Quickstart-android: Authentication failed refresh Token

Created on 20 Jun 2016  路  9Comments  路  Source: firebase/quickstart-android

I'm using Firebase Authentication 9.0.2 (Facebook, Google, email/password or anonymous) in my Android app, this part works correctly.

mAuthListener = new FirebaseAuth.AuthStateListener() {
        @Override
        public void onAuthStateChanged(@NonNull FirebaseAuth firebaseAuth) {
            FirebaseUser user = firebaseAuth.getCurrentUser();
            if (user != null && !flagAuth) {
                // User is signed in
            } else if (user == null) {
                // User is signed out
            }
        }
    };

After this, I'm listening on database.getReference(".info/connected") and database.getReference(".info/authenticated"), first time I'm connecting these 2 values are true for all authenticated providers. When I'm restarted my application, it is always true.

final DatabaseReference refAuthenticated = database.getReference(".info/authenticated");
    refAuthenticated.addValueEventListener(new ValueEventListener() {
        @Override
        public void onDataChange(DataSnapshot dataSnapshot) {
            boolean connected = dataSnapshot.getValue(Boolean.class);
            if (connected) {
                AppLog.d("Authenticated");
                });
            } else {
                AppLog.d("No more Authenticated");
            }
        }

        @Override
        public void onCancelled(DatabaseError databaseError) {
            AppLog.d("Listener was cancelled at .info/authenticated");
        }
    });

But after 1 hour (when my token is expired), Firebase SDK has to refresh the token automatically but it failed with this error

pc_0 - Authentication failed: expired_token (Auth token is expired)

Or this one

pc_0 - Authentication failed: invalid_token (Invalid claim 'kid' in auth header.)

I have checked my SHA-1 key in my Firebase project and it is correct.

Anybody can help me?
Thank you.

Most helpful comment

@i have already same problem of that issue after some hour firebase not write on server but write in internal data

All 9 comments

Read this thread as background: http://stackoverflow.com/questions/37505119/firebase-android-authentication-failed-expired-token-auth-token-is-expired

I have implemented the measures recommended in that thread and the related threads and find that a) there is nothing wrong my token registration b) this error (fortunately) never occurs in my production release but c) the error does occur in my debug build, running in the Android emulator, if I put my desktop to sleep and come back later. I receive this error in the emulator app and only uninstalling and reinstalling solves it. The problem may be related to the fact that I have two different package names (com.cjvilla.kokua and com.cjvilla.kokua.debug) registered in the google JSON files for the services. This corresponds to the "debug" and "release" variants in the Android Studio project. Following this, I configured two apps in Firebase, one for the production and one for the debug. This may somehow confuse the token registration scheme used by Firebase, because I imagine each app instance registered in Firebase uses the same google services JSON file.

Hi @cjvilla2012 ,

Thank you for your answer, but implementing FirebaseInstanceIdService does not fix the bug, the service will only be fired when token is refreshed and give you the new token. It will not refresh the token.
More, my JSON is up-to-date.

@AlexPari thanks for reporting this. I have forwarded the bug report on to the authentication team and will let you know if they see the problem, off the top of my head it's not obvious what's going wrong here.

@AlexPari Can you please send us the response from FirebaseUser#getToken(true) (force refresh set to true) ?

@samtstern Thank you for your report, it seems I do not reproduce the bug since last friday, but I change nothing in my code. I think you fix the problem on your side.

@tikurahul the response from FirebaseUser#getToken(true) is something like com.google.android.gms.tasks.zzh@...,, as I said to @samtstern the bug seems to be fixed now.

Hi everyone, i have same issue and i am using firebase 10.2.4 version.

I also have checked my SHA-1 key in my Firebase project and google-services.json is up-to-date.

FirebaseUser.getToken(true) does not throw an exception

and task.getResult().getToken() returns a long string that seems like token.

I got following logs from FirebaseDatabase.getInstance().setLogLevel(Logger.Level.DEBUG);

06-07 19:32:45.576 29336-29561/kr.co.bedevelop.smstool D/PersistentConnection: pc_0 - Trying to fetch auth token
06-07 19:32:45.577 29336-29561/kr.co.bedevelop.smstool D/PersistentConnection: pc_0 - Successfully fetched token, opening connection
06-07 19:32:45.577 29336-29561/kr.co.bedevelop.smstool D/Connection: conn_1 - Opening a connection
06-07 19:32:46.514 29336-29561/kr.co.bedevelop.smstool D/WebSocket: ws_1 - websocket opened
06-07 19:32:46.514 29336-29561/kr.co.bedevelop.smstool D/WebSocket: ws_1 - Reset keepAlive
06-07 19:32:46.514 29336-29708/kr.co.bedevelop.smstool D/WebSocket: ws_1 - ws message: {"t":"c","d":{"t":"h","d":{"ts":1496831566762,"v":"5","h":"s-usc1c-nss-118.firebaseio.com","s":"BErM9N6CnGsBuo8CcMP5bAlcE4NP0cDg"}}}
06-07 19:32:46.514 29336-29561/kr.co.bedevelop.smstool D/WebSocket: ws_1 - Reset keepAlive. Remaining: 44999
06-07 19:32:46.515 29336-29561/kr.co.bedevelop.smstool D/WebSocket: ws_1 - HandleNewFrameCount: 1
06-07 19:32:46.515 29336-29561/kr.co.bedevelop.smstool D/WebSocket: ws_1 - handleIncomingFrame complete frame: {d={d={v=5, h=s-usc1c-nss-118.firebaseio.com, ts=1496831566762, s=BErM9N6CnGsBuo8CcMP5bAlcE4NP0cDg}, t=h}, t=c}
06-07 19:32:46.515 29336-29561/kr.co.bedevelop.smstool D/Connection: conn_1 - Got control message: {d={v=5, h=s-usc1c-nss-118.firebaseio.com, ts=1496831566762, s=BErM9N6CnGsBuo8CcMP5bAlcE4NP0cDg}, t=h}
06-07 19:32:46.515 29336-29561/kr.co.bedevelop.smstool D/Connection: conn_1 - realtime connection established
06-07 19:32:46.516 29336-29561/kr.co.bedevelop.smstool D/PersistentConnection: pc_0 - onReady
06-07 19:32:46.516 29336-29561/kr.co.bedevelop.smstool D/PersistentConnection: pc_0 - handling timestamp
06-07 19:32:46.518 29336-29561/kr.co.bedevelop.smstool D/PersistentConnection: pc_0 - Sending first connection stats
06-07 19:32:46.520 29336-29561/kr.co.bedevelop.smstool D/Connection: conn_1 - Sending data: {d={a=s, r=0, b={c={sdk.android.3-0-0=1}}}, t=d}
06-07 19:32:46.520 29336-29561/kr.co.bedevelop.smstool D/WebSocket: ws_1 - Reset keepAlive. Remaining: 44994
06-07 19:32:46.521 29336-29561/kr.co.bedevelop.smstool D/PersistentConnection: pc_0 - calling restore state
06-07 19:32:46.522 29336-29561/kr.co.bedevelop.smstool D/PersistentConnection: pc_0 - Restoring auth.
06-07 19:32:46.523 29336-29561/kr.co.bedevelop.smstool D/Connection: conn_1 - Sending data (contents hidden)
06-07 19:32:46.523 29336-29561/kr.co.bedevelop.smstool D/WebSocket: ws_1 - Reset keepAlive. Remaining: 44997
06-07 19:32:46.710 29336-29708/kr.co.bedevelop.smstool D/WebSocket: ws_1 - ws message: {"t":"d","d":{"r":0,"b":{"s":"ok","d":""}}}
06-07 19:32:46.710 29336-29561/kr.co.bedevelop.smstool D/WebSocket: ws_1 - Reset keepAlive. Remaining: 44812
06-07 19:32:46.710 29336-29561/kr.co.bedevelop.smstool D/WebSocket: ws_1 - HandleNewFrameCount: 1
06-07 19:32:46.710 29336-29561/kr.co.bedevelop.smstool D/WebSocket: ws_1 - handleIncomingFrame complete frame: {d={r=0, b={d=, s=ok}}, t=d}
06-07 19:32:46.711 29336-29561/kr.co.bedevelop.smstool D/Connection: conn_1 - received data message: {r=0, b={d=, s=ok}}
06-07 19:32:46.904 29336-29708/kr.co.bedevelop.smstool D/WebSocket: ws_1 - ws message: {"t":"d","d":{"r":1,"b":{"s":"invalid_token","d":"Invalid claim 'kid' in auth header: 'e6aca61adfbc4c33e5c45ee827664a756cf71ab7' with iat: '1496467049'"}}}
06-07 19:32:46.904 29336-29561/kr.co.bedevelop.smstool D/WebSocket: ws_1 - Reset keepAlive. Remaining: 44806
06-07 19:32:46.904 29336-29561/kr.co.bedevelop.smstool D/WebSocket: ws_1 - HandleNewFrameCount: 1
06-07 19:32:46.904 29336-29561/kr.co.bedevelop.smstool D/WebSocket: ws_1 - handleIncomingFrame complete frame: {d={r=1, b={d=Invalid claim 'kid' in auth header: 'e6aca61adfbc4c33e5c45ee827664a756cf71ab7' with iat: '1496467049', s=invalid_token}}, t=d}
06-07 19:32:46.905 29336-29561/kr.co.bedevelop.smstool D/Connection: conn_1 - received data message: {r=1, b={d=Invalid claim 'kid' in auth header: 'e6aca61adfbc4c33e5c45ee827664a756cf71ab7' with iat: '1496467049', s=invalid_token}}
06-07 19:32:46.905 29336-29561/kr.co.bedevelop.smstool D/PersistentConnection: pc_0 - Authentication failed: invalid_token (Invalid claim 'kid' in auth header: 'e6aca61adfbc4c33e5c45ee827664a756cf71ab7' with iat: '1496467049')
06-07 19:32:46.905 29336-29561/kr.co.bedevelop.smstool D/Connection: conn_1 - closing realtime connection
06-07 19:32:46.905 29336-29561/kr.co.bedevelop.smstool D/WebSocket: ws_1 - websocket is being closed
06-07 19:32:46.906 29336-29561/kr.co.bedevelop.smstool D/PersistentConnection: pc_0 - Got on disconnect due to OTHER
06-07 19:32:46.906 29336-29561/kr.co.bedevelop.smstool D/PersistentConnection: pc_0 - Scheduling connection attempt
06-07 19:32:46.906 29336-29561/kr.co.bedevelop.smstool D/ConnectionRetryHelper: Scheduling retry in 977ms
06-07 19:32:47.105 29336-29561/kr.co.bedevelop.smstool D/WebSocket: ws_1 - closed

Would you check my issue?

Same issue here with Firebase 11.0.2. This only happens after token refresh is needed. Everything works fine is I log out, kill the app, log back in (Facebook provider).

I have SHA-1 and SHA-256 registered for both debug and release keys (same package names).

FirebaseAuth.AuthStateListener returns a user and mFirebaseUser.getIdToken(true) also completes successfully. So it's very hard to tell for the app that somethings wrong. But as soon as it happens, all writes to the Realtime DB are local only and are never synced to the server.

This seems critical so please consider reopening this GitHub issue. I tried StackOverflow answers. I tried Firebase Slack. I tried official support. No solution so far. Thank you for any ideas!

D/WebSocket: ws_0 - websocket opened
D/WebSocket: ws_0 - Reset keepAlive
D/WebSocket: ws_0 - ws message: {"t":"c","d":{"t":"h","d":{"ts":1500590438106,"v":"5","h":"s-usc1c-nss-203.firebaseio.com","s":"9Lsqqv255oXd64e1EFX20pnTOXRTR0wE"}}}
D/WebSocket: ws_0 - Reset keepAlive. Remaining: 44999
D/WebSocket: ws_0 - HandleNewFrameCount: 1
D/WebSocket: ws_0 - handleIncomingFrame complete frame: {d={d={v=5, h=s-usc1c-nss-203.firebaseio.com, ts=1500590438106, s=9Lsqqv255oXd64e1EFX20pnTOXRTR0wE}, t=h}, t=c}
D/Connection: conn_0 - Got control message: {d={v=5, h=s-usc1c-nss-203.firebaseio.com, ts=1500590438106, s=9Lsqqv255oXd64e1EFX20pnTOXRTR0wE}, t=h}
D/Connection: conn_0 - realtime connection established
D/PersistentConnection: pc_0 - onReady
D/PersistentConnection: pc_0 - handling timestamp
D/EventRaiser: Raising 1 event(s)
D/EventRaiser: Raising /.info/serverTimeOffset: VALUE: 1515
D/PersistentConnection: pc_0 - Sending first connection stats
D/Connection: conn_0 - Sending data: {d={a=s, r=0, b={c={persistence.android.enabled=1, sdk.android.3-0-0=1}}}, t=d}
D/WebSocket: ws_0 - Reset keepAlive. Remaining: 44994
D/PersistentConnection: pc_0 - calling restore state
D/PersistentConnection: pc_0 - Restoring auth.
D/Connection: conn_0 - Sending data (contents hidden)
D/WebSocket: ws_0 - Reset keepAlive. Remaining: 44998
D/EventRaiser: Raising 1 event(s)
D/EventRaiser: Raising /.info/connected: VALUE: true
D/Connectivity: online
D/ViewRootImpl@3e3e98e[SplashActivity]: dispatchDetachedFromWindow
D/InputTransport: Input channel destroyed: fd=74
D/WebSocket: ws_0 - ws message: {"t":"d","d":{"r":0,"b":{"s":"ok","d":""}}}
D/WebSocket: ws_0 - Reset keepAlive. Remaining: 44862
D/WebSocket: ws_0 - HandleNewFrameCount: 1
D/WebSocket: ws_0 - handleIncomingFrame complete frame: {d={r=0, b={d=, s=ok}}, t=d}
D/Connection: conn_0 - received data message: {r=0, b={d=, s=ok}}
D/WebSocket: ws_0 - ws message: {"t":"d","d":{"r":1,"b":{"s":"invalid_token","d":"Invalid claim 'kid' in auth header: '8a22e940fa0b0050a7a910c94d3f36ee4c69a2e4' with iat: '1498683636'"}}}
D/WebSocket: ws_0 - Reset keepAlive. Remaining: 44852
D/WebSocket: ws_0 - HandleNewFrameCount: 1
D/WebSocket: ws_0 - handleIncomingFrame complete frame: {d={r=1, b={d=Invalid claim 'kid' in auth header: '8a22e940fa0b0050a7a910c94d3f36ee4c69a2e4' with iat: '1498683636', s=invalid_token}}, t=d}
D/Connection: conn_0 - received data message: {r=1, b={d=Invalid claim 'kid' in auth header: '8a22e940fa0b0050a7a910c94d3f36ee4c69a2e4' with iat: '1498683636', s=invalid_token}}
D/PersistentConnection: pc_0 - Authentication failed: invalid_token (Invalid claim 'kid' in auth header: '8a22e940fa0b0050a7a910c94d3f36ee4c69a2e4' with iat: '1498683636')
D/Connection: conn_0 - closing realtime connection
D/WebSocket: ws_0 - websocket is being closed
D/PersistentConnection: pc_0 - Got on disconnect due to OTHER
D/PersistentConnection: pc_0 - Scheduling connection attempt
D/ConnectionRetryHelper: Scheduling retry in 694ms
D/EventRaiser: Raising 1 event(s)
D/EventRaiser: Raising /.info/connected: VALUE: false
D/Connectivity: offline
D/WebSocket: ws_0 - closed

@i have already same problem of that issue after some hour firebase not write on server but write in internal data

Same here

Was this page helpful?
0 / 5 - 0 ratings

Related issues

UttamPanchasara picture UttamPanchasara  路  4Comments

ksachdeva11 picture ksachdeva11  路  4Comments

tekinarslan picture tekinarslan  路  5Comments

hungud picture hungud  路  6Comments

DenLangeKilde picture DenLangeKilde  路  5Comments