Getting Firebase Bearer token by simple HttpCall (REST API) - firebase

I am currently facing the following situation.
Sending Firebase Messages via HttpCall via the google API endpoint:
https://fcm.googleapis.com/v1/projects/projectName/messages:send
Here we have to use OAuth2.0 with a valid Bearer Token like discussed in this question:
What Bearer token should I be using for Firebase Cloud Messaging testing?
After following these steps I was able to send Firebase Messages via the google API.
Now I would like to get the Bearer Token via a HttpCall without doing the manual step with the Playground https://developers.google.com/oauthplayground.
I cannot find any documentation on how to "Exchange authorization code for tokens" via simple HttpCall. I have no possibility to implement any code because I would like to send Firebase messages inside a "Dataverse Cloud Flow/PowerAutomate", therefore no possibility to load any external DLL (like the Firebase Admin Dll, which would implement this functionality).
I am not,looking for a solution which depends on external Dll like https://firebase.google.com/docs/database/rest/auth#authenticate_with_an_access_token or Pre-RequestScript
Any help is appreciated

What you are after is fundamentally not possible, since you can't hook the result of the bearer token into the same URL process to send messages. By the sounds of it you are unable to fetch one URL, process the results from that URL to pass onto the other which is what the REST API would do.
As such, you will need a secondary service that you can simply send messages to and it will invoke the Message and authentication for you, a bridge as you will. You can use Firebase Cloud Functions with an onRequest call or a simple express server on a Google Compute Engine instance (f1 free tier).
Then you can send your message request from your service to this bridge which will authenticate for you and send the message, it would be a fairly simple script to implement, specially with the admin-sdk.

Related

How to authenticate a cloud function in a remote API

I want to protect an API endpoint that is used by a Firebase cloud function. My plan was to use the authentication system of Firebase by using custom tokens generated in Firebase with the createCustomToken() method, send them with the Authorization header and then validate those in the API. I tried doing this with verifyIdToken() but it turns out that this is the wrong approach.
How can I validate custom tokens in my API, or what is the recommended approach here?

Where do I need to integrate FCM, front-end or back-end?

So i'm making an app using React JS, Cordova, node backend and a mongo database. I want to integrate firebase cloud messaging (FCM) into my platform. I'm quite new to firebase, and developing in general, and i'm not quite sure where to initialise firebase. I currently have it integrated into the front-end and it's requesting permission to receive notifications, generating tokens, and receiving messages from the firebase console. However i'm not entirely sure where to go from here. Do I add it to my backend as-well?
If you can receive messages in your client app, your front-end work is done for the moment.
But to send messages programmatically, you will need to write back-end code indeed. That's because sending messages through FCM requires that you specify the FCM server key to the API, and as its name implies that key should only be used in a trusted environment, such as your development machine, a server you control, or Cloud Functions.
For more on this, have a look at:
The architectural overview of FCM
The documentation on your server and FCM
My answer to How to send one to one message using Firebase Messaging
You have to get the FCM token from the frontend (or, client app).
After getting the token, just send it to your backend server using a POST method.
Then, store the token in whatever database you're using in your backend. It can be MongoDB, PostgreSQL, etc.

How to send Firebase Auth Token ID from Mobile Clients (iOS & Android) for HTTPS triggers on Cloud Functions?

Ok not an expert on server side coding and stuff but have a basic understanding. Here is my question;
I have firebase triggers setup on cloud functions
Now there is a requirement that I need to communicate with external servers to retrieve some other data
So I use HTTPS triggers and I followed tutorials and managed to use express and other middlewares to get the job done
The problem is, I don't think I understand how these HTTP triggers are authenticated. I obviously want only the authenticated users to make a call to these end points and my users are either iOS or Android users.
What i have already found out:
I followed the code sample in this link: https://github.com/firebase/functions-samples/blob/master/authorized-https-endpoint/functions/index.js but I have one question
It says The Firebase ID token needs to be passed as a Bearer token in the Authorization HTTP header like this: Authorization: Bearer <Firebase ID Token>
Is this token passed automatically from iOS and android clients or do I need to manually call some FirebaseAuth get token function in the mobile SDKs and manually created this authorization bearer as a part of my request url?
You need to manually call a Firebase API to get a token to pass to your backend.
This process is documented fairly thoroughly in the documentation for the Firebase Admin SDK, which you would use to verify ID tokens. That link will give you examples for Android and iOS.
The code sample you linked to also has client code for web that does the same.

Alternative to firebase functions to create actions-on-google integration

I am trying to find an alternative for Firebase to create functions that will work with actions-on-google DialogFlow class. I am creating a nodeJS app which will create a web service endpoint which will be configured as the Fulfillment URL in the DialogFlow dashboard. All the business logic to handle the request from API.AI will be at the nodeJS app. This app will then send back response by calling app.ask() and other related methods of API.AI (aka DialogFlow)
Reason: Our deployment cloud is on OneOps and we have dedicated assemblies for nodeJS apps. That is, I need to deploy this node app on our OneOps cloud and not on Firebase cloud.
Is there an alternative over Firebase here?
Absolutely! With Dialogflow you can define any URL (preferable HTTPS) in Dialogflow's console and you're free to use any hosting platform that can speak HTTP:
Also, you should be able to use the Action on Google library to respond to requests on most Node.js environments
Certainly! You can use whatever you want - all that Dialogflow requires is that the webhook be on a public address with a valid HTTPS certificate.
When designing the webhook, you'll need to accept a POST request from Dialogflow that contains JSON as the body, and similarly respond with a JSON body.
Since you're using node.js, you'll likely be using Express. One thing to note if you'll be using the actions-on-google library is that it expects that Express has already populated the req.body with a JSON object - not with the string body. This is typically done with middleware such as body-parser.

How to get Firebase ID Token in Firebase Cloud Functions on auth.user().onCreate event?

Background
I have some Endpoint APIs on App Engine. I am able to authenticate the Firebase User in my Endpoint API when making a call from my client. (I append the Bearer token to HTTP request header when making the call).
I want to create a Cloud Function that is triggered on User Creation in Firebase (referred this video tutorial). From this Cloud Function, I want to call an Endpoint API using HTTP Request. For the HTTP API call to work, I need to send a Firebase Token in the request header.
Question
How do I get current user's ID Token inside Cloud Function?
A related post here recommends that I should call the API from my Ionic/Angularjs client. However, that will be a roundtrip back to the client and then to Endpoints. I am trying to avoid that.
I found that in /node_modules/firebase-admin/lib/firebase-app.js, there is a call to "FirebaseAppInternals.prototype.getToken". But I am not sure how to call it from my Cloud Function.
Sorry if its a noob question. I am new to Javascript and NodeJs. Any pointers will be of great help!
Also, I am not using Custom Tokens.
Thanks!

Resources