2

I'm struggling with getting the user id token included in the call to httpsCallable(). I call it like this from flutter:

Future<bool> cfCreateAccount(String name, address, email, phoneNumber, password, randomSalt, {int? parentId}) async {
  HttpsCallable callable = FirebaseFunctions.instance.httpsCallable('createAccount', options: HttpsCallableOptions(timeout: Duration(seconds: 10)));
  try {
    var param = {'name': name, 'address': address, 'email': email, 'phone_number': phoneNumber, 'password': password, 'random_salt': randomSalt};
    final HttpsCallableResult result = await callable.call(param);
    if (result.data['response'] == 'Pass') {
      return true;
    }
  } catch (e) {
    print("Failed Cloud Function Call: $e");
  }
  return false;
}

This person was asking I think a similar question but for them they said the answer was Authorization was automatically included:

How to add headers to firebase httpscallable

I've signed in in my Flutter app with this:

await auth.signInWithEmailAndPassword(email: user, password: password);

and afterwards I can call user.getIdToken() and it shows what looks like my auth id. But every way I try to check seems to indicate that the auth header isn't in the request to the cloud function.

I wrote the cloud function in python. It looks like this:

def createAccount(request):
    request_json = request.get_json(silent=True)
    request_args = request.args
    sql = None
    conn = None
    res = dict()

    res['data'] = str(request.authorization)
    return json.dumps(res)

But this returns "None". Meaning there is no authorization in the request. I also tried this but it gives an error in python:

token = request.headers['Authorization'].replace('Bearer ','')

Is there some issue maybe with how I call httpsCallable() in flutter? I'm not sure how FirebaseFunctions.instance.httpsCallable() gets the auth id from FirebaseAuth.instance ??

Here is the cloud function on the Firebase console, just to show that it is there and in python3.8:

Frank van Puffelen
  • 565,676
  • 79
  • 828
  • 807
Eradicatore
  • 1,501
  • 2
  • 20
  • 38
  • This was a really interesting read btw, though it didn't help me solve this issue yet: https://www.linkage.io/authorizing-google-cloud-functions-with-firebase-and-python/ – Eradicatore Apr 09 '21 at 20:57
  • 2
    How did you deploy a callable cloud function in python? I know Firebase Functions are just an extension of Google Cloud functions, but I wonder if that has anything to do with why the auth isn't automatically populated. – Tristan Apr 09 '21 at 20:58
  • Hi @Tristan, The callable is in flutter, the cloud function is in python. Note that cloud functions can be in multiple languages, and once you connect firebase with gcp project all your cloud functions are shared between both. – Eradicatore Apr 09 '21 at 20:59
  • See this post for a good confirmation about how gcp cloud functions and firebase cloud functions are the same: https://stackoverflow.com/a/57149226/559525 – Eradicatore Apr 09 '21 at 21:06

1 Answers1

3

Seems like some features of Firebase Cloud Functions aren't available unless you use the Firebase CLI to deploy them. The CLI doesn't support python, only Javascript and Typescript. I'd recommend rewriting the function in either of those languages and deploying it through the Firebase CLI.

There's a similar answer here: https://stackoverflow.com/a/54583565/3822043

Tristan
  • 1,608
  • 1
  • 20
  • 34
  • Interesting. I was amazed when I was able to get the callable working with python actually, which was learning which parts of the json needed to be there. But to your point, it may be that only the data passing to and from works with python. NOT the other headers like auth. Does that sound right? – Eradicatore Apr 09 '21 at 21:09
  • Just to be clear, I can pass args now to the python function from flutter, AND get the response. I just don't have the id to use for python cloud function to check authorization – Eradicatore Apr 09 '21 at 21:11
  • 1
    I think you could include the UID of the currently logged in user manually. I'm sure that would be much less secure. I'm not sure what all Firebase does in the background when passing in the auth. – Tristan Apr 09 '21 at 21:26
  • I have no information to back this up, but I assume your flutter app is passing the auth information, but the python function isn't being passed that information? I imagine there's some background processing happening for the Node functions that's not for the python ones. – Tristan Apr 09 '21 at 21:33
  • 1
    Ok, thanks. I'm testing now with just passing the id token myself. It works, and if it's https that should be fine. Thanks. I'll accept your answer! – Eradicatore Apr 09 '21 at 22:37
  • @Eradicatore It would be great if you can share how you were able to make callable working with python. Quick question: What was the name of `httpsCallable` you used in flutter? – yardstick17 Dec 14 '21 at 15:34