node.js - Firebase Token Refresh on Firebase Cloud Function

Question

We have an app then a Cloud Function as well that serves HTTP request. To secure and target the user data, we used the token generated from client/app then use it as a query parameter to HTTP request.

Client/App (Java)

firebaseUser.getIdToken(true).addOnSuccessListener(getTokenResult -> //HTTP here with Volley where getTokenResult.getToken() is one of the query parameters.

Server/Cloud Function

// idToken comes from the client app
        return admin.auth().verifyIdToken(req.query.idToken)
            .then(function (decodedToken) {

                var uid = decodedToken.uid;
                console.log("User verified: " + uid);

Everything works fine but as I recall token have expiration maybe after an hour, so my question is how can we manage token refresh once it gets expired on Cloud Function side since we do not want to repeatedly refresh it in client side?

question from:https://stackoverflow.com/questions/65898783/firebase-token-refresh-on-firebase-cloud-function

Answer 1

The Firebase SDK automatically refreshes the ID token behind the scenes. In fact, you don't have to (and probably shouldn't here from the looks of it) pass true into getIdToken() as it will return a valid token even when you pass false.

While it may be possible to refresh the token on the server, it is pretty uncommon. I strongly recommend that you leave the token refresh to the client-side SDK, and simply use the token on the server to verify the user.

So more concretely: just pass false into getIdToken(false) and leave it to the Firebase SDK to handle the refreshing of the ID token behind the scenes.

firebaseUser.getIdToken(false).addOnSuccessListener(getTokenResult...