decode firebase token in .net

Question

I'm migrating from signInWithGoogle to Firebase in my Android app.

I can generate the firebase user in my android app and pull out the user info but I'm having trouble using the firebase token for authentication with my backend server.

I want to be able to pass the token to the server, decode it and validate the user instead of passing the email address or some other piece of personal info. This is the preferred method of authentication in the documentation

// The user's ID, unique to the Firebase project. Do NOT use this value to // authenticate with your backend server, if you have one. Use //FirebaseUser.getToken() instead.

With signInWithGoogle I just had to pass the token up to the server and hit the endpoint at googleapis.com/oauth2/v3/tokeninfo?id_token=TOKEN and I could validate and authenticate the user this way.
(https://developers.google.com/identity/sign-in/web/backend-auth)

It appears that firebase does not provide this ability. All I can find are SDKs for Java and NODEjs. (https://firebase.google.com/docs/auth/server#use_a_jwt_library)

Is there a way to decode the token in .NET?

Answer 1

I've been able to decode the token in .NET using the Org.BouncyCastle (https://www.nuget.org/packages/BouncyCastle/) and Jose.JWT (https://www.nuget.org/packages/jose-jwt/) libraries, using this approach:

string tokenToDecode=@"eyGF...._pEkKGg...NnO7w";

StreamReader sr = new StreamReader(GenerateStreamFromString("-----BEGIN PRIVATE KEY-----\nMIIE...\n...\n...\n...\n...\n...\n...\n...\n...\n...\n...\n...\n...\n...\n...\n...\n...\n...\n...\n...\n...\n...\n...\n...\n...\n...\n-----END PRIVATE KEY-----\n"));
var pr=new Org.BouncyCastle.OpenSsl.PemReader(sr);
RsaPrivateCrtKeyParameters RsaParams = (RsaPrivateCrtKeyParameters)pr.ReadObject();

string decodedToken=Jose.JWT.Decode(tokenToDecode, Org.BouncyCastle.Security.DotNetUtilities.ToRSA(RsaParams), JwsAlgorithm.RS256);

The notes in this related question will help here too.