I'm unsure of the examples in Google's documentation. How do I verify a JWT produced by Firebase, in a Google App engine flexible service?
main.go
:
// ...
func main () {
InitializeAppWithServiceAccount()
go lib.GetStockData()
http.HandleFunc("/_ah/someendPoint", SomeHandler)
}
func InitializeAppWithServiceAccount() *firebase.App {
// [START initialize_app_service_account]
opt := option.WithCredentialsFile("keystore/someapp-firebase-adminsdk-1ts1k-1fbbbad63f.json")
app, err := firebase.NewApp(context.Background(), nil, opt)
if err != nil {
log.Fatalf("error initializing app: %v
", err)
}
return app
}
func someHandler(w http.ResponseWriter, r *http.Request) {
// Set content type:
w.Header().Set("Content-Type", "application/json")
if r.Header != nil {
ReqToken := r.Header.Get("Authorization")
splitToken := strings.Split(ReqToken, "Bearer")
ReqToken = splitToken[1]
fmt.Println(ReqToken) // Correctly prints the JWT
// Verify JWT
// If it's invalid, return?
// verifyIDToken(??, reqToken)
enc := json.NewEncoder(w)
err := enc.Encode(somedata)
fmt.Println("request made")
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
}
http.Error(w, "Unauthorized", http.StatusUnauthorized)
}
According to their documentation, you can use the following function to verify an ID token? But what do I pass in as app? The documentation doesn't really say.
func verifyIDToken(app *firebase.App, idToken string) *auth.Token {
// [START verify_id_token]
client, err := app.Auth(context.Background())
if err != nil {
log.Fatalf("error getting Auth client: %v
", err)
}
token, err := client.VerifyIDToken(idToken)
if err != nil {
log.Fatalf("error verifying ID token: %v
", err)
}
log.Printf("Verified ID token: %v
", token)
// [END verify_id_token]
return token
}
Obviously, idToken
is my token from the handler. But what is app *firebase.App
and how would I pass it in to the function from the handler itself?