Open cedvdb opened 1 year ago
google-oss-bot
commented
1 year ago I found a few problems with this issue:
shelbycotton
commented
1 year ago Were you able to resolve? I'm experiencing the same issue.
karthikrao5
commented
10 months ago Dealing with the same problem. The verifyIdToken function expects the project id in the aud except the token created by the same instance of the auth emulator uses https://identitytoolkit.googleapis.com/google.identity.identitytoolkit.v1.IdentityToolkit
cedvdb
commented
10 months ago @shelbycotton
I did not resolve this issue and had to work around it
luisjoserivera
commented
9 months ago I get this error only if i try to verify the token generated by createCustomToken.
If you pass the token to signInWithCustomToken in the client app then get the user token with auth.currentUser.getIdToken your will notice the token is slightly different and claims are the expected ones.
You can then verify this token in your backend and no errors show up.
mp3por
commented
3 months ago I am facing the same issue.
At the moment I am doing what @luisjoserivera said but on the backend. I initialise a client instance of FB with the same credentials and then simulate a login, getId, logout to get the ID token.
wieringen
commented
3 months ago I'm having the same problem. createCustomToken doesn't respect the emulator.
As per the documentation:
<< For security reasons, the Authentication emulator issues unsigned ID tokens, which are only accepted by other Firebase emulators, or the Firebase Admin SDK when configured. >>
So when there is an env variable
FIREBASE_AUTH_EMULATOR_HOST="127.0.0.1:9099"firebase admin is supposed to give unsigned tokens via the emulator, which it does not:The following:
Results in: