firebase-admin-node icon indicating copy to clipboard operation
firebase-admin-node copied to clipboard
verified publisher icon firebase

Firebase Auth's `verifyIdToken` ignores proxy setting

Open dorklord23 opened this issue 4 years ago • 0 comments

[REQUIRED] Step 2: Describe your environment

  • Operating System version: Windows Server 2016 Datacenter
  • Firebase SDK version: 9.12.0
  • Firebase Product: Auth
  • Node.js version: 14.18.0
  • NPM version: 6.14.15

[REQUIRED] Step 3: Describe the problem

I tried to use admin.auth().verifyIdToken(...) but it doesn't work with error message Error while making request: connect ETMEDOUT 142.250.4.95:443. Weirdly enough, other method like admin.auth().createCustomToken(...) works just fine by setting env var https_proxy. I've tried both methods in the same function and verifyIdToken indeed doesn't work. I use the logger described in https://github.com/firebase/firebase-admin-node/issues/690. and it seems Firebase Auth doesn't use httpAgent at all.

Steps to reproduce:

Run the code below, replacing serviceAccountKey with any serviceAccountKey for your project, and a valid JWT generated from your project.

Every http and https request made should go through the request logger. For admin.auth() calls, options.agent is undefined, even though we pass one in.

Relevant Code:

// Initial variables here
const serviceAccountKey = "" // replace with serviceAccountKey.json
const token = "" // replace with a valid token from your project
const PROXY_URL = "http://1.1.1.1:123"; // Dummy proxy URL

process.env["https_proxy"] = PROXY_URL;

// Setup the firebase-admin app
const admin = require('firebase-admin');
const HttpsProxyAgent = require('https-proxy-agent');
const config = {
    credential: admin.credential.cert(serviceAccountKey),
    httpAgent: new HttpsProxyAgent(PROXY_URL )
}
admin.initializeApp(config)


// Setup hooks for logging
function requestLogger(httpModule) {
    var original = httpModule.request
    httpModule.request = function (options, callback) {
        console.log(options.agent)
        return original(options, callback)
    }
}

requestLogger(require('http'))
requestLogger(require('https'))

// Make the API request
const dummyToken = await auth.createCustomToken('XXX')
// dummyToken is successfully generated

admin.auth().verifyIdToken(token)
// failed at verifying the token from users

dorklord23 avatar Oct 12 '21 14:10 dorklord23