I have fully integrated Firebase Auth in my Android App, now I want the client to interact with my backend (rails) using a unique Token. my question is this how it's done :
Thank you
To sign a user into your app, you first get authentication credentials from the user. These credentials can be the user's email address and password, or an OAuth token from a federated identity provider. Then, you pass these credentials to the Firebase Authentication SDK.
Firebase gives you complete control over authentication by allowing you to authenticate users or devices using secure JSON Web Tokens (JWTs). You generate these tokens on your server, pass them back to a client device, and then use them to authenticate via the signInWithCustomToken() method.
Prices are per successful verification. On the Blaze plan, Phone Authentication provides a no-cost tier. The first 10K verifications for both instances (USA, Canada, and India and All other countries) are provided at no cost each month. You are only charged on usage past this no-cost allotment.
Firebase Auth is a service that allows your app to sign up and authenticate a user against multiple providers such as (Google, Facebook, Twitter, GitHub and more).
Taking JinLiu's answer forward , once you get the Token in your android code , send it to your backend say : https://www.yourbackend.com?authenticate?token=asdad7687h... Note that the token generated by Firebase is a JWT token , we need to first verify its authenticity and decode it in the backend. For this , you need to add these two gems to your gemfile gem 'jwt' , '1.5.6' gem 'rest-client' , '2.0.1' With that done , you need to add these two (private) function in your controller:
def get_set_user
begin
token = params[:token]
if token.nil?
@user = nil
return
end
firebase_id = verify_user(token)[0]["user_id"]
if User.where(:firebase_id => firebase_id).exists?
@user = User.where(:firebase_id => firebase_id).first
else
@user = User.new(:firebase_id => firebase_id)
@user.save
@user
end
rescue
@user = nil
end
end
def verify_user(token)
certificate_url = "https://www.googleapis.com/robot/v1/metadata/x509/[email protected]"
myresponse = RestClient.get(certificate_url).body
certificates = JSON.parse myresponse.gsub('=>', ':')
myjson =""
certificates.each do|key , value|
begin
x509 = OpenSSL::X509::Certificate.new(value)
iss = 'https://securetoken.google.com/<yourdomain>'
aud = 'yourdomain' # change this
myjson = JWT.decode(token, x509.public_key, true,
{ algorithm: "RS256", verify_iat: true ,
iss: iss , verify_iss: true ,
aud: aud , verify_aud: true
})
return myjson
rescue
end
end
return nil
end
Now you can call get_set_user as before action to see , if the user has valid token . The idea is simple. Check if the token is signed by one of the keys mentioned at https://www.googleapis.com/robot/v1/metadata/x509/[email protected] . If yes , decode the token and get the firebase id .
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With