Firebase ID token has invalid signature

See original GitHub issue

Describe the bug After i logged in using email and password method, I got this error for every pages using withAuthUser.

Unhandled Runtime Error
Error: Received 500 response from login API endpoint: {"error":{"code":"auth/argument-error","message":"Firebase ID token has invalid signature. See https://firebase.google.com/docs/auth/admin/verify-id-tokens for details on how to retrieve an ID token."}}

Call Stack
eval
node_modules/next-firebase-auth/build/index.browser.js (1:7863)
Generator.next
<anonymous>
asyncGeneratorStep
node_modules/@babel/runtime/helpers/asyncToGenerator.js (3:0)
_next
node_modules/@babel/runtime/helpers/asyncToGenerator.js (25:0)

Do you guys have any ideas how to get rid of this issue? I run on localhost. Thanks a lot.

Version Version: 0.13.1

Additional context My source code:

/api/login.js

import { setAuthCookies } from "next-firebase-auth";
import initAuth from "../../lib/initAuth";

initAuth();

const handler = async (req, res) => {
  try {
    await setAuthCookies(req, res);
  } catch (error) {
    return res.status(500).json({ error: error });
  }
  return res.status(200).json({ success: true });
};

export default handler;

index.js

export const getServerSideProps = wrapper.getServerSideProps(
  async ({ store }) => {
    store.dispatch(getBoards());
    return {
      props: {},
    };
  }
);

const Home = () => {
  const { boards } = useSelector((state) => state.board);
  return <BoardList items={boards} />;
};

export default withAuthUser({
  whenUnauthedAfterInit: AuthAction.REDIRECT_TO_LOGIN,
})(Home);

/lib/initAuth.js

import { init } from "next-firebase-auth";
import ROUTES from "../src/routes";

const ROUTE_API_LOGIN = "/api/login";
const ROUTE_API_LOGOUT = "/api/logout";

const initAuth = () => {
  init({
    authPageURL: ROUTES.ROUTE_LOGIN,
    appPageURL: ROUTES.ROUTE_ROOT,
    loginAPIEndpoint: ROUTE_API_LOGIN,
    logoutAPIEndpoint: ROUTE_API_LOGOUT,
    firebaseAuthEmulatorHost: process.env.FIREBASE_AUTH_EMULATOR_HOST,
    firebaseAdminInitConfig: {
      credential: {
        projectId: process.env.NEXT_PUBLIC_FIREBASE_PROJECT_ID,
        clientEmail: process.env.FIREBASE_CLIENT_EMAIL,
        privateKey: process.env.FIREBASE_PRIVATE_KEY,
      },
      databaseURL: process.env.NEXT_PUBLIC_FIREBASE_DATABASE_URL,
    },
    firebaseClientInitConfig: {
      apiKey: process.env.NEXT_PUBLIC_FIREBASE_API_KEY,
      authDomain: process.env.NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN,
      databaseURL: process.env.NEXT_PUBLIC_FIREBASE_DATABASE_URL,
      projectId: process.env.NEXT_PUBLIC_FIREBASE_PROJECT_ID,
    },
    cookies: {
      name: "MyBoard",
      keys: [
        process.env.COOKIE_SECRET_CURRENT,
        process.env.COOKIE_SECRET_PREVIOUS,
      ],
      httpOnly: true,
      maxAge: 12 * 60 * 60 * 24 * 1000, // twelve days
      overwrite: true,
      path: "/",
      sameSite: "strict",
      secure: false, // set this to false in local (non-HTTPS) development
      signed: true,
    },
  });
};

export default initAuth;

Issue Analytics

  • State:closed
  • Created 2 years ago
  • Reactions:3
  • Comments:12 (4 by maintainers)

github_iconTop GitHub Comments

9reactions
GorvGoylcommented, May 22, 2021

I was facing the same issue and turned it happens when I add FIREBASE_AUTH_EMULATOR_HOST=localhost:9099 to the env.local file. If I remove this, id token issue is gone. It also happens, if I add firebaseAuthEmulatorHost to initAuth but not set the env value.

Funny thing is it’s not enough to properly setup local auth emulator just by adding it to env file or to the initAuth object: firebaseAuthEmulatorHost: "localhost:9099". we need to follow both steps else it’l break.

@kmjennison I feel like this can be further simplified, can’t we just take the value from initAuth object (i.e. firebaseAuthEmulatorHost) only and forget the env file? that way I can put it a boolean flag in initAuth.ts if I want to enable the emulator:

if (!isProd && enableAuthEmulator) {
    authObj.firebaseAuthEmulatorHost = "localhost:9099";
  }
0reactions
thanhtutzawcommented, Nov 7, 2022

Vercel

Now It works in Netlify. Didn’t work In local . What a weird problem. #574 @kmjennison

Read more comments on GitHub >

github_iconTop Results From Across the Web

Firebase ID token has invalid signature even on jwt
The problem comes from the Firebase Emulator Auth. The Firebase-hosted Auth is unable to verify JWT token generated by the Firebase Emulator Auth....
Read more >
Firebase ID token has invalid signature · Issue #31635 - GitHub
I'm writing an app on Flutter and I'm making access with login by email and password, and by google account. This app will...
Read more >
Firebase ID token has invalid signature even on jwt ... - YouTube
Firebase ID token has invalid signature even on jwtHelpful? Please use the *Thanks* button above! Or, thank me via Patreon: ...
Read more >
Verify ID Tokens | Firebase Authentication - Google
The Firebase Admin SDK has a built-in method for verifying and decoding ID tokens. If the provided ID token has the correct format,...
Read more >
Authenticate with a backend server - Google Developers
The ID token is properly signed by Google. Use Google's public keys (available in JWK or PEM format) to verify the token's signature....
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found