英文:
Firebase ID Token has invalid signature (JWT)
问题
以下是您要翻译的部分:
"I'm following the guide here to generate an ID token in my client via firebase and verify it in my node.js backed via the firebase SDK. This is all running from localhost without an emulator and signing-in via google sign-in.
Here's my code in the client which successfully logs a token:
const idToken = await currentUser.getIdToken()
console.log(idToken)
if (recipe.picture !== config.basePictureURL) {
await axios.post('deletePicture', null, { headers: { authorization: 'Bearer ' + idToken } })
}
and my code in the backend which also logs the token successfully:
var firebaseAdmin = require("firebase-admin");
var firebaseServiceAccount = require("./firebaseKey.json");
firebaseAdmin.initializeApp({credential: firebaseAdmin.credential.cert(firebaseServiceAccount)});
app.post("/deletePicture", async (req, res) => {
console.log("authorizing user - " + req.headers['authorization'])
try {
const currentUser = await firebaseAdmin.auth().verifyIdToken(req.headers['authorization'].split(' ')[1])
var uid = currentUser.uid;}
catch (error) {
console.log(error)
console.log("Error - not a valid idToken")
res.status(500).send(error)
}
And it currently fails in the backend consistently with the following error:
Firebase ID token has invalid signature. See
https://firebase.google.com/docs/auth/admin/verify-id-tokens for
details on how to retrieve an ID token
Here's an example of a JWT generated which is failing the signature check.
请注意,一些特殊字符可能需要进行适当的处理,例如将 HTML 实体代码转换为实际字符。
英文:
I'm following the guide here to generate an ID token in my client via firebase and verify it in my node.js backed via the firebase SDK. This is all running from localhost without an emulator and signing-in via google sign-in.
Here's my code in the client which successfully logs a token:
const idToken = await currentUser.getIdToken()
console.log(idToken)
if (recipe.picture !== config.basePictureURL) {
await axios.post('deletePicture', null, { headers: { authorization: 'Bearer ' + idToken } })
}
and my code in the backend which also logs the token successfully:
var firebaseAdmin = require("firebase-admin");
var firebaseServiceAccount = require("./firebaseKey.json");
firebaseAdmin.initializeApp({credential: firebaseAdmin.credential.cert(firebaseServiceAccount)});
app.post("/deletePicture", async (req, res) => {
console.log("authorizing user - " + req.headers['authorization'])
try {
const currentUser = await firebaseAdmin.auth().verifyIdToken(req.headers['authorization'].split(' ')[1])
var uid = currentUser.uid;}
catch (error) {
console.log(error)
console.log("Error - not a valid idToken")
res.status(500).send(error)
}
And it currently fails in the backend consistently with the following error:
> Firebase ID token has invalid signature. See
> https://firebase.google.com/docs/auth/admin/verify-id-tokens for
> details on how to retrieve an ID token
Here's an example of a JWT generated which is failing the signature check.
答案1
得分: 0
不得不降级到 Firebase Admin SDK 版本 8,然后它开始工作。假设这是在我前端和后端使用的某些 Firebase 库版本之间发生的一个相当独特的 bug。
英文:
Had to downgrade to firebase admin SDK version 8 and it started working. Assuming its a fairly unique bug happening between some versions of the firebase libraries I'm using in the front-end and the backend.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论