I have a question about using a 3rd-party API for authentication.
I would like to use firebase for building an application.
I would like to use data from a 3rd party like strava.
What is the best way to Inegrate the Strava-api with Firebase.
How can I implement Strava-authentication in Firebase?
Strava API OAuth2 protocol for authentication and the use of a Firebase product like FireBase Authentication are not related..
OAuth2 authentication for Strava is for authenticating against the API EndPoint. This will then get user consent and offers a secure way for accessing their data.. FireBase authentication is a way to authenticate users into your app and is a gateway to products like FireBase Storage or RealTime DataBase. Both can be used in conjunction but are not related in code..
Related
I have a django restframework backend and a react frontend that uses google social auth to authenticate human users. The flow is a relatively simple JWT flow.
The user goes to my website
The user logs in with their google account
the google window sends a credential to my backend
the credential is verified on the backend
I send back an access token that allows the user to use my app which makes rest calls to my backend
I would like to generate a similar access token to pass to the backend so that I can access my api from lambda functions.
Is it possible to use the client_id and client_secret from my google console credentials to generate the same type of token to send to my backend? I've also looked into google service accounts, but this seems to be used specifically for accessing google services, not a generic API that is simply protected via google authentication.
If none of the above options work? How would you recommend I authenticate machine users via google auth?
I am currently using Firebase Authentication in my app using the built-in OIDC providers (Google, Facebook etc.). Is it possible to use Okta as an additional OIDC provider with minimal modifications to my app, meaning Okta should behave just like any other built-in provider? Firebase Auth apis, such as firebase.auth().currentUser and firebase.auth().onAuthStateChanged() should still work.
The doc page for Custom Authentication talks about getting a custom token from an auth server, but does not clarify if that's an OAuth access token. Is there an example of Okta integration or a generic OIDC integration that works seamlessly with Firebase auth?
There's no built-in Okta provider for Firebase Authentication, but if you have an existing authentication flow for it, it's fairly easy to integrate it into Firebase as a custom provider.
It's a 6 step process:
You gather the user credentials on the client.
You pass those credentials to a trusted environment, either a server you control, or Cloud Functions.
On the server you verify that the credentials are correct according to Okta, typically by calling a server-side API they provide with a key you provide.
You then use the results of that call to mint a new ID token for the user. This is a JWT, not an OAuth access token.
You pass back that ID token from the server to the client.
The client then calls firebase.auth().signInWithCustomToken(token) with the ID token, to sign in to Firebase Authentication.
I'd like to use Firebase to authenticate/authorize the user in my web app, but then use the AppEngine decorator in Python to make API calls to the user's Google Contacts/Calendar from the backend if the user authenticates with a Google account. Is it possible to carry on the Firebase authentication/authorization to the appengine decorator?
I'm using Firebase in my iOS and web app to handle user authentication. I need to make sure a user is logged in before he can make any requests to my API. How would I accomplish such a thing with Firebase?
I'm thinking about using Kong - https://getkong.org - as a middleman for my API. Kong has a few options in relation to authenticating incoming requests - https://getkong.org/plugins. What would work with Firebase? JWT authentication? OAuth authentication? Key authentication?
Can you point me in the direction of a basic example? Or give me a basic overview of what I should be looking for?
I ended up authentication the users token server-side, like this:
https://gist.github.com/holgersindbaek/2cc55efd89517e21fbb52b4e95125003
Firebase can allow you to require that a user be logged in with a third party service, such as Google or Facebook, before they can take certain data operations. There's fairly comprehensive documentation from Firebase themselves: https://firebase.google.com/docs/auth/
I am working on SPA and HTML5 Mobile application that's consume my server application via rest api. Server app connects to Google Adwords Api and then sending data to client app. My question is: is it possible to use google oauth login as login for my server api. And how?
Do I need to use FOSOAuthServerBundle?
Best,
Antonio
This is the flow for this use case: https://developers.google.com/identity/sign-in/web/server-side-flow
And after this you can use google token as your api token, or build your own oauth and use your own token.
Also it is possible to use FOSOAuthServerBundle with custom grant