Flutter with REST backend Springboot

Question

I am developing a Flutter mobile application with a Spring Boot backend. I want to have three types of login methods (1). username & password (2). Facebook (3). Google.

I have following questions.

1) If I handle the Authentication part in the mobile App via Firebase Authentication (And store all the user on Firebase), do I need to write authentication code on my Spring Boot side? Or I need to keep my authentication on the Sprin Bboot side only?

2) I want the JWT token for all the authentication system (Facebook, Google and username & password). The mobile app will send the JWT token for every requests it make to the Springboot app.

3) I am looking for a step by step tutorial that shows how can I integrate all these login methods in my Springboot REST APIs. I have looked many but all they have some different different methods or dependencies. Like some are adding Facebook dependency in the maven and some only add the Oauth2.

Thanking you in advance

Answer 1

You can integrate your Spring Boot back-end with external authentication provider using JWT by defining a custom security filter in your spring boot app. This filter will read the JWT issuer (iss) and define where it comes from (Facebook or Google). Then, based on the provider, use the appropriate public key to verify the signature included in the JWT (normally, you can use the JWKS URI provided by the authentication providers to get the key). If all good, authentication is success.