Would I be able to use Firebase JWT tokens with ReadonlyREST?

I’m having a hard time figuring out if tokens generated by Firebase OAuth can be used with ReadonlyREST JWT, as I’m not sure how to map fields between each part.
For instance Firebase requires you to verify the issuers (iss), but I do not see a way to check that from the configuration file.

Hi @magne4000, welcome to ROR forum :slight_smile:

Sure, any JWT can be used. You can refer to any JWT claim in the ACL using dynamic variables. I.e.

indices: [ "[email protected]{jwt:jsonpath.to.department}", "otherIdx"]  

About the issuer (“iss”) field, you are right, we don’t provide the means to check its value at the moment.
I propose we add to our JWT connector configuration the possibility to require a specific claim has a given value, so you could require the claim “iss” has the value required by firebase.

Should be an easy change, would you like to contribute?

That would be great! And yes I’m willing to contribute

1 Like

That’s amazing!
@coutoPL would be happy to answer your questions and review your PR!

In the meantime a good starting pont would be this function:

1 Like