Tcl
Tcl
Get Firebase Access Token from JSON Service Account Private Key
See more Firebase Examples
Demonstrates how to get a Firebase access token using a JSON service account private key. Your Firebase service account can be used to authenticate multiple Firebase features, such as Database, Storage and Auth, programmatically.A Firebase JSON service account private key can be created in the Firebase settings/admin portion of the console.firebase.google.com site as shown here:
Scroll down to see the example code...
Chilkat Tcl Downloads
load ./chilkat.dll
set success 0
# This example requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.
# First load the Firebase JSON private key into a string.
set fac [new_CkFileAccess]
set jsonKey [CkFileAccess_readEntireTextFile $fac "qa_data/firebase/firebase-chilkat-firebase-adminsdk-n28n4-1b664ee163.json" "utf-8"]
if {[CkFileAccess_get_LastMethodSuccess $fac] != 1} then {
puts [CkFileAccess_lastErrorText $fac]
delete_CkFileAccess $fac
exit
}
# A Firebase JSON private key should look something like this:
# {
# "type": "service_account",
# "project_id": "firebase-chilkat",
# "private_key_id": "1c664ee164907413c91ddefcf5b765ecba8779e2",
# "private_key": "-----BEGIN PRIVATE KEY-----\nMIIEvQIBA ... Ya2UZii/lXn73/ZOK8=\n-----END PRIVATE KEY-----\n",
# "client_email": "firebase-adminsdk-n28n4@firebase-chilkat.iam.gserviceaccount.com",
# "client_id": "134846322329335418431",
# "auth_uri": "https://accounts.google.com/o/oauth2/auth",
# "token_uri": "https://accounts.google.com/o/oauth2/token",
# "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
# "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/firebase-adminsdk-n28n4%40firebase-chilkat.iam.gserviceaccount.com"
# }
#
set gAuth [new_CkAuthGoogle]
CkAuthGoogle_put_JsonKey $gAuth $jsonKey
# Choose a scope.
# The scope could be "https://www.googleapis.com/auth/firebase.database"
# or a space-delimited list of scopes:
# "https://www.googleapis.com/auth/firebase.database https://www.googleapis.com/auth/userinfo.email"
CkAuthGoogle_put_Scope $gAuth "https://www.googleapis.com/auth/firebase.database https://www.googleapis.com/auth/userinfo.email"
# Request an access token that is valid for this many seconds.
CkAuthGoogle_put_ExpireNumSeconds $gAuth 3600
# If the application is requesting delegated access:
# The email address of the user for which the application is requesting delegated access,
# then set the email address here. (Otherwise leave it empty.)
CkAuthGoogle_put_SubEmailAddress $gAuth ""
# Connect to www.googleapis.com using TLS (TLS 1.2 is the default.)
# The Chilkat socket object is used so that the connection can be established
# through proxies or an SSH tunnel if desired.
set tlsSock [new_CkSocket]
set success [CkSocket_Connect $tlsSock "www.googleapis.com" 443 1 5000]
if {$success != 1} then {
puts [CkSocket_lastErrorText $tlsSock]
delete_CkFileAccess $fac
delete_CkAuthGoogle $gAuth
delete_CkSocket $tlsSock
exit
}
# Send the request to obtain the access token.
set success [CkAuthGoogle_ObtainAccessToken $gAuth $tlsSock]
if {$success != 1} then {
puts [CkAuthGoogle_lastErrorText $gAuth]
delete_CkFileAccess $fac
delete_CkAuthGoogle $gAuth
delete_CkSocket $tlsSock
exit
}
# Examine the access token:
puts "Firebase Access Token: [CkAuthGoogle_accessToken $gAuth]"
# Save the token to a file (or wherever desired). This token is valid for 1 hour.
CkFileAccess_WriteEntireTextFile $fac "qa_data/tokens/firebaseToken.txt" [CkAuthGoogle_accessToken $gAuth] "utf-8" 0
delete_CkFileAccess $fac
delete_CkAuthGoogle $gAuth
delete_CkSocket $tlsSock