my intention is to create good rule for Firebase and friend it with my app, I started with simple one - user is authorized:
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write: if request.auth.uid != null;
}
}
}
what was done to auth my app via google+Firebase:
- generated keystore file
- keystore file usage is configured in graddle so that app is signed by it
- SHA1 is added to Firebase
- new google-services.json is downloded in app folder
- instruction followed to auth application via google (and official one)
somehow application is going to be authorized via e-mail like:
GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
// for the requestIdToken, this is in the values.xml file that
// is generated from your google-services.json
.requestIdToken(getString(R.string.default_web_client_id))
.requestEmail()
.build();
I believe that this .requestEmail() opens auth form in my app UI with request to enter e-mail (line comment doesn't help)...
the points are:
- my application is signed via keystore, and Firebase + google know that
- I don't need user to authorize or enter any e-mail
- all I need is to have my app automatically authorized for Firebase (don't care about google, but prefer usage of keystore + SHA1) so that Firebase rule will work (and later replaced with my true app uid)
What's the best/easiest approach to authorize app for Firebase and filter access in DB rule? (without any e-mail entering)
