We use Firebase for Authenticating our login process, at the backend we have a Rest API implementation in order to verify the token that is being passed.
I have modified the .json file and verified yet another time too in my code base. I have extracted the entire process of generating the token from the UID and this is how this looks:
public void initialization(){
try {
FileInputStream refreshToken = new FileInputStream("c02955c26b.json");
FirebaseOptions options = new FirebaseOptions.Builder()
.setCredentials(GoogleCredentials.fromStream(refreshToken))
.setDatabaseUrl("https://164d0.firebaseio.com")
.build();
String uid = "Lp14BXL3xPVW7K8VZX28omynbWx1";
FirebaseAuth firebaseAuth= FirebaseAuth.getInstance(FirebaseApp.initializeApp(options));
System.out.println(" "+firebaseAuth); --> I see this on the console
String customToken = firebaseAuth.createCustomToken(uid);
System.out.println(" "+customToken);
FirebaseToken decodedToken = firebaseAuth.verifyIdToken(customToken);
String uidTranspose = decodedToken.getUid();
System.out.println(" the UID sent is"+uid+"Obtained after transpose is"+uidTranspose);
System.out.println(" the UID captured is this "+uid);
}
catch(Error e){
System.out.println(" "+e.getLocalizedMessage());
e.printStackTrace();
}
finally{
System.out.println("Finally comes here ");
}
}
Somewhere on hitting the token creation, the control flows directly to the finally block; without logging an error or an exception.
I am not sure if I am missing anything here.
Edit 1: Edited to add the complete code.
Edit 2: I am able to see the Token being created. but I am unable to verify the same; because it says this is a custom token and not the Id Token. I am not sure if I can access the Id Token or if there is a way to verify the custom token.
