I am trying to decode, JWT decode is not working well because when i tried to print the decoded_token at the console its not showing it,
i am listing my env enviroments:
AUTH_FIREBASE_PROJECT_ID=basse-e824e
FIREBASE_API_KEY=AIzaS..x-_3..Z-NU......XQE_S-Ff......k4
BASE_URL=http://localhost:8010/
now i gonna to show you how is my entire code: in this code also its about to refresh certs
class FirebaseService
FIREBASE_CERTS_URI = 'https://www.googleapis.com/robot/v1/metadata/x509/[email protected]'
FIREBASE_CERTS_EXPIRY = 360
FIREBASE_ALGORITHM = 'RS256'
@@certs = {}
@@issuer = "https://securetoken.google.com/#{ENV['AUTH_FIREBASE_PROJECT_ID']}"
def self.verify_id(token)
refresh_certs
firebase_user = nil
# find first public key that validates this token
@@certs.detect do |key, cert|
public_key = cert.public_key
decoded_token = JWT.decode(
token,
public_key,
!public_key.nil?,
{ algorithm: FIREBASE_ALGORITHM, kid: key, iss: @@issuer, verify_iss: true }
)
p decoded_token
payload = decoded_token.first
firebase_user = payload.select { |k, _v| %w[email name user_id email_verified].include? k }
rescue JWT::ExpiredSignature
Rails.logger.error 'Token signature is expired'
return nil
rescue JWT::InvalidIssuerError
Rails.logger.error 'Token signature wrong issuer'
return nil
rescue JWT::DecodeError
nil # go on, try the next cert
end
FirebaseUserVerifier.call(firebase_user:).result
end
def self.refresh_certs
retrieve_certs if certs_cache_expired?
end
def self.retrieve_certs
response = Faraday.get(FIREBASE_CERTS_URI)
return unless response.status == 200
@@certs_last_refresh = Time.zone.now
new_certificates = JSON.parse(response.body).transform_values do |cert|
OpenSSL::X509::Certificate.new(cert)
end
@@certs.merge! new_certificates
end
def self.certs_cache_expired?
if defined? @@certs_last_refresh
Time.zone.now > @@certs_last_refresh + FIREBASE_CERTS_EXPIRY
else
true
end
end
end