Using firebase Java library on server without authentication process -
the server operating being used generate firebase tokens , read , write values firebase, use rest apis different type of token has different uid prefix.
however, since many features have been added server, decided use firebase java library , migrating previous code written rest apis.
the question is, how can use firebase java library tokens omitting authentication process?
authentication process runs asynchronously can applied client application not server.
what if fails authentication? or if takes time?
the previous code used auth token every request this:
https://abcd.firebaseio.com/ns/blahblah/event?auth=token
so doesn't need authentication process.
hope understand poor english. thanks!
according firebase documentation authentication server-side processes, there 3 ways authenticate:
- using firebase app secret
- using secure jwt optional admin claim set true
- using secure jwt designed give access pieces of data server needs touch
you getting secure jwt authentication server, using option 2 or 3.
the alternative use so-called app secret of firebase application. can find value in dashboard of application , can serve drop-in replacement current token.
however highly recommend against approach. jenny wrote pretty exhaustive list of reasons against here: https://stackoverflow.com/a/29240941
Comments
Post a Comment