Verifying firebase custom token to get token ID fails when using jsonwebtoken
If you dont want to use signInWithCustomToken() this is the correct way to do it
const publicKey = new NodeRSA().importKey(serviceAccount.private_key, "pkcs8-private-pem").exportKey("pkcs8-public-pem")
jwt.verify(token, publicKey, {
algorithms: ["RS256"]
}, (err, decoded) => {
if (err) {
# send some error response
res.status(400).json({
status: 0,
message: "Token is invalid!"
})
} else {
# send some valid response
res.status(200).json({
status: 1,
message: "Token is valid for uid " + decoded.uid
})
}
})
It looks like you're calling verifyIdToken
with a custom token. That's not going to work. verifyIdToken
only accepts "ID tokens". To obtain an ID token from a custom token first call signInWithCustomToken()
. Then call getToken()
on the signed in user instance.