Firebase functions authentication with hosting stripping Authentication header

Question

I have Firebase functions backend rest api and custom domain Firebase hosting pointed to it so I don't lock myself to Firebase provided domain.

At this moment I can reach my backend at 3 urls.

1. https://us-central1-my-project.cloudfunctions.net/app - Default url provided by firebase to directly call function.
2. https://my-project.firebaseapp.com/api - Default hosting provided by Firebase, rewriting the /api source to app function.
3. https://my-custom-domain.com/api - My custom domain set up in Firebase, rewriting the /api source to app function.

Now, I can reach my backend on any of these just fine, with one exception. I've added an authentication requirement to my functions based on https://github.com/firebase/functions-samples/tree/master/authorized-https-endpoint

E.g., my client sends Authorization: Bearer IdToken, then Express middleware reads it and verifies it with Firebase Auth.

My problem is that the Authorization header is not present in request when the client accesses the backend via 3rd url. The 1st and the 2nd work just fine.

Would anybody know what do I have to configure so the header is forwarded properly?

Thanks

P.S.: This is my hosting configuration:

{
  "hosting": {
    "public": "public",
    "ignore": [
      "firebase.json",
      "**/.*",
      "**/node_modules/**"
    ],    
    "rewrites": [
      {
        "source": "/api/**",
        "function": "app"
      }
    ]
  }
}

Answer 1

Solved, the problem was the following:

I own mydomain.com and www.mydomain.com. My Firebase hosting is set to serve from www and mydomain.com only redirects to www.mydomain.com. I've setup clients to call mydomain.com instead of www.mydomain.com. Hence the redirect stripped headers. All I had to do is to point my clients to www.