Alternative to firebase functions to create actions-on-google integration - firebase

I am trying to find an alternative for Firebase to create functions that will work with actions-on-google DialogFlow class. I am creating a nodeJS app which will create a web service endpoint which will be configured as the Fulfillment URL in the DialogFlow dashboard. All the business logic to handle the request from API.AI will be at the nodeJS app. This app will then send back response by calling app.ask() and other related methods of API.AI (aka DialogFlow)
Reason: Our deployment cloud is on OneOps and we have dedicated assemblies for nodeJS apps. That is, I need to deploy this node app on our OneOps cloud and not on Firebase cloud.
Is there an alternative over Firebase here?

Absolutely! With Dialogflow you can define any URL (preferable HTTPS) in Dialogflow's console and you're free to use any hosting platform that can speak HTTP:
Also, you should be able to use the Action on Google library to respond to requests on most Node.js environments

Certainly! You can use whatever you want - all that Dialogflow requires is that the webhook be on a public address with a valid HTTPS certificate.
When designing the webhook, you'll need to accept a POST request from Dialogflow that contains JSON as the body, and similarly respond with a JSON body.
Since you're using node.js, you'll likely be using Express. One thing to note if you'll be using the actions-on-google library is that it expects that Express has already populated the req.body with a JSON object - not with the string body. This is typically done with middleware such as body-parser.

Related

Firebase custom auth in server-to-server scenario

I need to implement a scenario where, after a file is uploaded to Google Cloud Storage, a function is triggered and processes the file. In this case, processing basically means sanitizing the file, storing it into Firestore and making it accessible via another HTTP-triggered function (a REST API of sorts).
Both user-facing ends of this process (a file upload and HTTP function) need to be secured. The process will be used in server-to-server scenario: one side is going to be a backend written in either Node.js or .NET, the other will be my Firebase solution (Cloud Storage and HTTP-triggered function as per above). In Firebase, I am going to maintain a custom set of users that should have access to the system - my idea was to use a simple system where each user will have a client id and a client secret (basically an oAuth client credentials grant type).
Based on what I read online, an only option to implement this is to use [Firebase auth with custom tokens][1]. I found lots of examples online on how to do that, but it was always about client-to-server scenarios (e.g. a Javascript web app talking to REST API). Server-to-server scenarios were not mentioned anywhere and indeed, I am unsure how to go about implementing it - I can call auth.createCustomToken(uid) just fine in my HTTP Firestore function, but there seem to be no server-side libraries I could use to call auth.SignInWithCustomTokenAsync(customToken).
To sum it up:
How can I use Firebase auth with custom tokens in server-to-server
scenario, where I need to sign in using a previously generated
custom token from a server environment?
If it is not possible,
what's the other alternative to securely implement the
above-described architecture?
I've contacted Google Support and if anyone else is struggling with this, in server-side scenarios, recommended approach is to call signInWithCustomToken endpoint in Firebase Auth REST API.

Can you use Unity / Firebase Auth with C# google cloud functions?

I'm looking into porting a unity game with a dotnet backend over to firebase firestore / functions, etc. My initial tests look promising, but my biggest hold-up is that I would need to rewrite a lot of the server-side logic in JavaScript.
I know that firebase's functions and firestore both run on google cloud, and the cloud version of functions supports a number of additional languages, including c#. I was able to create a couple of C# test functions and upload them to the same project as my unity test. They show up in the firebase portal and can be called via the HTTP endpoints supplied by google cloud, etc.
I discovered that I can call the function that does not require auth using the FirebaseFunctions callabale API in unity (fun fact, it only seems to work if the response is a JSON object in the form of { "result": [data here] }) I cannot, however, call the version of the same function that does require authentication - it returns an internal error message.
I am wondering there is a way to make these methods callable from the unity firebase API - passing in the user id/auth that I get from logging into firebase? I've seen some examples/answers where people say to call the cloud function directly using the Authorization: bearer token header, but I cannot seem to find a way to get the auth token from the current user in the Unity Firebase API.
I imagine that I am stepping further outside the realm of firebase unity API and more into google cloud/identity platform
You can retrieve the ID token of the current user by calling TokenAsync() on their profile.
That's the value you need to pass along in the Authorization header of the call to Cloud Functions, where you can then access it in you Callable Cloud Function.
Alternatively you can implement a regular HTTP Cloud Function, pass the same in whatever way you see fit there, and then on the server decode and verify the ID token with the Admin SDK yourself.

Getting Firebase Bearer token by simple HttpCall (REST API)

I am currently facing the following situation.
Sending Firebase Messages via HttpCall via the google API endpoint:
https://fcm.googleapis.com/v1/projects/projectName/messages:send
Here we have to use OAuth2.0 with a valid Bearer Token like discussed in this question:
What Bearer token should I be using for Firebase Cloud Messaging testing?
After following these steps I was able to send Firebase Messages via the google API.
Now I would like to get the Bearer Token via a HttpCall without doing the manual step with the Playground https://developers.google.com/oauthplayground.
I cannot find any documentation on how to "Exchange authorization code for tokens" via simple HttpCall. I have no possibility to implement any code because I would like to send Firebase messages inside a "Dataverse Cloud Flow/PowerAutomate", therefore no possibility to load any external DLL (like the Firebase Admin Dll, which would implement this functionality).
I am not,looking for a solution which depends on external Dll like https://firebase.google.com/docs/database/rest/auth#authenticate_with_an_access_token or Pre-RequestScript
Any help is appreciated
What you are after is fundamentally not possible, since you can't hook the result of the bearer token into the same URL process to send messages. By the sounds of it you are unable to fetch one URL, process the results from that URL to pass onto the other which is what the REST API would do.
As such, you will need a secondary service that you can simply send messages to and it will invoke the Message and authentication for you, a bridge as you will. You can use Firebase Cloud Functions with an onRequest call or a simple express server on a Google Compute Engine instance (f1 free tier).
Then you can send your message request from your service to this bridge which will authenticate for you and send the message, it would be a fairly simple script to implement, specially with the admin-sdk.

Calling Firebase Remote Config REST API without auth

I want to use Firebase Remote Config API via REST in a mobile app. Due to technical limitations, I can't use the Android/iOS SDK so I have to resort to the REST API.
However, that API requires authentication using a private key -- obviously I can't include that key in the application.
I don't need any other Firebase service at this time, just the remote config.
How can I work around this limitation? I tried following the guide at https://firebase.google.com/docs/remote-config/use-config-rest, but as mentioned it requires to first generate a short-lived OAuth2 token using the auth API.
According to the documentation on using the Remote Config REST API:
This document describes how you can use the Remote Config REST API to read and modify the set of JSON-formatted parameters and conditions known as the Remote Config template.
So the REST API is for modifying Remote Config variables, the type of action you could also do in the Firebase console. It is not for use in regular clients, which consume the configuration variables. For that you'll have to use one of the provided clients, as there is no REST API and the wire protocol is not documented.

I can't see any incoming requests in Google Cloud Endpoint console

I'm trying to configure Google Cloud Endpoint in front of Cloud Run. I decided to use the OpenAPI 2.0 standard so I can use Python 3.6.5 as a language to develop my backend.
I followed this guide https://cloud.google.com/endpoints/docs/openapi/get-started-cloud-run.
I've been able to set up a custom domain name for my Cloud Endpoints like api.example.com and I'm able to make API calls to my endpoints.
The only problem is that I can't see any incoming requests and any logs in my Cloud Endpoints console. I can only see them in the Cloud Run console.
How is possible? What am I doing wrong?
I also tried to create enable my Flask app to support another endpoint and I didn't update the openapi.yaml file with the new endpoint. My service is giving me answers if I make API calls to the new endpoints.
How is possible if I didn't update that file?
I'm starting to think that I didn't configure well the Cloud Endpoint and I'm making API calls directly to my Cloud Run service.

Resources