I'm trying to authenticate my back end API (which is currently only local) with Firebase auth according to this blog.
I always get an 401 unauthorized even when I'm passing (I assume) the correct token. I just use the [Authorize] attribute on my controller.
Do I need more setup, allow localhost domain, setup permissions or did I do the setup wrong?
My Firebase console
My Startup.cs
.AddJwtBearer(options =>
{
string projectId = "eisenhower-255ca";
options.Authority = "https://securetoken.google.com/" + projectId;
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidIssuer = "https://securetoken.google.com/" + projectId,
ValidateAudience = true,
ValidAudience = projectId,
ValidateLifetime = true,
};
});
This is the JWT token I send
{
"name": "My Name",
"picture": "https://lh4.googleusercontent.com/-5TcxgD5tEPM/AAAAAAAAAAI/AAAAAAAAAAA/AAKWJJNudlhDY8TkE5x1HLlh7hwZFA5dew/photo.jpg",
"iss": "https://securetoken.google.com/eisenhower-255ca",
"aud": "eisenhower-255ca",
"auth_time": 1588413429,
"user_id": "3Ot95XQyenTvBmdTnGO5HcsihBs2",
"sub": "3Ot95XQyenTvBmdTnGO5HcsihBs2",
"iat": 1588413429,
"exp": 1588417029,
"email": "[email protected]",
"email_verified": true,
"firebase": {
"identities": {
"google.com": [
"110210403554430687155"
],
"email": [
"[email protected]"
]
},
"sign_in_provider": "google.com"
}
}
Thanks
