auth

package
v2.1.0+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 7, 2017 License: Apache-2.0 Imports: 22 Imported by: 0

Documentation

Overview

Package auth contains functions for minting custom authentication tokens, and verifying Firebase ID tokens.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Client

type Client struct {
	// contains filtered or unexported fields
}

Client is the interface for the Firebase auth service.

Client facilitates generating custom JWT tokens for Firebase clients, and verifying ID tokens issued by Firebase backend services.

func NewClient

func NewClient(ctx context.Context, c *internal.AuthConfig) (*Client, error)

NewClient creates a new instance of the Firebase Auth Client.

This function can only be invoked from within the SDK. Client applications should access the the Auth service through firebase.App.

func (*Client) CustomToken

func (c *Client) CustomToken(uid string) (string, error)

CustomToken creates a signed custom authentication token with the specified user ID. The resulting JWT can be used in a Firebase client SDK to trigger an authentication flow. See https://firebase.google.com/docs/auth/admin/create-custom-tokens#sign_in_using_custom_tokens_on_clients for more details on how to use custom tokens for client authentication.

func (*Client) CustomTokenWithClaims

func (c *Client) CustomTokenWithClaims(uid string, devClaims map[string]interface{}) (string, error)

CustomTokenWithClaims is similar to CustomToken, but in addition to the user ID, it also encodes all the key-value pairs in the provided map as claims in the resulting JWT.

func (*Client) VerifyIDToken

func (c *Client) VerifyIDToken(idToken string) (*Token, error)

VerifyIDToken verifies the signature and payload of the provided ID token.

VerifyIDToken accepts a signed JWT token string, and verifies that it is current, issued for the correct Firebase project, and signed by the Google Firebase services in the cloud. It returns a Token containing the decoded claims in the input JWT. See https://firebase.google.com/docs/auth/admin/verify-id-tokens#retrieve_id_tokens_on_clients for more details on how to obtain an ID token in a client app.

type Token

type Token struct {
	Issuer   string                 `json:"iss"`
	Audience string                 `json:"aud"`
	Expires  int64                  `json:"exp"`
	IssuedAt int64                  `json:"iat"`
	Subject  string                 `json:"sub,omitempty"`
	UID      string                 `json:"uid,omitempty"`
	Claims   map[string]interface{} `json:"-"`
}

Token represents a decoded Firebase ID token.

Token provides typed accessors to the common JWT fields such as Audience (aud) and Expiry (exp). Additionally it provides a UID field, which indicates the user ID of the account to which this token belongs. Any additional JWT claims can be accessed via the Claims map of Token.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL