flutterfire
flutterfire copied to clipboard
🐛 [firebase_app_check] Add support to nonce in getToken function
Context
I have developed an application that sends sensitive information, which should only be transmitted by the application itself. To ensure security, the integrity token is validated in the backend API.
To prevent man-in-the-middle attacks, I need to hash the request content and have the backend verify that the hash of the received request matches the nonce.
Having this feature in my application is of utmost importance. If it is not supported, I won't be able to use the library.
Expected behavior
FirebaseAppCheck.getToken(nonce: String)