Firebase Android Authentication failed: expired_token (Auth token is expired)

Question

I encounter an issue with Android Firebase Auth using com.google.gms:google-services:3.0.0 and com.google.firebase:firebase-auth:9.0.1.

1

Answer 1

The new maximum life time for Firebase Tokens is 1 hour - I read it in the docs earlier today.

As for Invalid claim 'kid' in auth header., I get exactly 2 search results on Google for that (: No documentation related to kid in Firebase docs. I guess we will have to wait for answers from Google (or switch back to the old version of Firebase if possible).

Answer 2

If we use default Auth providers like (Google, Facebook, Email..), updating "SHA-1 key" of your Application in firebase console would fix the token expiry issue.

In this discussion a Google developer shared a guide to solve this problem.

Guide: https://drive.google.com/file/d/0B94LePkXiqa6SXVFd3N1NzJHX1E/view

Answer 3

Try to implement FirebaseInstanceIdService to get refresh token.

Access the registration token:

You can access the token's value by extending FirebaseInstanceIdService. Make sure you have added the service to your manifest, then call getToken in the context of onTokenRefresh, and log the value as shown:

    @Override
public void onTokenRefresh() {
    // Get updated InstanceID token.
    String refreshedToken = FirebaseInstanceId.getInstance().getToken();
    Log.d(TAG, "Refreshed token: " + refreshedToken);

    // TODO: Implement this method to send any registration to your app's servers.
    sendRegistrationToServer(refreshedToken);
}

The onTokenRefreshcallback fires whenever a new token is generated, so calling getToken in its context ensures that you are accessing a current, available registration token. FirebaseInstanceID.getToken() returns null if the token has not yet been generated.

Code:

import android.util.Log;

import com.google.firebase.iid.FirebaseInstanceId;
import com.google.firebase.iid.FirebaseInstanceIdService;


public class MyFirebaseInstanceIDService extends FirebaseInstanceIdService {

    private static final String TAG = "MyFirebaseIIDService";

    /**
     * Called if InstanceID token is updated. This may occur if the security of
     * the previous token had been compromised. Note that this is called when the InstanceID token
     * is initially generated so this is where you would retrieve the token.
     */
    // [START refresh_token]
    @Override
    public void onTokenRefresh() {
        // Get updated InstanceID token.
        String refreshedToken = FirebaseInstanceId.getInstance().getToken();
        Log.d(TAG, "Refreshed token: " + refreshedToken);

        // TODO: Implement this method to send any registration to your app's servers.
        sendRegistrationToServer(refreshedToken);
    }
    // [END refresh_token]

    /**
     * Persist token to third-party servers.
     *
     * Modify this method to associate the user's FCM InstanceID token with any server-side account
     * maintained by your application.
     *
     * @param token The new token.
     */
    private void sendRegistrationToServer(String token) {
        // Add custom implementation, as needed.
    }
}

I hope its helps you.

Answer 4

check if the last user is null or expired

GoogleSignInAccount account = GoogleSignIn.getLastSignedInAccount(context);
        if (account == null || account.isExpired()) {
            System.out.println("AccountGoogle: null");
            GoogleSignInClient mGoogleSignInClient = GoogleSignIn.getClient(context, gso);
            Intent signInIntent = mGoogleSignInClient.getSignInIntent();
            fragment.startActivityForResult(signInIntent, RC_SIGN_IN);

        }