Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

firebase yebisu_vol2

4,737 views

Published on

Firebase Auth with GAE & Cloud Endpoints

Published in: Technology
  • Be the first to comment

  • Be the first to like this

firebase yebisu_vol2

  1. 1. Firebase Auth with GAE & Cloud Endpoints 2018-02-20 Firebase.yebisu #2 Takeshi Eto
  2. 2. 衛藤 剛史(Takeshi ETO) @doramusukotake LIFULL Co., Ltd. ● LIFULL HOME’S ○ Android ○ Firebase ○ Backend API(AWS / GCP) ○ Machine Learning
  3. 3. APIのセキュリティ
  4. 4. • 自前で実装 • フレームワーク • AWS Cognito • Cloud Endpoints
  5. 5. • 自前で実装 • フレームワーク • AWS Cognito • Cloud Endpoints
  6. 6. きっかけ ● Python3.6 ● 認証自前実装は嫌 ● WebからもiOS/Androidからも使える ● GCP上で実現したい
  7. 7. Cloud Endpoints App Engine Firebase Auth
  8. 8. • JWT(JSON Web Token) / API Key / Firebase • API Monitoring • API Framework • Web + iOS + Android Cloud Endpoints
  9. 9. Cloud Endpoints OpenAPI(旧Swagger)で定義
  10. 10. securityDefinitions: api_key: type: "apiKey" name: "key" in: "query" google_jwt: authorizationUrl: "" flow: "implicit" type: "oauth2" x-google-issuer: "jwt-client.xxx" x-google-jwks_uri: "xxx" x-google-audiences: "xxx" gae_default_service_account: authorizationUrl: "" flow: "implicit" type: "oauth2" x-google-issuer: "xxx" x-google-jwks_uri: "xxx" x-google-audiences: "xxx" google_service_account: authorizationUrl: "" flow: "implicit" type: "oauth2" x-google-issuer: "xxx" x-google-jwks_uri: "xxx" x-google-audiences: "xxx" google_id_token: authorizationUrl: "" flow: "implicit" type: "oauth2" x-google-issuer: "xxx" x-google-jwks_uri: "xxx" x-google-audiences: "xxx" firebase: authorizationUrl: "" flow: "implicit" type: "oauth2" x-google-issuer: "xxx" x-google-jwks_uri: "xxx" x-google-audiences: "xxx"
  11. 11. App Engine Cloud Endpointsを指定する
  12. 12. GAEの設定yamlにEndpointsを追加するだけ runtime: python env: flex entrypoint: gunicorn -b :$PORT main:app runtime_config: python_version: 3 endpoints_api_service: name: ENDPOINTS-SERVICE-NAME config_id: ENDPOINTS-CONFIG-ID
  13. 13. アプリ private fun auth() { mAuth!!.signInAnonymously() .addOnCompleteListener(this, OnCompleteListener { val user = mAuth!!.currentUser ?: return@OnCompleteListener user.getIdToken(true) .addOnCompleteListener { task -> if (task.isSuccessful) { val token = task.result.token print(token) } } }) }
  14. 14. { "iss": "https://securetoken.google.com/xxxxxxxxxxxxxxxxx", "provider_id": "anonymous", "aud": "xxxxxxxxxxxxxxxxxxxxxx", "auth_time": 1518697714, "user_id": "xxxxxxxxxxxxxxxxxxxxxx", "sub": "xxxxxxxxxxxxxxxxxxxxxx", "iat": 1519115578, "exp": 1519119178, "firebase": { "identities": {}, "sign_in_provider": "anonymous" } }
  15. 15. まとめ ● Python3.6 ● 認証自前実装は嫌 ● WebからもiOS/Androidからも使える ● GCP上で実現したい
  16. 16. END

×