User Auth using Quarkus + Firebase
Why Firebase Auth with Quarkus?
- Uses JWT Tokens
- Easily support multiple providers like Facebook, Google etc. from the same code
- Use Firebase provided values like User ID or email to easily verify users
- Easier Access Control
Oh Sorry, based on your token Mr Smith, you don’t get access to this Service, but Mr Root does. - Easier Token Management
Note that out here, we aren’t creating the tokens nor are we storing the tokens nor are we signing it. Thus, nor do we need to manage any keys.
Firebase is doing all that for us.
So it’s quite obvious with lesser overhead, how easier it makes our lives. - Already using other Firebase APIs
Assuming you are already using other Firebase APIs, using this is a big bonus. A kind of cherry on top.
Setup
You can create a new project with the appropriate dependencies using
Or if you have a pre-existing project, you can use
Configuration
In the src/main/resources directory you will find the application.properties file
Let us add Firebase Auth Support to it.
We need to specify who the issuer is. For this, you need your Firebase Project ID
As you can see, we also need the Firebase Public Key.
In the src/main/resources/META-INF/resources directory, create the key.pem file.
This key.pem file contains the Google Firebase Public Keys.
Here’s one
Show Me the Code
Now that we have configured our web server to accept Firebase Tokens, let’s write the code
Now as you can see, we need to use the getClaim to find the values from the token we need.
You can use getClaimNames to list down all the accessible claims
TESTING
You can test this using the JavaScript fetch command
CHECKING via POSTMAN
You can find the full code at https://github.com/pratikpc/Quarkus-Firebase-Auth-Medium
You can also contact me via LinkedIn
