search

googleapis / google-auth-library-nodejs

🔑 Google Auth Library for Node.js
Apache License 2.0
1.73k stars 381 forks source link

fetchIdToken() always returning 403 when used in Authorization header #1660

Closed leo-paz closed 1 year ago

leo-paz commented 1 year ago

I am trying to use the standard fetch client instead of the Gaxios client that the IdTokenClient class uses because it was giving me trouble whenever I used with multiple files in the FormData class.

Originally I had a very simple client running under my service account credentials and properly being authenticated with this code:

  const client = await auth.getIdTokenClient(url.origin);
  const res = await client.request({url + "/general/v0/general"});

now I am trying:

      const idTokenClient = await googleAuth.getIdTokenClient(url.origin)
      const idToken = await idTokenClient.idTokenProvider.fetchIdToken(
        url.origin
      )
      const response = await fetch(url.toString(), {
        method: "POST",
        headers: {
          Accept: "application/json",
          Authorization: `Bearer ${idToken}`
          // "X-Serverless-Authorization": `Bearer ${idToken}`
        },
        body: formData
      })

But I consistently get a 403. What am I doing wrong?

leo-paz commented 1 year ago

I'm not sure what the error was. I reapplied some IAM policies and restarting my service and things starting working