如何在Okta中使用Firebase身份验证? [英] How to use Firebase Authentication with Okta?

问题描述

我目前正在使用内置的OIDC提供程序(Google，Facebook等)在我的应用程序中使用Firebase身份验证.是否可以将Okta用作附加的OIDC提供程序，而对我的应用程序进行最少的修改，这意味着Okta的行为应与其他任何内置提供程序一样? Firebase Auth API，例如firebase.auth().currentUser和firebase.auth().onAuthStateChanged()应该仍然可以使用.

I am currently using Firebase Authentication in my app using the built-in OIDC providers (Google, Facebook etc.). Is it possible to use Okta as an additional OIDC provider with minimal modifications to my app, meaning Okta should behave just like any other built-in provider? Firebase Auth apis, such as firebase.auth().currentUser and firebase.auth().onAuthStateChanged() should still work.

自定义身份验证的文档页面讨论了如何获取自定义来自身份验证服务器的令牌，但无法说明这是否是OAuth访问令牌.是否有与Firebase身份验证无缝配合的Okta集成或通用OIDC集成的示例?

The doc page for Custom Authentication talks about getting a custom token from an auth server, but does not clarify if that's an OAuth access token. Is there an example of Okta integration or a generic OIDC integration that works seamlessly with Firebase auth?

推荐答案

Firebase身份验证没有内置的Okta提供程序，但是如果您已有现有的身份验证流程，则可以很容易地将其集成到Firebase中，作为<一个href ="https://firebase.google.com/docs/auth/web/custom-auth" rel ="nofollow noreferrer">自定义提供程序.

There's no built-in Okta provider for Firebase Authentication, but if you have an existing authentication flow for it, it's fairly easy to integrate it into Firebase as a custom provider.

这是一个6步的过程:

1. 您在客户端上收集了用户凭据.
2. 您将这些凭据传递到受信任的环境(您控制的服务器或Cloud Functions).
3. 在服务器上，根据Okta验证凭据是否正确，通常是通过调用服务器提供的API并使用您提供的密钥来验证凭据.
4. 然后，您可以将该呼叫的结果用于记下一个用户的新ID令牌.这是JWT，不是OAuth访问令牌.
5. 您将该ID令牌从服务器传递回客户端.
6. 然后，客户端调用 firebase.auth().signInWithCustomToken(token) 使用ID令牌登录到Firebase身份验证.

1. You gather the user credentials on the client.
2. You pass those credentials to a trusted environment, either a server you control, or Cloud Functions.
3. On the server you verify that the credentials are correct according to Okta, typically by calling a server-side API they provide with a key you provide.
4. You then use the results of that call to mint a new ID token for the user. This is a JWT, not an OAuth access token.
5. You pass back that ID token from the server to the client.
6. The client then calls firebase.auth().signInWithCustomToken(token) with the ID token, to sign in to Firebase Authentication.

这篇关于如何在Okta中使用Firebase身份验证?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！