search

kreait / laravel-firebase

A Laravel package for the Firebase PHP Admin SDK
https://github.com/kreait/firebase-php
MIT License
992 stars 163 forks source link

The token was issued in the future #124

Closed richmondgingingon closed 2 years ago

richmondgingingon commented 2 years ago

I'm trying to create website using Laravel Framework with Firebase Admin SDK. I'm stuck with verifying user's token when trying to log in.

I'm getting this message The value 'eyJhbGciOiJSUzI...' is not a verified ID token: - The token was issued in the future

I have set my laravel datetimezone to my timezone which is Asia/Kuala_Lumpur on AppServiceProvider, ENV, config/app.phpand the time is working as expected but the problem still occurred.

Here is my login function

public function loginUser(Request $request)
{
    $email = $request->email;
    $clearTextPassword = $request->password;

    try {
        $user = $this->auth->getUserByEmail($email);

        try {
            $signInResult = $this->auth->signInWithEmailAndPassword($email, $clearTextPassword);
            $idTokenString = $signInResult->idToken();

            //THE PROBLEM STARTS AT THIS TRY CATCH
            try {
                $verifiedIdToken = $this->auth->verifyIdToken($idTokenString);
            } catch (FailedToVerifyToken $e) {
                session(['status' => 'Token Expired/Invalid']);
                return back();
            }

            $uid = $verifiedIdToken->claims()->get('sub');
            $claims = $this->auth->getUser($uid)->customClaims;
            $displayName = $user->displayName;

            if ($claims != null) {
                if ($claims['admin'] == true) {
                    session([
                        'verified_admin' => true,
                        'verified_user_id' => $uid,
                        'idToken' => $idTokenString,
                        'displayName' => $displayName,
                        'status' => 'Login Successfully',
                    ]);
                } else {
                    session([
                        'verified_admin' => false,
                        'verified_user_id' => $uid,
                        'idToken' => $idTokenString,
                        'displayName' => $displayName,
                        'status' => 'Login Successfully',
                    ]);
                }
            } else {
                session([
                    'verified_admin' => false,
                    'verified_user_id' => $uid,
                    'idToken' => $idTokenString,
                    'displayName' => $displayName,
                    'status' => 'Login Successfully',
                ]);
            }

            return redirect()->route('home');

        } catch (Exception $e) {
            session(['status' => 'Wrong Password']);
            return back();
        }
    } catch (UserNotFound $e) {
        session(['status' => 'Invalid Email Address']);
        return back();
    }
}

Sometimes it can logged in properly, and sometimes it doesn't. I have to send this command php artisan cache:clear and it will work again.

jeromegamez commented 2 years ago

When the clock in the environment your app is running lags behind (as the message suggests) you can add a leeway parameter to the verifyIdToken method: https://firebase-php.readthedocs.io/en/stable/authentication.html#verify-a-firebase-id-token

On another note: you already signed in a user with email and password, that means the authentication has already been done and you don't have to verify the ID Token again, and you can get the Firebase UID of the user with $signinResult->firebaseUserId() (https://firebase-php.readthedocs.io/en/stable/authentication.html#custom-authentication-flows)

richmondgingingon commented 2 years ago

I see, I fixed it. Server time was 8 hours in the past. Thanks for the info.