Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Swagger definition for firebase authentication

Tags:

Could anyone provide a working sample of a Swagger security definition for firebase authentication?

On the backend, firebase ID token is verified using the firebase admin SDK:

import * as admin from 'firebase-admin';  await admin.auth().verifyIdToken(idToken); 

What should be the values in the Swagger security definition to get the proper ID token for firebase?

"securityDefinitions": {         "firebase": {             "authorizationUrl": "https://accounts.google.com/o/oauth2/v2/auth",             "flow": "implicit",             "type": "oauth2",             "x-google-issuer": "https://securetoken.google.com/MY-PROJECT-ID",             "x-google-jwks_uri": "https://www.googleapis.com/service_accounts/v1/metadata/x509/[email protected]",             "x-google-audiences": "MY-CLIENT-ID",             "scopes": {                 "https://www.googleapis.com/auth/firebase": "Firebase scope"             }         }     } 

I do get a token back, however, firebase admin SDK says it's not valid:

Decoding Firebase ID token failed. Make sure you passed the entire string JWT which represents an ID token

Not sure if this is because of the wrong scopes or token types...

like image 560
dennis Avatar asked Jan 17 '18 18:01

dennis


People also ask

How do I Authorize API for Swagger?

In the Swagger Editor (the right pane), click the Authorize button, paste the sample API key shown in the description into the Value field (or use your own OpenWeatherMap API key), and click Authorize. Then click Close to close the authorization modal.

Do I need JWT with Firebase?

This page describes how to support user authentication in Cloud Endpoints. To authenticate a user, a client application must send a JSON Web Token (JWT) in the authorization header of the HTTP request to your backend API.


1 Answers

i am putting this here just for reference

https://github.com/swagger-api/swagger-ui/pull/7699

I've started a PR that will enable login/popup that swagger uses

to be plugged in with a custom extension that does firebase specific logic

like image 79
f.kowal Avatar answered Sep 25 '22 02:09

f.kowal