使用 NodeJS,如何在没有 Firebase Admin SDK 的情况下验证 Firebase Auth 提供的 JWT (idToken)?
Following the doc on how to verify ID Tokens , it is possible using any JWT libraries and grabbing the public key from Google API's website.
import jwt from 'jsonwebtoken';
import request from 'request';
import { promisify } from 'util';
const rp = promisify(request);
const response = await rp('https://www.googleapis.com/robot/v1/metadata/x509/securetoken@system.gserviceaccount.com');
const publicKeys = JSON.parse(response.body);
const verifyIdToken = idToken => {
const header64 = idToken.split('.')[0];
const header = JSON.parse(Buffer.from(header64, 'base64').toString('ascii'));
return jwt.verify(token, publicKeys[header.kid], { algorithms: ['RS256'] });
};
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.