validate_firebase_auth
A small package that verifies Firebase Auth Tokens when writing server-side Dart code. Perfect for use with the Dart Functions Framework!
The validation follows these steps, and validation is done with the openid_client package. Give their repo a star along with this one if you find this package useful! Their package does all the heavy cryptography lifting!
Getting Started
Validating is easy! Just
- Create a
FirebaseAuthValidator()
- Initialize with
validator.init()
- Validate JWT with
validator.validate()
final jwt = '...'; // Generated with a client library and sent with the request
final validator = FirebaseAuthValidator();
await validator.init();
final idToken = await validator.validate(jwt);
Specifiying Project Id
If you are running this code on a Google Cloud service (like Cloud Run or GCE), the project id will discovered automatically when you run validator.init()
. You can specify a project id manually using validator.init(projectId: projectId)
Using in Tests
You can easily mock a FirebaseAuthValidator
using mocktail, the type safe and null safe tool for mocking objects in tests. For example:
import 'package:mocktail/mocktail.dart';
class MockFirebaseAuthValidator extends Mock implements FirebaseAuthValidator { }
class MockIdToken extends Mock implements IdToken { }
void main() {
late FirebaseAuthValidator validator;
late idToken token;
setUp(() {
validator = MockFirebaseAuthValidator();
idToken = MockIdToken();
when(() => validator.init()).thenAnswer((_) async => null);
when(() => validator.validate()).thenAnswer((_) async => idToken);
when(() => idToken.isVerified).thenReturn(true);
});
}
Libraries
- validate_firebase_auth
- Validates Firebase auth tokens for verifying authentication on server-side applications.