[FR] When is AppCheck gonna be integrated in python firebase-admin SDK?

[GabrieleCalarota]

Is your feature request related to a problem? Please describe.
I really would like to protect my Python Backend (FastAPI) with Firebase AppCheck

Describe the solution you'd like
Have firebase AppCheck directly into firebase-admin SDK

Describe alternatives you've considered
Run NodeJS inside python environment (is this a safe thing to do?)

Additional context

[google-oss-bot]

I couldn't figure out how to label this issue, so I've labeled it for a human to triage. Hang tight.

[lahirumaramba]

Hi @GabrieleCalarota,
Thank you for the feature request. We do not have any plans to implement the App Check Python API on our immediate roadmap. However, we will use this issue to track any progress we make on this front. We also accept pull requests if someone in the community wants to work on this :)

[GabrieleCalarota]

Hi @GabrieleCalarota, Thank you for the feature request. We do not have any plans to implement the App Check Python API on our immediate roadmap. However, we will use this issue to track any progress we make on this front. We also accept pull requests if someone in the community wants to work on this :)

Thanks, do you have a list of activity in order to make this integration? I can't promise, but it's something we would really like to have in our backend.

[lahirumaramba]

You can start by proposing the public API interface (use the Node.js API as an example).

In the meantime you can follow the steps on this blog post (see Verifying App Check tokens in other backend resources) the recommended way to secure your non Node.js custom backend.

[GabrieleCalarota]

You can start by proposing the public API interface (use the Node.js API as an example).

In the meantime you can follow the steps on this blog post (see Verifying App Check tokens in other backend resources) the recommended way to secure your non Node.js custom backend.

Thanks for the info provided, I've actually found a workaround in the meantime (My Backend Resource is in Python / FastAPI) to add a middleware call to firebase cloud functions which verifies the app check token and returns 401 or 200 (API exposed on cloud functions) and since firebase cloud functions runtime supported is now node.js

This is a temporary workaround, considering the high volume of request that is gonna be billed on GCP, but I'll drop this here in case someone is looking for a temporary patch.

[catalin-florescu]

Hello, any updates?
I keep trying to generate a token based #568, but I can't verify it using described steps. Only firebase generated tokens can be verified.
Also if we generate token using services json credentials, header kid is private key and decoding with Firebase App Check public JSON Web Key won't be possible. since won't be a match
Thanks.

Edit: @lahirumaramba any news? Thanks.

[lahirumaramba]

Thank you for your patience everyone! We just released firebase-admin v6.0.0 with app check token verification support.
https://firebase.google.com/support/release-notes/admin/python#6.0.0
Let us know if you run into any issues.

[GabrieleCalarota]

Thank you for your patience everyone! We just released firebase-admin v6.0.0 with app check token verification support. https://firebase.google.com/support/release-notes/admin/python#6.0.0 Let us know if you run into any issues.

😍 😍 😍