I'm building a small Java client with a Angular frontend to be distributed to clients.
At the moment I have a login screen via Angular which returns a valid firebase token. Where I'm unsure is how can I use that token to authenticate the user against the Java part of the application, so the Java client can perform actions such as file uploads.
With the Admin SDK I can do something like:
public FirebaseAuth firebaseAuth() throws IOException {
FileInputStream serviceAccount = new FileInputStream(new ClassPathResource(SERVICE_ACCOUNT_KEY).getFile());
FirebaseOptions options = new FirebaseOptions.Builder()
.setCredentials(GoogleCredentials.fromStream(serviceAccount))
.setDatabaseUrl(String.format("https://%s.firebaseio.com/", DATABASE_NAME))
.build();
FirebaseApp.initializeApp(options);
return FirebaseAuth.getInstance();
}
Which I can then go on the standard flow of of validating the token against Firebase and getting the user details.
Since I'm distributing both the Angular frontend and the Java client to end users, I can't use the Admin SDK.
How do I go about solving this? Is there some other type of flow I should be looking into? or can I make use of the Firebase token somehow?