My goal is to integrate Firebase Realtime Database within my Android app which already has an authentication layer (Gigya) that isn't managed by me.
The DB structure could be:
{
"users":
"gigya_id1": {
// user's objects
},
"gigya_id2": {
// user's objects
},
.....
}
I also want to add a little of security and rules to avoiding that a user can't READ/WRITE other users stuff.
I read about firebase custom auth but as I said, I don't have access to backend (and there is not doc about gigya custom token and firebase integration)
Does anyone have experienced with an integration like this one?
What you want to do can be achieved pretty easily.
You can pull the JWT from Gigya whenever a user authenticates by calling to
gigya.accounts.getJWT()
And pass the JWT in the response from Gigya to the custom auth method in Firebase, following this guidelines: https://firebase.google.com/docs/auth/web/custom-auth
Related
I'm using firebase in Android Studio with kotlin.
I want to know whether login account is email-register account or google social account.
As I know, if FirebaseAuth.getInstance().currentUser.providerId is "google.com", user used google social login.
And if providerId is "password", user used email register with firebase.
But only I can get "firebase" from providerId.
How can I solve it?
It it is neccessary for making login function.
I can get only "firebase" from providerId.
According to the API documentation, getProviderId() (or just providerId for Kotlin) will always return FirebaseAuthProvider#PROVIDER_ID (which is equal to "firebase").
If you want to determine which authentication channel was used to get this Firebase ID Token, you need to use getProviderData() which contains the UserInfo objects returned from the social logins.
val auth = FirebaseAuth.getInstance();
val hasLinkedGoogleUser = auth.providerData.any{ it.providerId == GoogleAuthProvider.PROVIDER_ID }
I'm building an Android App that searches for nearby locations. I use Firebase login system (Login with email and password, and login with Google, Facebook, etc), therefore I would also like to build an API with Firebase. (also because I need the app to be more complicated) I have built a serverless API with Firebase Cloud Functions and I can make GET/PUT requests with Postman. However, I would like to secure these endpoints, similar to how JWT secure a RESTAPI, so that only users who logged in the App can make requests. How do I achieve this? I have looked at "authorized-https-endpoint" but it seems like it only allow Google-Sign-In.
Or is there a way that I can still use Node and Mongodb RestAPI, and secure it using the accounts logged into Firebase?
Here is a piece of the backend code
app.get('/api/read/:item_id', (req, res) => {
(async () => {
try {
const document = db.collection('items').doc(req.params.item_id);
let item = await document.get();
let response = item.data();
return res.status(200).send(response);
} catch (error) {
console.log(error);
return res.status(500).send(error);
}
})();
});
exports.app = functions.https.onRequest(app);
Thank you guys so much in advance.
Use Firebase Callable Functions. They fulfill your requirement.
Refer: https://firebase.google.com/docs/functions/callable
In the case where there are issues with the function calls, please refer to this: firebase.google.com/docs/functions/callable-reference.
As mentioned here this is to be used only if the SDKs don't work for you
The authorized-https-endpoint example supports all forms of auth on the client, as long as it's going through the Firebase Auth SDK. In all cases, the client can send an auth token to the function, and the function code can use the Firebase Admin SDK to verify the token. It doesn't matter how the user authenticated - any Firebase user account will work.
You can also use a callable function, which will automatically perform the validation for you in the exact same way. Your code must then check to see if a user was authenticated using the calling context before continuing.
Parse and Auth0 is very useful for efficiently creating a backend and authentication for different social logins. I was not able to find any information in the web specific to Android. Can anyone provide a tutorial for this one?
Have you considered using the Parse User Interface? It's simply to utilise and accepts logins from Facebook and twitter. I don't think this uses Auth0 but can already handle two major social logins - what else do you require over these?
https://parseplatform.github.io//docs/android/guide/#user-interface
Here is the logic I used to create a ParseUser after having a user sign-in using Auth0
Instantatiate an AuthenticationAPIClient
Retrieve the UserProfile by passing the idToken of the user
Run a ParseUser query to check if the user already exists in the ParseServer.
Log-in the user using ParseUser.becomeinBackground(user.getSessionToken...
If the user doesn't exist in the Parse Server, create a user using the information in UserProfile
ParseUser user = new ParseUser();
user.setUsername(payload.getEmail());
user.setPassword(payload.getId());
user.put("name", payload.getName());
user.put("provider", "Auth0");
user.setEmail(payload.getEmail());
This approach simplifies the OAuth process without having to use the different SDKs for several identity providers.
Github Repository for example
I am having trouble integrating LinkedIn authorization from OAuth .io with Firebase on Android.
I am able to authenticate my user through LinkedIn, and OAuth .io is able to save the token into the Firebase database (on the application table not the system table, yet).
But when I pass the received token to Firebase as shown on the code below, firebase replies with an error.
oauth.popup("linkedin2", new OAuthCallback() {
#Override
public void onFinished(OAuthData data) {
String token = data.token;
FirebaseAuth.getInstance().signInWithCustomToken(token);
}
The error I get is:
com.google.firebase.auth.FirebaseAuthInvalidCredentialsException: The
custom token format is incorrect. Please check the documentation.
How can I make this work?
Just a suggestion, why dont you do the normal authentication with either
Facebook TwitterGitHubPersonaEmail/Password
And then after successful signing ask the user to retrieve their data by signing in to their linkedIn account.
I am writing a backend server for mobile applications.
The backend is running on google app engine and written in Java.
I want users to be able to login with federated identity such as facebook.
I saw that google supports this kind of authentication for mobile apps via firebase authentication. What would be the best way to integrate firebase authentication with my current app engine endpoints?
I already use the cloud platform's datastore and don't wish to work with the firebase database, only use the authentication method.
Thanks.
I'm also looking for an answer to this. My best 5c so far is to
Use FireBase to set up sign in methods etc. from the console
Use FireBase UI (in beta) for web or "Federated identity provider integration" for iOS/Android to set up the authentication flow
Retrive token/authentication details on your web/iOS/Android client and pass it on to your Cloud Endpoints as e.g., HTTP Request Headers
Inject the javax.servlet.http.HttpServletRequest to your endpoint methods (just add an argument and Google with inject the request object automatically)
Create a method that your Endpoint will call for each request (that needs authentication) that will handle the validation of the credentials you have passed on as HTTP Request Headers
Use FireBase Java SDK to call FireBase to validate the credentials (in order to do this, you need to export the json configuration from the Firebase console) and load the SDK with them, e.g., in one of your servlets:
#Override
public void init(ServletConfig config) {
try{
InputStream in = config.getServletContext().getResourceAsStream("/WEB-INF/firebase-privatekey.json");
FirebaseOptions options = new FirebaseOptions.Builder()
.setServiceAccount(in)
.setDatabaseUrl("YOUR_DATABASE_URL")
.build();
FirebaseApp.initializeApp(options);
log.info("Authentication enabled");
}
catch(Throwable t) {
t.printStackTrace();
log.warning("AUTHENTICATION DISABLED. Only public resources will be available");
}
}
You should be able to use Google Cloud Endpoints as an authentication proxy in front of your app. Endpoints supports validating Firebase Authentication tokens by configuring your OpenAPI template:
# Configure Firebase as an AuthN provider
securityDefinitions:
firebase:
authorizationUrl: ""
flow: "implicit"
type: "oauth2"
# Replace YOUR-PROJECT-ID with your project ID in the issuer and audiences fields
x-google-issuer: "https://securetoken.google.com/YOUR-PROJECT-ID"
x-google-audiences: "YOUR-PROJECT-ID"
x-google-jwks_uri: "https://www.googleapis.com/service_accounts/v1/metadata/x509/securetoken#system.gserviceaccount.com"
# Add Firebase as an authN provider to specific endpoints...
security:
- firebase: []
Alternatively, you can use the Firebase Admin SDK to write authentication middleware that validates your tokens:
FirebaseAuth.getInstance().verifyIdToken(idToken)
.addOnSuccessListener(new OnSuccessListener<FirebaseToken>() {
#Override
public void onSuccess(FirebaseToken decodedToken) {
String uid = decodedToken.getUid();
// ...
}
});