{"id":22544427,"url":"https://github.com/hardiksinghbehl/firebase-integration-spring-boot","last_synced_at":"2025-04-09T23:50:56.643Z","repository":{"id":118947393,"uuid":"400792346","full_name":"hardikSinghBehl/firebase-integration-spring-boot","owner":"hardikSinghBehl","description":"Spring-boot application integrating with Firestore and Firebase Authentication to build a CRUD application.","archived":false,"fork":false,"pushed_at":"2024-03-19T09:55:30.000Z","size":202,"stargazers_count":25,"open_issues_count":0,"forks_count":11,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-04-09T23:50:51.540Z","etag":null,"topics":["firebase-admin-sdk","firebase-auth","firebase-storage","firestore","firestore-crud","java-21","spring-boot-3","spring-security-6"],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"unlicense","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/hardikSinghBehl.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2021-08-28T12:54:58.000Z","updated_at":"2025-03-22T14:48:40.000Z","dependencies_parsed_at":null,"dependency_job_id":"a52ac5be-4f41-453b-a672-46a15e741de6","html_url":"https://github.com/hardikSinghBehl/firebase-integration-spring-boot","commit_stats":null,"previous_names":["hardiksinghbehl/firebase-integration-spring-boot"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hardikSinghBehl%2Ffirebase-integration-spring-boot","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hardikSinghBehl%2Ffirebase-integration-spring-boot/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hardikSinghBehl%2Ffirebase-integration-spring-boot/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hardikSinghBehl%2Ffirebase-integration-spring-boot/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/hardikSinghBehl","download_url":"https://codeload.github.com/hardikSinghBehl/firebase-integration-spring-boot/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248131455,"owners_count":21052819,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["firebase-admin-sdk","firebase-auth","firebase-storage","firestore","firestore-crud","java-21","spring-boot-3","spring-security-6"],"created_at":"2024-12-07T14:07:14.939Z","updated_at":"2025-04-09T23:50:56.610Z","avatar_url":"https://github.com/hardikSinghBehl.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"## Firebase Authentication and Firestore Integration in Spring Boot\n##### A reference proof-of-concept that leverages [Firestore Database](https://firebase.google.com/docs/firestore) to perform CRUD operations and  [Firebase Authentication](https://firebase.google.com/docs/auth) with Spring-Security to authenticate users. \n##### 🛠 upgraded to Spring Boot 3 and Spring Security 6 🛠 \n\n### Application Flow and Security Configuration\n\nThe project simulates a rudimentary Task Management Application.\n\nAPI endpoints dealing with user account creation and login credentials validation are made public, by annotating their corresponding controller methods with custom annotation [@PublicEndpoint](https://github.com/hardikSinghBehl/firebase-integration-spring-boot/blob/main/src/main/java/com/behl/flare/configuration/PublicEndpoint.java).\nRequests to the configured API paths will not be evaluated by the Security filter with the logic being governed by [ApiEndpointSecurityInspector](https://github.com/hardikSinghBehl/firebase-integration-spring-boot/blob/main/src/main/java/com/behl/flare/utility/ApiEndpointSecurityInspector.java).\n\nBelow is a sample controller method declared as public which will be exempted from authentication checks:\n\n```java\n@PublicEndpoint\n@PostMapping(value = \"/login\")\npublic ResponseEntity\u003cTokenSuccessResponse\u003e login(@RequestBody UserLoginRequest userLoginRequest) {\n  final var response = userService.login(userLoginRequest);\n  return ResponseEntity.ok(response);\n}\n```\nAPI requests to private endpoints, handling CRUD operations on the [Task](https://github.com/hardikSinghBehl/firebase-integration-spring-boot/blob/main/src/main/java/com/behl/flare/entity/Task.java) entity are intercepted by the [JwtAuthenticationFilter](https://github.com/hardikSinghBehl/firebase-integration-spring-boot/blob/main/src/main/java/com/behl/flare/filter/JwtAuthenticationFilter.java), which is added to the security filter chain and configured in the [SecurityConfiguration](https://github.com/hardikSinghBehl/firebase-integration-spring-boot/blob/main/src/main/java/com/behl/flare/configuration/SecurityConfiguration.java). The custom filter holds the responsibility for verifying the authenticity of the incoming access token by communicating with the Firebase Authentication service and populating the security context.\n\nPost successful authentication, [AuthenticatedUserIdProvider](https://github.com/hardikSinghBehl/firebase-integration-spring-boot/blob/main/src/main/java/com/behl/flare/utility/AuthenticatedUserIdProvider.java) is responsible for retrieving the authenticated user-id from the security context. This helps the [Service layer](https://github.com/hardikSinghBehl/firebase-integration-spring-boot/blob/main/src/main/java/com/behl/flare/service/TaskService.java) maintain relationship between the current authenticated user and their corresponding Tasks. If an authenticated user attempts to perform any action on Tasks not owned by them, then the below API response is sent back to the client.\n\n```json\n{\n  \"Status\": \"403 FORBIDDEN\",\n  \"Description\": \"Access Denied: Insufficient privileges to perform this action.\"\n}\n```\n\nIn the event of authentication failure, when the access token received in the HTTP Request Headers is not valid, the below API response is sent back to the client.\n\n```json\n{\n  \"Status\": \"401 UNAUTHORIZED\",\n  \"Description\": \"Authentication failure: Token missing, invalid or expired\"\n}\n```\nThe above JSON response is dispatched to the client as a result of [CustomAuthenticationEntryPoint](https://github.com/hardikSinghBehl/firebase-integration-spring-boot/blob/main/src/main/java/com/behl/flare/configuration/CustomAuthenticationEntryPoint.java) configured within the [SecurityConfiguration](https://github.com/hardikSinghBehl/firebase-integration-spring-boot/blob/main/src/main/java/com/behl/flare/configuration/SecurityConfiguration.java) which assumes any exception thrown by the Security filter is due to token verification failure. Hence, the implementation instantiates [TokenVerificationException](https://github.com/hardikSinghBehl/firebase-integration-spring-boot/blob/main/src/main/java/com/behl/flare/exception/TokenVerificationException.java) and delegates the responsibility of exception handling to [ExceptionResponseHandler](https://github.com/hardikSinghBehl/firebase-integration-spring-boot/blob/main/src/main/java/com/behl/flare/exception/ExceptionResponseHandler.java).\n \n---\n\n### Local Setup\n\nTo run the application locally, ensure you have the following prerequisites:\n* A private key associated with the service account to establish a connection with Firebase.\n* The Web API key of the Firebase project you've created to invoke the Firebase Authentication REST API.\n* The created Firebase Authentication service has the `Email/Password` native sign-in provider enabled.\n\nCreate a file named `private-key.json` in the base directory and paste the contents of the service account's private key into this file.\n\nExecute the following commands in the project's base directory to build the application image and start the backend application container:\n\n```bash\nFIREBASE_PRIVATE_KEY=$(cat private-key.json)\n```\n\n```bash\nFIREBASE_WEB_API_KEY=your-web-api-key-here\n```\n\n```bash\nsudo docker-compose build\n```\n\n```bash\nsudo FIREBASE_PRIVATE_KEY=\"$FIREBASE_PRIVATE_KEY\" FIREBASE_WEB_API_KEY=\"$FIREBASE_WEB_API_KEY\" docker-compose up -d\n```\n\nTo remove the environment variables from memory after the application has started, the below commands can be executed\n\n```bash\nunset FIREBASE_PRIVATE_KEY\n```\n\n```bash\nunset FIREBASE_WEB_API_KEY\n```\n\n---\n\n### Visual Walkthrough\n\nhttps://github.com/hardikSinghBehl/firebase-integration-spring-boot/assets/69693621/293d23f5-6783-4f1a-82c2-445532a67384\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhardiksinghbehl%2Ffirebase-integration-spring-boot","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fhardiksinghbehl%2Ffirebase-integration-spring-boot","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhardiksinghbehl%2Ffirebase-integration-spring-boot/lists"}