Reputation: 119
OAuth 2.0 Flow with Firebase Functions
How do I use Firebase Functions to successfully connect to an OAuth 2.0 app (ex: Alpaca)? The closest I've found is this GCP tutorial but it doesn't save the access token for future use.
How do I:
- Remember the state (random string used to protect against request forgery attacks) across different Firestore Functions so I can determine whether it's unchanged?
- Associate the access token with the user that authorized me (ideally saving the token in Firestore)?
Is there a library that does all this for me that will work from a Firebase Function?
Upvotes: 6
Views: 4133
Answers (2)
Reputation: 119
I followed a lot of the instructions from this guide. Here are the answers to my original questions for posterity:
- (Remembering state) Generate it on the client side and save somewhere (I used localStorage). Pass the state to a Firebase function that generates your authorization url and returns it to the client.
- (Saving access token) After authorization I redirect back to the client side (as opposed to a Firebase function). From the client I parse the auth code and check if state matches. I pass the authorization code to a Firebase Function to configure the request for the final access token. Since I called the function from the client I have access to the
contextparam that tells me theuidassociated with the access token.
Upvotes: 2
Reputation: 4670
For you to connect OAuth 2.0 to Cloud Functions, indeed, the documentation you provided, would be the official one, to achieve that. And I understand your points, about your questions, of remembering state and associating the token with the access, it actually would be very helpful.
To answer your question, there isn't a library that does all of this for you. Searching around, it seems that you can use a JWT token, which would provide you some options of predefined fields, that might help you have more control to the expiration time, who the token is intended to, etc. In case you are interested on it, there is a good documentation about how to use it with Cloud Functions here: Understanding OAuth2 and Deploying a Basic Authorization Service to Cloud Functions
Outside of that, unfortunately, it doesn't seem that you have other options. For this reason, I would recommend you also to raise a Feature Request in Google's Issue Tracker, so they can take a look about the possibility of changing/improving the way that the OAuth 2.0 works with Cloud Functions in the future.
Let me know if the information helped you!
Upvotes: 2
Related Questions
- simple-oauth2 DEBUG in firebase functions
- Authenticated firebase functions with custom OpenId Connect provider
- Firebase function unauthenticated
- Firebase callable functions fail
- firebase anonymous auth with cloud functions
- Google Cloud Function Authentication using Oauth2
- Deploying authenticated cloud function using firebase
- Firebase functions with typescript and auth
- Accessing Auth from Firebase Cloud Functions
- authenticated access to Firebase REST API within cloud functions