Custom token using 3party JWT lib

[Kirill]

Hi

I'm trying to create a custom token on a server, but I get INVALID_CUSTOM_TOKEN error message.

I tried in python (python-jose) and in .net (jose-jwt) using RS256. I also tried HS256. Validating the tokens and signatures worked in jwt.io, but not in firebase.

When trying firebase's example code KJUR's lib jsrsasign it works with RS256. 

Here is the python code i used:

from jose import jwt

payload = {

 "aud": "https://identitytoolkit.googleapis.com/google.identity.identitytoolkit.v1.IdentityToolkit",

 "exp": 1489194535,

 "iat": 1412034535,

 "iss": "service account email",

 "sub": "service account email",

 "uid": "user",

 "scope": "https://www.googleapis.com/auth/identitytoolkit",

}

key = '-----BEGIN PRIVATE KEY-----...'

token = jwt.encode(payload, key, algorithm='RS256', headers = {'kid': 'xxx'})

print token

getting a token from KJUR.jws.JWS.sign with exactly the same request works fine..

Please advise.

Kirill

[Jacob Wenger]

Hey Kirill,

Your iat (issued-at time) looks wrong. It converts to "Mon Sep 29 2014 16:48:55 GMT-0700 (PDT)", which is definitely invalid since the exp (expiration time) should be at most one hour after the iat. Can you try fixing the iat and let me know if that fixes your problem?

Cheers

Jacob

--
You received this message because you are subscribed to the Google Groups "Firebase Google Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to firebase-tal...@googlegroups.com.
To post to this group, send email to fireba...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/firebase-talk/091a7058-0f2e-4088-8bb5-08b742f384e0%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.