carlospolop
commented
7 months ago Hi @jjfeldcher this is very interesting. Have you tried it and it worked?
Open jjfeldcher opened 7 months ago
carlospolop
commented
7 months ago Hi @jjfeldcher this is very interesting. Have you tried it and it worked?
I noticed that you don't have to decompile a iOS application to figure out these two values as you can just decode the JWT value in the X-Goog-Firebase-Installations-Auth and look for the API key in the requests. However I cannot find any valid sources to back up my claims as there is nothing from Google itself stating how X-Goog-Firebase-Installations-Auth works.
Before we pull this request in we should discuss if this is correct undocumented behavior which will can use to speed up testing as we don't have to decompile if we can reliability assume these values by looking at the requests.