New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Auth: GetToken() generates invalid token (Firebase ID token has invalid signature) #3
Comments
Hi @eliezedeck Thanks for the information. I will follow up with the Firebase Authentication team to see if we can figure out what the problem might be. |
@a-maurice I have just started using firebase auth with a flutter application and I am running into exactly the same problem. It appear (in my case) that the token is missing part of the signature portion of the JWT. The first token below was created in the flutter application using: https://github.com/flutter/plugins, the second was created using the web client: https://github.com/firebase/firebase-js-sdk
|
Hello @eliezedeck, Could you provide some examples of your JWTs just like @justinwyer? That information will be used to verify what is failing and determinate if we can prevent the error somehow. In case you don't feel comfortable sharing that information here, you can open a support case . Thanks :) |
Hi @justinwyer & @eliezedeck any update on this? Did you resolve your issue? |
Hi, unfortunately, I'm currently working on a different project and have no spare time to re-check this (it's in a completely different OS on a different drive). To be clear, I don't think there is a way to solve this issue from our side. It has to be solved from Firebase team's side since we don't know how these tokens are generated and with which key. @alan89, are you from Firebase team? Apparently, this issue shouldn't be hard to trace, but I don't know anything about the Firebase internals at Google's side. Tracing which internal API is the C++/Unity SDK is using should probably reveal the problem. That said, it shouldn't require us to provide our generated JWTs; while that can be done, I am currently in a situation where I can't re-generate new tokens. |
This comment has been minimized.
This comment has been minimized.
Hi @francis6425, We are still having some trouble getting this bug tracked down on our end. If you could file a support request via https://firebase.google.com/support, and provide that with the tokens that are having the problem, that might help us track down the issue faster. |
This comment has been minimized.
This comment has been minimized.
I also have this issue when retrieving the token in Firebase and then trying to sign in again (after a period of inactivity). Using jwt.io it does report invalid signature. |
This comment has been minimized.
This comment has been minimized.
My issue was because the id token printed out in dart console is truncated to 1000 characters. |
This comment has been minimized.
This comment has been minimized.
Hey all, if you're using flutter, this issue does not apply to you since the flutter Firebase plugins don't use the C++ SDK. Please file an issue on the FlutterFire repository. If you are encountering this issue when using the C++ SDK, please comment here with a runnable repro case or file an issue at Firebase support. |
Closing since this issue has staled. |
I have same problem |
This error is likely to be related to https://stackoverflow.com/questions/44014877/firebase-id-token-has-invalid-signature in 2017.
admin.auth().verifyIdToken()
Firebase ID token has invalid signature. See https://firebase.google.com/docs/auth/admin/verify-id-tokens for details on how to retrieve an ID token.
I have tried to manually verify the token, and I could not verify the token to match any keys I could find. I have tried the following keys:
I believe this is a bug, not a temporary issue. And I also believe this is a supported use-case, so it needs to be fixed. As reported by the StackOverflow question, this also applies to Unity.
Thanks.
The text was updated successfully, but these errors were encountered: