Product
Introducing Webhook Events for Alert Changes
Add real-time Socket webhook events to your workflows to automatically receive software supply chain alert changes in real time.
By Phil Gates-Idem -  Nov 21, 2025
🚀 DAY 5 OF LAUNCH WEEK:Introducing Webhook Events for Alert Changes.Learn more →
firebase_token_auth
Artifacts are distributable versions of a package. It typically includes the source code and metadata
Advanced tools
firebase_token_auth
FirebaseTokenAuth
FirebaseTokenAuth is an Firebase Auth Client. It supports below.
- verify id_token method
- create custom token
- fetch user info by uid/email
- update user info
Installation
Add this line to your application's Gemfile:
gem 'firebase_token_auth'
And then execute:
$ bundle install
Or install it yourself as:
$ gem install firebase_token_auth
Usage
on Rails, config/initializers/firebase_token_auth.rb
FirebaseTokenAuth.configure do |config|
## for id_token_verify
# firebase web console => project settings => general => project ID
config.project_id = "your_project_id" # required
# firebase web console => project settings => service account => firebase admin sdk => generate new private key
# pass string of path to credential file to config.json_key_io
config.json_key_io = "#{Rails.root}/path/to/service_account_credentials.json"
# Or content of json key file wrapped with StringIO
# config.json_key_io = StringIO.new('{ ... }')
# Or set environment variables
# ENV['GOOGLE_ACCOUNT_TYPE'] = 'service_account'
# ENV['GOOGLE_CLIENT_ID'] = '000000000000000000000'
# ENV['GOOGLE_CLIENT_EMAIL'] = 'xxxx@xxxx.iam.gserviceaccount.com'
# ENV['GOOGLE_PRIVATE_KEY'] = '-----BEGIN PRIVATE KEY-----\n...\n-----END PRIVATE KEY-----\n\'
end
for more detail. see here.
token verify
require 'firebase_token_auth'
FirebaseTokenAuth.configure do |config|
config.project_id = 'your_project_id'
end
client = FirebaseTokenAuth.build
result = client.verify_id_token(id_token)
puts result.uid
# => "hMPHt8RyDpOsHi1oH5XaVirSYyq2"
puts result.id_token.payload # you can see decoded id_token payload
# => {"iss"=>"https://securetoken.google.com/<your_project_id>",
# "aud"=>"<your_project_id>",
# "auth_time"=>1594494935,
# "user_id"=>"hMPHt8RyDpOsHi1oH5XaVirSYyq2",
# "sub"=>"hMPHt8RyDpOsHi1oH5XaVirSYyq2",
# "iat"=>1594494935,
# "exp"=>1594498535,
# "email"=>"<your_user_email>",
# "email_verified"=>false,
# "firebase"=>{"identities"=>{"email"=>["<your_user_email>"]}, "sign_in_provider"=>"custom"}}
puts result.id_token.header
# => {"alg"=>"RS256", "kid"=>"7623e10a045140f1cfd4be0466cf80352b59f81e", "typ"=>"JWT"}
custom token create
require 'firebase_token_auth'
FirebaseTokenAuth.configure do |config|
config.project_id = 'your_project_id'
config.json_key_io = "#{Rails.root}/path/to/service_account_credentials.json"
end
client = FirebaseTokenAuth.new
c_token = client.create_custom_token(test_uid)
puts c_token
# => "eyJhbGciOXXX.eyJpc3MiOiJmaXJlYmFzXXXX.v7y7LoBXXXXX" # dummy
verify custom token
require 'firebase_token_auth'
FirebaseTokenAuth.configure do |config|
config.project_id = 'your_project_id'
config.json_key_io = "#{Rails.root}/path/to/service_account_credentials.json"
end
client = FirebaseTokenAuth.build
result = client.verify_custom_token(custom_token)
puts result
# => {:expires_in=>3600,
# :id_token=>"<id_token>",
# :is_new_user=>"<true/false>",
# :kind=>"identitytoolkit#VerifyCustomTokenResponse",
# :refresh_token=>"<refresh_token>"}
fetch users info from firebase
require 'firebase_token_auth'
FirebaseTokenAuth.configure do |config|
config.project_id = 'your_project_id'
config.json_key_io = "#{Rails.root}/path/to/service_account_credentials.json"
end
client = FirebaseTokenAuth.new
result = client.user_search_by_email(test_user_email)
# result = client.user_search_by_uid(test_uid)
puts result
# => [{:created_at=>1594132097140,
# :custom_auth=>true,
# :disabled=>false,
# :email=>"<your_user_email>",
# :email_verified=>false,
# :last_login_at=>1594495792373,
# :local_id=>"hMPHt8RyDpOsHi1oH5XaVirSYyq2",
# :password_hash=>"REDACTED",
# :password_updated_at=>1594132097140,
# :provider_user_info=>
# [{:email=>"<your_user_email>",
# :federated_id=>"<your_user_email>",
# :provider_id=>"password",
# :raw_id=>"<your_user_email>"}],
# :valid_since=>1594132097}]
update user info
require 'firebase_token_auth'
FirebaseTokenAuth.configure do |config|
config.project_id = 'your_project_id'
config.json_key_io = "#{Rails.root}/path/to/service_account_credentials.json"
end
client = FirebaseTokenAuth.new
# NOTE: parameter_name is snake_case
update_params = { # ref. https://firebase.google.com/docs/reference/rest/auth#section-update-profile
display_name: 'updated_name',
}
result = client.update_user(test_uid, update_params)
puts result
# => {:display_name=>"updated_name",
# :email=>"<your_user_email>",
# :email_verified=>false,
# :kind=>"identitytoolkit#SetAccountInfoResponse",
# :local_id=>"hMPHt8RyDpOsHi1oH5XaVirSYyq2",
# :password_hash=>"REDACTED",
# :provider_user_info=>[{:display_name=>"updated_name", :federated_id=>"<your_user_email>", :provider_id=>"password"}]}
Contributing
Bug reports and pull requests are welcome on GitHub at https://github.com/miyataka/firebase_token_auth.
License
The gem is available as open source under the terms of the MIT License.
FAQs
Unknown package
We found that firebase_token_auth demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 27 Dec 2023
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
ENISA Becomes a CVE Root, Expanding Its Role in Europe’s Vulnerability Ecosystem
ENISA has become a CVE Program Root, giving the EU a central authority for coordinating vulnerability reporting, disclosure, and cross-border response.
By Sarah Gooding -  Nov 21, 2025
Product
Introducing Socket Scanning for OpenVSX Extensions
Socket now scans OpenVSX extensions, giving teams early detection of risky behaviors, hidden capabilities, and supply chain threats in developer tools.
By Mix Irving, Ryan Eberhardt -  Nov 20, 2025