3

I'm running a nest api off of a single firebase function and a lot of endpoints throughout my controllers need SSL to work due to OAuth & because they send back a https-only signed cookie.

Because of that, I need to be able to run locally served firebase functions with SSL. I already have generated & registered the certificates and have previously used it with React/Angular and standalone Node + Nest projects.

This is specifically about getting it to work with a firebase function.

Currently, in my index I have: 

export const API = functions
  .region("europe-west2")
  .https.onRequest(nestApp);

where nestApp is 

const server = express();

Now in a normal Node + Nest application all I have to do is: 

app = await NestFactory.create(AppModule, {
  httpsOptions: {
    key: keyFile,
    cert: certFile,
  },
});

Adapting this to the firebase function above doesn't work as I have to pass the express instance instead. I've looked everywhere through the docs & types where the object is nested where the http options with key and cert are, but no luck.

The HttpOptions interface from @nestjs/common does indeed have these two properties but the express adapter.options() takes a request handler and not that options object.

SebastianG
  • 8,563
  • 8
  • 47
  • 111

1 Answers1

1

I think what you want to do is not possible... the way you want it to do it.

The goal of running a Cloud Function locally is for code-testing purposes but Google will still manage the infrastructure behind (SSL, authentication, etc.), even on a local environment.

Instead of manage this with the Function, why not to emulate a small server? I can think of a simple NGINX as a Reverse proxy (you can use any service you want for this). This will allow you to manage the SSL certs on a more friendly way.

Think it like this: Within your workflow, you call NGINX instead of the Function directly. NGINX will call internally the Cloud Function, the function will do its job and the response would be returned to NGINX and then back to your workflow from NGINX with the https-signed ready for the next step.

Hope this is helpful! :)

Kevin Quinzel
  • 1,430
  • 1
  • 13
  • 23