Very slow to mint idTokens with each fetch call

339 views
Skip to first unread message

Pete Conolly

unread,
Jun 13, 2019, 10:57:41 AM6/13/19
to Firebase Google Group
Hi guys,

I need to make frequent authenticated API calls, so I'm generating a new firebaseId token by passing in "true" with each call like the code below.

The problem is that this is adding quite a bit of lag to my calls, and making the app feel slow.
Most of the time grabbing the token takes around 500ms, which is kind-of acceptable, but other times it's more like 2-3 seconds, which is not.

Are there any workarounds to this? It would be great if I could mint a long-life token somehow, or else store it intelligently, but I'm not sure of the right pattern here.

Many thanks,

Pet


async fetchFromAPIAuthenticatedTimeout(url, params) {
this.fetchStampA = (new Date()).getTime() // TIMESTAMP A
try {
const token = await firebase.auth().currentUser.getIdToken(true)
this.fetchStampB = (new Date()).getTime() // TIMESTAMP B
const response = await fetch(url,params)
if (response.status != 200) {
throw Error("api-error");
}
var json = null;
try {
json = await response.json();
} catch (error) {
throw Error("api-error")
}
this.fetchStampD = (new Date()).getTime() // TIMESTAMP C
console.log(">> token",this.fetchStampB-this.fetchStampA)
console.log(">> fetch",this.fetchStampC-this.fetchStampB)
return json.result
}
catch (error)
{
throw Error(error.message)
}
}

Sam Stern

unread,
Jun 13, 2019, 10:59:50 AM6/13/19
to Firebase Google Group
Hi Pete,

ID tokens should be valid for an hour, so normally there's no need to get a new one before each API call.  Could you make your application only get a new token if the current one is expired or close to expiring?

Sam

--
You received this message because you are subscribed to the Google Groups "Firebase Google Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to firebase-tal...@googlegroups.com.
To post to this group, send email to fireba...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/firebase-talk/0f76b2ad-75ce-408f-94ef-8d4b7ef57a60%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Kato Richardson

unread,
Jun 13, 2019, 1:44:27 PM6/13/19
to Firebase Google Group
Also asked here. Please add a note when cross posting.

To view this discussion on the web visit https://groups.google.com/d/msgid/firebase-talk/CAHafJBoWvDGjroVkziRQQwdXaK9UZCPpTs_OUntXerzuKmPF4A%40mail.gmail.com.

For more options, visit https://groups.google.com/d/optout.


--

Kato Richardson | Developer Programs Eng | kato...@google.com | 775-235-8398

Kato Richardson

unread,
Jun 13, 2019, 4:31:58 PM6/13/19
to Firebase Google Group
Actually, there shouldn't be a need to do anything to refresh the token here. getIdToken() will automatically refresh it if it's nearing expiration. So simply removing the boolean should fix the issues nicely with no other changes.

On Thu, Jun 13, 2019 at 7:59 AM 'Sam Stern' via Firebase Google Group <fireba...@googlegroups.com> wrote:
To view this discussion on the web visit https://groups.google.com/d/msgid/firebase-talk/CAHafJBoWvDGjroVkziRQQwdXaK9UZCPpTs_OUntXerzuKmPF4A%40mail.gmail.com.

For more options, visit https://groups.google.com/d/optout.
Reply all
Reply to author
Forward
0 new messages