python - Firebase DB HTTP API Auth: When and how to refresh JWT token? -

-

i'm trying make python webapp write firebase db using http api (i'm using new version of firebase presented @ google i/o 2016).

my understanding far specific type of write i'd accomplish made post request url of type:

https://my-project-id.firebaseio.com/{path-to-resource}.json

what i'm missing auth part: if got correctly jwt should passed in http authorization header authorization : bearer {token}.

so created service account, downloaded private key , used generate jwt, added request headers , request wrote firebase db.

now jwt has expired , similar request firebase db failing.

of course should generate new token question is: wasn't expecting handle token generation , refresh myself, http apis i'm used require static api key passed in request webapps kept relatively simple adding stati api key string request.

if have take care of token generation , expiration webapp logic needs become more complex (because i'd have store token, check if still valid , generate new 1 when not), or generate new token every request (but make sense?).

i'd know if there's best practice follow in respect or if i'm missing documentation regarding topic.

thanks, marco

addendum

this code i'm running:

import requests import json oauth2client.service_account import serviceaccountcredentials  _base_url = 'https://my-app-id.firebaseio.com' _scopes = [     'https://www.googleapis.com/auth/userinfo.email',     'https://www.googleapis.com/auth/firebase.database' ]  def _get_credentials():     credentials = serviceaccountcredentials.from_json_keyfile_name('my_service_account_key.json', scopes=_scopes)     return credentials.get_access_token().access_token  def post_object():     url = _base_url + '/path/to/write/to.json'      headers = {         'authorization': 'bearer '+ _get_credentials(),         'content-type': 'application/json'     }      payload = {                 'title': title,                 'message': alert               }      return requests.post(url,                          data=json.dumps(payload),                          headers=headers)

currently every request new jwt generated. doesn't seem optimal me. possible generate token doesn't expire?

thanks code example. got working better using credentials.authorize function creates authenticated wrapper http.

from oauth2client.service_account import serviceaccountcredentials httplib2 import http import json  _base_url = 'https://my-app-id.firebaseio.com' _scopes = [     'https://www.googleapis.com/auth/userinfo.email',     'https://www.googleapis.com/auth/firebase.database' ]   # credentials make authorized call firebase     credentials = serviceaccountcredentials.from_json_keyfile_name(     _key_file_path, scopes=_scopes)  # wrap http in credentials.  subsequent calls authenticated http_auth = credentials.authorize(http())  def post_object(path, objecttosave):   url = _base_url + path    resp, content = http_auth.request(       uri=url,       method='post',       headers={'content-type': 'application/json'},       body=json.dumps(objecttosave),   )    return content  objecttopost = {   'title': "title",   'message': "alert" }  print post_object('/path/to/write/to.json', objecttopost)

Comments

Post a Comment

Popular posts from this blog

magento2 - Magento 2 admin grid add filter to collection -

-
i created grid in admin xml ui components. need filter collection via url parameter , dont know how achieve that. tried inject requestinterface collection, filter didnt work. di.xml <virtualtype name="slidelistingdataprovider" type="magento\framework\view\element\uicomponent\dataprovider\dataprovider"> <arguments> <argument name="collection" xsi:type="object" shared="false">xxx\xxx\model\resourcemodel\grid\slide\collection</argument> <argument name="filterpool" xsi:type="object" shared="false">slidelistingfilterpool</argument> <!-- define new object filters --> </arguments> </virtualtype> <virtualtype name="slidelistingfilterpool" type="magento\framework\view\element\uicomponent\dataprovider\filterpool"> <arguments> <argument name="applier...
Read more

Android volley - avoid multiple requests of the same kind to the server? -

-
i using volley upload list of images server. happens within service. once image uploaded remove list. problem arises when internet connection breaks. when internet connection breaks , comes again thinking of adding images yet uploaded request queue. this can result in more 1 copy of same image saved on server request same image might have gone through before getting rseponse. how can address scenario? i'm not quite sure why you're using service schedule requests volley automatically runs it's request in seperate thread. nevertheless can listen both request results, successful , unsuccessful adding listeners. you can remove image list schedule request using volley. if succeeds can carry on desired, if fails can add again list. public static request getimageuploadrequest(final string image) { response.listener<t> responselistener = new response.listener<t>() { @override public void onresponse(t response...
Read more

Combining PHP Registration and Login into one class with multiple functions in one PHP file -

-
i'm trying combine registration, activation , login scripts php website backend script front end developer can pass variables different forms to. my question whether appropriate approach this. don't want have lot of php files different pieces of application developing. far have written following 2 functions login, register , activate user front end developer can call: <?php /** * created phpstorm. * user: karl * date: 26/07/2016 * time: 02:25 */ class users { function register_user($email, $password, $user_name) { $server_name = "localhost"; $u_name = "root"; $db_password = "root"; $db_name = "betamath_graspe"; //email notification variable $from_address="info@slack.com"; //registration form $msg_reg_user='username taken. please choose different username'; $msg_reg_email='email registered'; $msg_reg_active=...
Read more