README
¶
Firebase Authentication JWT Verifier
This library follows the instructions described in verify id tokens using third-party JWT library section of the firebase documentation.
Example Usage
import (
"github.com/LewisWatson/firebase-jwt-auth"
"github.com/manyminds/api2go"
)
// tokenVerifier previously initialised with fireauth.New("projectname")
func verify(r api2go.Request, tokenVerifier fireauth.TokenVerifier) error {
token := r.Header.Get("authorization")
userID, claims, err := tokenVerifier.Verify(token)
if err != nil {
return err
}
r.Context.Set("userID", userID)
r.Context.Set("claims", claims)
return nil
}
Documentation
¶
Overview ¶
Package fireauth provides ability to verify firebase authentication ID tokens
Example ¶
package main
import (
"io/ioutil"
"log"
"github.com/LewisWatson/firebase-jwt-auth"
)
func main() {
fireauth, err := fireauth.New("example project")
if err != nil {
log.Fatalf("%v", err)
}
token, err := getToken()
if err != nil {
log.Fatalf("%v", err)
}
userID, claims, err := fireauth.Verify(token)
if err != nil {
log.Fatalf("%v", err)
}
log.Printf("userID %v, claims %+v", userID, claims)
}
func getToken() (string, error) {
content, err := ioutil.ReadFile("testdata/token.txt")
if err != nil {
return "", err
}
return string(content), nil
}
Output:
Index ¶
Examples ¶
Constants ¶
View Source
const ( // FirebaseKeyURL Firebase key provider url // specified in https://firebase.google.com/docs/auth/admin/verify-id-tokens#verify_id_tokens_using_a_third-party_jwt_library FirebaseKeyURL = "https://www.googleapis.com/robot/v1/metadata/x509/securetoken@system.gserviceaccount.com" // IssPrefix JWT issuer prefix // specified in https://firebase.google.com/docs/auth/admin/verify-id-tokens#verify_id_tokens_using_a_third-party_jwt_library IssPrefix = "https://securetoken.google.com/" )
View Source
const HeaderCacheControl = "Cache-Control"
HeaderCacheControl Cache-Control field in http response header
Variables ¶
View Source
var ( // ErrNilToken is returned when the authorization token is empty ErrNilToken = errors.New("Empty authorizatin token") // ErrRSAVerification is missing from crypto/ecdsa compared to crypto/rsa ErrRSAVerification = errors.New("crypto/rsa: verification error") // ErrNotIssuedYet indicates that the token hasn't been issued yet ErrNotIssuedYet = errors.New("Token not issued yet") // ErrCacheControlHeaderLacksMaxAge indicates that the key server response didnt contain a max age // as specified by the firebase docs ErrCacheControlHeaderLacksMaxAge = errors.New("cache control header doesn't contain a max age") )
Functions ¶
Types ¶
type FireAuth ¶
type FireAuth struct {
ProjectID string
KeyURL string
IssPrefix string
Clock clock.Clock
sync.RWMutex
// contains filtered or unexported fields
}
FireAuth module to verify and extract information from Firebase JWT tokens
func New ¶
New creates a new instance of FireAuth with default values and loads the latest keys from the Firebase servers
func (*FireAuth) UpdatePublicKeys ¶
UpdatePublicKeys retrieves the latest Firebase keys
Notes ¶
Bugs ¶
should extract kid from header and only verify against that key
Source Files
Click to show internal directories.
Click to hide internal directories.