Extending Nebular Auth Strategies/Tokens

[henry74]

Issue type

I'm submitting a ... (check one with "x")

• bug report
• [ X] feature request

Issue description

I’m trying to make use of the out of the box Nebular Auth components specifically with Firebase REST-based Auth. Login and register work fine for the most part but I need to make a few changes to get the other functions working correctly. I’m looking for help/examples on how to do the following:

1. Change the payload for the requestPassword - firebase needs another field which isn’t passed
2. Add a new Token type or change an existing token type. The response from login has other fields besides the token which I need (e.g. the firebase uid) but the simple text token only let’s me capture the tokenId and I can’t use the JWT token class as the payload doesn’t conform to a JWT.

Any examples or direction would be appreciated.

Current behavior:

Expected behavior:

Steps to reproduce:

Related code:

insert short code snippets here

Other information:

npm, node, OS, Browser

Node 10.x, Linux/Mac OSX, Chrome

Angular, Nebular

Angular 8
Nebular 4.0

[nnixaa]

Hi @henry74,

1. Could you give me some details on that field? Probably we can change the flow to allow passing some additional fields.
2. For example, you can take a look at the OAuth2 token implementation https://github.com/akveo/nebular/blob/master/src/framework/auth/services/token/token.ts#L224 that allows storing JSON strings with arbitrary data.

Also, if you are able to open a PR with the new firebase strategy, that would be a great addition to Nebular.

[henry74]

For #1 see here: The payload requires a requestType: "PASSWORD_RESET"; I think ideally all the built-in functions should allow some level of payload shaping to support different REST endpoints.

curl 'https://www.googleapis.com/identitytoolkit/v3/relyingparty/getOobConfirmationCode?key=[API_KEY]' \
-H 'Content-Type: application/json' \
--data-binary '{"requestType":"PASSWORD_RESET","email":"[user@example.com]"}'

Here's the response error I get from using the Nebular default requestPassword implementation:

{
  "error": {
    "code": 400,
    "message": "MISSING_REQ_TYPE",
    "errors": [
      {
        "message": "MISSING_REQ_TYPE",
        "domain": "global",
        "reason": "invalid"
      }
    ]
  }
}

For #2, should I create my own token implementation by extending NbSimpleAuthToken?
Here's an example of the payload returned from login using the Firebase REST API:

{
  "kind": "identitytoolkit#VerifyPasswordResponse",
  "localId": "ZY1rJK0eYLg...",
  "email": "[user@example.com]",
  "displayName": "",
  "idToken": "[ID_TOKEN]",
  "registered": true,
  "refreshToken": "[REFRESH_TOKEN]",
  "expiresIn": "3600"
}

Perhaps a better design approach for all endpoint configuration is to allow injecting key/value pairs into the request payload and handling of any JSON object for responses.

[henry74]

I found this in an older commit. Looks like there was an NbFirebaseAuthProvider at some point - do you know what happened to it?