I know the Firebase ID token can be used to act on behalf of the user. But the token expires after 1hr. To fix this, the documentation and this post How to use the Firebase refreshToken to reauthenticate? you can supposedly re-authenticate using the REST command here https://firebase.google.com/docs/reference/rest/auth/
I cannot get this to work. Here is the Android Flutter code to print the token on logcat
FirebaseAuth.instance;.currentUser().then((FirebaseUser user) {
if (user != null) {
user.getIdToken(refresh: true).then((IdTokenResult token) {
dbg.log('firebase TOKEN ' + token.token );
dbg.log('firebase TOKEN authtime ' + token.authTime.toIso8601String() );
dbg.log('firebase TOKEN expiration ' + token.expirationTime.toIso8601String() );
dbg.log('firebase TOKEN issued at ' + token.issuedAtTime.toIso8601String() );
});
}
}).catchError((e) {
dbg.log('fetch user ERROR: ' + e.toString());
});
verify that the token does work you can add it to curl:
#!/bin/sh
TOKEN=<your token>
curl -H "Authorization: Bearer $TOKEN" \
https://firestore.googleapis.com/v1/projects/<your project>/databases/<your databases> | jq
This works. But, when I try to get a refresh token :
#!/bin/sh
TOKEN=<your token>
WEB_API_KEY=<your web api key>
REFRESH_URL=https://identitytoolkit.googleapis.com/v1/accounts:signInWithCustomToken?key=${WEB_API_KEY}
ARGS='{"token":"'${TOKEN}'","returnSecureToken":true}'
echo $ARGS | jq
curl ${REFRESH_URL} \
-H 'Content-Type: application/json' \
--data-binary ${ARGS} | jq
I get the following error:
{
"error": {
"code": 400,
"message": "INVALID_CUSTOM_TOKEN",
"errors": [
{
"message": "INVALID_CUSTOM_TOKEN",
"domain": "global",
"reason": "invalid"
}
]
}
}
Am I missing a step ?
