How to integrate firebase authentication with google app engine endpoints

前端未结

关注

 2  1053

自闭症患者

I am writing a backend server for mobile applications. The backend is running on google app engine and written in Java.

I want users to be able to login with federated i

相关标签:

2条回答

长发绾君心

2021-01-31 00:32

You should be able to use Google Cloud Endpoints as an authentication proxy in front of your app. Endpoints supports validating Firebase Authentication tokens by configuring your OpenAPI template:

# Configure Firebase as an AuthN provider
securityDefinitions:
    firebase:
      authorizationUrl: ""
      flow: "implicit"
      type: "oauth2"
      # Replace YOUR-PROJECT-ID with your project ID in the issuer and audiences fields
      x-google-issuer: "https://securetoken.google.com/YOUR-PROJECT-ID"
      x-google-audiences: "YOUR-PROJECT-ID"
      x-google-jwks_uri: "https://www.googleapis.com/service_accounts/v1/metadata/x509/securetoken@system.gserviceaccount.com"

# Add Firebase as an authN provider to specific endpoints...
security:
  - firebase: []

Alternatively, you can use the Firebase Admin SDK to write authentication middleware that validates your tokens:

FirebaseAuth.getInstance().verifyIdToken(idToken)
    .addOnSuccessListener(new OnSuccessListener<FirebaseToken>() {
        @Override
        public void onSuccess(FirebaseToken decodedToken) {
            String uid = decodedToken.getUid();
            // ...
        }
});

0 讨论(0)

醉话见心

2021-01-31 00:38
I'm also looking for an answer to this. My best 5c so far is to
- Use FireBase to set up sign in methods etc. from the console
- Use FireBase UI (in beta) for web or "Federated identity provider integration" for iOS/Android to set up the authentication flow
- Retrive token/authentication details on your web/iOS/Android client and pass it on to your Cloud Endpoints as e.g., HTTP Request Headers
- Inject the javax.servlet.http.HttpServletRequest to your endpoint methods (just add an argument and Google with inject the request object automatically)
- Create a method that your Endpoint will call for each request (that needs authentication) that will handle the validation of the credentials you have passed on as HTTP Request Headers
- Use FireBase Java SDK to call FireBase to validate the credentials (in order to do this, you need to export the json configuration from the Firebase console) and load the SDK with them, e.g., in one of your servlets:
```
@Override
    public void init(ServletConfig config) {
        try{
        InputStream in = config.getServletContext().getResourceAsStream("/WEB-INF/firebase-privatekey.json");
        FirebaseOptions options = new FirebaseOptions.Builder()
                .setServiceAccount(in)
                .setDatabaseUrl("YOUR_DATABASE_URL")
                .build();
        FirebaseApp.initializeApp(options);
        log.info("Authentication enabled");
        }
        catch(Throwable t) {
            t.printStackTrace();
            log.warning("AUTHENTICATION DISABLED. Only public resources will be available");
        }
    }
```
0 讨论(0)
发布评论:

提交评论
- 加载中...