I'd like to use Firebase to authenticate/authorize the user in my web app, but then use the AppEngine decorator in Python to make API calls to the user's Google Contacts/Calendar from the backend if the user authenticates with a Google account. Is it possible to carry on the Firebase authentication/authorization to the appengine decorator?
Related
I have a django restframework backend and a react frontend that uses google social auth to authenticate human users. The flow is a relatively simple JWT flow.
The user goes to my website
The user logs in with their google account
the google window sends a credential to my backend
the credential is verified on the backend
I send back an access token that allows the user to use my app which makes rest calls to my backend
I would like to generate a similar access token to pass to the backend so that I can access my api from lambda functions.
Is it possible to use the client_id and client_secret from my google console credentials to generate the same type of token to send to my backend? I've also looked into google service accounts, but this seems to be used specifically for accessing google services, not a generic API that is simply protected via google authentication.
If none of the above options work? How would you recommend I authenticate machine users via google auth?
I have experience in integrating AWS cognito with Azure AD (SSO). But I don't know how to implement similar authentication in GCP.
I want to authenticate the users in Azure AD to use the custom web app deployed in Google cloud run.
I see three options in GCP, but I couldn't find any resource to implement.
Google cloud identity
Google cloud identity platform
Firebase Authentication
This custom web app should only authenticate the Azure AD users in our organization.
Google Cloud Identity Platform and Firebase Authentication are effectively the same thing. There are a few additional features in GCIP.
To set up GCIP for Microsoft user, here's a link to the docs.
If you're using Cloud Function for Firebase, you can use a Callable Function to get the authenticated user, then handle your own authorisation.
If you want to use Cloud Run, then you can use the Firebase Admin SDK (even with GCIP) to verify the token and get the user ID (which you can then use to authorise the user via a database or with Custom Claims).
I am currently using Firebase Authentication in my app using the built-in OIDC providers (Google, Facebook etc.). Is it possible to use Okta as an additional OIDC provider with minimal modifications to my app, meaning Okta should behave just like any other built-in provider? Firebase Auth apis, such as firebase.auth().currentUser and firebase.auth().onAuthStateChanged() should still work.
The doc page for Custom Authentication talks about getting a custom token from an auth server, but does not clarify if that's an OAuth access token. Is there an example of Okta integration or a generic OIDC integration that works seamlessly with Firebase auth?
There's no built-in Okta provider for Firebase Authentication, but if you have an existing authentication flow for it, it's fairly easy to integrate it into Firebase as a custom provider.
It's a 6 step process:
You gather the user credentials on the client.
You pass those credentials to a trusted environment, either a server you control, or Cloud Functions.
On the server you verify that the credentials are correct according to Okta, typically by calling a server-side API they provide with a key you provide.
You then use the results of that call to mint a new ID token for the user. This is a JWT, not an OAuth access token.
You pass back that ID token from the server to the client.
The client then calls firebase.auth().signInWithCustomToken(token) with the ID token, to sign in to Firebase Authentication.
I have a question about using a 3rd-party API for authentication.
I would like to use firebase for building an application.
I would like to use data from a 3rd party like strava.
What is the best way to Inegrate the Strava-api with Firebase.
How can I implement Strava-authentication in Firebase?
Strava API OAuth2 protocol for authentication and the use of a Firebase product like FireBase Authentication are not related..
OAuth2 authentication for Strava is for authenticating against the API EndPoint. This will then get user consent and offers a secure way for accessing their data.. FireBase authentication is a way to authenticate users into your app and is a gateway to products like FireBase Storage or RealTime DataBase. Both can be used in conjunction but are not related in code..
I am working on SPA and HTML5 Mobile application that's consume my server application via rest api. Server app connects to Google Adwords Api and then sending data to client app. My question is: is it possible to use google oauth login as login for my server api. And how?
Do I need to use FOSOAuthServerBundle?
Best,
Antonio
This is the flow for this use case: https://developers.google.com/identity/sign-in/web/server-side-flow
And after this you can use google token as your api token, or build your own oauth and use your own token.
Also it is possible to use FOSOAuthServerBundle with custom grant