Can I use the Firebase ID token from a client login to authenticate a Java desktop app using the Java SDK?

0
votes

Google's Cloud Firestore can be accessed by CLIENT apps for iOS, Android, and web, via native SDKs.

For the SERVER, Cloud Firestore is also available in native Node.js, Java, Python, and Go SDKs, in addition to REST and RPC APIs. Of those, the Java and Node SDKs are capable of listening to changes in the database (as of March 2018).

I would like to use the Cloud Firestore in a Java CLIENT desktop app.

As I said, the Java Server SDK can listen to database changes, however it authenticates the user with Identity and Access Management (IAM), while the Client SDKs authenticate with Firebase Authentication. I must authenticate with Firebase Authentication, so that the database is protected with the Cloud Firestore Security Rules.

My question is: I want to log a user into one of the Firebase Client SDKs (web, iOS, or Android) and then send the ID token from that login to my Java desktop app. Then I want to authenticate the Java SDK with that token, thus limiting access with Cloud Firestore Security Rules.

Is that possible? How?

1
javafirebasefirebase-authenticationgoogle-cloud-firestorefirebase-admin

1 Answers

1
votes

The Firebase Admin SDK, used on the server, doesn't support individual user logins. You can see a list of what it can do related to authentication here. To put it shortly, it's not meant for end-user applications, just backend support for client apps where the credentials used to initialize it are completely hidden and inaccessible to end users.

You would never ship a client app written with a the Admin SDK that also requires you to ship a service account credential to initialize it. Service account credentials are like root passwords -- never give them to anyone except those that you trust with full access to everything.