Firebase admin()。auth()。getUser(uid)内部错误

时间:2017-07-28 12:32:53

标签: javascript firebase firebase-authentication firebase-admin

firebaseAdmin.auth().getUser(uid)导致以下错误:

Error: An internal error has occurred. Raw server response: "{}"
    at FirebaseAuthError.FirebaseError [as constructor] (/home/nowuser/src/node_modules/firebase-admin/lib/utils/error.js:39:28)
    at new FirebaseAuthError (/home/nowuser/src/node_modules/firebase-admin/lib/utils/error.js:104:23)
    at Function.FirebaseAuthError.fromServerError (/home/nowuser/src/node_modules/firebase-admin/lib/utils/error.js:128:16)
    at /home/nowuser/src/node_modules/firebase-admin/lib/auth/auth-api-request.js:364:45
    at <anonymous>
    at process._tickCallback (internal/process/next_tick.js:169:7)

当我在Zeit Now上部署到生产时,此错误仅发生 ;当我在localhost上以生产模式运行我的应用程序时,我没有收到此错误。我确保应用程序在本地和生产中运行相同,方法是将它放在Docker容器中。

如何解决此错误?

注意:

我知道此问题已发布here,但已接受的答案(更改服务帐户的权限)对我不起作用。此外,该问题未显示收到的完整错误,因此我不相信它完全相同的错误。

更新:以下是与此问题相关的代码。基本上,服务器启动快速服务器,该服务器使用POST authWithIdToken路由来设置包含用户的firebase auth idToken的cookie。它使用authenticationMiddleware检查idToken的cookie,如果存在,则解码令牌并获取用户的数据。错误发生在getUser(uid)步骤中。 getFirebaseAdminInitConfig函数获取init配置,使用ENV变量提供。

# server.js - excerpt showing authentication middleware and authWithIdTokenRoute
const server = express()
# ...
allowParsingPostBody(server)
server.use(cookieParser())
server.use('*', authenticationMiddleware)
server.post('/authWithIdToken', authWithIdTokenRoute)
# ...



# authenticationMiddleware.js
const { FIREBASE_ID_TOKEN_COOKIE } = require('../universal/constants')
const firebaseAdmin = require('firebase-admin')
const winston = require('winston')
const getFirebaseAdminInitConfig = require('./getFirebaseAdminInitConfig')

winston.info(
  'Initializing Firebase Admin with Config:',
  getFirebaseAdminInitConfig()
)

firebaseAdmin.initializeApp(getFirebaseAdminInitConfig())

async function decodeToken (firebaseIdToken) {
  try {
    const decodedToken = await firebaseAdmin.auth().verifyIdToken(firebaseIdToken)
    return decodedToken
  } catch (error) {
    if (error.code !== 'auth/internal-error') throw error
    winston.warn(
      'firebase admin auth verifyIdToken auth/internal-error:',
      {
        firebaseIdToken,
        error
      }
    )
  }
}

const getFullUrl = (req) => (
  req.protocol + '://' + req.get('host') + req.originalUrl
)

const getRedirectUrl = (req) => (
  `/redirect?url=${encodeURIComponent(getFullUrl(req))}`
)

async function getUserData (uid) {
  try {
    const userData = await firebaseAdmin.auth().getUser(uid)
    return userData
  } catch (error) {
    if (error.code !== 'auth/internal-error') throw error
    winston.warn(
      'firebase admin auth getUser auth/internal-error:',
      {
        uid,
        error
      }
    )
  }
}

async function authenticationMiddleware (req, res, next) {
  const { firebaseIdToken } = req.cookies

  if (firebaseIdToken) {
    try {
      req.currentUserServerData = await getUserData(
        (await decodeToken(firebaseIdToken))
        .uid
      )
    } catch (error) {
      res.clearCookie(FIREBASE_ID_TOKEN_COOKIE)

      // if the cookie id token has expired, redirect the user to
      // /redirect?url={requestedUrl} - the client will try to set
      // a new cookie and then will redirect to requestedUrl
      if (error.code === 'auth/argument-error') {
        return res.redirect(getRedirectUrl(req))
      } else {
        winston.warn('Unexpected error occurred while processing firebase idToken:', error)
      }
    }
  }

  next()
}

authenticationMiddleware.authWithIdTokenRoute = async function ({body: { idToken }}, res) {
  try {
    await decodeToken(idToken)
    const expireDate = (new Date())
    expireDate.setYear((new Date()).getFullYear() + 1)
    res.cookie(FIREBASE_ID_TOKEN_COOKIE, idToken, { expires: expireDate })
    return res.send()
  } catch (error) {
    winston.warn('authWithIdTokenRoute unexpected error', {
      idToken,
      error
    })

    if (error.code === 'auth/argument-error') {
      return res
      .status(400)
      .send({
        error: new Error('Could not decode token')
      })
    } else {
      return res.status(500).send()
    }
  }
}

module.exports = authenticationMiddleware



# getFirebaseAdminInitConfig.js
const firebaseAdmin = require('firebase-admin')

// ENV variables are set in .env file and loaded by dotenv.
// See for more info: https://github.com/motdotla/dotenv
const getFirebaseCredentials = () => {
  const {
    FIREBASE_TYPE: type,
    FIREBASE_PROJECT_ID: projectId,
    FIREBASE_PRIVATE_KEY_ID: privateKeyId,
    FIREBASE_PRIVATE_KEY: privateKey,
    FIREBASE_CLIENT_EMAIL: clientEmail,
    FIREBASE_CLIENT_ID: clientId,
    FIREBASE_AUTH_URI: authUri,
    FIREBASE_TOKEN_URI: tokenUri,
    FIREBASE_AUTH_PROVIDER_CERT_URL: authProviderX509CertUrl,
    FIREBASE_CLIENT_CERT_URL: clientX509CertUrl
  } = process.env

  return {
    type,
    projectId,
    privateKeyId,
    privateKey,
    clientEmail,
    clientId,
    authUri,
    tokenUri,
    authProviderX509CertUrl,
    clientX509CertUrl
  }
}

const getDatabaseUrl = () => {
  const { projectId } = getFirebaseCredentials()
  return `https://${projectId}.firebaseio.com`
}

module.exports = () => ({
  credential: firebaseAdmin.credential.cert(getFirebaseCredentials()),
  databaseURL: getDatabaseUrl()
})

以下是我的生产应用程序中的日志,与Zeit Now一起部署:

08/03 08:07 AM (4m)
REQ "GET /ka/login HTTP/2.0" 69.243.47.183 -  "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36"
08/03 08:07 AM (4m)
RES "GET /ka/login HTTP/2.0" 200 3285
08/03 08:07 AM (4m)
REQ "GET /_next/01caf4c5-c7ab-4006-9f22-0e27366468c1/page/login HTTP/2.0" 69.243.47.183 -  "https://georgian-chant-site-dzhuccwhhp.now.sh/ka/login" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36"
08/03 08:07 AM (4m)
RES "GET /_next/01caf4c5-c7ab-4006-9f22-0e27366468c1/page/login HTTP/2.0" 200 37351
08/03 08:08 AM (4m)
REQ "GET /_next/01caf4c5-c7ab-4006-9f22-0e27366468c1/page/admin HTTP/2.0" 69.243.47.183 -  "https://georgian-chant-site-dzhuccwhhp.now.sh/ka/login" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36"
08/03 08:08 AM (4m)
RES "GET /_next/01caf4c5-c7ab-4006-9f22-0e27366468c1/page/admin HTTP/2.0" 200 675
08/03 08:08 AM (4m)
REQ "POST /authWithIdToken HTTP/2.0" 69.243.47.183 -  "https://georgian-chant-site-dzhuccwhhp.now.sh/ka/login" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36"
08/03 08:08 AM (3m)
debug: Successful outgoing request. Request: { port: null,
  path: '/robot/v1/metadata/x509/securetoken@system.gserviceaccount.com',
  host: 'www.googleapis.com',
  protocol: 'https:',
  auth: null,
  hostname: 'www.googleapis.com',
  hash: null,
  search: null,
  query: null,
  pathname: '/robot/v1/metadata/x509/securetoken@system.gserviceaccount.com',
  href: 'https://www.googleapis.com/robot/v1/metadata/x509/securetoken@system.gserviceaccount.com',
  method: 'GET',
  headers: { host: 'www.googleapis.com' },
  body: '' } Response:  statusCode=200, expires=Thu, 03 Aug 2017 17:45:27 GMT, date=Thu, 03 Aug 2017 10:45:53 GMT, vary=X-Origin, Origin,Accept-Encoding, content-type=application/json; charset=UTF-8, x-content-type-options=nosniff, x-frame-options=SAMEORIGIN, x-xss-protection=1; mode=block, server=GSE, cache-control=public, max-age=25174, must-revalidate, no-transform, age=4937, alt-svc=quic=":443"; ma=2592000; v="39,38,37,36,35", accept-ranges=none, connection=close, , httpVersion=1.1, url=, method=null, body={
 "{{hash retracted}}": "{{certificate retracted}}",
 "{{hash retracted}}": "{{certificate retracted}}",
 "{{hash retracted}}": "{{certificate retracted}}",
 "{{hash retracted}}": "{{certificate retracted}}""
}
08/03 08:08 AM (3m)
RES "POST /authWithIdToken HTTP/2.0" 200 897
08/03 08:08 AM (2m)
REQ "GET /ka/admin HTTP/2.0" 69.243.47.183 -  "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36"
08/03 08:08 AM (2m)
warn: firebase admin auth getUser auth/internal-error: uid={{uid retracted}}, code=auth/internal-error, message=An internal error has occurred. Raw server response: "{}"
08/03 08:08 AM (2m)
RES "GET /ka/admin HTTP/2.0" 302 184
08/03 08:08 AM (2m)
REQ "GET /ka/login HTTP/2.0" 69.243.47.183 -  "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36"
08/03 08:08 AM (2m)
warn: firebase admin auth getUser auth/internal-error: uid={{uid retracted}}, code=auth/internal-error, message=An internal error has occurred. Raw server response: "{}"
08/03 08:08 AM (2m)
RES "GET /ka/login HTTP/2.0" 200 3285
08/03 08:08 AM (2m)
REQ "POST /authWithIdToken HTTP/2.0" 69.243.47.183 -  "https://georgian-chant-site-dzhuccwhhp.now.sh/ka/login" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36"
08/03 08:08 AM (2m)
RES "POST /authWithIdToken HTTP/2.0" 200 897
08/03 08:08 AM (2m)
warn: firebase admin auth getUser auth/internal-error: uid={{uid retracted}}, code=auth/internal-error, message=An internal error has occurred. Raw server response: "{}"
08/03 08:08 AM (2m)
REQ "POST /authWithIdToken HTTP/2.0" 69.243.47.183 -  "https://georgian-chant-site-dzhuccwhhp.now.sh/ka/login" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36"
08/03 08:08 AM (2m)
warn: firebase admin auth getUser auth/internal-error: uid={{uid retracted}}, code=auth/internal-error, message=An internal error has occurred. Raw server response: "{}"
08/03 08:08 AM (2m)
RES "POST /authWithIdToken HTTP/2.0" 200 894
08/03 08:08 AM (2m)
REQ "POST /authWithIdToken HTTP/2.0" 69.243.47.183 -  "https://georgian-chant-site-dzhuccwhhp.now.sh/ka/login" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36"
08/03 08:08 AM (2m)
RES "POST /authWithIdToken HTTP/2.0" 200 894
08/03 08:08 AM (2m)
warn: firebase admin auth getUser auth/internal-error: uid={{uid retracted}}, code=auth/internal-error, message=An internal error has occurred. Raw server response: "{}"

2017年8月15日更新:这是使用firebaseAdmin v5.2.0运行时上述错误的堆栈跟踪(上面的堆栈跟踪是针对firebaseAdmin的早期版本)。

firebase admin auth getUser auth/internal-error: uid=RBwhJQy3ImStgNYvZICTT8M48Co1, code=auth/internal-error, message=An internal error has occurred. Raw server response: "{}", stacktrace=Error: An internal error has occurred. Raw server response: "{}"
    at FirebaseAuthError.FirebaseError [as constructor] (/myapp/node_modules/firebase-admin/lib/utils/error.js:39:28)
    at new FirebaseAuthError (/myapp/node_modules/firebase-admin/lib/utils/error.js:104:23)
    at Function.FirebaseAuthError.fromServerError (/myapp/node_modules/firebase-admin/lib/utils/error.js:128:16)
    at /myapp/node_modules/firebase-admin/lib/auth/auth-api-request.js:399:45
    at <anonymous>
    at process._tickCallback (internal/process/next_tick.js:188:7)

1 个答案:

答案 0 :(得分:0)

我有类似的问题。它是由传递给firebase-admin的initializeApp(...)的参数中的额外引号引起的,类似于此主题:https://github.com/firebase/firebase-admin-node/issues/137

检查传递给initializeApp(...)的参数是否正确。

相关问题
最新问题