5

I have recently added Firebase App Check in my Flutter app.

I am calling Cloud functions with the https.onCall() method. However i am receiving this error :

>  {"severity":"WARNING","message":"Failed to validate AppCheck token. FirebaseAppCheckError: Decoding App Check token failed. Make sure you passed the entire string JWT which represents the Firebase App Check token.
    at FirebaseAppCheckError.FirebaseError [as constructor] (/Users/foxtom/Desktop/Cloud Functions/functions/node_modules/firebase-admin/lib/utils/error.js:44:28)
    at FirebaseAppCheckError.PrefixedFirebaseError [as constructor] (/Users/foxtom/Desktop/Cloud Functions/functions/node_modules/firebase-admin/lib/utils/error.js:90:28)
    at new FirebaseAppCheckError (/Users/foxtom/Desktop/Cloud Functions/functions/node_modules/firebase-admin/lib/app-check/app-check-api-client-internal.js:187:28)
    at /Users/foxtom/Desktop/Cloud Functions/functions/node_modules/firebase-admin/lib/app-check/token-verifier.js:82:19
    at processTicksAndRejections (node:internal/process/task_queues:96:5) {
  errorInfo: {
    code: 'app-check/invalid-argument',
    message: 'Decoding App Check token failed. Make sure you passed the entire string JWT which represents the Firebase App Check token.'
  },
 codePrefix: 'app-check'
}"}
>  {"verifications":{"app":"INVALID","auth":"MISSING"},"logging.googleapis.com/labels":{"firebase-log-type":"callable-request-verification"},"severity":"WARNING","message":"Callable request verification failed: AppCheck token was rejected."}

The severity seems to be WARNING only but it doesn't execute the function. My function only contains a console.log()

In my app i have this error :

W/FirebaseContextProvider( 6788): Error getting App Check token; using placeholder token instead. Error: com.google.firebase.FirebaseException: Error returned from API. code: 403 body: App attestation failed.
I/flutter ( 6788): Error is : [firebase_functions/unauthenticated] Unauthenticated

I have not enforced anything like suggested in the documentation

This is preventing me from using Cloud Functions and i can disable App Check for my app anymore...

EDIT :

I add that Firebase Storage and RealTime Database are working fine without any debug AppCheck token when it's not enforced.

What can I do ?

Tom3652
  • 2,540
  • 3
  • 19
  • 45
  • The error you are getting on the Firebase side is hinting at something being wrong with your string token being passed to the function, can you share the code where you call your cloud function and the relevant parts of the function itself? Also I would suggest you try to log the value of the string token and check if it is the expected value. – Ralemos Aug 09 '21 at 10:14
  • yes i agree with you and i don't pass any token to the function call. However, i don't enforce my Cloud Functions so it should not be a problem right ? – Tom3652 Aug 10 '21 at 10:49
  • I have the same issue. Any ideas? – Nils Reichardt Aug 11 '21 at 08:40
  • 1
    Unfortunately not yet, i have reached out the Firebase support about it but i have not gotten any answer yet, i will post it here if there is any – Tom3652 Aug 11 '21 at 08:52
  • 1
    I created also a GitHub ticket in the FlutterFire Repo with a reproduce sample: https://github.com/FirebaseExtended/flutterfire/issues/6794 – Nils Reichardt Aug 11 '21 at 11:39
  • I have added this question to your issue, thanks ! – Tom3652 Aug 11 '21 at 17:58
  • 1
    You can post the given answer on GitHub here i will accept it – Tom3652 Aug 11 '21 at 20:49

2 Answers2

2

I created a reproducible code sample, which you see here: https://github.com/nilsreichardt/playground/tree/firebase-app-check-cloud-function-unauthenticated-issue/firebase-app-check-cloud-functions-unauthentificated

Therefore, I created a detailed issue in the FlutterFire repository: https://github.com/FirebaseExtended/flutterfire/issues/6794

A first workaround already posted as a comment and I'm sure that more workarounds or solutions will follow.

Nils Reichardt
  • 3,195
  • 2
  • 18
  • 28
1

Firebaser here.

Thank you for reporting this issue -- we have now released a fix to all platforms that should resolve this issue. Please refer to the Github issue for full details.

Victor Fan
  • 180
  • 5