We are creating an app and using firebase authentication. We have an existing oauth2 provider in our organization. Is it possible to add this custom provider in firebase? So we will add a new client in our identity provider and configure firebase so that it can accept token from it.
Related
I'm currently thinking about using Firebase Auth system with my custom rest api service.
For example:
My custom api would authorise requests coming from angular app, but auth system begins in that
Angular app, so there I would get authenticated.
Later on, I would pass a token received from firebase to communicate with my service.
That service would check if token is ok and then let me in to resources.
Is it possible to do ?
Firebase provides a client sdk for web and an admin sdk for backend server to create a user session. In a microservices architecture based cloud application, do we have to create a custom token at the server side when a user tries to log into our system and then allow the client using java-script based client sdk to create another id-token with the custom token for continuing the client interaction within that session ?
Why do we need two tokens i.e Custom Token(Admin SDK) and Id Token(Client SDK) for user authentication ?
You need only one of the two tokens for each user, depending on whether you're using a custom provider to sign that user in, or one of the built-in providers.
If you use one of the existing providers you'll use its ID token.
If you create a custom provider, you'll create your own (custom) token for the user. This custom token essentially takes the place of the ID token that you'd use with the default provider.
To learn all about the various token types that Firebase Authentication has, read the blog post Demystifying Firebase Auth Tokens.
I have four Appengine Standard Application.
For authentication I will receive a JWT token of my customer (They have an oauth provider), I know that Firebase has some defaults providers Oauth like as Github, Google, Facebook and integration with Javascript API is verey easy. But I need to use of my customer.
Is there a possibility to have a new OAuth provider in Firebase console to easily integration my app with firebase like this example?
For the backend I am thinking to use SDK to validate a token.
FirebaseAuth.getInstance().verifyIdTokenAsync(idToken).get();
To sign in with unsupported OAuth providers, your need to use custom authentication. Here is a full example on how to authenticate with Instragram: https://firebase.googleblog.com/2016/10/authenticate-your-firebase-users-with.html
I want custom firebase authentication where a user manages the roles of subordinate users. I need guidance on understanding on how to implement my own backend authentication system. Everywhere the documentation keeps mentioning that 'send the username and password to your backend that will generate a custom token'. What is this backend? where do I pursue this? My knowledge domain is firebase, firebase functions, angular 2/4, ionic2 for this discussion... thanks
To use custom authentication, you need to create a JSON Web Token (JWT) on your existing backend server, after you have used your existing backend server to validate the username and password of the user (or however else your backend server validates your users).
To create that JWT, use the configuration described at https://firebase.google.com/docs/auth/admin/create-custom-tokens?authuser=0#create_custom_tokens_using_a_third-party_jwt_library
There is PHP and Ruby code available at that page, for anyone using a language that does not have an SDK available from Google, but which does have a JWT library available.
The JWT is signed with your private key, which you can obtain as indicated at https://firebase.google.com/docs/auth/admin/create-custom-tokens?authuser=0#create_custom_tokens_using_a_third-party_jwt_library
Although that page describes initializing the SDK, this section also has instructions for creating the private key for your service account using the Firebase console at https://console.firebase.google.com/u/0/project/_/settings/serviceaccounts/adminsdk
You will have to send the email password to the firebase sdk in using javascript in web then when the sdk success functions tell that the user has been authenticated the web page will send result to your backend server (can be nodejs or php etc) from there you have to manage your own database to handle all the role base access.
Firebase is basically authenticating the user for you and telling you that you can identify this user using the following userid and then build your own system.
Firebase has access rules but those you have to define first you cannot fully customize them for each user.
For password auth see this:
https://firebase.google.com/docs/auth/web/password-auth
An easy way to do custom auth with Firebase is using an external identity provider. Auth0 is an example of such a provider.
Guide:
https://shusson.info/post/using-firebase-and-auth0-together
code:
https://github.com/shusson/firebase-custom-auth
I am trying to setup Firebase custom OAuth using Java as JWT server. I am able to successfully setup this.
But when I am trying to login using the custom token the provider field in the Auth page leaves empty any help how to setup to my own text?