public string GetFirebaseToken(string user, string uid, string data)
{
var tokenGenerator = new TokenGenerator(_firebaseSecret);
var authPayload = new Dictionary<string, object>()
{
{"uid", uid},
{"user", user},
{"data", data}
};
var option = new TokenOptions(new DateTime(2015, 1, 1), DateTime.Now.AddSeconds(15));
string token = tokenGenerator.CreateToken(authPayload, option);
return token;
}
public void AllowNoUidWithAdmin()
{
var tokenOptions = new TokenOptions(null, null, true, false);
var tokenGenerator = new TokenGenerator(FIREBASE_SUPER_SECRET_KEY);
var token = tokenGenerator.CreateToken(null, tokenOptions);
var payload1 = new Dictionary<string, object>();
var token1 = tokenGenerator.CreateToken(payload1, tokenOptions);
var payload2 = new Dictionary<string, object>
{
{ "foo", "bar" }
};
var token2 = tokenGenerator.CreateToken(payload2, tokenOptions);
}
/// <summary>
/// Creates an authentication token containing arbitrary auth data and the specified options.
/// </summary>
/// <param name="data">Arbitrary data that will be passed to the Firebase Rules API, once a client authenticates. Must be able to be serialized to JSON with <see cref="System.Web.Script.Serialization.JavaScriptSerializer"/>.</param>
/// <param name="options">A set of custom options for the token.</param>
/// <returns>The auth token.</returns>
public string CreateToken(object data, TokenOptions options)
{
var claims = new Dictionary<string, object>();
claims["v"] = TOKEN_VERSION;
claims["iat"] = secondsSinceEpoch(DateTime.Now);
claims["d"] = data;
// Handle options.
if (options.expires.HasValue)
claims["exp"] = secondsSinceEpoch(options.expires.Value);
if (options.notBefore.HasValue)
claims["nbf"] = secondsSinceEpoch(options.notBefore.Value);
if (options.admin)
claims["admin"] = true;
if (options.debug)
claims["debug"] = true;
return computeToken(claims);
}
/// <summary>
/// Creates an authentication token containing arbitrary auth data and the specified options.
/// </summary>
/// <param name="data">Arbitrary data that will be passed to the Firebase Rules API, once a client authenticates. Must be able to be serialized to JSON with <see cref="System.Web.Script.Serialization.JavaScriptSerializer"/>.</param>
/// <param name="options">A set of custom options for the token.</param>
/// <returns>The auth token.</returns>
public string CreateToken(Dictionary<string, object> data, TokenOptions options)
{
var dataEmpty = (data == null || data.Count == 0);
if (dataEmpty && (options == null || (!options.admin && !options.debug)))
{
throw new Exception("data is empty and no options are set. This token will have no effect on Firebase.");
}
var claims = new Dictionary<string, object>();
claims["v"] = TOKEN_VERSION;
claims["iat"] = secondsSinceEpoch(DateTime.Now);
var isAdminToken = (options != null && options.admin);
validateToken(data, isAdminToken);
if (!dataEmpty)
{
claims["d"] = data;
}
// Handle options.
if (options != null)
{
if (options.expires.HasValue)
claims["exp"] = secondsSinceEpoch(options.expires.Value);
if (options.notBefore.HasValue)
claims["nbf"] = secondsSinceEpoch(options.notBefore.Value);
if (options.admin)
claims["admin"] = true;
if (options.debug)
claims["debug"] = true;
}
var token = computeToken(claims);
if (token.Length > 1024)
{
throw new Exception("Generated token is too long. The token cannot be longer than 1024 bytes.");
}
return token;
}
public void BasicInspectTest()
{
var customData = "0123456789~!@#$%^&*()_+-=abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ,./;'[]\\<>?\"{}|";
var payload = new Dictionary<string, object>
{
{ "uid", "1" },
{ "abc", customData }
};
var tokenGenerator = new TokenGenerator(FIREBASE_SUPER_SECRET_KEY);
var tokenOptions = new TokenOptions(DateTime.Now, DateTime.Now, true, true);
var token = tokenGenerator.CreateToken(payload, tokenOptions);
var decoded = JWT.JsonWebToken.DecodeToObject(token, FIREBASE_SUPER_SECRET_KEY) as Dictionary<string, object>;
Assert.IsTrue(decoded.ContainsKey("v") && (decoded["v"] is int) && (int.Parse(decoded["v"].ToString()) == 0));
Assert.IsTrue(decoded.ContainsKey("d") && (decoded["d"] as Dictionary<string, object>).ContainsKey("abc"));
Assert.IsTrue(decoded.ContainsKey("exp") && (decoded["exp"] is int));
Assert.IsTrue(decoded.ContainsKey("iat") && (decoded["iat"] is int));
Assert.IsTrue(decoded.ContainsKey("nbf") && (decoded["nbf"] is int));
Assert.IsTrue(decoded.ContainsKey("admin") && (decoded["admin"] is bool));
Assert.IsTrue(decoded.ContainsKey("debug") && (decoded["debug"] is bool));
}
public void DisallowInvalidUidWithAdmin2()
{
var payload = new Dictionary<string, object>
{
{ "uid", null }
};
var tokenOptions = new TokenOptions(null, null, true, false);
var tokenGenerator = new TokenGenerator(FIREBASE_SUPER_SECRET_KEY);
var token = tokenGenerator.CreateToken(payload, tokenOptions);
}
