This repository was archived by the owner on May 6, 2024. It is now read-only.
This repository was archived by the owner on May 6, 2024. It is now read-only.
How to get 'kid' in header when testing with firebase emulator? #2
Description
Firstly, this is an awesome lib, so glad I found it — surprised it's yet undiscovered. Thank you
I ran into an issue running locally with Firebase Auth Emulators where if the Firebase's client-side SDK is using local auth emulators, then there's no kid in the accessToken, which breaks the withFirebaseUser function.
Fyi, this is my current workaround. You may be using the firebase admin SDK on next or not pointing your client SDKs to the local auth emulator, hence why you may not have this issue (I'm posting it for other users or in case you want to handle this case).
It seems this is a deliberate safety measure by Firebase.
if (publicKey) {
// decode jwt with public key
const decodedToken = jwt.verify(accessToken, publicKey, {
audience: projectId,
issuer: projectId && `https://securetoken.google.com/${projectId}`,
});
console.log(decodedToken, 'decodedToken');
if (typeof decodedToken === 'object') {
// create user object we decorate req with from decoded token
const user: FirebaseUser = {
user_id: decodedToken.user_id ?? decodedToken.sub,
name: decodedToken.name,
email: decodedToken.email,
email_verified: decodedToken.email_verified,
};
decoratedReq.user = user;
}
} else if (process.env.NODE_ENV === 'development') {
const body = accessToken.split('.')[1];
const decodedString = Buffer.from(body, 'base64').toString('ascii');
decoratedReq.user = JSON.parse(decodedString);
} else {
console.error('No public key or kid found.');
}