My company owns Active Directory(AD) on Windows Server 2012, We need to integrate the AD with our web app developed and hosted on Firebase.
Company AD supports, LDAP to validate the user credentials.
I need help to get the approach to implement the same.
Firebase does not natively support LADP or any third party OAuth provider. Instead we might need to create custom tokens for authentication.
Custom token can be generated using firebase's built-in Admin SDK or we can also programmatically create custom tokens in any language using third-party JWT libraries.
Refer: https://firebase.google.com/docs/auth/admin/
Please refer the link for creating custom tokens:
https://firebase.google.com/docs/auth/admin/create-custom-tokens
Related
I've been developing a Cordova app using Azure's Mobile App Service product. It offers external sign-in through Facebook, but it doesn't offer a ready-made solution for storing the user into a SQL database where I can also add custom profile columns.
If I was making this app 5+ years ago, I would have used ASP.NET Identity to authenticate the web api, allow account creation with username/passwords as well as offering Facebook sign-in, and I'd be able to create custom profile items, all in a searchable database.
It's 2020 and I'm confused about what is the recommended modern method to achieve the same result. I've read a lot about Azure AD B2C and it seems to tick all the boxes, but I'm worried it might not be as searchable as a SQL user store, and possibly appear to the user as a tacked-on product which isn't as native as the existing app.
I'd appreciate any advice or recommendations about which method I should use for creating my authenticated user store.
If you want to use a custom database, then set up an OAuth provider (e.g. https://aspnetboilerplate.com/Pages/Documents/Zero/Identity-Server#:~:text=Identity%20Server%201%20Introduction.%20Identity%20Server%20is%20an,now%20ready%20to%20get%20requests%20from%20clients.%20) and use that as the authentication scheme. You can then use any OAuth client library to do the authentication, and set that up as a custom auth scheme in your Azure Mobile Apps service.
We are working on an application that uses firebase for authentication purposes. We implemented the authentication mechanism in our angular application and everything works fine. what we want now is to add custom claims to the JWT tokens generated once the user is authenticated. We know about the Admin SDK here:
https://firebase.google.com/docs/auth/admin/custom-claims
but this requires the addition of a web service. is there a way to configure firebase via the portal to add a default custom claim for all existing users and new users. what we want is to add an "id" field with random GUID. is it possible to use the Admin SDK to configure this behaviour once and for all?
Thanks in advance.
There is no way to add custom claims without using the Admin SDK. This requires that you run a script on a trusted environment, such as your development machine, a server you control, or Cloud Functions for Firebase. The latter is probably your best option if you want to do this regularly, and don't have your own server.
I have four Appengine Standard Application.
For authentication I will receive a JWT token of my customer (They have an oauth provider), I know that Firebase has some defaults providers Oauth like as Github, Google, Facebook and integration with Javascript API is verey easy. But I need to use of my customer.
Is there a possibility to have a new OAuth provider in Firebase console to easily integration my app with firebase like this example?
For the backend I am thinking to use SDK to validate a token.
FirebaseAuth.getInstance().verifyIdTokenAsync(idToken).get();
To sign in with unsupported OAuth providers, your need to use custom authentication. Here is a full example on how to authenticate with Instragram: https://firebase.googleblog.com/2016/10/authenticate-your-firebase-users-with.html
I want custom firebase authentication where a user manages the roles of subordinate users. I need guidance on understanding on how to implement my own backend authentication system. Everywhere the documentation keeps mentioning that 'send the username and password to your backend that will generate a custom token'. What is this backend? where do I pursue this? My knowledge domain is firebase, firebase functions, angular 2/4, ionic2 for this discussion... thanks
To use custom authentication, you need to create a JSON Web Token (JWT) on your existing backend server, after you have used your existing backend server to validate the username and password of the user (or however else your backend server validates your users).
To create that JWT, use the configuration described at https://firebase.google.com/docs/auth/admin/create-custom-tokens?authuser=0#create_custom_tokens_using_a_third-party_jwt_library
There is PHP and Ruby code available at that page, for anyone using a language that does not have an SDK available from Google, but which does have a JWT library available.
The JWT is signed with your private key, which you can obtain as indicated at https://firebase.google.com/docs/auth/admin/create-custom-tokens?authuser=0#create_custom_tokens_using_a_third-party_jwt_library
Although that page describes initializing the SDK, this section also has instructions for creating the private key for your service account using the Firebase console at https://console.firebase.google.com/u/0/project/_/settings/serviceaccounts/adminsdk
You will have to send the email password to the firebase sdk in using javascript in web then when the sdk success functions tell that the user has been authenticated the web page will send result to your backend server (can be nodejs or php etc) from there you have to manage your own database to handle all the role base access.
Firebase is basically authenticating the user for you and telling you that you can identify this user using the following userid and then build your own system.
Firebase has access rules but those you have to define first you cannot fully customize them for each user.
For password auth see this:
https://firebase.google.com/docs/auth/web/password-auth
An easy way to do custom auth with Firebase is using an external identity provider. Auth0 is an example of such a provider.
Guide:
https://shusson.info/post/using-firebase-and-auth0-together
code:
https://github.com/shusson/firebase-custom-auth
I'm trying to authenticate my app users with their credentials used at the website
I managed to authenticate users via Xamarin.Auth to login via Google, Twitter... etc but could not figure out how to authenticate them via ASP.Net Identity provider.
any ideas or examples ?
Your problem is not a new one, and is one that will be easily fixed in the near future (see note below).
When you're authenticating with a provider like Google or Facebook, you're receiving a token that you can then use to send to the API. Unfortunately Asp.Net Identity does not do this out of the box. You can either configure your API to use JwtBearer tokens, or check out the Identity4 project along with their samples. Note that if you're using Asp.Net Identity you'll probably want a cross between Quickstart 6 and Quickstart 8 so that all of the necessary persistent stores are in your database.
NOTE: You might also want to follow the Templating Team's PR #700 which is adding token based auth in the new templates which will soon allow you to rapidly create new Api's with Token Based Authentication for your mobile apps.