B4J Library [server] FirebaseServer - backend verification for signed in users

Users can sign in to your B4A or B4i apps using Google or Facebook with the FirebaseAuth libraries.

FirebaseServer completes the puzzle with server side verification of the user. This means that the signed in user gets a token id (long string) from Firebase services by calling FirebaseAuth.GetUserTokenId. The client sends the token id to the server.
The server verifies the token using this library.

1676356753945.png


Once verified we know for sure that the request was sent from our app and we know the identity of the signed in user.

Configuration

Follow these instructions: https://firebase.google.com/docs/server/setup#add_firebase_to_your_app
Copy the json file to the Files tab.

Simple example:
B4X:
Sub Process_Globals
   Private fs As FirebaseServer
End Sub

Sub AppStart (Args() As String)
   fs.Initialize("fs", File.OpenInput(File.DirAssets, "B4A-Test1-1878011f6afe.json"))
   fs.VerifyToken("eyJhbGciOiJSUzI1NiIsImtpZCI6IjE1ZWE4ZDBkMDI1ZDExNGFiNzU0MmQ2OT...")
   StartMessageLoop
End Sub

Sub fs_TokenVerified (TokenId As String, Success As Boolean, Token As FirebaseToken)
   If Success Then
     Log(Token.DisplayName)
     Log(Token.Email)
     Log(Token.Uid)
   End If
End Sub

Library: www.b4x.com/b4j/files/jFirebaseServer.zip
 
Last edited:

litefrez

New Member
Licensed User
Longtime User
I have built a b4a app to send data to my b4j server. User must authenticate using firebase on the app to be able to use the app with real data and not a demo dataset. I can get the b4j server app to authenticate and even return data to my b4a app, but I am trying to figure out how to set it up so that each request is authenticated. Do I need to build the authentication into each handler class, or am I completely missing something?
 

wimpie3

Well-Known Member
Licensed User
Longtime User
I'm getting an error:

B4X:
java.lang.IllegalArgumentException
    at com.google.api.client.repackaged.com.google.common.base.Preconditions.checkArgument(Preconditions.java:111)
    at com.google.api.client.util.Preconditions.checkArgument(Preconditions.java:37)
    at com.google.api.client.json.webtoken.JsonWebSignature$Parser.parse(JsonWebSignature.java:599)
    at com.google.firebase.auth.FirebaseToken.parse(FirebaseToken.java:81)
    at com.google.firebase.auth.FirebaseAuth$1.call(FirebaseAuth.java:143)
    at com.google.firebase.auth.FirebaseAuth$1.call(FirebaseAuth.java:140)
    at com.google.firebase.tasks.Tasks$1.run(Tasks.java:63)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
    at java.lang.Thread.run(Thread.java:745)
 
Last edited:

wimpie3

Well-Known Member
Licensed User
Longtime User
@Erel I see you have three "..." dots in your token. I don't have them. Could that be the reason? Or did you put those three points there to indicate we should replace the token with our own?
 

wimpie3

Well-Known Member
Licensed User
Longtime User
For anyone who is having the same problem, the mystery is solved.
I thought the token was the same as the userid.

In reality, you have to do this:
B4X:
Sub Auth_SignedIn (User As FirebaseUser)
    auth.GetUserTokenId(User,False)
End Sub

Sub Auth_TokenAvailable (User As FirebaseUser, Success As Boolean, TokenId As String)
    Log(TokenId)
End Sub
And it's the TokenId you have to use in the Firebase Server backend... NOT the userid as I was doing :)
 
Top