Giters

gladly-team / next-firebase-auth

Simple Firebase authentication for all Next.js rendering strategies

Home Page:https://nfa-example-git-v1x-gladly-team.vercel.app/

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Handle additional errors from verifyIdToken

kmjennison opened this issue · comments

commented

Is your feature request related to a problem? Please describe.

Firebase admin's verifyIdToken may throw some errors that this module should probably handle. See this thread for a background discussion: #125

See a list of Firebase admin auth errors here:
https://firebase.google.com/docs/reference/node/firebase.auth.Error

Currently, we only handle auth/id-token-expired.

Describe the solution you'd like and how you'd implement it

When calling verifyIdToken, this module should probably handle the following errors:

  • auth/invalid-user-token: return an unauthed user
  • auth/user-token-expired: return an unauthed user
  • auth/user-disabled: return an unauthed user
  • auth/argument-error: call to refresh the ID token—however, we need to confirm this will address the kid claim error (see this comment for more info).

Is this a breaking change?
Yes, in the case developers are catching and handling these errors themselves.

Describe alternatives you've considered
Continue to ignore errors and let developers handle them. I can't think of a compelling reason not to handle any of the above errors.

commented

If understand correctly this is related to the described issue:
I have this error when I use emulator. I deleted user from Firebase auth and then refreshed the page. Of course we shouldn't have such error, we should handle it in some way.

image

E.g. for this error I think we should be able to delete cooks and use 'unAuthed; flow

export default withAuthUser({
  whenAuthed: AuthAction.REDIRECT_TO_LOGIN,
  whenError: AuthAction.REDIRECT_TO_LOGIN,
})(IndexPage)
commented

Closed in #361.

commented

Is your feature request related to a problem? Please describe.

Firebase admin's verifyIdToken may throw some errors that this module should probably handle. See this thread for a background discussion: #125

See a list of Firebase admin auth errors here: https://firebase.google.com/docs/reference/node/firebase.auth.Error
Describe the solution you'd like and how you'd implement it

When calling verifyIdToken, this module should probably handle the following errors:

  • auth/invalid-user-token: return an unauthed user
  • auth/user-token-expired: return an unauthed user
  • auth/user-disabled: return an unauthed user
  • auth/argument-error: call to refresh the ID token—however, we need to confirm this will address the kid claim error (see this comment for more info).

Is this a breaking change? Yes, in the case developers are catching and handling these errors themselves.

Describe alternatives you've considered Continue to ignore errors and let developers handle them. I can't think of a compelling reason not to handle any of the above errors.

@kmjennison
I have firebase admin auth/argument error with uid . What should I do . This error only in my local environment.
And happened in all next-firebase-auth project .Even example app. I also tested by creating new firebase project and these config are also didn't work in firebase admin.

Screenshot (76)

carbon (1)