actix_firebase_auth/user.rs
1use serde::{Deserialize, Serialize};
2use serde_json::{Map, Value};
3
4/// Represents the decoded JWT claims from a Firebase Authentication token.
5///
6/// This struct maps to the standard fields provided by Firebase ID tokens.
7/// See: https://firebase.google.com/docs/auth/admin/verify-id-tokens#verify_id_tokens_using_a_third-party_jwt_library
8#[derive(Clone, Debug, Serialize, Deserialize)]
9pub struct FirebaseUser {
10 /// Issuer of the token (typically Firebase project URL)
11 pub iss: String,
12
13 /// Audience for the token (your Firebase project ID)
14 pub aud: String,
15
16 /// Subject — the unique identifier for the user (usually equals `user_id`)
17 pub sub: String,
18
19 /// Issued-at time (epoch seconds)
20 pub iat: u64,
21
22 /// Expiration time (epoch seconds)
23 pub exp: u64,
24
25 /// Time the user authenticated (epoch seconds)
26 pub auth_time: u64,
27
28 /// Firebase UID of the user
29 pub user_id: String,
30
31 /// The identity provider used to sign in (e.g., "google.com")
32 pub provider_id: Option<String>,
33
34 /// User's display name (if available)
35 pub name: Option<String>,
36
37 /// URL to the user's profile picture (if available)
38 pub picture: Option<String>,
39
40 /// User's email address
41 pub email: Option<String>,
42
43 /// Whether the user's email has been verified
44 pub email_verified: Option<bool>,
45
46 /// Additional Firebase-specific claims (provider info, linked accounts)
47 pub firebase: FirebaseProvider,
48}
49
50/// Firebase-specific metadata included in the token under the `firebase` field.
51///
52/// This contains provider info and linked account identities (e.g., Google UID).
53#[derive(Clone, Debug, Serialize, Deserialize)]
54pub struct FirebaseProvider {
55 /// The main sign-in provider used (e.g., "google.com", "password")
56 pub sign_in_provider: String,
57
58 /// A map of identity providers to a list of unique IDs (e.g., `{ "google.com": ["1234567890"] }`)
59 pub identities: Map<String, Value>,
60}