0

I have successfully created and deployed Firebase Functions while also being able to test locally with the firebase serve command of firebase-tools. I can then send requests to the endpoints with the Postman app (and curl would likely be as good to use).

Now I'm at the point that I need to secure my functions, and the best practice seems to be verifying the uid token of the Authorization header (based on what I've read). This advice makes sense and I found some code which may do the trick.

But how do I retrieve a token or authenticate with Firebase Auth to then test my newly secured and locally-served functions using Postman or curl?

I know how to load the Authentication data into a REST request, but how does one get the user token from Firebase, on a testing basis, to make the authentication work locally for authenticated endpoints?

Frank van Puffelen
  • 565,676
  • 79
  • 828
  • 807
Randy Burgess
  • 4,835
  • 6
  • 41
  • 59
  • Does this work for you? https://firebase.google.com/docs/auth/admin/verify-id-tokens#retrieve_id_tokens_on_clients – Frank van Puffelen Dec 25 '18 at 07:16
  • Do I need to create a "test client" app to retrieve an id token this way? Is there, with something like Postman, to retrieve a token so that I can automate the process for local function testing? – Randy Burgess Dec 26 '18 at 19:35
  • This person asked the same question but didn't get an answer, either. https://stackoverflow.com/questions/46839878/firebase-how-to-programmatically-generate-a-jwt-token-for-a-particular-user-sim?rq=1 – Randy Burgess Dec 26 '18 at 21:34

1 Answers1

0

You can use any JWT library to generate a custom JSON Web Token to provide in your api calls.

Check the related firebase documentation at section 'Create custom tokens using a third-party JWT library'.

Pedro Rodrigues
  • 2,520
  • 2
  • 27
  • 26