'Firebase Storage REST call: How to set auth.uid manually and make Strorage Rules apply
Currently, I am using a Firebase Service Account to access Firebase Storage via REST calls.
However, Storage is based on Security Rules which do not apply to the Service Account, which seems to have super powers.
Is there a way to get rid of the Service Account and use a proper user-id instead, thus making the Storage Security Rules work properly?
Background
I am using Flutter-desktop (windows) and there is no library available to access Firebase Storage properly. Thus, I have to use REST calls.
Firebase Auth however is working properly via the flutter_auth_desktop plugin which provides an id-token.
FirebaseAuth.instance.currentUser!
.getIdToken()
.then((token) => token);
But I have no idea how to incorporate that into the REST calls, these approached do not work:
...(url)...&auth=$accessToken
or
headers: {'Authorization': "$accessToken"}
or
headers: {'Authorization': "Bearer $accessToken"}
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|