firebase/php-jwt refresh token generation and revalidation

Question

I am using the firebase/php-jwt library to authenticate users, I am successfully able to send the access-token, but how can I send a refresh token and create a way to revalidate the refresh token after its expiry

the catch is to put true. User? user = FirebaseAuth.instance.currentUser!; String token = await user.getIdToken(true); — Rod Rodrigues, May 06 '23 at 01:22

score 0 · Answer 1 · answered Jun 16 '23 at 08:52

you could try something like

public function refreshToken($request)
{
    $refreshTokenSecret = 'your-refresh-token-secret-key';
    $previousToken = $request->get('previous_token'); // get token from request

    // Make sure previous token is ok
    $refreshTokenData = JWT::decode($previousToken, $refreshTokenSecret, ['HS256']);

    if ($refreshTokenData->exp < time()) {
        throw new Exception('Refresh token has expired'); // throw exception if token is expired
    }

    $previousTokenData = $refreshTokenData->data;

    $newToken = JWT::encode($previousTokenData, $refreshTokenSecret);

    // Send the new access token back to the client
}

Note that the new version of firebase/php-jw will throw an error when the token expires. — jcubic, Jun 16 '23 at 08:57

firebase/php-jwt refresh token generation and revalidation

1 Answers1