search

CodementorIO / rest-firebase

Ruby Firebase REST API client built on top of rest-core
Apache License 2.0
107 stars 22 forks source link

Documentation for authenticated calls? #14

Closed mark-ellul closed 8 years ago

mark-ellul commented 8 years ago

Hi,

I am new to rest-firebase and firebase, and I have managed to do an un-authenticated get. However I was wondering if anyone can provide a code snippet on how to do an authenticated get or patch or put with the latest firebase.

Regards

Mark

godfat commented 8 years ago

You'll need to get the auth token from somewhere else and pass it to rest-firebase, or pass the secret to rest-firebase and it would generate the auth token from the secret for you.

If you're talking about the new Firebase authentication described in #12, then I don't know. I don't know if anyone succeeded managed to get that work for REST API. Everything seems still in flux...

So basically we're still waiting for their documentation for that new Firebase.

mark-ellul commented 8 years ago

does the current gem use the firebase 2 or firebase 3 rest interface?

godfat commented 8 years ago

I have no idea (because there's no versioning before) but I assume it's Firebase 2.

godfat commented 8 years ago

Or I should ask, is there REST API for Firebase 3 at all?

mark-ellul commented 8 years ago

This is what I find on google's firebase site for the REST API

https://firebase.google.com/docs/reference/rest/database/

godfat commented 8 years ago

That one should work. Not sure about this one though:

https://firebase.google.com/docs/reference/rest/database/user-auth

If you could get the access token somewhere else and pass it to rest-firebase, I think it should also work. Though you might need to pass the access_token manually for now. If this is proven working, we could adopt that so it would work like the old auth.

apraditya commented 8 years ago

Perhaps it would be helpful to map the param name with the terms used in Firebase's documentation. I've been following https://developers.google.com/identity/protocols/OAuth2ServiceAccount#authorizingrequests on HTTP/REST tab. After you obtain the client ID and private key from the API Console (after creating a service account), it needs to create JWT and request an access token from Google OAuth 2.0 Authorization Server. From the intro blog, this gem generates the JWT by doing something like this (taken from the post):

f = RestFirebase.new :secret => 'secret',
                     :d => {:auth_data => 'something'}
f.get('presence') # => attach JWT for auth in the request automatically
f.auth            # => the JWT
f.auth = nil      # => remove old JWT
f.auth            # => generate a fresh new JWT

However, from the snippet above, I have no idea what should I pass into :secret? Should I pass the information from the JSON file (generated when creating the service account) to :auth_data? Do I need to pass the client ID and the private key?

I tried passing the private key through the :secret param and I get error 400.

godfat commented 8 years ago

It's not because the names didn't match, that's exactly how Firebase 2.0 named them. You're reading the documentation for Firebase 3.0 and it's not yet clear how to use it with a REST client because they didn't document that.

I am going to close this and please follow #12. Once we know how to properly authorize with a REST client for Firebase 3.0, we would start implementing it. You could also checkout this branch to check the current progress: https://github.com/CodementorIO/rest-firebase/tree/firebase-3.0