Firebase ID 令牌的受众 (aud) 声明不正确。预期确保 ID 令牌来自与 Firebase 相同的项目

Question

I use Firebase Admin .NET SDK with the.Net 6 web API project for Google login.我使用Firebase Admin .NET SDK和 .Net 6 web API 项目进行 Google 登录。 The below code is working fine in the local environment.下面的代码在本地环境中运行良好。 But when I published the app to Azure App service it gives the below error.但是当我将应用程序发布到 Azure 应用程序服务时，出现以下错误。 I think the issue here is with initializing the "FirebaseAdminSdk.json" file.我认为这里的问题在于初始化"FirebaseAdminSdk.json"文件。 Do you know how to do it in production?你知道如何在生产中做到这一点吗？

Firebase ID token has incorrect audience (aud) claim. Firebase ID 令牌的受众 (aud) 声明不正确。 Expected my-firebase-project-id but got 272437162012-hagu0iffquo1lb3ko07qtpgenluswaebr.apps.googleusercontent.com.预期为 my-firebase-project-id 但得到 272437162012-hagu0iffquo1lb3ko07qtpgenluswaebr.apps.googleusercontent.com。 Make sure the ID token comes from the same Firebase project as the credential used to initialize this SDK确保 ID 令牌来自与用于初始化此 SDK 的凭据相同的 Firebase 项目

Extension method扩展方法

 public static void ConfigureFirebaseAdminSdk(this IServiceCollection services,
        IConfiguration configuration)
    {
       
        var pathToFirebaseAdminSdk = Path.Combine(Directory.GetCurrentDirectory(),
                           "keys", "FirebaseAdminSdk.json"); // I think problem is here

        FirebaseApp.Create(new AppOptions
        {
            Credential = GoogleCredential.FromFile(pathToFirebaseAdminSdk)
        });

        services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
               .AddJwtBearer(options =>
               {
                   var firebaseProjectId = configuration["FirebaseProjectId"];

                   var firebaseSecureTokenUrl = configuration["FirebaseSecureTokenUrl"];

                   options.Authority = firebaseSecureTokenUrl + firebaseProjectId;

                   options.TokenValidationParameters = new TokenValidationParameters
                   {
                       ValidateIssuer = true,
                       ValidIssuer = firebaseSecureTokenUrl + firebaseProjectId,
                       ValidateAudience = true,
                       ValidAudience = firebaseProjectId,
                       ValidateLifetime = true
                   };
               });
    }

Answer 1

As the error message says, your FirebaseAdminSdk.json is for a different project than where you are running the code.如错误消息所述，您的FirebaseAdminSdk.json与您运行代码的项目不同。 From the my-firebase-project-id in the message it seems that it may be from your local emulator project.从消息中的my-firebase-project-id看来，它可能来自您本地的模拟器项目。

You will need to make sure the JSON file and the configuration["FirebaseProjectId"] are for the same project.您需要确保 JSON 文件和configuration["FirebaseProjectId"]用于同一个项目。

Firebase ID 令牌的受众 (aud) 声明不正确。预期确保 ID 令牌来自与 Firebase 相同的项目

问题描述

1 个解决方案

解决方案1
0 2022-04-14 18:15:18

Firebase ID 令牌的受众 (aud) 声明不正确。 预期 确保 ID 令牌来自与 Firebase 相同的项目

问题描述

1 个解决方案

解决方案1 0 2022-04-14 18:15:18

Firebase ID 令牌的受众 (aud) 声明不正确。预期确保 ID 令牌来自与 Firebase 相同的项目

解决方案1
0 2022-04-14 18:15:18