Skip to content

Authentication

Jump to bottom
Olivier Lefebvre edited this page Sep 20, 2020 · 6 revisions

Oauth2 Access Token

You need a Service account and the its private key file.
Next you can bind this file in an AuthTokenOptions or use Google.Apis.Auth to load it.

Bind to an AuthTokenOptions

Add an AuthTokenOptions in your configuration:

{
   "AuthTokenOptions": {
        {
           "type": "service_account",
           "project_id": "the project id",
           "private_key_id": "the private key id",
           "private_key": "-----BEGIN PRIVATE KEY-----
            -----END PRIVATE KEY-----\n",
            "client_email": "the client email",
            "client_id": "the client id",
            "auth_uri": "https://accounts.google.com/o/oauth2/auth",
            "token_uri": "https://accounts.google.com/o/oauth2/token",
            "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
            "client_x509_cert_url": "the cert url"
        }
    }
}

And for:

  • Realtime database
services.AddIdentity<ApplicationUser, IdentityRole>()
    .AddFirebaseStores("http://database url", options =>
    {
        Configuration.GetSection("AuthTokenOptions").Bind(options);
    })
    .AddDefaultTokenProviders();
  • Firestore
services.AddIdentity<ApplicationUser, IdentityRole>()
    .AddFirestoreStores(options =>
    {
        Configuration.GetSection("AuthTokenOptions").Bind(options);
    })
    .AddDefaultTokenProviders();

Load using Google.Apis.Auth

Supported by Realtime database only

3.2.0 or higther

Set the envorinment variable GOOGLE_APPLICATION_CREDENTIALS with the path of the private key file and provide the project id

services.AddIdentity<ApplicationUser, IdentityRole>()
    .AddFirebaseStores("firestore project id");

or use the AddFirebaseStores extension to provide the file's path.

services.AddIdentity<ApplicationUser, IdentityRole>()
    .AddFirebaseStores(provider =>
    {
        configuration.GetSection("FirestoreAuthTokenOptions").Bind(options);
    }, "path to the private key file");

Before 3.2.0

services.AddIdentity<ApplicationUser, IdentityRole>()
    .AddFirebaseStores("http://database url", provider =>
    {
        return GoogleCredential.FromFile("path to the private key file")
             .CreateScoped("https://www.googleapis.com/auth/userinfo.email", "https://www.googleapis.com/auth/firebase.database")
             .UnderlyingCredential;
    });

Firebase Id Token

Supported by Realtime database only

To use Firebase Id Token, you need to setup a user in your database and activate eMail/Password connection mode (this package support only this connection mode).
If you use Firebase Id Token the code cannot create index automaticaly. Read Index page for more informations.

eMail/Password

var options = new EmailPasswordOptions();
Configuration.GetSection("EmailPasswordOptions").Bind(options);
services.AddIdentity<ApplicationUser, IdentityRole>()
    .AddFirebaseStores("http://database url", provider =>
    {
        return new EmailPasswordTokenManager(provider.GetRequiredService<HttpClient>(), options);
    })
    .AddDefaultTokenProviders();

Other connection mode

Implement IFirebaseTokenManager interface to use other connection mode and provide your implementation class in DI.

Firebase Docs

Clone this wiki locally