I am trying to integrate App Check in my self hosted backend. On the client side (Android app), I have followed this guide to get the App Check token. Here is the code that I am using:
<code>Firebase.appCheck.getAppCheckToken(false).addOnSuccessListener { appCheckToken ->
val token = appCheckToken.token
}
</code>
<code>Firebase.appCheck.getAppCheckToken(false).addOnSuccessListener { appCheckToken ->
val token = appCheckToken.token
}
</code>
Firebase.appCheck.getAppCheckToken(false).addOnSuccessListener { appCheckToken ->
val token = appCheckToken.token
}
I am sending the token to my backend with the request. On my backend (AWS lambda function), I have followed this guide to verify the token. Here is the code that I have used for verifying the token on the backend:
<code>cred = credentials.Certificate("serviceaccountkey.json")
firebase_admin.initialize_app(cred)
def lambda_handler(event, context):
print(event)
app_check_token = event['headers'].get('x-firebase-appcheck', 'abc')
try:
decoded_token = auth.verify_id_token(app_check_token)
response = handle_request(event)
except (ValueError, jwt.exceptions.DecodeError) as e:
response = {
'statusCode': 401,
'body': 'Unauthorized'
}
print(e)
print(response)
return response
</code>
<code>cred = credentials.Certificate("serviceaccountkey.json")
firebase_admin.initialize_app(cred)
def lambda_handler(event, context):
print(event)
app_check_token = event['headers'].get('x-firebase-appcheck', 'abc')
try:
decoded_token = auth.verify_id_token(app_check_token)
response = handle_request(event)
except (ValueError, jwt.exceptions.DecodeError) as e:
response = {
'statusCode': 401,
'body': 'Unauthorized'
}
print(e)
print(response)
return response
</code>
cred = credentials.Certificate("serviceaccountkey.json")
firebase_admin.initialize_app(cred)
def lambda_handler(event, context):
print(event)
app_check_token = event['headers'].get('x-firebase-appcheck', 'abc')
try:
decoded_token = auth.verify_id_token(app_check_token)
response = handle_request(event)
except (ValueError, jwt.exceptions.DecodeError) as e:
response = {
'statusCode': 401,
'body': 'Unauthorized'
}
print(e)
print(response)
return response
I am getting this error when I call the API:
<code>[ERROR] InvalidIdTokenError: Firebase ID token has incorrect "aud" (audience) claim. Expected "projects/my_project_id" but got "['projects/my_project_number', 'projects/my_project_id']". Make sure the ID token comes from the same Firebase project as the service account used to authenticate this SDK. See https://firebase.google.com/docs/auth/admin/verify-id-tokens for details on how to retrieve ID token.
</code>
<code>[ERROR] InvalidIdTokenError: Firebase ID token has incorrect "aud" (audience) claim. Expected "projects/my_project_id" but got "['projects/my_project_number', 'projects/my_project_id']". Make sure the ID token comes from the same Firebase project as the service account used to authenticate this SDK. See https://firebase.google.com/docs/auth/admin/verify-id-tokens for details on how to retrieve ID token.
</code>
[ERROR] InvalidIdTokenError: Firebase ID token has incorrect "aud" (audience) claim. Expected "projects/my_project_id" but got "['projects/my_project_number', 'projects/my_project_id']". Make sure the ID token comes from the same Firebase project as the service account used to authenticate this SDK. See https://firebase.google.com/docs/auth/admin/verify-id-tokens for details on how to retrieve ID token.
Here, my_project_id is the id of my Firebase’s project and my_project_number is the number of my Firebase’s project.
Anyone with the slightest idea what could be wrong? Sincere apologies if this has been asked before or is trivial in any other way.
I have tried regenerating the google-services.json, serviceaccountkey.json files. Still getting the same error.