Firebase storage

If you use Firebase storage, you have access to:

• user registration
• authentication via user email address and password
• authentication via social networks
• user blocking

Interaction flow

You can use the Login widget or your application as a client. The interaction flow between the client and the Xsolla Login server is as follows:

1. The client sends requests to the Xsolla Login server. The requests format is described in JWT, OAuth 2.0, and Password endpoints.
2. The Xsolla Login server sends requests to Firebase.
3. The Xsolla Login server processes a response from Firebase and returns results to the client.
4. The client processes the response.

User registration flow

1. The client sends the Register new user request to the Xsolla Login server.
2. The Xsolla Login server sends a registration request to Firebase.
3. User data is written to the Xsolla database.
4. The status of the user's email address is checked:
   • If the user has not previously verified their email address in Firebase, they receive a confirmation email from that system. As soon as the user confirms their email address, it is automatically confirmed on the Xsolla Login server.
   • If the user's email address has been verified in Firebase, immediately after registration, the user will be authorized and redirected to the Callback URL specified when creating the Login project.

Authentication via user email address and password

There are two types of authentication via user email address and password: JWT standard-based authentication and OAuth 2.0 protocol-based authentication.

JWT standard-based authentication flow

1. The client sends the Auth by username and password request to the Xsolla Login server.
2. The Xsolla Login server sends the authentication request to Firebase.
3. The Xsolla Login server generates a user JWT, while:
   • The localId value from the response to the Firebase request is written to the external_account_id claim.
   • The Firebase ID token value from the response to the Firebase request is written to the firebase_id_token claim.
   • The Firebase refresh token value from the response to the Firebase request is written to the firebase_refresh_token claim.
4. The user is redirected to login_url with a query parameter token. The user JWT is written to the token parameter.

OAuth 2.0 protocol-based authentication flow

1. The client sends the Auth by username and password request with the redirect_uri parameter to the Xsolla Login server.
2. The Xsolla Login server sends the authentication request to Firebase.
3. The Xsolla Login server returns login_url along with code in the query parameter and the passed redirect_uri parameter.
4. The user is redirected to redirect_uri with the query parameter code.
5. The client sends the Generate JWT request to the Xsolla Login server to exchange the received code for a user JWT.
6. The Xsolla Login server generates the user JWT, while:
   • The localId value from the response to the Firebase request is written to the external_account_id claim.
   • The Firebase ID token value from the response to the Firebase request is written to the firebase_id_token claim.
   • The Firebase refresh token value from the response to the Firebase request is written to the firebase_refresh_token claim.

Authentication via social networks

Only authentication via Google and Facebook is supported. Two authentication scenarios are available: JWT standard-based authentication and OAuth 2.0 protocol-based authentication.

JWT standard-based authentication flow

1. The user initiates authorization by clicking the widget's button or via the Login API method.
2. The user is redirected to the login page of the social network where they enter their credentials.
3. The social network returns information about the user along with their access token to the Xsolla Login server.
4. The Xsolla Login Server sends an authentication request to Firebase with this token via the Sign in with OAuth credential method.
5. The Xsolla Login server generates a user JWT, while:
   • The localId value from the response to the Firebase request is written to the external_account_id claim.
   • The Firebase ID token value from the response to the Firebase request is written to the firebase_id_token claim.
   • The Firebase refresh token value from the response to the Firebase request is written to the firebase_refresh_token claim.
6. The user is redirected to login_url with a query parameter token. The user JWT is written to the token parameter.

OAuth 2.0 protocol-based authentication flow

1. The user initiates authorization by clicking the widget's button or via the Login API method.
2. The user is redirected to the login page of the social network where they enter their credentials.
3. The social network returns information about the user along with their access token to the Xsolla Login server.
4. The Xsolla Login Server sends an authentication request to Firebase with this token via the Sign in with OAuth credential method.
5. The Xsolla Login server returns login_url along with code in the query parameter and the passed redirect_uri parameter.
6. The user is redirected to redirect_uri with the query parameter code.
7. The client sends the Generate JWT request to the Xsolla Login server to exchange the received code for a user JWT.
8. The Xsolla Login server generates the user JWT, while:
   • The localId value from the response to the Firebase request is written to the external_account_id claim.
   • The Firebase ID token value from the response to the Firebase request is written to the firebase_id_token claim.
   • The Firebase refresh token value from the response to the Firebase request is written to the firebase_refresh_token claim.

User blocking

You can block users via Publisher Account. Blocked users cannot be authenticated. The blocking is recorded and stored on the Xsolla side only.

Continue reading