I'm currently looking at building a custom authentication login flow, utilising additional claims / custom claims with Cloud Firestore and Cloud Functions.
The general process I would like to happen is as follows:
- Sign in to my own auth system and get relevant auth information, along with creating a custom auth token with additional claims
- Sign in via an iOS app using the custom token and
signInWithCustomToken
- Have a cloud function triggered to populate Firestore with relevant collections/documents
The system works at the moment by having to call setCustomUserClaims
in between points 2 and 3:
- Sign in to my own auth system and get relevant auth information, along with creating a custom auth token with additional claims
- Sign in via an iOS app using the custom token and
signInWithCustomToken
- Call a callable function to
setCustomUserClaims
to set the additional claims onto the user'scustomClaims
. - Have a cloud function triggered to populate Firestore with relevant collections/documents
It would be nice, however, to not have to call this and use the initial additional claims from the initial JWT.
I understand that if we were to call an HTTPS function, or a callable function from the app we can then get the auth
details with the claims inside (as provided from the IDToken). However, it would be best if we didn't need to call setCustomUserClaims
and allow the service to get the claims using getUser
and accessing the customClaims
.
- Is there a way to get this same
auth
information from a triggered function? - Will there be any plans/any way to get the
auth
on the server usinggetUser
? - Is there a way to get the
IDToken
from the server from a triggered function rather than a HTTPS or Callable function? - Are there any plans to allow triggers for onCreate for an Authentication User when using custom tokens?