React-Native Firebase: Token refresh not working

Question

I have an issue with react-native-firebase (or firebase) in which my app does not receive a trigger after the auth token refreshes. It's pretty much the same issue as [1], but they never posted a solution.

So, what happens is that both on an Android phone and on the Android emulator (no idea about iOS), signing up, logging in, and logging out works perfectly, meaning the listeners correctly see when I do a logout() etc. But the listeners never fire when the token refreshes.

My first question is: Am I correct to assume that the onIdTokenChanged-listener should automatically fire after 60 minutes without having to do anything else, e.g. call any firebase function, such that the app just sits there doing nothing for 60 minutes and then receiving the event and replacing the token?

My main component which contains the listeners looks like this:

class ReduxAppWrapper extends Component {

  componentDidMount() {
    firebase.auth().onAuthStateChanged((user) => {
        console.log('COMP DID MOUNT: AUTH STATE CHANGED! ' + JSON.stringify(user));
    });
    firebase.auth().onIdTokenChanged((user) => {
        console.log('COMP DID MOUNT: TOKEN CHANGED! ' + JSON.stringify(user));
    });
    firebase.auth().onUserChanged((user) => {
        console.log('COMP DID MOUNT: USER CHANGED! ' + JSON.stringify(user));
    });
  };

  render() {
    return (
      <ReduxProvider store={store}>
        <MenuProvider>
          <PaperProvider>
            <AppContainer />
          </PaperProvider>
        </MenuProvider>
      </ReduxProvider>);
  }
}

Normally inside the listener, I have a function that dispatches a redux-action such that the authentication information is broadcast across my components. Inside those components, I use the jwt token for http-requests to my backend.

Now the backend of course uses firebase to validate that token (and this is where the problem occurs after the 60 minutes since it retrieves an outdated jwt), but I think I am right to assume that the problem lies within the app since the refresh does not happen.

I'd be really glad if someone could point me to where to look, I also tried to find out in the firebase console whether a token refresh event was sent, but I could not find anything about that.

So basically:

1. Am I right to assume that the firebase.auth().onIdTokenChanged() function should be called without me doing anything else? Or is it not enough to define the listener once in the main component (also regarding the fact that other screens will be rendered on top of that due to the stack-nvigation).

2. If the code is fine, do you have any hints for where to look?

Thanks so much!

[1] https://github.com/invertase/react-native-firebase/issues/531

Answer 1

Apparently, with getIdToken, Firebase only makes a call to its server to get a new token if the current token has expired; it does not create unnecessary requests if it does not have to.

Quite a crucial detail which can be confusing if you are not aware of it and makes you (rightfully) assume that onIdTokenChanged is a listener which you would need to use to automatically update the token ...

https://firebase.google.com/docs/reference/js/firebase.User.html#getidtoken

Returns the current token if it has not expired. Otherwise, this will refresh the token and return a new one.

Answer 2

For anyone with the same issue, I ended up asking firebase asking for the token everytime I needed it. I still think this should not be necessary but I did not want to spend any more time analyzing why the refresh did not work automatically. So what I am doing in the app is

firebase.auth().currentUser.getIdToken().then((token) => {
  fetch(url, {
    method: 'GET',
    headers: { Authorization: token }
  })
}

¯\_(ツ)_/¯