Could anyone provide a working sample of a Swagger security definition for firebase authentication?
On the backend, firebase ID token is verified using the firebase admin SDK:
import * as admin from 'firebase-admin'; await admin.auth().verifyIdToken(idToken);
What should be the values in the Swagger security definition to get the proper ID token for firebase?
"securityDefinitions": { "firebase": { "authorizationUrl": "https://accounts.google.com/o/oauth2/v2/auth", "flow": "implicit", "type": "oauth2", "x-google-issuer": "https://securetoken.google.com/MY-PROJECT-ID", "x-google-jwks_uri": "https://www.googleapis.com/service_accounts/v1/metadata/x509/[email protected]", "x-google-audiences": "MY-CLIENT-ID", "scopes": { "https://www.googleapis.com/auth/firebase": "Firebase scope" } } }
I do get a token back, however, firebase admin SDK says it's not valid:
Decoding Firebase ID token failed. Make sure you passed the entire string JWT which represents an ID token
Not sure if this is because of the wrong scopes or token types...
In the Swagger Editor (the right pane), click the Authorize button, paste the sample API key shown in the description into the Value field (or use your own OpenWeatherMap API key), and click Authorize. Then click Close to close the authorization modal.
This page describes how to support user authentication in Cloud Endpoints. To authenticate a user, a client application must send a JSON Web Token (JWT) in the authorization header of the HTTP request to your backend API.
i am putting this here just for reference
https://github.com/swagger-api/swagger-ui/pull/7699
I've started a PR that will enable login/popup that swagger uses
to be plugged in with a custom extension that does firebase
specific logic
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With