zabawaba99 / fireauth Goto Github PK
View Code? Open in Web Editor NEWFirebase Auth Token Generator in Go
License: MIT License
Firebase Auth Token Generator in Go
License: MIT License
The algorithm used in fireauth is HS256 as specified in generator.go
// Firebase specific values for header
const (
TokenAlgorithm = "HS256"
TokenType = "JWT"
)
Firebase seems to use RS256 as referenced here:
https://firebase.google.com/docs/auth/admin/verify-id-tokens
When attempting an auth from a generated token by fire auth I am getting:
FIRAuthErrorDomain Code=17000 "The custom token format is incorrect. Please check the documentation."
please noted that the behavior of h.Write([]byte{...}) and h.Sum([]byte{...}) are different,
you can check this example: https://play.golang.org/p/y7S52DdL_T
in Sum(data), it actually appends the checksum AFTER the byte data.
https://golang.org/src/crypto/sha256/sha256.go?s=1643:1663#L128
however, the following code snippet works fine for me
@@ -136,5 +138,7 @@ func encode(data []byte) string {
}
func sign(message, secret string) string {
- return encode(hmac.New(sha256.New, []byte(secret)).Sum([]byte(message)))
+ h := hmac.New(sha256.New, []byte(secret))
+ h.Write([]byte(message))
+ return encode(h.Sum(nil))
}
I would like to send a PR, any concerns?
Firebase tokens expire 24 hours after they're created, unless an explicit expiration is set. Fireauth can anticipate the expiration of any token it generates. It would be useful if fireauth also had a mechanism to generate new tokens on-demand (to replace an expired token).
This might be accomplished by providing something like func (*Generator) CreateTokenWithRefresh(Data, *Option) (string, chan string, error)
which returns a generated token along with a chan string
that will publish a new token when the previous token expires. Implementers would then end up doing something like this:
auth := fireauth.New(mySecret)
token, refresher, _ := auth.CreateTokenWithRefresh(data, options)
// later on...
select {
case refreshedToken <- refresher:
token = refreshedToken
default:
}
// carry on using token
A possible (and untested) implementation of CreateTokenWithRefresh
:
func (t *Generator) CreateTokenWithRefresh(data Data, options *Option) (string, chan string, error) {
token, err := t.CreateToken(data, options)
if err != nil {
return "", nil, err
}
c := make(chan string)
duration := time.Unix(options.Expiration, 0).Sub(time.Now())
ticker := time.NewTicker(duration)
go func() {
for _ = range <-ticker.C {
newToken, err := t.CreateToken(data, options)
if err != nil {
close(c)
ticker.Stop()
return
}
c <- newToken
}
}()
return token, c, nil
}
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.