Reputation: 730
Set up Firebase admin sdk with proxy (Java)
I'm trying to use firebase to authenticate my users via Google. On my Java server I'm verifying the validity of the idToken and every time I get this error:
com.google.firebase.auth.FirebaseAuthException: Error while verifying token signature.
I identified the problem as being the proxy of my server that avoid the http requests made by the sdk. I tested my code on my computer and it works so I'm pretty sure the problem is the proxy.
Here is my code:
InputStream serviceAccount = getClass().getClassLoader().getResourceAsStream(<fileName>);
Proxy proxy = new Proxy(Proxy.Type.HTTP, new InetSocketAddress(<address>, <port>));
HttpTransport httpTransport = new NetHttpTransport.Builder().setProxy(proxy).build();
HttpTransportFactory httpTransportFactory = () -> httpTransport;
FirebaseOptions options = new FirebaseOptions.Builder()
.setCredentials(GoogleCredentials.fromStream(serviceAccount, httpTransportFactory))
.setDatabaseUrl(<adress>)
.setHttpTransport(httpTransport)
.build();
FirebaseApp.initializeApp(options);
FirebaseToken decodedToken = FirebaseAuth.getInstance().verifyIdTokenAsync(<token>).get();
What am I doing wrong ?
Upvotes: 3
Views: 5753
Answers (3)
Reputation: 1
I found your mistake. You are missing one method of FirebaseOptions.Builder, which:
.setHttpTransport(transport)
the code should be like this:
NetHttpTransport transport = new NetHttpTransport.Builder()
.setProxy(new Proxy(Proxy.Type.HTTP, new InetSocketAddress(proxyProps.getHost(), proxyProps.getPort())))
.build();
FirebaseOptions options = FirebaseOptions.builder()
.setCredentials(GoogleCredentials.fromStream(inputStream, () -> transport))
.setHttpTransport(transport)
.build();
FirebaseApp.initializeApp(options);
Upvotes: 0
Reputation: 501
I've faced the same problem, and still waiting for a greater solution.
In the meantime, I've decompiled the WebSocket class (com.google.firebase.database.tubesock.WebSocket), and created an underlying socket by myself, then droped this decompiled class in a new package in my project: com.google.firebase.database.tubesock.
The creation of the SSLSocket is around the line 295 of this class.
I've created the socket this way:
SSLSocketFactory factory = (SSLSocketFactory)SSLSocketFactory.getDefault();
InetSocketAddress proxyAddr = new InetSocketAddress("200.5.92.169", 8080);
Socket underlying = new Socket(new Proxy(Proxy.Type.HTTP, proxyAddr));
underlying.connect(new InetSocketAddress(host, port));
SSLSocket sslSocket = (SSLSocket) factory.createSocket(underlying, host, port, true);
Upvotes: 1
Reputation: 7438
I believe this is a bug. As you can see here, the token verifier does not use the HTTP transport injected through options. I'd appreciate if you can create an issue for this on GitHub.
In the meantime, you might be able to get around this limitation by configuring the HTTP/S proxy for the JVM. Try setting the https.proxyHost and https.proxyPort system properties when starting the JVM (more details here).
Upvotes: 2
Related Questions
- Firebase Admin SDK with Java
- How to connect to Firebase by Firebase Admin against a proxy?
- Firebase/NodeJS behind proxy server
- How do I use FirebaseAdmin with proxy?
- Switching Firebase Auth from Android SDK to Firebase Admin SDK
- How to sign in with email and password using firebase admin sdk in Android
- Firebase JAVA admin sdk FirebaseAuthException
- Firebase android proxy setting
- How to setup Firebase Admin with Java
- Adding Firebase Admin to Java Application