|
@@ -769,11 +769,30 @@ You can also change the `url` variable, used to test the API with authentication
|
769
|
769
|
First you need to create a Firebase project on the [Firebase console](https://console.firebase.google.com/).
|
770
|
770
|
Add a web application to this project and grab the code snippet for later use.
|
771
|
771
|
|
772
|
|
-Then you have to configure the `jwtAuth.secrets` configuration in your `api.php` file.
|
773
|
|
-Grab the public key via this [URL](https://www.googleapis.com/robot/v1/metadata/x509/securetoken@system.gserviceaccount.com).
|
774
|
|
-There may be several certificates, just grab the one corresponding to your `kid` (if you don't
|
775
|
|
-know what it is, just test them all until you will be logged in).
|
776
|
|
-Now, just fill `jwtAuth.secrets` with your public key.
|
|
772
|
+Then you have to configure the `jwtAuth.secrets` configuration in your `api.php` file.
|
|
773
|
+This can be done as follows:
|
|
774
|
+
|
|
775
|
+a. Log a user in to your Firebase-based app, get an authentication token for that user
|
|
776
|
+b. Go to [https://jwt.io/](https://jwt.io/) and paste the token in the decoding field
|
|
777
|
+c. Read the decoded header information from the token, it will give you the correct `kid`
|
|
778
|
+d. Grab the public key via this [URL](https://www.googleapis.com/robot/v1/metadata/x509/securetoken@system.gserviceaccount.com), which corresponds to your `kid` from previous step
|
|
779
|
+e. Now, just fill `jwtAuth.secrets` with your public key in the `api.php`
|
|
780
|
+
|
|
781
|
+Here is an example of what it should look like in the configuration:
|
|
782
|
+
|
|
783
|
+```
|
|
784
|
+...,
|
|
785
|
+'middlewares' => 'cors, jwtAuth, authorization',
|
|
786
|
+ 'jwtAuth.secrets' => "ce5ced6e40dcd1eff407048867b1ed1e706686a0:-----BEGIN CERTIFICATE-----\nMIIDHDCCAgSgAwIBAgIIExun9bJSK1wwDQYJKoZIhvcNAQEFBQAwMTEvMC0GA1UE\nAxMmc2VjdXJldG9rZW4uc3lzdGVtLmdzZXJ2aWNlYWNjb3VudC5jb20wHhcNMTkx\nMjIyMjEyMTA3WhcNMjAwMTA4MDkzNjA3WjAxMS8wLQYDVQQDEyZzZWN1cmV0b2tl\nbi5zeXN0ZW0uZ3NlcnZpY2VhY2NvdW50LmNvbTCCASIwDQYJKoZIhvcNAQEBBQAD\nggEPADCCAQoCggEBAKsvVDUwXeYQtySNvyI1/tZAk0sj7Zx4/1+YLUomwlK6vmEd\nyl2IXOYOj3VR7FBA24A9//nnrp+mV8YOYEOdaWX7PQo0PIPFPqdA0r7CqBUWHPfQ\n1WVHVRQY3G0c7upM97UfMes9xOrMqyvecMRk1e5S6eT12Zh2og7yiVs8gP83M1EB\nGqseUaltaadjyT35w5B0Ny0/7NdLYiv2G6Z0S821SxvSo1/wfmilnBBKYYluP0PA\n9NPznWFP6uXnX7gKxyJT9//cYVxTO6+b1TT13Yvrpm1a4EuCOhLrZH6ErHQTccAM\nhAx8mdNtbROsp0dlPKrSfqO82uFz45RXZYmSeP0CAwEAAaM4MDYwDAYDVR0TAQH/\nBAIwADAOBgNVHQ8BAf8EBAMCB4AwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwIwDQYJ\nKoZIhvcNAQEFBQADggEBACNsJ5m00gdTvD6j6ahURsGrNZ0VJ0YREVQ5U2Jtubr8\nn2fuhMxkB8147ISzfi6wZR+yNwPGjlr8JkAHAC0i+Nam9SqRyfZLqsm+tHdgFT8h\npa+R/FoGrrLzxJNRiv0Trip8hZjgz3PClz6KxBQzqL+rfGV2MbwTXuBoEvLU1mYA\no3/UboJT7cNGjZ8nHXeoKMsec1/H55lUdconbTm5iMU1sTDf+3StGYzTwC+H6yc2\nY3zIq3/cQUCrETkALrqzyCnLjRrLYZu36ITOaKUbtmZhwrP99i2f+H4Ab2i8jeMu\nk61HD29mROYjl95Mko2BxL+76To7+pmn73U9auT+xfA=\n-----END CERTIFICATE-----\n",
|
|
787
|
+ 'cors.allowedOrigins' => '*',
|
|
788
|
+ 'cors.allowHeaders' => 'X-Authorization'
|
|
789
|
+```
|
|
790
|
+
|
|
791
|
+Notes:
|
|
792
|
+ - The `kid:key` pair is formatted as a string
|
|
793
|
+ - Do not include spaces before or after the ':'
|
|
794
|
+ - Use double quotation marks (") around the string text
|
|
795
|
+ - The string must contain the linefeeds (\n)
|
777
|
796
|
|
778
|
797
|
To test your integration, you can copy the [firebase/vanilla.html](examples/clients/firebase/vanilla.html)
|
779
|
798
|
file and the [firebase/vanilla-success.html](examples/clients/firebase/vanilla-success.html) file,
|