Skip to content

[Service] Implement Identity Platform / Firebase Auth (REST) #44

Description

@hectorvent

Summary

Implement Identity Platform / Firebase Auth — token mint/verify and user CRUD. Core to auth flows in tests. The Firebase Auth Emulator is the behavioral reference.

Protocol / transport

REST — Google Identity Toolkit API (identitytoolkit.googleapis.com, accounts:* endpoints). Note: this API is Discovery/REST-based — there is no googleapis proto; match the Firebase Auth Emulator's wire behavior.

Endpoint / auth bypass

FIREBASE_AUTH_EMULATOR_HOST.

Authoritative reference

  • Identity Toolkit REST Discovery document
  • Behavior reference: the Firebase Local Emulator Suite (Auth)
  • SDK: firebase-admin (Java), Identity Platform client SDKs

Scope (MVP)

  • accounts:signUp, accounts:signInWithPassword, accounts:signInWithCustomToken
  • accounts:lookup, accounts:update, accounts:delete, getAccountInfo
  • Issue + verify ID tokens (emulator-style unsigned JWT)

Parity notes

  • The Firebase emulator issues unsigned JWTs (the Admin SDK skips signature checks in emulator mode). Match that token shape/claims so firebase-admin token verification passes against floci-gcp.
  • Persist users keyed by project; support email/password + custom-token flows first.

Test plan

firebase-admin pointed at FIREBASE_AUTH_EMULATOR_HOST: create user, sign in, verify the returned ID token, update + delete user.


Implementation guidance: Follow the google-parity workflow — read the authoritative proto/SDK under local/google/* before implementing, mirror the wire shape exactly, and validate with GCP SDK-based compatibility tests (compatibility-tests/sdk-test-java). See AGENTS.md → "Adding a New GCP Service". Keep storage namespaced by project ID via StorageFactory.

Upstream references (mirrored locally under local/google/*):

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or requestfirebaseauthIdentity Platform / Firebase Authmissing gcp servicesRequest for a GCP service not yet implemented in floci-gcp

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions