Hello all,
Currently working on oauth authentication with GCP Gateway, but it not seems to be working. Testing the API Endpoint gives the JWT token not in correct format error. Cloud function is behind the API Gateway for secure access to the function.
Scopes used - https://www.googleapis.com/auth/cloud-platform, https://www.googleapis.com/auth/cloudfunctions
Gateway Security Definition is defined as there in the article - https://cloud.google.com/api-gateway/docs/authenticating-users-googleid
# openapi2-functions.yaml
swagger: '2.0'
info:
title: my-api3
description: Sample API on API Gateway with a Google Cloud Functions backend
version: 1.0.0
schemes:
- https
produces:
- application/json
paths:
/hello:
get:
summary: Greet a user
operationId: hello
x-google-backend:
address: #Function url here
security:
- google_id_token: []
responses:
'200':
description: A successful response
schema:
type: string
securityDefinitions:
# This section configures authentication with an Oauth
google_id_token:
authorizationUrl: ""
flow: "implicit"
type: "oauth2"
x-google-issuer: "https://accounts.google.com"
x-google-jwks_uri: "https://www.googleapis.com/oauth2/v3/certs"
# Optional. Replace YOUR-CLIENT-ID with your client ID
x-google-audiences: #client-id
Currently Oauth App is in Testing Phase.
API call with Oauth authentication to the API seems to be successfully happening to the url https://firebase.googleapis.com/v1beta1/availableProjects but not to the API endpoint.
Not Sure why API gateway url not getting authenticated and firebase url is getting authenticated.
Is there any alternate process flow or architecture that should be tried for this?