How to create Firebase token on server for use with unit tests?

问题

I need to authenticate a Firebase user using node so I can test some server side methods. For each protected request, I verify the Firebase token using:

firebase.auth().verifyIdToken(firebaseAccessToken).then(function(decodedToken) {
    // forward request
})

So in my test I created a token with a uid from my Firebase database

firebase.auth().createCustomToken(uid).then(function(token) {
    //add to header for requests
})

Later I read that custom tokens are not verified by the verifyIdToken method, only client generated ones.

I've looked at this answer - server side verification of tokens in firebase

So I added databaseAuthVariableOverride to the init json

firebase.initializeApp({
  credential: firebase.credential.cert(serviceAccount),
  databaseURL: [dbURL],
  databaseAuthVariableOverride: {
    uid: [uid]
  }
});

Still getting the output in my tests

Error: expected 200 "OK", got 401 "Unauthorized"

And the firebase error -

Error: Decoding Firebase ID token failed. Make sure you passed the entire string JWT which represents an ID token. See https://firebase.google.com/docs/auth/admin/verify-id-tokens for details on how to retrieve an ID token.

So how do I emulate a user with my current setup?

回答1:

Here's a Python script for generating Firebase ID tokens (not custom tokens).

python firebase_token_generator.py <UID>

There are probably easier ways to do this but you could call the Python script from Node.

回答2:

You can generate a Firebase Id token from your custom token, then use that for verification. Eg:

const rp = require("request-promise");

// 'customToken' comes from FirebaseAdmin.auth().createCustomToken(uid)
function getIdTokenFromCustomToken(customToken) {
    const url = `https://www.googleapis.com/identitytoolkit/v3/relyingparty/verifyCustomToken?key=${API_KEY}`;
    const data = {
        token: customToken,
        returnSecureToken: true
    };

    var options = {
        method: "POST",
        uri: url,
        body: data,
        json: true // Automatically stringifies the body to JSON
    };

    return rp(options)
        // idToken is the firebase id token that can be used with verifyIdToken
        .then(parsedBody => parsedBody.idToken) 
        .catch(function(err) {
            // POST failed...
        });
}

来源：https://stackoverflow.com/questions/41989345/how-to-create-firebase-token-on-server-for-use-with-unit-tests