Firebase/NodeJS behind proxy server

1
votes

How do I run Firebase admin on NodeJS when the computer is behind a corporate proxy?

npm has already config proxy and https-proxy. npm commands executes alright.

Firebase however, tries to directly access the internet:

Error: Credential implementation provided to initializeApp() via the "credential" property failed to fetch a valid Google OAuth2 access token with the following error: "connect ETIMEDOUT 216.58.203.45:443".

I tried to update the faye-websocket\lib\faye\websocket\client.js under firebase-admin to read

  var Client = function(_url, protocols, options) {
  options = options || {};
  options.proxy = {
    origin: 'http://proxy.server.local:8080'
  };

I tried several variations, but nodejs is still trying to directly access 216.58.203.45:443. What else should I update to make it work?

2
node.jsfirebaseproxyadminfirebase-admin
The error you are getting is not coming from the Realtime Database, it is coming from the Google endpoint (https://accounts.google.com/o/oauth2/token) used to exchange a JWT minted from your service account to a Google OAuth2 access token. You might need to whitelist that endpoint.jwngr
Thanks for the response. I can access the URL from browser, and other google auth related URLs works fine with browser. Yes you are right, it is about the token refresh. It is not going via the proxy correctly, but I have no idea how to force it to.Alex
Sorry, I'm not sure I know much about how to bypass proxies. You probably need to talk to whoever runs your corporate proxy.jwngr

2 Answers

2
votes

This is how I run my FirebaseAdmin behind a corporate proxy.

Please install the latest Firebase Admin Node version, which is v6.4.0 and above. Besides, you also require to install a tunnel2 library.

npm install [email protected]
npm install tunnel2


var admin = require('firebase-admin');
var serviceAccount = require('path/to/serviceAccountKey.json');
const tunnel = require('tunnel2')
// Create your Proxy Agent 
// Please choose your tunneling method accordingly, my case
// is httpsoverHttp, yours might be httpsoverHttps
const proxyAgent = tunnel.httpsOverHttp({
    proxy: {
      host: 'yourProxyHost',
      port: yourProxyPort,
      proxyAuth: 'user:password' // Optional, required only if your proxy require authentication
    }
});
admin.initializeApp({
  credential: admin.credential.cert(serviceAccount, proxyAgent),
  databaseURL: 'https://<DATABASE_NAME>.firebaseio.com'
});

Hope it helps you. I wrote an article for this. You can refer there the article here

0
votes

Since it took me quiet a while to figure out how it works here it is for anybody searching:

const proxyAgent = tunnel.httpsOverHttp({
  proxy: {
    host: 'YOUR_PROXY_HOST',
    port: YOUR_PROXY_PORT,
    proxyAuth: 'user:password', // Optional, required only if your proxy require authentication
  },
});

admin.initializeApp({
  credential: admin.credential.cert(serviceAccount, proxyAgent),
  databaseURL: 'https://<DATABASE_NAME>.firebaseio.com',
  httpAgent: proxyAgent, //this is what I was missing
});