Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

.auth().verifyIdToken error: Firebase ID token has incorrect algorithm. Expected "none" but got "RS256"

Tags:

node.js

express

firebase

firebase-authentication

firebase-admin

Solved this problem by using: "firebase serve --only hosting,functions" verifyIdToken with production Auth is working as expected

I am building a SPA with firebase and using Express.js for user validation & routing in my backend.

In my login script I use firebase-u-auth for Google Sign In, then if user logged in

var app = firebase.initializeApp(config);
firebase.auth(app).setPersistence(firebase.auth.Auth.Persistence.LOCAL)
.then(() => {
  firebase.auth(app).onAuthStateChanged(function (user) {
   if (!user)
     return;
   redirectSuccesful(user);
  });
});

  function redirectSuccesful(user) {
    // for development purposes, enable insecure cookies for http on local server
    let secure = window.location.protocol.toLowerCase() === 'https:' || (window.location.hostname !== 'localhost' && window.location.hostname !== '127.0.0.1' && window.location.hostname !== '0.0.0.0');
    user.getIdToken().then((token) => {
      let expDate = expiryDateFromJwt(token);
      let cookies = `__session=${token}; samesite=strict; path=/${expDate ? '; expires=' + expDate.toUTCString() : ''}${secure ? '; secure' : ''}`;
      document.cookie = cookies;
      window.location.assign('/');
    });
  }

In my functions folder I use express with

const serviceAccount = require('...json');
admin.initializeApp({
  credential: admin.credential.cert(serviceAccount),
  databaseURL: "<my-url>"
});

expressApp.get('/', wrap (async function(req, res){
 const token = getSessionToken(req); //custom function that gets clean saved token from session
 if(token){
   const decodedToken = await admin.auth().verifyIdToken(token);
   ...
 }
}))

Token seems correct if I pass it in https://jwt.io/, however the function verifyIdToken(token) shows "Firebase ID token has incorrect algorithm. Expected "none" but got "RS256. See https://firebase.google.com/docs/auth/admin/verify-id-tokens for details on how to retrieve an ID token."

Where does the error comes from? Admin config?

Thanks!

like image 940
pa2Codes Avatar asked Nov 22 '25 22:11

pa2Codes

1 Answers

You can configure the authentication to work with the emulator:

Connect your app to the Authentication Emulator


import auth = firebase.auth;
import FirebaseUser = firebase.User;

if (!environment.production) {
  firebase.auth().useEmulator('http://localhost:9099/');
}
like image 132
Jeffrey Nicholson Carré Avatar answered Nov 25 '25 15:11

Jeffrey Nicholson Carré
Sign in to Comment

Related questions

Download multiple files from NodeJS Server
node.js Buffer not empty
Mongoose: How to populate 2 level deep population without populating fields of first level? in mongodb
How to use ts-node ESM with node modules?
Jest error: TypeError: Cannot read properties of undefined (reading 'send')

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!