Integrate firebase auth with google app engine cloud endpoints

Question

Can someone specify (with some sample code) how to verify the firebase token in an google cloud endpoint? The recently asked question does not clarifiy it at all (How to integra

Answer 1

As far as I understand the documentation it seems you need to add user token to your request, for example as a header. Then you need to verify this token against Firebase admin sdk, and this way you'd get user id.

@ApiMethod(name = "someApiCall", httpMethod = ApiMethod.HttpMethod.POST)
public YourResponse someApiCall(YourRequestObject body, HttpServletRequest httpRequest) {
    String userToken = httpRequest.getHeader("USER_TOKEN_HEADER");

    Task authTask = FirebaseAuth.getInstance().verifyIdToken(userToken)
        .addOnSuccessListener(new OnSuccessListener() {
          @Override
          public void onSuccess(FirebaseToken firebaseToken) {
          }
        });

    try {
      Tasks.await(authTask);
    } catch (ExecutionException e) {
    } catch (InterruptedException e) {
    }

    FirebaseToken result = authTask.getResult();
    String userId = result.getUid();

    return new YourResponse();
}

I based my code on:

https://firebase.google.com/docs/auth/admin/verify-id-tokens

How do I secure my Google Cloud Endpoints APIs with Firebase token verification?