Use firebase with a third party JWT token
Firebase actually has a detailed explanation on Authenticating with Firebase in JavaScript Using a Custom Authentication System which is what you are planning to do. You verify that third party token and then create a custom token using signInWithCustomToken()
. Then you can signInWithCustomToken()
and use features like Firebase security rules with Firebase Authentication.
Firebase & Postman | Generate JWT for Google Identity OAuth 2.0 token
Thanks to @JohnHanley. I managed to generate the token. This is not entirely withing Postman (I am still relying on jwt.io to generate the jwt).
after creating service account here. add a key and download the p12 file (not json). The default secret is
notasecret
convert p12 to pem and extract the public key:
$openssl pkcs12 -in postman-admin-private.p12 -out postman-admin-private.pem -nodes
$openssl rsa -in postman-admin-private.pem -outform PEM -pubout -out postman-admin-public.pem
Open both pem files and copy the private and public keys into jwt.io (using RSA256 option)
Make sure you use the email address of the service account in
iss
fieldHere is the request in postman:
curl --location --request POST 'https://oauth2.googleapis.com/token?grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer&assertion='{generated jwt}'
next would be to make it entirely within Postman. I have not tried that but this post seems to be an option
Simple way to get a firebase auth token (development)
If you're using Postman, why not:
- Create a user via the Firebase Auth web console
- Create a request in Postman that logs in via the Firebase Auth REST API?
Something like POST to https://identitytoolkit.googleapis.com/v1/accounts:signInWithPassword?key=[API_KEY]
with body:
{
"email": "abc@def.com",
"password":"password",
"returnSecureToken":true
}
How to add custom claims in JWT/idToken obtained from google workspace login
token
in the result of result.user.getIdTokenResult() method contains custom claims added in authClient.functions().beforeSignInHandler
handler in GCP cloud function. I was checking result.credential.idToken
which doesn't contain any custom custom claims.
Another much better method to pass custom claims is to use Google workspace SAML app integration with Google Identity Platform. This way can pass any Google Directory attribute (built-in or custom) to Identity platform without creating any cloud function (Although this approach still supports extension via cloud functions)
Example jwt with custom claims (where you can see stackoverflowRole in sign_in_attributes provided by our SAML provider which is google workspace):
{
"iss": "https://securetoken.google.com/some-project-123456",
"aud": "some-project-123456",
"auth_time": 1657706938,
"user_id": "someuserid",
"sub": "someuserid",
"iat": 1657706938,
"exp": 1657710538,
"email": "someuser@customdomain.com",
"email_verified": true,
"firebase": {
"identities": {
"saml.customdomain.com": [
"someuser@customdomain.com"
],
"email": [
"someuser@customdomain.com"
]
},
"sign_in_provider": "saml.customdomain.com",
"sign_in_attributes": {
"firstName": "Abdul",
"lastName": "Rauf",
"groups": "custom-superuser",
"stackoverflowRole": "superuser"
}
}
}
Reference:
Obtaining/using Firebase JWT
Firebase indeed keeps the JWT in local storage.
JSON.parse(localStorage.getItem("firebase:session::<app-name>")).token
You can also get it from the authData, where it is available as the value of the token
property.
ref.onAuth(function(authData) { console.log(authData.token); })
But the preferred way is to do what Chris said in the comments:
ref.getAuth().token
Related Topics
Swift: Nsstatusitem Menu Behaviour in 10.10 (E.G. Show Only on Right Mouse Click)
Search Multiple Words in One String in Swift
Ckcontainer.Discoverallidentities Always Fails
How to Import Modules Without an Xcode Project in Swift
Swiftui: Using View Modifiers Between Different iOS Versions Without #Available
Xcode 8 Shell Script Invocation Error
Swift Safely Unwrapping Optinal Strings and Ints
How to Copy Skspritenode with Skphysicsbody
Context Menu Not Updating in Swiftui
How to Hash a String to Sha512 in Swift
iOS 13 Modals - Calling Swipe Dismissal Programmatically
Cllocation Distancefromlocation (In Swift)
Best Way to Handle Errors from Async Closures in Swift 2