1

I'm trying to follow the example given here where it shows the following example to verify an ID token:

// idToken comes from the client app
getAuth()
  .verifyIdToken(idToken)
  .then((decodedToken) => {
    const uid = decodedToken.uid;
    // ...
  })
  .catch((error) => {
    // Handle error
  });

My code looks like this:

function createFirebaseAdminApp(config: AppOptions) {
    if (getApps().length === 0) {
        return initializeApp(config);
    } else {
        return getApp();
    }
}

const options: AppOptions  = {
    credential: cert({
        projectId: process.env.FIREBASE_PROJECT_ID,
        clientEmail: process.env.FIREBASE_CLIENT_EMAIL,
        privateKey:
            process.env.FIREBASE_PRIVATE_KEY != undefined
                ? process.env.FIREBASE_PRIVATE_KEY.replace(/\\n/g, "\n")
                : "",
    }),
    databaseURL: process.env.FIREBASE_DATABASE_URL,
};


const firebaseAdmin = createFirebaseAdminApp(options) as FirebaseApp;
const adminAuth = getAuth(firebaseAdmin);
adminAuth
    .verifyIdToken(token)
    .then((decodedToken) => {
        res.locals.decodedToken = decodedToken;
        next();
    })
            .catch(() => {
                next(new HttpError("Invalid token provided", 403));
            });

But I keep getting

Property 'verifyIdToken' does not exist on type 'Auth'

I have the latest version of the firebase package, which I assume the example given by the docs is using considering it uses getAuth, so can't tell what I'm doing wrong. Also I'm trying to avoid mixing firebase-admin and firebase, not sure if this is correct, but if I mixed them I can't seem to avoid having to initialize too App instances.

Thanks for any help!

CC BY-SA 4.0
Improve this question
Recognized by Google Cloud Collective

    1 Answer 1

    Reset to default
    4

    You are mixing up the Admin SDK and the client SDK.

    The documentation you linked is for the Admin SDK only. Notice how it is organized in the section for Admin. It is not using getAuth anywhere in that page. The Admin SDK is initialized completely differently than the client SDK, and it does not work at all in browsers. It runs on secure backens only.

    The client SDK that you're using doesn't have a function for verifying tokens. That is for secure backends only using the Adminn SDK.

    CC BY-SA 4.0
    Improve this answer
    Recognized by Google Cloud Collective
    2

    Your Answer

    By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

    Not the answer you're looking for? Browse other questions taggedor ask your own question.