Improve and add more token management functions and examples to support external id and access tokens.

Author: mobizt

examples/Authentications/ReAuthenticate/ReAuthenticate.ino

@@ -73,6 +73,9 @@ void signIn(const char *email, const char *password)
     /* Assign the user sign in credentials */
     auth.user.email = email;
     auth.user.password = password;
+    
+    /* Reset stored authen and config */
+    Firebase.reset(&config);
 
     /* Initialize the library with the Firebase authen and config */
     Firebase.begin(&config, &auth);

examples/Authentications/SignInAsAdmin/AccessTokenFile/AccessTokenFile.ino

@@ -21,6 +21,9 @@
  * OAuth2.0 acces tokens generation will fail
  * because of invalid expiration time in JWT token that used in the id/access
  * token request.
+ * 
+ * This library used RFC 7523, JWT Bearer Token Grant Type Profile for OAuth 2.0
+ * which no refresh token is available for access token exchanging.
  */
 
 #if defined(ESP32)
@@ -132,6 +135,8 @@ void setup()
   Firebase.begin(&config, &auth);
 
   /* The access token can be accessed from Firebase.getToken(). */
+
+  /* No refresh token is available for OAuth2.0 authentication method used in this library i.e. JWT Bearer Token Grant Type Profile */
 }
 
 void loop()

examples/Authentications/SignInAsUser/CustomToken/CustomToken.ino

@@ -239,6 +239,8 @@ void setup()
      * passed to the Firebase.begin function.
      *
      * The id token can be accessed from Firebase.getToken().
+     * 
+     * The refresh token can be accessed from Firebase.getRefreshToken().
      */
 }
 

examples/Authentications/SignInAsUser/CustomTokenFile/CustomTokenFile.ino

@@ -196,6 +196,8 @@ void setup()
      * passed to the Firebase.begin function.
      *
      * The id token can be accessed from Firebase.getToken().
+     * 
+     * The refresh token can be accessed from Firebase.getRefreshToken().
      */
 }
 

examples/Authentications/SignInAsUser/EmailPassword/EmailPassword.ino

@@ -143,7 +143,10 @@ void setup()
     Firebase.RTDB.setReadWriteRules(&fbdo, base_path, var, val, val, DATABASE_SECRET);
 
     /** path for user data is now "/UsersData/<user uid>"
-     * The user UID can be taken from auth.token.uid
+     * 
+     * The id token can be accessed from Firebase.getToken().
+     * 
+     * The refresh token can be accessed from Firebase.getRefreshToken().
      */
 }
 
@@ -159,5 +162,8 @@ void loop()
         path += auth.token.uid.c_str(); //<- user uid of current user that sign in with Emal/Password
         path += "/test/int";
         Serial.printf("Set int... %s\n", Firebase.RTDB.setInt(&fbdo, path, count++) ? "ok" : fbdo.errorReason().c_str());
+
+        // You can use refresh token from Firebase.getRefreshToken() to sign in next time without providing Email and Password.
+        // See SignInWithRefreshIDToken example.
     }
 }

examples/Authentications/SignInWithAccessToken/SignInWithAccessToken.ino

@@ -0,0 +1,108 @@
+
+/**
+ * Created by K. Suwatchai (Mobizt)
+ *
+ * Email: k_suwatchai@hotmail.com
+ *
+ * Github: https://github.com/mobizt/Firebase-ESP-Client
+ *
+ * Copyright (c) 2022 mobizt
+ *
+ */
+
+/* This example shows how to authenticate using the OAuth2.0 access token generated from other app. */
+
+#if defined(ESP32)
+#include <WiFi.h>
+#elif defined(ESP8266)
+#include <ESP8266WiFi.h>
+#endif
+
+#include <Firebase_ESP_Client.h>
+
+// Provide the token generation process info.
+#include <addons/TokenHelper.h>
+
+// Provide the RTDB payload printing info and other helper functions.
+#include <addons/RTDBHelper.h>
+
+/* 1. Define the WiFi credentials */
+#define WIFI_SSID "WIFI_AP"
+#define WIFI_PASSWORD "WIFI_PASSWORD"
+
+/* 2. If work with RTDB, define the RTDB URL */
+#define DATABASE_URL "URL" //<databaseName>.firebaseio.com or <databaseName>.<region>.firebasedatabase.app
+
+/* 3. Define the Firebase Data object */
+FirebaseData fbdo;
+
+/* 4. Define the FirebaseAuth data for authentication data */
+FirebaseAuth auth;
+
+/* 5. Define the FirebaseConfig data for config data */
+FirebaseConfig config;
+
+unsigned long dataMillis = 0;
+int count = 0;
+
+void setup()
+{
+
+    Serial.begin(115200);
+
+    WiFi.begin(WIFI_SSID, WIFI_PASSWORD);
+    Serial.print("Connecting to Wi-Fi");
+    while (WiFi.status() != WL_CONNECTED)
+    {
+        Serial.print(".");
+        delay(300);
+    }
+    Serial.println();
+    Serial.print("Connected with IP: ");
+    Serial.println(WiFi.localIP());
+    Serial.println();
+
+    Serial.printf("Firebase Client v%s\n\n", FIREBASE_CLIENT_VERSION);
+
+    /* Assign the RTDB URL */
+    config.database_url = DATABASE_URL;
+
+    Firebase.reconnectWiFi(true);
+
+    /* Assign the callback function for the long running token generation task */
+    config.token_status_callback = tokenStatusCallback; // see addons/TokenHelper.h
+
+    // To refresh the token 5 minutes before expired
+    config.signer.preRefreshSeconds = 5 * 60;
+
+    /* Set access token */
+    // The access token obtained from other apps using OAuth2.0 authentication.
+
+    // The APIs scopes that cover all library applications should include the following 
+    // https://www.googleapis.com/auth/devstorage.full_control
+    // https://www.googleapis.com/auth/datastore
+    // https://www.googleapis.com/auth/userinfo.email
+    // https://www.googleapis.com/auth/firebase.database
+    // https://www.googleapis.com/auth/cloud-platform
+    // https://www.googleapis.com/auth/iam
+
+    // Refresh token, Client ID and Client Secret are required for OAuth2.0 token refreshing.
+    // The Client ID and Client  Secret can be taken from https://console.developers.google.com/apis/credentials
+    
+    // If Refresh token was not assigned or empty string, the id token will not refresh when it expired.
+    Firebase.setAccessToken(&config, "<Access Token>" /* access token */, 3600 /* expiry time */, "<Refresh Token>" /* refresh token */, "<Client ID>" /* client id */, "<Client Secret>" /* client secret */);
+
+    Firebase.begin(&config, &auth);
+}
+
+void loop()
+{
+
+    // Firebase.ready() should be called repeatedly to handle authentication tasks.
+
+    if (millis() - dataMillis > 5000 && Firebase.ready())
+    {
+        dataMillis = millis();
+        Serial.printf("Set int... %s\n", Firebase.RTDB.setInt(&fbdo, "/test/int", count++) ? "ok" : fbdo.errorReason().c_str());
+    }
+}

examples/Authentications/SignInWithIDToken/SignInWithIDToken.ino

@@ -84,35 +84,18 @@ void setup()
 
     Firebase.reconnectWiFi(true);
 
-    /** To sign in as anonymous user, just sign up as anonymous user
-     * with blank email and password.
-     *
-     * The Anonymous provider must be enabled.
-     *
-     * To enable Anonymous provider,
-     * from Firebase console, select Authentication, select Sign-in method tab,
-     * under the Sign-in providers list, enable Anonymous provider.
-     *
-     * Warning: this will create anonymous user everytime you called this function and your user list
-     * will grow up and the anonymous users stay in the user list after it created and can be garbage user
-     * after the generated id token from this anonymous user will not use anymore.
-     *
-     * https://stackoverflow.com/questions/38694015/what-happens-to-firebase-anonymous-users
-     * https://stackoverflow.com/questions/39640574/how-to-bulk-delete-firebase-anonymous-users
-     */
+    /* Assign the callback function for the long running token generation task */
+    config.token_status_callback = tokenStatusCallback; // see addons/TokenHelper.h
+
+    // To refresh the token 5 minutes before expired
+    config.signer.preRefreshSeconds = 5 * 60;
 
     /* Set ID token */
     // The ID token obtained from other apps e.g. Firebase Admin.
     // The Refresh token for token refreshment which used when token was expired.
     // If Refresh token was not assigned or empty string, the ID token will not refresh when it expired.
     Firebase.setIdToken(&config, "<ID Token>", 3600 /* expiry time */, "<Refresh Token>" /* refresh token */);
 
-    // To refresh the token 5 minutes before expired
-    config.signer.preRefreshSeconds = 5 * 60;
-
-    /* Assign the callback function for the long running token generation task */
-    config.token_status_callback = tokenStatusCallback; // see addons/TokenHelper.h
-
     Firebase.begin(&config, &auth);
 }
 

examples/Authentications/SignInWithRefreshAccessToken/SignInWithRefreshAccessToken.ino

@@ -0,0 +1,100 @@
+
+/**
+ * Created by K. Suwatchai (Mobizt)
+ *
+ * Email: k_suwatchai@hotmail.com
+ *
+ * Github: https://github.com/mobizt/Firebase-ESP-Client
+ *
+ * Copyright (c) 2022 mobizt
+ *
+ */
+
+/* This example shows how to re-authenticate using the refresh token generated from other app via OAuth2.0 authentication. */
+
+#if defined(ESP32)
+#include <WiFi.h>
+#elif defined(ESP8266)
+#include <ESP8266WiFi.h>
+#endif
+
+#include <Firebase_ESP_Client.h>
+
+// Provide the token generation process info.
+#include <addons/TokenHelper.h>
+
+// Provide the RTDB payload printing info and other helper functions.
+#include <addons/RTDBHelper.h>
+
+/* 1. Define the WiFi credentials */
+#define WIFI_SSID "WIFI_AP"
+#define WIFI_PASSWORD "WIFI_PASSWORD"
+
+/* 2. If work with RTDB, define the RTDB URL */
+#define DATABASE_URL "URL" //<databaseName>.firebaseio.com or <databaseName>.<region>.firebasedatabase.app
+
+/* 3. Define the Firebase Data object */
+FirebaseData fbdo;
+
+/* 4. Define the FirebaseAuth data for authentication data */
+FirebaseAuth auth;
+
+/* 5. Define the FirebaseConfig data for config data */
+FirebaseConfig config;
+
+unsigned long dataMillis = 0;
+int count = 0;
+
+void setup()
+{
+
+    Serial.begin(115200);
+
+    WiFi.begin(WIFI_SSID, WIFI_PASSWORD);
+    Serial.print("Connecting to Wi-Fi");
+    while (WiFi.status() != WL_CONNECTED)
+    {
+        Serial.print(".");
+        delay(300);
+    }
+    Serial.println();
+    Serial.print("Connected with IP: ");
+    Serial.println(WiFi.localIP());
+    Serial.println();
+
+    Serial.printf("Firebase Client v%s\n\n", FIREBASE_CLIENT_VERSION);
+
+    /* Assign the RTDB URL */
+    config.database_url = DATABASE_URL;
+
+    Firebase.reconnectWiFi(true);
+
+    /* Assign the callback function for the long running token generation task */
+    config.token_status_callback = tokenStatusCallback; // see addons/TokenHelper.h
+
+    // To refresh the token 5 minutes before expired
+    config.signer.preRefreshSeconds = 5 * 60;
+
+    // Use refresh token and force token to refresh immediately
+    // Refresh token, Client ID and Client Secret are required for OAuth2.0 token refreshing.
+    // The Client ID and Client  Secret can be taken from https://console.developers.google.com/apis/credentials
+
+    Firebase.setAccessToken(&config, "" /* set access token to empty to refresh token immediately */, 3600 /* expiry time */, "<Refresh Token>" /* refresh token */, "<Client ID>" /* client id */, "<Client Secret>" /* client secret */);
+    
+    // Or refresh token manually
+    // Firebase.refreshToken(&config);
+
+    Firebase.begin(&config, &auth);
+}
+
+void loop()
+{
+
+    // Firebase.ready() should be called repeatedly to handle authentication tasks.
+
+    if (millis() - dataMillis > 5000 && Firebase.ready())
+    {
+        dataMillis = millis();
+        Serial.printf("Set int... %s\n", Firebase.RTDB.setInt(&fbdo, "/test/int", count++) ? "ok" : fbdo.errorReason().c_str());
+    }
+}