Firebase - Unauthenticated request is not raising an exception

[br-follow]

When injecting the FirebaseClaims object, no exception is raised for an unauthenticated user. It looks like it should raise a 401 exception because auto_error is set to True.

Additionally, it is unclear how to test this via the Swagger UI. There does not appear to be any authentication UI, as there is with cogito.

Code:

async def get_current_user(settings: Settings = Depends(get_settings)):
    return FirebaseCurrentUser(project_id=settings.firebase_project_id)


@app.get("/protected")
async def protected(current_user: FirebaseClaims = Depends(get_current_user)):
    return f"Hello, {current_user.user_id}"

[tivaliy]

@br-allstreet ,

try to do something like this:

from fastapi.security import HTTPAuthorizationCredentials, HTTPBearer

async def get_current_user(
    settings: AppSettings = Depends(get_app_settings),
    http_auth: Optional[HTTPAuthorizationCredentials] = Depends(HTTPBearer(auto_error=False)),
) -> CognitoCurrentUser:
    current_user_auth = FirebaseCurrentUser(project_id=settings.firebase_project_id)
    return await current_user_auth(http_auth)

@app.get("/protected")
async def protected(current_user: FirebaseClaims = Depends(get_current_user)):
    return f"Hello, {current_user.user_id}"

I didn't check it, jsut a quick sketch...