatchGetAppAttestConfigsResponse(BaseModel): configs: Optional[List[GoogleFirebaseAppcheckV1AppAttestConfig]] = Field( None, description='AppAttestConfigs retrieved.' ) class GoogleFirebaseAppcheckV1DebugToken(BaseModel): displayName: Optional[str] = Field( None, description='Required. A human readable display name used to identify this debug token.', ) name: Optional[str] = Field( None, description='Required. The relative resource name of the debug token, in the format: ``` projects/{project_number}/apps/{app_id}/debugTokens/{debug_token_id} ```', ) token: Optional[str] = Field( None, description='Required. Input only. Immutable. The secret token itself. Must be provided during creation, and must be a UUID4, case insensitive. This field is immutable once set, and cannot be provided during an UpdateDebugToken request. You can, however, delete this debug token using DeleteDebugToken to revoke it. For security reasons, this field will never be populated in any response.', ) class GoogleFirebaseAppcheckV1DeviceCheckConfig(BaseModel): keyId: Optional[str] = Field( None, description='Required. The key identifier of a private key enabled with DeviceCheck, created in your Apple Developer account.', ) name: Optional[str] = Field( None, description='Required. The relative resource name of the DeviceCheck configuration object, in the format: ``` projects/{project_number}/apps/{app_id}/deviceCheckConfig ```', ) privateKey: Optional[str] = Field( None, description='Required. Input only. The contents of the private key (`.p8`) file associated with the key specified by `key_id`. For security reasons, this field will never be populated in any response.', ) privateKeySet: Optional[bool] = Field( None, description='Output only. Whether the `private_key` field was previously set. Since we will never return the `private_key` field, this field is the only way to find out whether it was previously set.', ) tokenTtl: Optional[str] = Field( None, description='Specifies the duration for which App Check tokens exchanged from DeviceCheck tokens will be valid. If unset, a default value of 1 hour is assumed. Must be between 30 minutes and 7 days, inclusive.', ) class GoogleFirebaseAppcheckV1ExchangeAppAttestAssertionRequest(BaseModel): artifact: Optional[str] = Field( None, description='Required. The artifact returned by a previous call to ExchangeAppAttestAttestation.', ) assertion: Optional[str] = Field( None, description='Required. The CBOR-encoded assertion returned by the client-side App Attest API.', ) challenge: Optional[str] = Field( None, description='Required. A one-time challenge returned by an immediately prior call to GenerateAppAttestChallenge.', ) class GoogleFirebaseAppcheckV1ExchangeAppAttestAttestationRequest(BaseModel): attestationStatement: Optional[str] = Field( None, description='Required. The App Attest statement returned by the client-side App Attest API. This is a base64url encoded CBOR object in the JSON response.', ) challenge: Optional[str] = Field( None, description='Required. A one-time challenge returned by an immediately prior call to GenerateAppAttestChallenge.', ) keyId: Optional[str] = Field( None, description='Required. The key ID generated by App Attest for the client app.', ) class GoogleFirebaseAppcheckV1ExchangeAppAttestAttestationResponse(BaseModel): appCheckToken: Optional[GoogleFirebaseAppcheckV1AppCheckToken] = Field( None, description='Encapsulates an App Check token.' ) artifact: Optional[str] = Field( None, description='An artifact that can be used in future calls to ExchangeAppAttestAssertion.', ) class GoogleFirebaseAppcheckV1ExchangeCustomTokenRequest(BaseModel): customToken: Optional[str] = Field( None, description="Required. A custom token signed using your project's Admin SDK service account credentials.", ) class GoogleFirebaseAppcheckV1ExchangeDebugTokenRequest(BaseModel): debugToken: Optional[str] = Field( None, description='Required. A debug token secret. This string must match a debug token secret previously created using CreateDebugToken.', ) class GoogleFirebaseAppcheckV1ExchangeDeviceCheckTokenRequest(BaseModel): deviceToken: Optional[str] = Field( None, description="Required. The `device_token` as returned by Apple's client-side [DeviceCheck API](https://developer.apple.com/documentation/devicecheck/dcdevice). This is the base64 encoded `Data` (Swift) or `NSData` (ObjC) object.", ) class GoogleFirebaseAppcheckV1ExchangePlayIntegrityTokenRequest(BaseModel): playIntegrityToken: Optional[str] = Field( None, description='Required. The [integrity verdict response token from Play Integrity](https://developer.android.com/google/play/integrity/verdict#decrypt-verify) issued to your app.', ) class GoogleFirebaseAppcheckV1ExchangeRecaptchaEnterpriseTokenRequest(BaseModel): recaptchaEnterpriseToken: Optional[str] = Field( None, description='Required. The reCAPTCHA token as returned by the [reCAPTCHA Enterprise JavaScript API](https://cloud.google.com/recaptcha-enterprise/docs/instrument-web-pages).', ) class GoogleFirebaseAppcheckV1ExchangeRecaptchaV3TokenRequest(BaseModel): recaptchaV3Token: Optional[str] = Field( None, description='Required. The reCAPTCHA token as returned by the [reCAPTCHA v3 JavaScript API](https://developers.google.com/recaptcha/docs/v3).', ) class GoogleFirebaseAppcheckV1ExchangeSafetyNetTokenRequest(BaseModel): safetyNetToken: Optional[str] = Field( None, description='Required. The [SafetyNet attestation response](https://developer.android.com/training/safetynet/attestation#request-attestation-step) issued to your app.', ) class GoogleFirebaseAppcheckV1GenerateAppAttestChallengeRequest(BaseModel): pass class GoogleFirebaseAppcheckV1GenerateAppAttestChallengeResponse(BaseModel): challenge: Optional[str] = Field( None, description='A one-time use challenge for the client to pass to the App Attest API.', ) ttl: Optional[str] = Field( None, description='The duration from the time this challenge is minted until its expiration. This field is intended to ease client-side token management, since the client may have clock skew, but is still able to accurately measure a duration.', ) class GoogleFirebaseAppcheckV1GeneratePlayIntegrityChallengeRequest(BaseModel): pass class GoogleFirebaseAppcheckV1GeneratePlayIntegrityChallengeResponse(BaseModel): challenge: Optional[str] = Field( None, description='A one-time use [challenge](https://developer.android.com/google/play/integrity/verdict#protect-against-replay-attacks) for the client to pass to the Play Integrity API.', ) ttl: Optional[str] = Field( None, description='The duration from the time this challenge is minted until its expiration. This field is intended to ease client-side token management, since the client may have clock skew, but is still able to accurately measure a duration.', ) class GoogleFirebaseAppcheckV1ListDebugTokensResponse(BaseModel): debugTokens: Optional[List[GoogleFirebaseAppcheckV1DebugToken]] = Field( None, description='The DebugTokens retrieved.' ) nextPageToken: Optional[str] = Field( None, description='If the result list is too large to fit in a single response, then a token is returned. If the string is empty or omitted, then this response is the last page of results. This token can be used in a subsequent call to ListDebugTokens to find the next group of DebugTokens. Page tokens are short-lived and should not be persisted.', ) class GoogleFirebaseAppcheckV1PlayIntegrityConfig(BaseModel): name: Optional[str] = Field( None, description='Required. The relative resource name of the Play Integrity configuration object, in the format: ``` projects/{project_number}/apps/{app_id}/playIntegrityConfig ```', ) tokenTtl: Optional[str] = Field( None, description='Specifies the duration for which App Check tokens exchanged from Play Integrity tokens will be valid. If unset, a default value of 1 hour is assumed. Must be between 30 minutes and 7 days, inclusive.', ) class GoogleFirebaseAppcheckV1PublicJwk(BaseModel): alg: Optional[str] = Field( None, description='See [section 4.4 of RFC 7517](https://tools.ietf.org/html/rfc7517#section-4.4).', ) e: Optional[str] = Field( None, description='See [section 6.3.1.2 of RFC 7518](https://tools.ietf.org/html/rfc7518#section-6.3.1.2).', ) kid: Optional[str] = Field( None, description='See [section 4.5 of RFC 7517](https://tools.ietf.org/html/rfc7517#section-4.5).', ) kty: Optional[str] = Field( None, description='See [section 4.1 of RFC 7517](https://tools.ietf.org/html/rfc7517#section-4.1).', ) n: Optional[str] = Field( None, description='See [section 6.3.1.1 of RFC 7518](https://tools.ietf.org/html/rfc7518#section-6.3.1.1).', ) use: Optional[str] = Field( None, description='See [section 4.2 of RFC 7517](https://tools.ietf.org/html/rfc7517#section-4.2).', ) class GoogleFirebaseAppcheckV1PublicJwkSet(BaseModel): keys: Optional[List[GoogleFirebaseAppcheckV1PublicJwk]] = Field( None, description='The set of public keys. See [section 5.1 of RFC 7517](https://tools.ietf.org/html/rfc7517#section-5).', ) class GoogleFirebaseAppcheckV1RecaptchaEnterpriseConfig(BaseModel): name: Optional[str] = Field( None, description='Required. The relative resource name of the reCAPTCHA Enterprise configuration object, in the format: ``` projects/{project_number}/apps/{app_id}/recaptchaEnterpriseConfig ```', ) siteKey: Optional[str] = Field( None, description='The score-based site key [created in reCAPTCHA Enterprise](https://cloud.google.com/recaptcha-enterprise/docs/create-key#creating_a_site_key) used to [invoke reCAPTCHA and generate the reCAPTCHA tokens](https://cloud.google.com/recaptcha-enterprise/docs/instrument-web-pages) for your application. Important: This is *not* the `site_secret` (as it is in reCAPTCHA v3), but rather your score-based reCAPTCHA Enterprise site key.', ) tokenTtl: Optional[str] = Field( None, description='Specifies the duration for which App Check tokens exchanged from reCAPTCHA Enterprise tokens will be valid. If unset, a default value of 1 hour is assumed. Must be between 30 minutes and 7 days, inclusive.', ) class GoogleFirebaseAppcheckV1RecaptchaV3Config(BaseModel): name: Optional[str] = Field( None, description='Required. The relative resource name of the reCAPTCHA v3 configuration object, in the format: ``` projects/{project_number}/apps/{app_id}/recaptchaV3Config ```', ) siteSecret: Optional[str] = Field( None, description='Required. Input only. The site secret used to identify your service for reCAPTCHA v3 verification. For security reasons, this field will never be populated in any response.', ) siteSecretSet: Optional[bool] = Field( None, description='Output only. Whether the `site_secret` field was previously set. Since we will never return the `site_secret` field, this field is the only way to find out whether it was previously set.', ) tokenTtl: Optional[str] = Field( None, description='Specifies the duration for which App Check tokens exchanged from reCAPTCHA tokens will be valid. If unset, a default value of 1 day is assumed. Must be between 30 minutes and 7 days, inclusive.', ) class GoogleFirebaseAppcheckV1SafetyNetConfig(BaseModel): name: Optional[str] = Field( None, description='Required. The relative resource name of the SafetyNet configuration object, in the format: ``` projects/{project_number}/apps/{app_id}/safetyNetConfig ```', ) tokenTtl: Optional[str] = Field( None, description='Specifies the duration for which App Check tokens exchanged from SafetyNet tokens will be valid. If unset, a default value of 1 hour is assumed. Must be between 30 minutes and 7 days, inclusive.', ) class EnforcementMode(Enum): OFF = 'OFF' UNENFORCED = 'UNENFORCED' ENFORCED = 'ENFORCED' class GoogleFirebaseAppcheckV1Service(BaseModel): enforcementMode: Optional[EnforcementMode] = Field( None, description='Required. The App Check enforcement mode for this service.' ) name: Optional[str] = Field( None, description='Required. The relative resource name of the service configuration object, in the format: ``` projects/{project_number}/services/{service_id} ``` Note that the `service_id` element must be a supported service ID. Currently, the following service IDs are supported: * `firebasestorage.googleapis.com` (Cloud Storage for Firebase) * `firebasedatabase.googleapis.com` (Firebase Realtime Database) * `firestore.googleapis.com` (Cloud Firestore)', ) class GoogleFirebaseAppcheckV1UpdateServiceRequest(BaseModel): service: Optional[GoogleFirebaseAppcheckV1Service] = Field( None, description="Required. The Service to update. The Service's `name` field is used to identify the Service to be updated, in the format: ``` projects/{project_number}/services/{service_id} ``` Note that the `service_id` element must be a supported service ID. Currently, the following service IDs are supported: * `firebasestorage.googleapis.com` (Cloud Storage for Firebase) * `firebasedatabase.googleapis.com` (Firebase Realtime Database) * `firestore.googleapis.com` (Cloud Firestore)", ) updateMask: Optional[str] = Field( None, description='Required. A comma-separated list of names of fields in the Service to update. Example: `enforcement_mode`.', ) class GoogleProtobufEmpty(BaseModel): pass class FieldXgafv(Enum): field_1 = '1' field_2 = '2' class Alt(Enum): json = 'json' media = 'media' proto = 'proto' class Names(RootModel[List[str]]): root: List[str] class GoogleFirebaseAppcheckV1BatchGetDeviceCheckConfigsResponse(BaseModel): configs: Optional[List[GoogleFirebaseAppcheckV1DeviceCheckConfig]] = Field( None, description='DeviceCheckConfigs retrieved.' ) class GoogleFirebaseAppcheckV1BatchGetPlayIntegrityConfigsResponse(BaseModel): configs: Optional[List[GoogleFirebaseAppcheckV1PlayIntegrityConfig]] = Field( None, description='PlayIntegrityConfigs retrieved.' ) class GoogleFirebaseAppcheckV1BatchGetRecaptchaEnterpriseConfigsResponse(BaseModel): configs: Optional[List[GoogleFirebaseAppcheckV1RecaptchaEnterpriseConfig]] = Field( None, description='RecaptchaEnterpriseConfigs retrieved.' ) class GoogleFirebaseAppcheckV1BatchGetRecaptchaV3ConfigsResponse(BaseModel): configs: Optional[List[GoogleFirebaseAppcheckV1RecaptchaV3Config]] = Field( None, description='RecaptchaV3Configs retrieved.' ) class GoogleFirebaseAppcheckV1BatchGetSafetyNetConfigsResponse(BaseModel): configs: Optional[List[GoogleFirebaseAppcheckV1SafetyNetConfig]] = Field( None, description='SafetyNetConfigs retrieved.' ) class GoogleFirebaseAppcheckV1BatchUpdateServicesRequest(BaseModel): requests: Optional[List[GoogleFirebaseAppcheckV1UpdateServiceRequest]] = Field( None, description='Required. The request messages specifying the Services to update. A maximum of 100 objects can be updated in a batch.', ) updateMask: Optional[str] = Field( None, description='Optional. A comma-separated list of names of fields in the Services to update. Example: `display_name`. If the `update_mask` field is set in both this request and any of the UpdateServiceRequest messages, they must match or the entire batch fails and no updates will be committed.', ) class GoogleFirebaseAppcheckV1BatchUpdateServicesResponse(BaseModel): services: Optional[List[GoogleFirebaseAppcheckV1Service]] = Field( None, description='Service objects after the updates have been applied.' ) class GoogleFirebaseAppcheckV1ListServicesResponse(BaseModel): nextPageToken: Optional[str] = Field( None, description='If the result list is too large to fit in a single response, then a token is returned. If the string is empty or omitted, then this response is the last page of results. This token can be used in a subsequent call to ListServices to find the next group of Services. Page tokens are short-lived and should not be persisted.', ) services: Optional[List[GoogleFirebaseAppcheckV1Service]] = Field( None, description='The Services retrieved.' )