No permission error in Firebase Cloud Function - firebase

I want to implement a Slack authentication with Passport.js + Firebase Cloud Function. But when I redirected URL, the forbidden error occurs.
The error:
Your client does not have permission to get URL /api/auth/slack?uid=XXXXXXXXXXX&redirectTo=http://localhost:3000 from this server.
The React code:
const slackAuthorizeURL = (uid) =>
`https://us-central1-xxxxxxxxx.cloudfunctions.net/api/auth/slack?uid=${uid}&redirectTo=${window.location.href}`
<a href={slackAuthorizeURL}>Sign in with Slack</a>
The Server code:
const express = require('express')
const session = require('express-session')
const app = express()
const allowedOrigins = [
'http://localhost:3000',
]
const allowCrossDomain = (req, res, next) => {
const origin = req.headers.origin
if (allowedOrigins.includes(origin)) {
res.header('Access-Control-Allow-Origin', origin)
}
res.header('Access-Control-Allow-Methods', 'GET,POST')
res.header('Access-Control-Allow-Headers', 'Content-Type')
next()
}
app.use(allowCrossDomain)
app.use(session({ secret: config.session.secret }))
const passport = require('passport')
app.use(passport.initialize())
app.use(passport.session())
app.get('/auth/slack', (req, res, next) => {
req.session.uid = req.query.uid
req.session.redirectTo = req.query.redirectTo
passport.authenticate('slack')(req, res, next)
})
I have already set up allUsers to Cloud Functions Admin on api in Google Cloud Platform.

I missed to set up allUsers to Cloud Functions Admin on api in Google Cloud Platform correctly.
https://cloud.google.com/functions/docs/securing/managing-access#allowing_unauthenticated_function_invocation

Related

Why am I keep getting INTERNAL ERROR 500 with my firebase cloud function?

I was trying to deploy a cloud function on firebase but I keep getting this error. I deleted all of my logic to console the response and debug but nothing's changed.
I am sure that the problem is not related to permissions because the invocation is allowed for unauthenticated users.
this is the block of my function:
// Firebase config
const functions = require('firebase-functions');
const admin = require('firebase-admin');
const cors = require("cors")({
origin: true
});
admin.initializeApp();
exports.emailMessage = functions.https.onCall((req, res) => {
return cors(req, res, async() => {
console.log(req);
console.log(res);
}).catch(() => {
res.status(500).send("error");
});
});

Firestore Cloud Function Times Out When called

I have a custom endpoint setup for my FireStore database.
For now, all I want is to print all values to console, but when I call it from a client, the request times out and the console only says:
#firebase/database: FIREBASE WARNING: The Firebase database
'project-name' has been disabled by a database owner.
(https://project-name-de56eb8.firebaseio.com)
Here's my code. Can anyone tell me what is (what thins are) wrong with it?
const util = require('util');
const functions = require('firebase-functions');
const admin = require('firebase-admin');
admin.initializeApp();
const language = require('#google-cloud/language');
const client = new language.LanguageServiceClient();
const express = require('express');
const app = express();
app.post('/calculateAverage', async (request, response) => {
const bodyUserId = request.body.id
let query = admin.database().ref(`/user_info/`);
try {
const snapshot = await query.once('value');
snapshot.forEach((childSnapshot) => {
console.log("key: " + childSnapshot.key + " value: " + childSnapshot.val())
});
response.send({"snapshot await": "ok"});
} catch(error) {
console.log('Error getting messages', error.message);
response.send({"snapshot await error": error.message});
}
});
exports.api = functions.https.onRequest(app);
The problem is that you no use firebase realtime data.
in the options of firebase you have database and next *Cloud Firestore and
*Realtime Database, select Realtime Database and after, active this option and with this the solution

Accessing Firebase Firestore on AWS Lambda

I have following problem
I am writing a lambda function which is gets a post value offer an API, than checks in firebase firestore if the value is there and than replies to the client. Simple.
This is my code:
const serverless = require("serverless-http")
const express = require("express")
const app = express()
const bodyParser = require("body-parser")
const cors = require("cors")
const admin = require("firebase-admin")
var login = require("./test.json")
admin.initializeApp({ credential: admin.credential.cert(login) })
const db = admin.firestore()
app.use(cors())
app.use(bodyParser.json())
app.use(bodyParser.urlencoded({ extended: true }))
app.post("/", function(req, res) {
let result = req.body.code.toUpperCase()
db.collection("voucher")
.get()
.then(x => {
console.log("TEST")
console.log(x)
})
.catch(err => res.status(400).send({ err }))
})
module.exports.voucher = serverless(app)
The API works just fine, problem is connecting to the firestore, the error object I get always says:
{code: "MODULE_NOT_FOUND"}
I did it how it is shown in the tutorial here:
https://firebase.google.com/docs/firestore/quickstart
But it does not seem to work at all.
I downloaded the correct credentials, actually I gave myself admin access to everything. But still it does not work.
You guys have any suggestions?

I can't replace the sk_test key with the sk_live key on Stripe using Firebase cloud functions

I have a React Native application, running on a firebase backend. I have integrated with Stripe. The token is created by the client, and the firebase cloud function creates the charge with that token. I have built the app and tested payments using the test keys in Stripe.
I have now replaced the test keys with the live keys.
The live public key is working in the React Native application, and is creating a token successfully.
here is the function for creating the token code in the React Native application
import Stripe from 'react-native-stripe-api';
async payByCard() {
const { user } = this.props;
const uid = user.uid;
const { number, exp_month, exp_year, cvc } = this.state;
this.setState({ loading: true });
const apiKey = 'pk_live_#######################';
const client = new Stripe(apiKey);
try {
const token = await client.createToken({
number,
exp_month,
exp_year,
cvc,
});
this.props.addToken({ token }, uid);
} catch (error) {
this.setState({ error: error.message, loading: false });
}
}
The firebase cloud functions, however, is still using the secret test key.
here is the loud function for creating a charge.
import * as functions from 'firebase-functions';
const admin = require('firebase-admin');
admin.initializeApp(functions.config().firebase);
const stripe = require('stripe')(functions.config().stripe.testkey)
export const stripeCharge = functions.database
.ref('/payments/{userUid}/{paymentUid}')
.onWrite((change, context) => {
const payment = change.after.val();
const userUid = context.params.userUid;
const paymentUid = context.params.paymentUid;
if (!payment || payment.charge || !payment.pendingBasket) return;
return admin.database()
.ref(`/users/${userUid}`)
.once('value')
.then(snapshot => {
return snapshot.val();
})
.then(customer => {
const amount = Number(payment.pendingBasket.total * 100).toFixed(0)
const idempotency_key = paymentUid;
const source = payment.token.id;
const currency = 'gbp';
const description = `Athalens ${customer.address.FirstName} ${customer.address.LastName} - ${customer.address.PostCode}`
const charge = {amount, currency, description, source};
return stripe.charges.create(charge, { idempotency_key });
}).catch((error) => {
console.log('error 1 =' + error.message);
admin.database()
.ref(`/payments/${userUid}/${paymentUid}/status`)
.set(error.message)
})
.then(charge => {
admin.database()
.ref(`/payments/${userUid}/${paymentUid}/charge`)
.set(charge)
if (charge.status === "succeeded") {
customerOrders(userUid, paymentUid)
photographerUid(userUid, paymentUid)
clearBasket(userUid)
confirmation(userUid, paymentUid);
} else {
decline(userUid, paymentUid)
}
}).catch((error) => {
console.log('error 2 =' + error.message);
})
})
The process I am doing to upload the Secret key to firebase:
1. Williams-MBP:~ williamgoodhew$ cd /Users/williamgoodhew/projects/athalens/athalens_server_code/basket/functions
2. Williams-MBP:functions williamgoodhew$ firebase functions:config:set stripe.token=“sk_live_#################”
3. Williams-MBP:functions williamgoodhew$ firebase deploy --only functions
When I test the live payment system, a token is created, but no charge is created. and I receive the following error in the cloud functions log:
No such token: tok_############; a similar object exists in live mode, but a test mode key was used to make this request.
I have got in contact with Firebase and it was a silly error my end.
In my cloud function, I had initialized my test key "
const stripe = require('stripe')(functions.config().stripe.testkey)
" instead of using "stripe.token".
I changed stripe.testkey to stripe.token.and everything worked out fine.

firebase cloud functions failed to access google sheet api

I want to build an api service that use google sheet api to create, read and write the spreadsheets. The api service is deployed on firebase cloud functions with express.js, I have created the service account, and use JWT for authentication. The api works (i.e. can create, read and write spreadsheets) when test locally, but fails when I deployed to firebase cloud functions.
const functions = require('firebase-functions');
// firebase admin
const admin = require('firebase-admin');
admin.initializeApp(functions.config().firebase);
// google sheet api
const google = require('googleapis');
const key = require('./key/serviceKey.json');
const scopes = [
'https://www.googleapis.com/auth/spreadsheets',
'https://www.googleapis.com/auth/drive'
];
const authClient = new google.auth.JWT(
key.client_email, null, key.private_key, scopes, null
);
authClient.authorize((err, tokens) => {
if (err) {
console.log('error occurred when authorising with JWT');
} else {
console.log('auth success, tokens', tokens);
google.options({ auth: authClient });
}
});
const drive = google.drive('v2');
const sheets = google.sheets('v4');
The error message I get when I test it on firebase cloud functions:
Request is missing required authentication credential. Expected OAuth
2 access token, login cookie or other valid authentication credential.
Ultimately, I will have an ionic app that calls the api to perform certain actions (e.g. create and share spreadsheets with other user). So am I doing the right approach or I should use other types of authentication?
My function definitions:
const functions = require('firebase-functions');
const express = require('express');
const cors = require('cors')({ origin: true });
const bodyParser = require('body-parser');
const app = express();
app.use(cors);
app.use(bodyParser.json({ type: 'application/json' }));
// some routing setup
exports.api = functions.https.onRequest(app);
Router setup:
const express = require('express');
const router = express.Router();
router.post('/createSheets', (req, res) => {
const request = { // }
sheets.spreadsheets.create(request, (err, sheetsResponse) => {
// some code
}
});

Resources