firebase-admin python package is 100MB.
I am only using it to verify idToken server-side in HTTP requests.
This means i am using only 1 method of this package.

I would like to remove the Firestore and the Cloud Storage dependencies from the package to reduce the size if possible.

Can I simply install the firebase_admin.auth package with only its dependencies with a pip install firebase-admin --only auth looking-like command ?

If not, how can i filter easily the packages inside to only keep the needed for firebase_admin.auth module ? (=not spending time to understand manually all of the dependencies for each required file)

Thanks in advance

CodePudding user response：

You can use any third party library like PyJWT instead of using Firebase Admin SDK to decode Firebase ID Tokens if you need it for verifying tokens only.

Once the token is decoded you can verify the headers and constraints mentioned in Verify ID Tokens using third party JWT library section of the documentation:

Finally, ensure that the ID token was signed by the private key corresponding to the token's kid claim. Grab the public key from https://www.googleapis.com/robot/v1/metadata/x509/[email protected] and use a JWT library to verify the signature. Use the value of max-age in the Cache-Control header of the response from that endpoint to know when to refresh the public keys.