0

Firebase documentation states that custom claims can be accessed like so:

admin
  .auth()
  .verifyIdToken(idToken)
  .then((claims) => {
    if (claims.admin === true) {
      // Allow access to requested admin resource.
    }
  });

I have implemented Firebase auth following this sample project and tutorial. Specifically, the token is being decoded inside Next.JS' getServerSideProps here.

It's also worth mentioning that I'm running this project in development mode with Firebase Emulators.

So, on calling:

verifyIdToken(token)

I get this error message:

Error: Firebase ID token has no "kid" claim. See https://firebase.google.com/docs/auth/admin/verify-id-tokens for details on how to retrieve an ID token.

Any idea where I'm failing?

---------- UPDATE ----------

The decoded token has this info:

{
   "header":{
      "alg":"none",
      "typ":"JWT"
   },
   "payload":{
      "email":"user@test.test",
      "email_verified":false,
      "auth_time":1626004181,
      "user_id":"MY_USER_ID",
      "firebase":{
         "identities":{
            "email":[
               "user@test.test"
            ]
         },
         "sign_in_provider":"password"
      },
      "iat":1626004181,
      "exp":1626007781,
      "aud":"MY_FIREBASE_PROJECT_ID",
      "iss":"https://securetoken.google.com/MY_FIREBASE_PROJECT_ID",
      "sub":"SOME_KEY"
   }
}
artooras
  • 6,315
  • 9
  • 45
  • 78
  • Have you checked [this](https://stackoverflow.com/q/37358105/13130697) ? – Dharmaraj Jul 10 '21 at 13:53
  • Yes, I have. I don't think it's applicable to my situation though... I'm not using a custom token as the user registers with email and password. Also, I'm using the latest version of firebase and firebase-admin libraries in my project, so version compatibility should also be quite unlikely... – artooras Jul 10 '21 at 16:09
  • Can you try decoding the token on https://www.jstoolset.com/jwt and share the output? – Dharmaraj Jul 10 '21 at 16:10
  • I have edided my question to include the decoded token. – artooras Jul 11 '21 at 13:55
  • How did you obtain this ID token? – Hiranya Jayathilaka Jul 12 '21 at 17:50
  • 1
    It ended up being an issue with Firebase Emulators. I managed to solve it following the instructions in this discussion - https://github.com/firebase/firebase-tools/issues/2764#issuecomment-878158342. – artooras Jul 13 '21 at 06:34

0 Answers0