Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to create Firebase token on server for use with unit tests?

Tags:

node.js

firebase

mocha.js

firebase-authentication

chai

I need to authenticate a Firebase user using node so I can test some server side methods. For each protected request, I verify the Firebase token using:

firebase.auth().verifyIdToken(firebaseAccessToken).then(function(decodedToken) {
    // forward request
})

So in my test I created a token with a uid from my Firebase database

firebase.auth().createCustomToken(uid).then(function(token) {
    //add to header for requests
})

Later I read that custom tokens are not verified by the verifyIdToken method, only client generated ones.

I've looked at this answer - server side verification of tokens in firebase

So I added databaseAuthVariableOverride to the init json

firebase.initializeApp({
  credential: firebase.credential.cert(serviceAccount),
  databaseURL: [dbURL],
  databaseAuthVariableOverride: {
    uid: [uid]
  }
});

Still getting the output in my tests 

Error: expected 200 "OK", got 401 "Unauthorized"

And the firebase error - 

Error: Decoding Firebase ID token failed. Make sure you passed the entire string JWT which represents an ID token. See https://firebase.google.com/docs/auth/admin/verify-id-tokens for details on how to retrieve an ID token.

So how do I emulate a user with my current setup?

like image 934
jeh Avatar asked Feb 01 '17 20:02

jeh

2 Answers

You can generate a Firebase Id token from your custom token, then use that for verification. Eg:

const rp = require("request-promise");

// 'customToken' comes from FirebaseAdmin.auth().createCustomToken(uid)
function getIdTokenFromCustomToken(customToken) {
    const url = `https://www.googleapis.com/identitytoolkit/v3/relyingparty/verifyCustomToken?key=${API_KEY}`;
    const data = {
        token: customToken,
        returnSecureToken: true
    };

    var options = {
        method: "POST",
        uri: url,
        body: data,
        json: true // Automatically stringifies the body to JSON
    };

    return rp(options)
        // idToken is the firebase id token that can be used with verifyIdToken
        .then(parsedBody => parsedBody.idToken) 
        .catch(function(err) {
            // POST failed...
        });
}
like image 142
Jeremy Avatar answered Oct 31 '22 03:10

Jeremy

Here's a Python script for generating Firebase ID tokens (not custom tokens). 

python firebase_token_generator.py <UID>

There are probably easier ways to do this but you could call the Python script from Node.

like image 25
J Wang Avatar answered Oct 31 '22 03:10

J Wang
Sign in to Comment

Related questions

how does password hash+salt work
When using nvm to manage your node versions, should you point webstorms node interpreter to it?
Stubbing a promisified function with sinon and bluebird
What is the difference between browserify external vs. exclude?
ECONNREFUSED when making GET request in app, but API returns JSON successfully
Change root directory on npm publish
GraphQL - return calculated type dependent on argument
"npm ERR! errno 3221225477" Error in Node when making a query using oracledb
ServiceWorker MIME Type Error ('text/html') on register (React)
How to fix: (node:12364) [DEP0111] DeprecationWarning: Access to process.binding('http_parser') is deprecated
Inter-child-process communication options in node.js cluster
Speed up Auto-reload in Meteor.js
Example of socket.io chat - sails.js
Laravel Broadcast with Redis not working/connecting?
What is meaning of node.js --trace-gc output?
Passport token auth *without* database session
nodejs garbage collection output
Unable to verify the first certificate in Node.js
WebSocket server does not work with SSL
How Can I write an AWS Lambda Script that Runs a Protractor / Selenium Browser Automation Script?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!