How to authenticate user to Firestore Go SDK?
Question
I'm trying to use the Firestore Go SDK from a client application. This looks like a client-side SDK, based on the functions, but that might be my first error?
I'm struggling to authenticate the user to Firestore. I've already logged them in using the REST API for Firebase Auth . This returns me an ID token, refresh token, etc. How do I use this with the Firestore SDK?
The docs suggest I need to call firestore.NewClient(<context>, <project-id>, <option>) . For the latter argument, I've tried option.WithCredentialsJSON(...) passing a JWT-decoded ID token. I've also tried passing the raw refresh token. In both cases, the SDK complains about what I'm passing.
How can I authenticate the user based on the tokens I've obtained?
2 answers
solution1
1 2019-08-24 11:31:35
option.WithCredentialsJSON accepts not JWT token, but Google Application Default Credentials.
Other option is to provide path to the file with Google Application Default Credentials using environment variable GOOGLE_APPLICATION_CREDENTIALS since firebase sdk is a part of the cloud.google.com/go sdk.
Check out the examples (also with other options).
https://cloud.google.com/docs/authentication/production#auth-cloud-implicit-go
https://godoc.org/cloud.google.com/go#example-package--ApplicationDefaultCredentials
solution2
1 ACCPTED 2019-08-24 14:10:36
The Go SDK for Firestore is meant to be used in a trusted environment, such as your development machine, a server you control, or Cloud Functions. It doesn't have a way to sign the user of the application in, but instead authenticates itself with the server with administrative credentials, which you'll don't want to have on non-trusted devices.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.