polymerfire | Polymer Web Components for Firebase | Web Framework library

Polymer's firebase-auth element has an auth property. So you could bind to it:

I'm using this:

This is an old question but I just came across this issue. The answer is that the new path is saved to the path property of the firebase-document used to call saveValue.

As far as I know (and could quickly check in the PolymerFire source code for its query component) there is nothing built into the library for reversing the items from the database.

The remaining option is to add an additional property to your database nodes with the inverted value of the property you want to sort on. So in your case that could be an inverted timestamp: -1 * Date.now(). If you then sort on this inverted value, the results will show up in descending order of the original timestamp.

As you mentioned above that there is no data at the path, then you need to change if conditions. Something like:

Google Chrome is currently the only browser that has a native support for web components features (templates, HTML imports, custom elements and shadow DOM). For the other browsers you need to include a polyfill (webcomponentsjs) before importing any web component.

The problem is that there are few clear tutorials for how to do this because every authorization situation is different. It is compounded in your case because you're not really looking for authorization - you're looking for authentication. But Google and the Assistant need to treat this as authorization. Specifically - they want to make sure that the user on their end of the Google Home is authorized to access your service.

This process is called Account Linking in Google's documentation. You're linking a Google Assistant user to your user account system.

To do this, they're going to use OAuth... but backwards from how you're currently using it. In your current model, your web client uses OAuth (through the Google Login) to get the authorization through Google's servers. But with the Assistant - the Assistant is the client, and it needs to get that authorization through your server.

Here is an update to your diagram that tries to illustrate this, although this is simplified a bit. Google's documentation gives step-by-step implementation requirements, although it can't give any details or code since those are dependent on your needs. The numbers refer to each step, which I talk about below.

1. Your user has triggered your Action, or a step in your Action, that requires authorization. All requests go through Google's server (before hitting Dialogflow), and it knows if it will need to provide that authorization information.

   If it already has authorization, we can skip to step 6.

2. If it doesn't already have authorization, it will contact your OAuth server at an authorization page that you've configured. It does this by directing your user to open the Home app, which will redirect the user to that authorization page. Skip to step 3.

   If it had authorization, but that authorization has expired, it will contact your OAuth server at the token exchange point to exchange a refresh token for an auth token. Skip to step 4.

3. The user will likely need to sign-in and your server will need to authenticate them (a bunch of arrows that mirror what your web-app is doing, so I omitted them). Typically, you'll also explicitly make sure that the user is authorizing the Google Assistant to have access to their resources on your service. (Google shows OAuth screens all the times for third-parties getting access to your resources stored on Google. You've probably seen them.) Your auth server needs to send back a limited-use code which we'll exchange for a refresh token and auth token shortly.

4. Your auth server now gets either a refresh token or an access code (depending on what happened in steps 2 and 3). Your server then needs to take this, verify that it is valid, and then generate an auth token (and, if this is the first time, a refresh token.) When you verify it, you'll likely be consulting your user database, possibly to store the tokens, but certainly to make sure the user is still a user.

5. You'll then return the auth token (and possibly refresh token) to Google's servers. They'll store these tokens - the refresh token indefinitely, and the auth token for the lifetime of the token.

6. For each request, Google will pass the auth token to Dialogflow...

7. ...which will pass it on in the JSON body to the webhook.

8. Your webhook will then need to get this auth token out of the JSON body (or by using app.getUser()) and convert it to the ID you need. One way to do this is to have an API in your auth server that takes the auth token and returns the ID. Or you may be able to look it up in the database directly, if you're using a shared user database. Or the auth token may be a signed JWT and, once you've verified the signature is from your auth server, you can use the id that is included in the JWT.

   You can then proceed as you've outlined.

I've used the Authorization Code Flow for this for a few reasons:

1. It is more secure than the Implicit flow.

2. It is not significantly more complex to implement.

3. The thing that does make it more complex (the code exchange endpoint) is required if you want to do the "Simplified"/"Streamlined" Identity Flow, which allows users to sign-up to your service if they haven't already done so.

I do not go into the additional requirements to get the Streamlined Flow working. Get the above working first and then follow the directions to add the streamlined account creation, which mostly involve extra work at stage 2, 4, and 5.

You can do it different way. Thanks to events and listeners you will be able to propagate some event to parent and then in parent-element just access firebase-auth using this.$.auth.

So:

at my-home element when you are ready to call firebase auth, just call somethind like: this.fire("logIn"); and in parent-elemet inside a ready function write this:

I am not familiar with firebase-query, but you can do simple trick. On property posts set observer function.