How i get new access token when current access token has expired, google firebase auth?

Question

I use firebase at client and use firebase-admin at server. At client i use signInWithPopUp to sign in to my web app with google account, then receive accessToken, expirationTime, refreshToken at client.

stsTokenManager:{
  accessToken: "eyJhbGciOiJzGcaUzI1JKKIsIzxcXzStpZC... ,
  expirationTime: 1648809531166 ,
  refreshToken: "AIwxAjDfh8_SkckvoSsASxXllMkIX8GBNx...

And i use verify function in firebase-admin lib for verify token was send by client, but until token has expired(1h), i can't use this token. How i get new accesstoken when current access token has expired?

score 1 · Answer 1 · answered Apr 01 '22 at 10:22

1

You don't have to necessarily have to read user's idToken, store it anywhere or refresh it yourself. Instead you just need to use getIdToken() to get user's ID Token. If the token has expired, Firebase SDK will refresh and return a new token or return existing one. You can use getIdToken() before every request to your API.

const userToken = await firebase.auth().currentUser.getIdToken();

// pass userToken to in the API request
// API request here

answered Apr 01 '22 at 10:22

Dharmaraj

47,845
8
52
84

so do i need to store token or refresh token on client browser? – HTL Apr 01 '22 at 14:27
1

@HTL no, you don't have to. – Dharmaraj Apr 01 '22 at 14:34

score 0 · Answer 2 · answered Aug 31 '22 at 21:05

You can use the following to obtain the oauth access token:

const provider = new GoogleAuthProvider()
provider.addScope(...)

...

const result = await signInWithPopup(auth, provider)
const credential = GoogleAuthProvider.credentialFromResult(result)
console.log(credential.accessToken)

I don't know how to refresh that token.

How i get new access token when current access token has expired, google firebase auth?

2 Answers2

Linked