Question 120531 in Firebase Question posted in
An extensive official documentation can be found here.

Firebase The token was not issued by the given issuers

Environment:

Ionic 6, Firebase 9 and Server on php, (include Firebase Admin SDK for PHP https://firebase-php.readthedocs.io/).

const firebaseConfig = {
    apiKey: "KEY",
    authDomain: "DOMAIN.firebaseapp.com",
    projectId: "PROJECT_ID",
    storageBucket: "STORAGE.appspot.com",
    messagingSenderId: "SENDER_ID",
    appId: "APP_ID",
    measurementId: "M_ID"
};

// Initialize Firebase
const app = initializeApp(firebaseConfig);

After successful authorization, I get an object.

const credential = GoogleAuthProvider.credentialFromResult(result);

which contains idToken

I am sending this token to the php server.

Firebase Admin Sdk config:

{
  "type": "service_account",
  "project_id": "PROJECT_ID",
  "private_key_id": "PRIVATE_KEY_ID",
  "private_key": "-----BEGIN PRIVATE KEY-----
  ................
  -----END PRIVATE KEY-----n",
  "client_email": "CLIENT_ADMIN@PROJECT_ID.iam.gserviceaccount.com",
  "client_id": "CLIENT_ID",
  "auth_uri": "https://accounts.google.com/o/oauth2/auth",
  "token_uri": "https://oauth2.googleapis.com/token",
  "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
  "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/CLIENT_ADMIN%40PROJECT_ID.iam.gserviceaccount.com"
}

When checking the token, I get an error:

The token was not issued by the given issuers

The token is not allowed to be used by this audience

Php

$config = file_get_contents('firebase-adminsdk.json');

$factory = (new Factory)->withServiceAccount($config);
$auth = $factory->createAuth();

try {
    $verifiedIdToken = $auth->verifyIdToken($token);

    $uid = $verifiedIdToken->claims()->get('sub');

    $user = $auth->getUser($uid);

} catch (FailedToVerifyToken $e) {
    echo 'The token is invalid: ' . $e->getMessage();
}

Why? 🙁

Tags:

2

Answers


  1. 0

    I had the same issue and I resolved it by asking for the idToken one more time explicitly, not using credentialsFromResult.

    It goes like this:

    const provider = new GoogleAuthProvider();
const auth = getAuth();
signInWithPopup(auth, provider)
  .then((result) => {
    auth.currentUser.getIdToken(false)
      .then((idToken) => {
         // here make a call to validation endpoint
         // passing idToken in, instead of value from credentials
      });
   });
    Login or Signup to reply.
  2. 0

    I have the issue same you, but you can try this one

    const idTokenResult = await firebase.auth().currentUser.getIdTokenResult();
console.log('User JWT: ', idTokenResult.token);

    ref

    https://rnfirebase.io/reference/auth/idtokenresult
    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search