Skip to content

createSessionCookie uses number when it should use a string #1084

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
samtstern opened this issue Nov 9, 2020 · 9 comments
Closed

createSessionCookie uses number when it should use a string #1084

samtstern opened this issue Nov 9, 2020 · 9 comments
Assignees

Comments

@samtstern
Copy link
Contributor

Originally reported here
firebase/firebase-tools#2770 (comment)


@samtstern I think this is a real issue, actually! I'm encountering it even though I'm executing createSessionCookie inside the function emulator. So I dug in, and I believe the validation schema is wrong. The auth emulator validation schema specifies validationDuration as a string, but firebase-admin-node constructs it as a number.

I note that the OpenAPI schema for createSessionCookie specifies the parameter as "string (int64 format)". If that means it's meant to be a string-encoded int64, then this is really a firebase-admin-node bug, although clearly the production auth server is accepting numbers for this parameter.

Originally posted by @andymatuschak in firebase/firebase-tools#2770 (comment)

@mwainwri
Copy link

mwainwri commented Nov 10, 2020

I am gettting this error also, have you found a work-around until it gets resolved?

@bojeil-google
Copy link
Contributor

It seems somehow to be accepting both string and number. If we can verify that, we can safely convert to string in the Admin SDK implementation. It should have no visible impact on customers.

@DevJoghurt
Copy link

Are there any news about this?
Unfortunately, I haven't found a workaround yet and the topic restricts local development considerably.

@kartikwatwani
Copy link

I am also receiving same error when calling admin.auth().revokeRefreshTokens(uid) while testing firebase functions using emulator.

@pvssvikas
Copy link

This is blocking the local development in case of emulating session cookie creation.

@erinosher
Copy link

So while experimenting, with my install of firebase-tools, I edited emulator/auth/apiSpec.js to expect an integer in validDuration, and then I got the following error, which implies that session cookies aren't supported at all in the emulator.

FirebaseAuthError: An internal error has occurred. Raw server response: "{"error":{"code":501,"message":"identitytoolkit.projects.createSessionCookie is not implemented in the Auth Emulator.","errors":[{"message":"identitytoolkit.projects.createSessionCookie is not implemented in the Auth Emulator.","reason":"unimplemented"}],"status":"NOT_IMPLEMENTED"}}"
    at FirebaseAuthError.FirebaseError [as constructor] (...\functions\node_modules\firebase-admin\lib\utils\error.js:44:28)
    at FirebaseAuthError.PrefixedFirebaseError [as constructor] (...\functions\node_modules\firebase-admin\lib\utils\error.js:90:28)
    at new FirebaseAuthError (...\functions\node_modules\firebase-admin\lib\utils\error.js:149:16)
    at Function.FirebaseAuthError.fromServerError (...\functions\node_modules\firebase-admin\lib\utils\error.js:188:16)
    at ...\functions\node_modules\firebase-admin\lib\auth\auth-api-request.js:1526:49
    at processTicksAndRejections (internal/process/task_queues.js:97:5)
    at async ...\functions\lib\app\index.js:85:31 {
      errorInfo: {
        code: 'auth/internal-error',
        message: 'An internal error has occurred. Raw server response: "{"error":{"code":501,"message":"identitytoolkit.projects.createSessionCookie is not implemented in the Auth Emulator.","errors":[{"message":"identitytoolkit.projects.createSessionCookie is not implemented in the Auth Emulator.","reason":"unimplemented"}],"status":"NOT_IMPLEMENTED"}}"'
      },
      codePrefix: 'auth'
    }

@muru
Copy link

muru commented Feb 4, 2021

@aaronosher seems to be only usable when combined with the functions emulator: firebase/firebase-tools#2764

muru added a commit to muru/firebase-admin-python that referenced this issue Feb 5, 2021
According to firebase/firebase-tools#2770 (comment)
`validationDuration` should be a string. The production environment also
accepts numbers, but the emulator does not.

Related: firebase/firebase-admin-node#1084
muru added a commit to muru/firebase-admin-python that referenced this issue Feb 5, 2021
According to firebase/firebase-tools#2770 (comment)
`validationDuration` should be a string. The production environment also
accepts numbers, but the emulator does not.

Related: firebase/firebase-admin-node#1084
@yuchenshi
Copy link
Member

FWIW: As of Firebase CLI v9.3.0, creating session cookie is now supported and we've also added coercion from number to string similar to production behavior (hat tip to @andymatuschak). Note that you need Node.js Admin SDK v9.5.0 to verify these cookies properly. (in reply to @aaronosher @muru)

@yuchenshi
Copy link
Member

I don't think any further changes in the Node.js Admin SDK is required, although it would still be nice to use the right data type, it shouldn't block local development now.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

10 participants