Marie
Reputation: 146
Verify if request origin is from Cloud Tasks in a Firebase Function Node.JS
For a simple way to refuse (in the code) all the requests that are not from Cloud Tasks for my firebase v2 function.
export const createSomethingHttp = onRequest(async (request, response) => {
// Check if the request is from Cloud Tasks
if (!request.headers['x-cloudtasks-queuename']) {
logger.error('Request not from Cloud Tasks', request.headers);
response.status(403).json({ error: 'Forbidden' });
return;
}
Currently, this is my guard, but if could be easily bypass.
Is there a way to modify this code to verify the origin of the request ? Functions & Cloud Tasks are on the same project and same location.
Many thanks
I have found several answers online about OIDC tokens, I wasn't able to understand it properly, I think because of lack of experience and expertise, especially the answers in different coding language. I think it requires also several changes in the GCP account / service accounts. I'm looking to see if there is a way from code-side.
Upvotes: 0
Views: 39
Answers (0)
Related Questions
- Google Cloud Tasks cannot authenticate to Cloud Run
- How to protect firebase Cloud Function HTTP endpoint to allow only Firebase authenticated users?
- Cloud Tasks cannot authenticate calls to Cloud Run Jobs
- Enabling CORS in Cloud Functions for Firebase
- What's the difference between Cloud Firestore and the Firebase Realtime Database?
- How do I structure Cloud Functions for Firebase to deploy multiple functions from multiple files?
- GCP Cloud Tasks: shorten period for creating a previously created named task
- Firebase Cloud Function HTTP Request Authorization
- Calling Cloud Function from Compute Engine