Firebase ID Token 签名无效 (JWT)

huangapple go评论102阅读模式
英文:

Firebase ID Token has invalid signature (JWT)

问题

以下是您要翻译的部分:

"I'm following the guide here to generate an ID token in my client via firebase and verify it in my node.js backed via the firebase SDK. This is all running from localhost without an emulator and signing-in via google sign-in.

Here's my code in the client which successfully logs a token:

const idToken = await currentUser.getIdToken()
console.log(idToken)
if (recipe.picture !== config.basePictureURL) {
await axios.post('deletePicture', null, { headers: { authorization: 'Bearer ' + idToken } })
}

and my code in the backend which also logs the token successfully:

var firebaseAdmin = require("firebase-admin");

var firebaseServiceAccount = require("./firebaseKey.json");

firebaseAdmin.initializeApp({credential: firebaseAdmin.credential.cert(firebaseServiceAccount)});

app.post("/deletePicture", async (req, res) => {
console.log("authorizing user - " + req.headers['authorization'])

  try {
    const currentUser = await firebaseAdmin.auth().verifyIdToken(req.headers['authorization'].split(' ')[1])
    var uid = currentUser.uid;}

catch (error) {
console.log(error)
console.log("Error - not a valid idToken")
res.status(500).send(error)
}

And it currently fails in the backend consistently with the following error:

Firebase ID token has invalid signature. See
https://firebase.google.com/docs/auth/admin/verify-id-tokens for
details on how to retrieve an ID token

Firebase ID Token 签名无效 (JWT)

Here's an example of a JWT generated which is failing the signature check.

请注意,一些特殊字符可能需要进行适当的处理,例如将 HTML 实体代码转换为实际字符。

英文:

I'm following the guide here to generate an ID token in my client via firebase and verify it in my node.js backed via the firebase SDK. This is all running from localhost without an emulator and signing-in via google sign-in.

Here's my code in the client which successfully logs a token:

const idToken = await currentUser.getIdToken()
console.log(idToken)
if (recipe.picture !== config.basePictureURL) {
     await axios.post('deletePicture', null, { headers: { authorization: 'Bearer ' + idToken } })
}

and my code in the backend which also logs the token successfully:

var firebaseAdmin = require("firebase-admin");

var firebaseServiceAccount = require("./firebaseKey.json");

firebaseAdmin.initializeApp({credential: firebaseAdmin.credential.cert(firebaseServiceAccount)});

 app.post("/deletePicture", async (req, res) => {
      console.log("authorizing user - " + req.headers['authorization'])
    
      try {
        const currentUser = await firebaseAdmin.auth().verifyIdToken(req.headers['authorization'].split(' ')[1])
        var uid = currentUser.uid;}
  catch (error) {
    console.log(error)
    console.log("Error - not a valid idToken")
    res.status(500).send(error)
  }

And it currently fails in the backend consistently with the following error:

> Firebase ID token has invalid signature. See
> https://firebase.google.com/docs/auth/admin/verify-id-tokens for
> details on how to retrieve an ID token

Firebase ID Token 签名无效 (JWT)

Here's an example of a JWT generated which is failing the signature check.

答案1

得分: 0

不得不降级到 Firebase Admin SDK 版本 8,然后它开始工作。假设这是在我前端和后端使用的某些 Firebase 库版本之间发生的一个相当独特的 bug。

英文:

Had to downgrade to firebase admin SDK version 8 and it started working. Assuming its a fairly unique bug happening between some versions of the firebase libraries I'm using in the front-end and the backend.

huangapple
  • 本文由 发表于 2023年8月5日 07:28:46
  • 转载请务必保留本文链接:https://go.coder-hub.com/76839590.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定