node.jsfirebasereact-nativefirebase-authenticationfirebase-admin

Firebase ID token has incorrect \"aud\" (audience) claim. Expected XXX but got XXX

I'm creating app with React Native and nodeJS. I already have my auth system. Now I try to implement Google Sign In. So :

  1. Created a Google application in Firebase.
  2. Generated the .keystore file and obtained the SHA1 key.
  3. Updated the build.gradle to install the SDK on the client.
  4. Placed the file in the client and the Google service file in my Node.js app.
  5. Implemented the code in React Native and Node.js.
  6. Retrieved the token from the client.
  7. Encountered an error while testing with Postman.

I get this error testing on Postman :

Message : "Firebase ID token has incorrect "aud" (audience) claim. Expected "tak-muscu" but got "XXXX-ruib6t1s7lochabens3f3ep67pa411nc.apps.googleusercontent.com". Make sure the ID token comes from the same Firebase project as the service account used to authenticate this SDK. See https://firebase.google.com/docs/auth/admin/verify-id-tokens for details on how to retrieve an ID token."

I get the token from my client :

  GoogleSignin.configure({
    webClientId: 'XXXXX-ruib6t1s7lochabens3f3ep67pa411nc.apps.googleusercontent.com',
    androidClientId: 'XXXXX-fvv7nndd0q53hvoht9cldt82jm5a9306.apps.googleusercontent.com',
    scopes: ['profile', 'email']
  });


  const signIn = async () => {
    try {
      await GoogleSignin.hasPlayServices();
      const userInfo = await GoogleSignin.signIn();
      const idToken = userInfo.idToken;
      console.log('ID Token:', idToken);
    } catch (error) {
      console.error('Google Sign-In error', error.message);
    }
  };

I Pass it to the route with Postman :

router.post('/google-signin', async (req, res) => {
    const { idToken } = req.body;
    const result = await verifyGoogleToken(idToken);
    if (result.status === 'success') {
      res.send({ message: 'Authentication successful', user: result.decodedToken });
    } else {
      res.status(401).send({ message: 'Authentication failed', error: result.message });
    }
  });

Function verifyGoogleToken :

const admin = require('firebase-admin');

const verifyGoogleToken = async (idToken) => {
  try {
    const decodedToken = await firebase.auth().verifyIdToken(idToken);
    console.log("Token validé avec succès", decodedToken);
    return { status: 'success', uid: decodedToken.uid };
  } catch (error) {
    console.error('Erreur lors de la vérification du token', error);
    return { status: 'error', message: error.message };
  }
};
module.exports = { verifyGoogleToken };

App.js server :

const admin = require('firebase-admin');
const serviceAccount = require('./secrets/service-account-file.json'); 

admin.initializeApp({
    credential: admin.credential.cert(serviceAccount)
  });

I tried it 4 times... and I get the same error every time

Solution

  • The problem is that I was not using the correct Token. I was using the google sign in token instead of the firebase token. So when I pass my token in the server, I get this error.

    So, here the solution I found :

    import auth from '@react-native-firebase/auth'; //import this
import { GoogleSignin } from '@react-native-google-signin/google-signin';
        
const { idToken } = await GoogleSignin.signIn(); // here you get Google Sign in token
    
const googleCredential = auth.GoogleAuthProvider.credential(idToken);
const userCredential = await auth().signInWithCredential(googleCredential); // use google sign in token for auth to Firebase
const firebaseIdToken = await userCredential.user.getIdToken(true);
console.log('Firebase ID Token:', firebaseIdToken); // Use this token for server.

    You can then pass firebaseIdToken to your server