Reputation: 2957
Firebase App Check + Cloud functions : Failed to validate AppCheck token
I have recently added Firebase App Check in my Flutter app.
I am calling Cloud functions with the https.onCall() method. However i am receiving this error :
> {"severity":"WARNING","message":"Failed to validate AppCheck token. FirebaseAppCheckError: Decoding App Check token failed. Make sure you passed the entire string JWT which represents the Firebase App Check token.
at FirebaseAppCheckError.FirebaseError [as constructor] (/Users/foxtom/Desktop/Cloud Functions/functions/node_modules/firebase-admin/lib/utils/error.js:44:28)
at FirebaseAppCheckError.PrefixedFirebaseError [as constructor] (/Users/foxtom/Desktop/Cloud Functions/functions/node_modules/firebase-admin/lib/utils/error.js:90:28)
at new FirebaseAppCheckError (/Users/foxtom/Desktop/Cloud Functions/functions/node_modules/firebase-admin/lib/app-check/app-check-api-client-internal.js:187:28)
at /Users/foxtom/Desktop/Cloud Functions/functions/node_modules/firebase-admin/lib/app-check/token-verifier.js:82:19
at processTicksAndRejections (node:internal/process/task_queues:96:5) {
errorInfo: {
code: 'app-check/invalid-argument',
message: 'Decoding App Check token failed. Make sure you passed the entire string JWT which represents the Firebase App Check token.'
},
codePrefix: 'app-check'
}"}
> {"verifications":{"app":"INVALID","auth":"MISSING"},"logging.googleapis.com/labels":{"firebase-log-type":"callable-request-verification"},"severity":"WARNING","message":"Callable request verification failed: AppCheck token was rejected."}
The severity seems to be WARNING only but it doesn't execute the function. My function only contains a console.log()
In my app i have this error :
W/FirebaseContextProvider( 6788): Error getting App Check token; using placeholder token instead. Error: com.google.firebase.FirebaseException: Error returned from API. code: 403 body: App attestation failed.
I/flutter ( 6788): Error is : [firebase_functions/unauthenticated] Unauthenticated
I have not enforced anything like suggested in the documentation
This is preventing me from using Cloud Functions and i can disable App Check for my app anymore...
EDIT :
I add that Firebase Storage and RealTime Database are working fine without any debug AppCheck token when it's not enforced.
What can I do ?
Upvotes: 5
Views: 3801
Answers (2)
Reputation: 375
Firebaser here.
Thank you for reporting this issue -- we have now released a fix to all platforms that should resolve this issue. Please refer to the Github issue for full details.
Upvotes: 1
Reputation: 3589
I created a reproducible code sample, which you see here: https://github.com/nilsreichardt/playground/tree/firebase-app-check-cloud-function-unauthenticated-issue/firebase-app-check-cloud-functions-unauthentificated
Therefore, I created a detailed issue in the FlutterFire repository: https://github.com/FirebaseExtended/flutterfire/issues/6794
A first workaround already posted as a comment and I'm sure that more workarounds or solutions will follow.
Upvotes: 2
Related Questions
- Firebase cloud functions Appcheck for https.onRequest
- Firebase Cloud Functions Error with CanonicalRegistrationTokenCount
- error Error: could not handle the request
- App check unwanted enforcement on Firebase callable functions
- Firebase Cloud Functions - Throw Auth Error
- Firebase Functions AppCheck keeps failing my device
- Firebase cloud functions deployment error "Invalid source token"
- Firebase Functions fail to validate AppCheck token, claims outdated even though just updated
- Firebase cloud functions: Unexpected error while acquiring application default credentials. Could not load the default credentials
- Firebase SDK Token Verification error: auth/argument-error