public final class

FirebaseAuth

extends AbstractFirebaseAuth
java.lang.Object
   ↳ com.google.firebase.auth.AbstractFirebaseAuth
     ↳ com.google.firebase.auth.FirebaseAuth

Class Overview

This class is the entry point for all server-side Firebase Authentication actions.

You can get an instance of FirebaseAuth via getInstance(FirebaseApp) and then use it to perform a variety of authentication-related operations, including generating custom tokens for use by client-side code, verifying Firebase ID Tokens received from clients, or creating new FirebaseApp instances that are scoped to a particular authentication UID.

Summary

Public Methods
String createSessionCookie(String idToken, SessionCookieOptions options)
Creates a new Firebase session cookie from the given ID token and options.
ApiFuture<String> createSessionCookieAsync(String idToken, SessionCookieOptions options)
Similar to createSessionCookie(String, SessionCookieOptions) but performs the operation asynchronously.
synchronized static FirebaseAuth getInstance(FirebaseApp app)
Gets an instance of FirebaseAuth for a specific FirebaseApp.
static FirebaseAuth getInstance()
Gets the FirebaseAuth instance for the default FirebaseApp.
TenantManager getTenantManager()
FirebaseToken verifySessionCookie(String cookie)
Parses and verifies a Firebase session cookie.
FirebaseToken verifySessionCookie(String cookie, boolean checkRevoked)
Parses and verifies a Firebase session cookie.
ApiFuture<FirebaseToken> verifySessionCookieAsync(String cookie)
Similar to verifySessionCookie(String) but performs the operation asynchronously.
ApiFuture<FirebaseToken> verifySessionCookieAsync(String cookie, boolean checkRevoked)
Similar to verifySessionCookie(String, boolean) but performs the operation asynchronously.
Protected Methods
void doDestroy()
Performs any additional required clean up.
[Expand]
Inherited Methods
From class com.google.firebase.auth.AbstractFirebaseAuth
From class java.lang.Object

Public Methods

public String createSessionCookie (String idToken, SessionCookieOptions options)

Creates a new Firebase session cookie from the given ID token and options. The returned JWT can be set as a server-side session cookie with a custom cookie policy.

Parameters
idToken The Firebase ID token to exchange for a session cookie.
options Additional options required to create the cookie.
Returns
  • A Firebase session cookie string.
Throws
IllegalArgumentException If the ID token is null or empty, or if options is null.
FirebaseAuthException If an error occurs while generating the session cookie.

public ApiFuture<String> createSessionCookieAsync (String idToken, SessionCookieOptions options)

Similar to createSessionCookie(String, SessionCookieOptions) but performs the operation asynchronously.

Parameters
idToken The Firebase ID token to exchange for a session cookie.
options Additional options required to create the cookie.
Returns
  • An ApiFuture which will complete successfully with a session cookie string. If an error occurs while generating the cookie or if the specified ID token is invalid, the future throws a FirebaseAuthException.
Throws
IllegalArgumentException If the ID token is null or empty, or if options is null.

public static synchronized FirebaseAuth getInstance (FirebaseApp app)

Gets an instance of FirebaseAuth for a specific FirebaseApp.

Parameters
app The FirebaseApp to get a FirebaseAuth instance for.
Returns
  • A FirebaseAuth instance.

public static FirebaseAuth getInstance ()

Gets the FirebaseAuth instance for the default FirebaseApp.

Returns
  • The FirebaseAuth instance for the default FirebaseApp.

public TenantManager getTenantManager ()

public FirebaseToken verifySessionCookie (String cookie)

Parses and verifies a Firebase session cookie.

If verified successfully, returns a parsed version of the cookie from which the UID and the other claims can be read. If the cookie is invalid, throws a FirebaseAuthException.

This method does not check whether the cookie has been revoked. See verifySessionCookie(String, boolean).

Parameters
cookie A Firebase session cookie string to verify and parse.
Returns
Throws
FirebaseAuthException

public FirebaseToken verifySessionCookie (String cookie, boolean checkRevoked)

Parses and verifies a Firebase session cookie.

If checkRevoked is true, additionally verifies that the cookie has not been revoked.

If verified successfully, returns a parsed version of the cookie from which the UID and the other claims can be read. If the cookie is invalid or has been revoked while checkRevoked is true, throws a FirebaseAuthException.

Parameters
cookie A Firebase session cookie string to verify and parse.
checkRevoked A boolean indicating whether to check if the cookie was explicitly revoked.
Returns
Throws
FirebaseAuthException

public ApiFuture<FirebaseToken> verifySessionCookieAsync (String cookie)

Similar to verifySessionCookie(String) but performs the operation asynchronously.

Parameters
cookie A Firebase session cookie string to verify and parse.
Returns
  • An ApiFuture which will complete successfully with the parsed cookie, or unsuccessfully with the failure Exception.

public ApiFuture<FirebaseToken> verifySessionCookieAsync (String cookie, boolean checkRevoked)

Similar to verifySessionCookie(String, boolean) but performs the operation asynchronously.

Parameters
cookie A Firebase session cookie string to verify and parse.
checkRevoked A boolean indicating whether to check if the cookie was explicitly revoked.
Returns
  • An ApiFuture which will complete successfully with the parsed cookie, or unsuccessfully with the failure Exception.

Protected Methods

protected void doDestroy ()

Performs any additional required clean up.