{"id":21656775,"url":"https://github.com/tomaytotomato/spring-stateless-auth-firebase","last_synced_at":"2026-05-07T23:01:51.212Z","repository":{"id":264426454,"uuid":"893343672","full_name":"tomaytotomato/spring-stateless-auth-firebase","owner":"tomaytotomato","description":"Demo fullstack application showing stateless authentication between frontend and backend service. Using a Vue.js client to fetch a JWT token from Firebase and authenticate with a Spring boot resource server. ","archived":false,"fork":false,"pushed_at":"2024-11-24T07:50:44.000Z","size":312,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-01-25T06:42:02.458Z","etag":null,"topics":["firebase-auth","jwt","jwt-authentication","oauth2","oauth2-resource-server","spring-boot","spring-security","vue","vuejs"],"latest_commit_sha":null,"homepage":"","language":"Vue","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/tomaytotomato.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-11-24T07:18:11.000Z","updated_at":"2024-11-24T07:53:13.000Z","dependencies_parsed_at":"2024-11-24T10:00:20.822Z","dependency_job_id":null,"html_url":"https://github.com/tomaytotomato/spring-stateless-auth-firebase","commit_stats":null,"previous_names":["tomaytotomato/spring-stateless-auth-firebase"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tomaytotomato%2Fspring-stateless-auth-firebase","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tomaytotomato%2Fspring-stateless-auth-firebase/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tomaytotomato%2Fspring-stateless-auth-firebase/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tomaytotomato%2Fspring-stateless-auth-firebase/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/tomaytotomato","download_url":"https://codeload.github.com/tomaytotomato/spring-stateless-auth-firebase/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":244554125,"owners_count":20471173,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["firebase-auth","jwt","jwt-authentication","oauth2","oauth2-resource-server","spring-boot","spring-security","vue","vuejs"],"created_at":"2024-11-25T09:17:23.788Z","updated_at":"2026-05-07T23:01:46.188Z","avatar_url":"https://github.com/tomaytotomato.png","language":"Vue","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Spring Stateless Authentication Firebase\n\nThis project demonstrates JWT-based stateless authentication using Firebase for identity management and Vue.js for the frontend client.\n\nThe Spring boot backend functions as a resource server and validates the JWT token with Firebase. \n\n![app_screenshot_login.png](docs/app_screenshot_login.png)\n![app_screenshot_authenticated.png](docs/app_screenshot_authenticated.png)\n\n## Getting Started\n\nThis project uses Maven to build and install the frontend and backend dependencies. Manual installation is not required!\n\n### 1. Create a file called `firebase.env`\n\nIn this file, add the following environment variables. These values can be found in the Firebase console:\n\n- Navigate to **Project Overview → Settings → General → Your Apps**.\n- If you haven't already added an app, click the **\"Add App\"** button to create a new web app.\n- After creation, the following values will be visible and can be added in the format below to the `.env` file.\n\n![firebase_config.png](docs/firebase_config.png)\n\nAdd them in the following format. Vite will automatically process these variables and make them available in the frontend.\n```\nVITE_FIREBASE_API_KEY=\u003cREPLACE ME\u003e\nVITE_FIREBASE_AUTH_DOMAIN=\u003cREPLACE ME\u003e\nVITE_FIREBASE_PROJECT_ID=\u003cREPLACE ME\u003e\nVITE_FIREBASE_STORAGE_BUCKET=\u003cREPLACE ME\u003e\nVITE_FIREBASE_MESSAGING_SENDER_ID=\u003cREPLACE ME\u003e\nVITE_FIREBASE_APP_ID=\u003cREPLACE ME\u003e\nVITE_FIREBASE_MEASUREMENT_ID=\u003cREPLACE ME\u003e\n```\n\n### 2. Run the Frontend and Backend\n\nUse the bash script to start the UI and service\n\n```shell\n./run.sh\n```\n\nThe Spring boot service should stop when exiting the script.\n\n### 3. (Optional) Enable \"Sign-in with Google\"\n\nThis requires you to enable the Google provider on your Firebase account.\n\nNavigate to the Authentication section in Firebase console and click \"Add New Provider\"\nSelect \"Google\"\n\n![firebase_google_provider.png](docs/firebase_google_provider.png)\n\n### Notes\n\nIn the Spring boot service, the `/user` endpoint makes use of the `JwtAuthenticationToken` object, which is part of the Spring Security OAuth2 resource server configuration as configured in [application.yml](src/main/resources/application.yml)\n\nThis configuration allows the service to validate and process incoming JWT tokens, which have been issued by Firebase.\n\nSpring security validates the JWT token is validated with Firebase's JSON Web Key Set (JWKS) URI - https://www.googleapis.com/service_accounts/v1/jwk/securetoken@system.gserviceaccount.com \n\nFor the demo endpoint in [UserController.java](src/main/java/com/tomaytotomato/auth/UserController.java) the `JwtAuthenticationToken` object is particularly useful when working with JWT-based authentication, as it provides richer information about the authenticated user. \n\nTraditionally `Principal` or `Authentication` objects are used but they contain limited details, `JwtAuthenticationToken` exposes the token’s claims and user attributes, making it more convenient for accessing user information in the endpoint.\n\nThere are alternative authentication objects like `OAuth2User` or `OAuth2AuthenticationToken`, these alternatives would require additional configuration, such as implementing a [custom provider](https://www.baeldung.com/spring-security-authentication-provider) and adding it to the Spring Security filter chain. \n\n### References\n\n- [Firebase Authentication Documentation](https://firebase.google.com/docs/auth)\n- [JWT.io](https://jwt.io/)\n- [Vue.js Documentation](https://vuejs.org/)\n- [Spring Boot Documentation](https://spring.io/projects/spring-boot)\n- [Spring Security API Authentication Firebase @Medium](https://medium.com/@purikunal22/securing-springboot-api-using-firebase-authentication-16d72dd250cc)\n- [Spring Security Auth with Firebase @Medium](https://medium.com/comsystoreply/authentication-with-firebase-auth-and-spring-security-fcb2c1dc96d)\n- [Spring Security Oauth2 Docs](https://docs.spring.io/spring-security/reference/servlet/oauth2/resource-server/jwt.html)\n\n# Tags\n\n`vue` `vue.js` `firebase` `authentication` `jwt` `token` `stateless-auth` `spring-boot` `spring-security` `oauth2` \n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftomaytotomato%2Fspring-stateless-auth-firebase","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftomaytotomato%2Fspring-stateless-auth-firebase","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftomaytotomato%2Fspring-stateless-auth-firebase/lists"}