dart_firebase_admin
dart_firebase_admin copied to clipboard
Update signing logic for correct custom token format
Background
Create custom token here:
final adminApp = FirebaseAdminApp.initializeApp(
'project-id',
Credential.fromServiceAccountParams(
clientId: 'client-id',
privateKey: 'private-key',
email: 'email',
),
);
final auth = Auth(adminApp);
final customToken = await auth.createCustomToken('some-user-id');
print('customToken: $customToken');
Then, try to use the custom token to sign in Firebase Auth with on Flutter client app:
final userCredential = await FirebaseAuth.instance.signInWithCustomToken(customToken);
The exception like the following is thrown:
FirebaseAuthException ([firebase_auth/invalid-custom-token] The custom token format is incorrect. Please check the documentation.)
If I use the custom token created by JS (TS) SDK by the same project service account on my Flutter client app, it successfully signs in.
admin.initializeApp({
credential: admin.credential.cert(serviceAccount),
databaseURL: `https://${serviceAccount.projectId}.firebaseio.com`
})
const main = async () => {
const customToken = await admin.auth().createCustomToken(`some-user-id`)
console.log(`customToken: ${customToken}`)
}
main()
I noticed the length of custom tokens are different from each other.
# Example of created custom token by this package:
eyJ*****************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************z0A
# Example of created custom token by JS (TS) SDK:
eyJ****************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************uFA
Then this PR fixes the RSA-SHA256 signing logic using pointycastle package instead of crypto package.
After the change,
- The length of created custom tokens is the same as the ones created by JS (TS) SDK.
- Successful signing with custom token is confirmed.
I am so excited by and curious about this project, enabling us to write Firebase Admin SDK server-side code by Dart!
Thank you so much for developing such a wonderful project!