2

Following the directions in the google docs for using firebase for auth in GAE, I am sending an authorization token from Android to my backend python server. Reading that token using the following code:

import google.auth.transport.requests
import google.oauth2.id_token

HTTP_REQUEST = google.auth.transport.requests.Request()
id_token = headers['authorization'].split(' ').pop()
user_info = google.oauth2.id_token.verify_firebase_token(
    id_token, HTTP_REQUEST)

results in the following stack trace:

  File "/Users/alex/projects/don/don_server/mobile/main.py", line 61, in get_video
    user_id = get_user_id(self.request_state.headers)
  File "/Users/alex/projects/don/don_server/mobile/main.py", line 37, in get_user_id
    id_token, HTTP_REQUEST)
  File "/Users/alex/projects/don/don_server/mobile/lib/google/oauth2/id_token.py", line 115, in verify_firebase_token
    id_token, request, audience=audience, certs_url=_GOOGLE_APIS_CERTS_URL)
  File "/Users/alex/projects/don/don_server/mobile/lib/google/oauth2/id_token.py", line 76, in verify_token
    certs = _fetch_certs(request, certs_url)
  File "/Users/alex/projects/don/don_server/mobile/lib/google/oauth2/id_token.py", line 50, in _fetch_certs
    response = request(certs_url, method='GET')
  File "/Users/alex/projects/don/don_server/mobile/lib/google/auth/transport/requests.py", line 111, in __call__
    raise exceptions.TransportError(exc)
TransportError: ('Connection aborted.', error(13, 'Permission denied'))

I've double checked my firebase project settings and localhost is listed as an authorized domain in the authentication sign-in section (I'm running this on the GAE local dev server).

As far as I can recall this was working a couple weeks ago. Any ideas?

UPDATE:

I implemented the same authentication using a service account as recommended in the firebase docs but am getting the same error message:

from firebase_admin import auth, credentials
import firebase_admin

fpath = os.path.join(os.path.dirname(__file__), 'shared', 'firebase-admin-private-key.json')
cred = credentials.Certificate(fpath)
firebase_admin.initialize_app(cred)

Then to process an incoming token

id_token = headers['authorization'].split(' ').pop()
user_info = auth.verify_id_token(id_token)
KENdi
  • 7,576
  • 2
  • 16
  • 31
Alex
  • 18,484
  • 8
  • 60
  • 80

1 Answers1

2

At some point I upgraded my requests library. Because requests doesn't play well with GAE, the calls to the firebase server failed. By downgrading to version 2.3.0 this now works.

pip install -t lib requests==2.3.0

Alternatively monkeypatching requests as suggested in this answer works as well!

import requests_toolbelt.adapters.appengine

requests_toolbelt.adapters.appengine.monkeypatch()
Alex
  • 18,484
  • 8
  • 60
  • 80