Flutterfire: [firebase_auth_web] expirationTime returned from IdTokenResult on web is wrong

Created on 24 Jan 2020 · 4Comments · Source: FirebaseExtended/flutterfire

On the web, the expirationTime value from an IdTokenResult is wrong. The token is obtained from fbUser.getIdToken(). Printing the value with debugPrint("Token expiration ${idTokenResult.expirationTime}"); on the web gives a date 50,000 years in the future:

Token expiration 52034-12-26 04:16:40.000

the same code on iOS it prints:

Token expiration 2020-01-24 14:50:50.000

using firebase_auth: 0.15.3+1 which brings in firebase_auth_web 0.1.1+4

Flutter (Channel beta, v1.13.6, on Mac OS X 10.15.2 19C57, locale en-US)

ios web auth bug

Source

rich-j

👍1

All 4 comments

This should be fixed in the latest update. Thanks.

Ehesp on 25 Aug 2020

@Ehesp No this is NOT FIXED!! It's even worse now since it doesn't even work on iOS.

      firebaseUser.getIdTokenResult().then((idTokenResult) {
        print("Token expiration ${idTokenResult.expirationTime}");
        return idTokenResult.token;
      });

On web Token expiration 1969-12-31 18:00:00.000 and on iOS Token expiration 1970-01-19 05:59:51.187. If it matters, we are using secondary Firebase auth sessions.

Replace the above print... with print("Token ${idTokenResult}"); (i.e. use the IdTokenResult .toString method) and you get these (with redactions) - iOS:

Token IdTokenResult(authTime: 1970-01-19 05:59:47.587, claims: {iat: 1598387587, 
firebase: {identities: {email: [[email protected]]}, sign_in_provider: password}, email_verified: true,
sub: <xxx>, aud: <xxx>, auth_time: 1598387587, user_id: <xxx>, exp: 1598391187, email: [email protected],
iss: https://securetoken.google.com/<xxx>}, expirationTime: 1970-01-19 05:59:51.187,
issuedAtTime: 1970-01-19 05:59:47.587, signInProvider: password, token: <xxx>

and web:

NoSuchMethodError: invalid member on null: 'abs'
dart-sdk/lib/core/date_time.dart 390:38                                           _withValue
packages/firebase_auth_platform_interface/src/id_token_result.dart 26:18          get authTime
packages/firebase_auth_platform_interface/src/id_token_result.dart 53:39          toString
dart-sdk/lib/_internal/js_dev_runtime/private/ddc_runtime/operations.dart 710:40  str
packages/goalery_app/src/environment/app_firebase_auth_session.dart 56:39         <fn>
dart-sdk/lib/async/zone.dart 1450:54                                              runUnary
dart-sdk/lib/async/future_impl.dart 143:18                                        handleValue
dart-sdk/lib/async/future_impl.dart 696:44                                        handleValueCallback
dart-sdk/lib/async/future_impl.dart 725:32                                        _propagateToListeners
dart-sdk/lib/async/future_impl.dart 529:5                                         [_completeWithValue]
dart-sdk/lib/async/future_impl.dart 567:7                                         callback
dart-sdk/lib/async/schedule_microtask.dart 41:11                                  _microtaskLoop
dart-sdk/lib/async/schedule_microtask.dart 50:5                                   _startMicrotaskLoop
dart-sdk/lib/_internal/js_dev_runtime/patch/async_patch.dart 166:15               <fn>

Yes, the web throws an exception on the .toString method.

  firebase_auth:
    version: "0.18.0+1"
  firebase_auth_platform_interface:
    version: "2.0.1"
  firebase_auth_web:
    version: "0.3.0+1"

rich-j on 25 Aug 2020

👍1

@Ehesp FYI, we currently aren't setup for testing against Android since most fixes correct both mobile (iOS and Android) platforms. I see that fix https://github.com/FirebaseExtended/flutterfire/pull/3357/commits/47eb554aee785317505b8b28652e625635ee770c corrects an incorrect conversion in iOS specific code. You may want to check the Android side too.

Thanks for fixing this (although I haven't yet tested it since it's not yet published...)

rich-j on 26 Aug 2020

Yep Android is working 👍

Ehesp on 26 Aug 2020

👍1

Was this page helpful?

0 / 5 - 0 ratings