nickforall / exfirebaseauth Goto Github PK

https://firebase.google.com/docs/auth/admin/create-custom-tokens#create_custom_tokens_using_a_third-party_jwt_library

we would need people to supply their key/client email

along the lines of:

    key = JOSE.JWK.from_pem("private key")

    JOSE.JWT.sign(key, %{"alg" => "RS256"}, %{
      iss: "firebase client email",
      sub: "firebase client email",
      aud:
        "https://identitytoolkit.googleapis.com/google.identity.identitytoolkit.v1.IdentityToolkit",
      iat: :os.system_time(:seconds),
      exp: :os.system_time(:seconds) + 3600,
      uid: firebase_user_id
    })
    |> JOSE.JWS.compact()
    |> elem(1)

Getting the same error consistently for last 30 minutes. First time using this library.

Version - {:ex_firebase_auth, "~> 0.5.1"}

ets table contains only one entry with following value -

iex(1)> :ets.first(ExFirebaseAuth.KeyStore)
"6a4f87ff5d93fa6ea03e5c6e88eea0acd2a232a9"
iex(2)> :ets.last(ExFirebaseAuth.KeyStore)
"6a4f87ff5d93fa6ea03e5c6e88eea0acd2a232a9"
iex(3)> :ets.lookup(ExFirebaseAuth.KeyStore, "6a4f87ff5d93fa6ea03e5c6e88eea0acd2a232a9")
[
  {"6a4f87ff5d93fa6ea03e5c6e88eea0acd2a232a9",
   %JOSE.JWK{
     fields: %{},
     keys: :undefined,
     kty: {:jose_jwk_kty_rsa,
      {:RSAPublicKey,
       26683466267166000117937282941287368499188964267704350320016815060755186299190334552341359030182847862883650390995706932990206917504303874597159717626156857776530120286608824298039026662712309062585296391513994028930201376912224740158628136408547035523323040966599847393117788904610391693639428199426775371439187431710883575502972086796633627213970033547315970319396410708150818633921757026450722384908347116277890243025314192440036812929920627983552722832658264926504359043778585873454116991087894748041249472749584754467425019137143154494316545575161017698890108258608397227982398909111303817013085192016995952648177,
       65537}}
   }}
]

Verify token returns

{:error, "Public key retrieved from google was not found or could not be parsed"}

Originally posted by @akashvibhute in #13 (comment)

Hello Nick!

Thanks for writing and sharing ExFirebaseAuth! I'm using it on my project, and when I try to parse a Firebase token with ExFirebaseAuth.Token.verify_token/1, I get the following error:

{:error,
 "Public key retrieved from google was not found or could not be parsed"}

This is an intermittent scenario. It works sometimes, but once in a while I get this error. I'm not sure if it's an issue with my application, my build, or the library itself (I'm doing using anything other than decoding Firebase tokens, and I've properly configured the library as per docs says).

What could I do to fix, debug, or handle this kind of error?

• So we don't have to call the genserver to get public keys
• ETS is awesome

• generate real JWTs based on a public and private key generated at launch
• mock KeyStore to use those public and private keys in tests

🙈

First of all, thanks @Nickforall for the awesome library.
I found the source code really amazing, an awesome source of good elixir :)

I would like to request changes to the behavior of the library, so that it no longer prevents app initialization if it couldn't fetch the credentials. Somewhere along these lines should retry or ignore such errors.

In my current project I use firebase auth for a minor feature, so if it fails, I would like everything else to continue to work.

Also, I use this library behind a layer of custom code, and at test time I don't actually test against this library. If I turn my internet off then my tests won't run anymore.

JOSE seems to raises on invalidly formatted JWTs. I'd prefer returning an error tuple like the other errors