问题
I have an authentication server (NodeJS) where I authenticate a user and create a custom firebase token
var token = firebase.auth().createCustomToken(userId);
I used to be able to verify a user token (previous version), but now it is not so simple...
I would like to get the decoded userId from the token
firebase.auth().verifyIdToken(token).then(function)....
does not work for server generated custom tokens.
Does anyone know how this could be done?
回答1:
You should be using jsonwebtoken to validate the token in this case. You will just need to pass the firebase private key as an additional parameter.
var jwt = require('jsonwebtoken');
var fbPrivateKey = //your firebase key string here
jwt.verify(token, fbPrivateKey, { algorithms: ['RS256'] }, function(err, decoded) {
console.log(decoded); //your token info will be available here.
});
Update:
You have to use the private_key from the .json config file that you set in firebase.initializeApp({ and use a library to convert this key to the public PEM format. You can use node-rsa to do the trick
var NodeRSA = require('node-rsa');
var fbPrivateKey = //key from the .json file.
var key = new NodeRSA(fbPrivateKey).exportKey('pkcs8-public-pem');
jwt.verify(token, key, { algorithms: ['RS256'] }, function(err, decoded) {
console.log(err);
console.log(decoded); //your token info will be available here.
});
来源:https://stackoverflow.com/questions/38186897/firebase-custom-token-authentication-firebase-version-3