Swift + Vapor framework for server + Xcode 8.1 I am trying to read Firebase Realtime Database making HTTP requests to my DB, but I get permission denied. These are the steps: 1. create JWT sign it with secret key downloaded from "console.developers.google.com" 2. send POST request to OAuth2 server and get access token 3. send GET request to firebase database with access token received from OAuth2 server. I get "Permission denied", HTTP/1.1 403 Forbidden <pre class="prettyprint"><code>// the header of the JSON Web Token (first part of the JWT) let headerJWT = ["alg":"RS256","typ":"JWT"] // the claim set of the JSON Web Token let jwtClaimSet = ["iss":"firebase-adminsdk-kxx5h@fir-30c9e.iam.gserviceaccount.com", "scope":"https://www.googleapis.com/auth/firebase.database", //is this the correct API to access firebase database? "aud":"https://www.googleapis.com/oauth2/v4/token", "exp": expDate, "iat": iatDate] drop.get("access") { request in var accesstoken = "ya29.ElqhA-....XXXX" let responseFirebase = try drop.client.get("https://fir- 30c9e.firebaseio.com/data/Users.json", headers: ["Authorization":"Bearer \(accesstoken)"], query: [:]) print("FirebaseResponse_is \(responseFirebase)") return "success" } </code></pre> <img src="https://i.stack.imgur.com/kQdsL.png" alt="Firebase Service Account"> <img src="https://i.stack.imgur.com/vSc6o.png" alt="FireBase Database Rulles">

TLDR; Try placing <code>auth=<TOKEN></code> in your query string instead of using the authorization header. <hr> The Firebase documentation is unclear on how this works. According to the documentation, there are three methods that should work. <ol> <li> <code>auth=<TOKEN></code> in query string (link)</li> <li> <code>access_token=<TOKEN></code> in query string (link)</li> <li> <code>Authorization: Bearer <TOKEN></code> in request header (link)</li> </ol> I'm not convinced that all three methods do actually work however. I'm using method 1 in my application, so I know that one works for sure.

The <code>scope</code> key was missing value <code>https://www.googleapis.com/auth/userinfo.email</code> <pre class="prettyprint"><code> let jwtClaimSet = ["iss":"firebase-adminsdk-kxx5h@fir-30c9e.iam.gserviceaccount.com", "scope": "https://www.googleapis.com/auth/firebase.database https://www.googleapis.com/auth/userinfo.email", "aud":"https://www.googleapis.com/oauth2/v4/token", "exp": expDate, "iat": iatDate] </code></pre> I found the answer browsing google groups here

Can't access FireBase Database via HTTP/REST error 403 Forbidden

Tags:

firebase

vapor

firebase-realtime-database

service-accounts

Swift + Vapor framework for server + Xcode 8.1

I am trying to read Firebase Realtime Database making HTTP requests to my DB, but I get permission denied.

These are the steps:
1. create JWT sign it with secret key downloaded from "console.developers.google.com"
2. send POST request to OAuth2 server and get access token
3. send GET request to firebase database with access token received from OAuth2 server.

I get "Permission denied", HTTP/1.1 403 Forbidden

// the header of the JSON Web Token (first part of the JWT)
let headerJWT = ["alg":"RS256","typ":"JWT"]

// the claim set of the JSON Web Token
let jwtClaimSet =
  ["iss":"[email protected]",
 "scope":"https://www.googleapis.com/auth/firebase.database", //is this the correct API to access firebase database?
 "aud":"https://www.googleapis.com/oauth2/v4/token",
 "exp": expDate,
 "iat": iatDate]


drop.get("access") { request in
var accesstoken = "ya29.ElqhA-....XXXX"

 let responseFirebase = try drop.client.get("https://fir- 30c9e.firebaseio.com/data/Users.json",
  headers: ["Authorization":"Bearer \(accesstoken)"], 
     query: [:])

print("FirebaseResponse_is \(responseFirebase)")
return "success"
}

Firebase Service Account FireBase Database Rulles

828

asked Nov 25 '16 17:11

bibscy

2 Answers

TLDR; Try placing auth=<TOKEN> in your query string instead of using the authorization header.

The Firebase documentation is unclear on how this works. According to the documentation, there are three methods that should work.

auth=<TOKEN> in query string (link)
access_token=<TOKEN> in query string (link)
Authorization: Bearer <TOKEN> in request header (link)

I'm not convinced that all three methods do actually work however. I'm using method 1 in my application, so I know that one works for sure.

170

answered Sep 23 '22 01:09

nloewen

The scope key was missing value https://www.googleapis.com/auth/userinfo.email

 let jwtClaimSet =
   ["iss":"[email protected]",
 "scope": "https://www.googleapis.com/auth/firebase.database  
 https://www.googleapis.com/auth/userinfo.email", 
 "aud":"https://www.googleapis.com/oauth2/v4/token",
 "exp": expDate,
 "iat": iatDate]

I found the answer browsing google groups here

answered Sep 26 '22 01:09

bibscy

Related questions
                            
                                How to receive daily summary email from firebase analytics?
                            
                                How to debug Firebase security rules/permissions
                            
                                RNFirebase core module was not found natively on android
                            
                                How to initialize firebase after android google login?
                            
                                Pre-launch-report failures due to missing methods (in com.google.android.apps.mtaas.crawler-1/base.apk)
                            
                                Firestore Cloud Functions not working locally
                            
                                Use new firebase sdk in android eclipse project
                            
                                Create user in database after Firebase Auth (android)
                            
                                Android Firebase Rest API Authentication
                            
                                Could not find com.google.gms:google-services:4.1.0 [duplicate]
                            
                                How to improve performance of matching algorithm
                            
                                Firebase signInWithEmailAndPassword() 400() POST Error
                            
                                Protocol "https" not supported or disabled in libcurl
                            
                                How is user_engagement event generated in firebase analytics?
                            
                                Flutter Firebase Auth Password Reset
                            
                                how to navigate when click background notification on Flutter?
                            
                                onDataChange is getting called twice in android Firebase
                            
                                How to list subcollections in a Cloud Firestore document
                            
                                Cloud Firestore rules on subcollection
                            
                                Combining Firebase realtime data listener with RxJava

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!

Donate Us With

Can't access FireBase Database via HTTP/REST error 403 Forbidden

Tags:

firebase

vapor

firebase-realtime-database

service-accounts

bibscy

People also ask

2 Answers

nloewen

bibscy

Recent Activity

Donate For Us