Diaonic Diaonic - 5 months ago 104
Objective-C Question

Firebase + auth0 authentication

I'm working on an objective-c iOS app. I want to use auth0 for authentication ( https://auth0.com/ ) and I want to use Firebase for the database backend.

I've gone through all the auth0 documentation and I've got authentication working for:

Facebook, Google+, twitter, self registration.

The problem:
The documentation kinda falls off at the point where I need to integrate the authentication model with Firebase, it gives me this one page and I'm not really sure what to now. Has anyone does this integration before and can you lead me down this path? I'm kinda new at this.


BlockquoteConfiguring Token content


As with any other API registered in the dahsboard, Auth0 will issue a Firebase token through the Delegation endpoint. This allows you to exchange a token for another one.

The contents of the Firebase token are generated by convention, copying all properties contained under the firebase_data attribute in the input token used in the Delegation call.

You can generate these very easily with a rule:

user.firebase_data = {
user_id: new Buffer(user.email).toString('base64'),
company: !user.isSocial ? context.connection.replace(/\./g, '-') : null,
foo: 'bar'
};


In the example above, the two properties user_id and company will be generated after calling the delegation endopint, and both will be made available to Firebase.


Blockquote

Answer

I have done this for Javascript in the browser, not ios/Objective C. But in concept, you need to do four things:

Setup

  1. Configure your Auth0 account to allow Firebase delegation, and provide your Firebase token. This part is covered by Auth0's ios/objective C docs for Firebase, on the Firebase tab.
  2. (optional) Create an Auth0 rule to set properties on delegated Firebase tokens. You have this in your snippet above.

Auth0 Rule for setting Firebase Token properties:

user.firebase_data = {
  user_id: new Buffer(user.email).toString('base64'),
  company: !user.isSocial ? context.connection.replace(/\./g, '-') : null,
  foo: 'bar'
};

The properties you set here will be available in Firebase security rules.

Authentication Flow

Auth0 has a swift sample that seemed likely to be helpful to you. You need to do two things:

  1. After the user authenticates successfully, make a second Auth0 request for a delegated Firebase access token from Auth0, see sample line 65.
  2. Use the new delegated token with a Firebase object via its authWithCustomToken method, see sample line 73.