search

kreait / laravel-firebase

A Laravel package for the Firebase PHP Admin SDK
https://github.com/kreait/firebase-php
MIT License
994 stars 163 forks source link

Unable to verify a Firebase ID Token #89

Closed sumityadavbadli closed 3 years ago

sumityadavbadli commented 3 years ago

Environment : 

    "kreait/laravel-firebase": "^3.1",
    "google/cloud-firestore": "^1.19",
    "laravel/framework": "^6.0",

and followed the example available at : https://firebase-php.readthedocs.io/en/latest/authentication.html

Output The token is invalid: A key with ID "" could not be found.

    $uid = 'some-uid';
    $customToken = $auth->createCustomToken($uid);
    $customTokenString = $customToken->toString();
    try {
        $verifiedIdToken = $auth->verifyIdToken($customTokenString);
        dd($verifiedIdToken);
    } catch (\Firebase\Auth\Token\Exception\InvalidToken $e) {
        echo 'The token is invalid: '.$e->getMessage();
    } catch (\InvalidArgumentException $e) {
        echo 'The token could not be parsed: '.$e->getMessage();
    }
jeromegamez commented 3 years ago

The verifyIdToken() method can only be used with ID tokens, not with custom tokens.

From the same page that you linked to: https://firebase-php.readthedocs.io/en/latest/authentication.html#verify-a-firebase-id-token 🙈 😅

grafik
sumityadavbadli commented 3 years ago

@jeromegamez - Thanks for the reply. Well , I am a newbie in firebase. I am using firebase Authentication with provider -Email/Password.

I am Using function createUserWithEmailAndPassword for creating users. I need a way to authenticate users in Laravel middleware. Please help.

jeromegamez commented 3 years ago

I can definitely sympathize, but unfortunately, I'm unable to provide free 1:1 support here, especially since this package doesn't provide a "native" functionality, but is just an integration layer between the Firebase Service by Google and PHP.

That's why I can not help learning about Firebase here, and only suggest to dig into the Firebase documentation (this SDK's docs link to a lot of the official docs).

In General you should know (and it's also written in the docs) that the Admin SDK performs all operations with Admin privileges. User operations should happen in the client, where user permissions are handled within the client SDK automatically.

If you want to map users in your application to users in Firebase, you can sign them in in the client, send their ID token to your backend and extract the Firebase user ID from the ID Token and store the Firebase UID in your Laravel Application's database and/or check against already mapped users.

There are plans for this package to make integrating Firebase with Laravel easier, but I don't have the time for this at the moment and thus can't give you an ETA right now.

But I invite you to join the discord server mentioned in the readme, if you have concrete steps that you are stuck with, there's a couple of people that might be able to help. 🤞

jeromegamez commented 3 years ago

I'm closing this issue because items not related to a bug in the package or the SDK, but feel free to add further comments if you wish to 🤗