5

I am trying to authenticate user in firebase with KakaoTalk credentials. For that, I've got accesstoken from KakaoTalk. And then trying to authenticate user with that token. Here is my code :

      String token = await kakaoService.getAccessToken();
      await firebaseAuth.signInWithCustomToken(
        token: token,
      );

Got acceess token like this : nmAzFpOF9XrijP-ZoFpQbVluGZ4lLDbZxOCXIAo9c-sAAAFxrID6xA

But getting this error :

The custom token format is incorrect. Please check the documentation. [ Invalid assertion format. 3 dot separated segments required. ]

Whats wrong here? Am I missing something?

Improve this question

2 Answers 2

Reset to default
4

It seems that the token returns by kakaoService.getAccessToken() is not a valid custom token for Firebase Authentication. In fact, given the error message, it doesn't even seem to be a JWT.

Custom tokens for Firebase Authentication must have a specific format, that is documented in creating custom tokens. You'll typically want to follow this process to get a valid token for Firebase Authentication:

  1. Sign the user in to the identity provider (KakaoTalk in your case).
  2. Decode the token from the provider, to get the verified information about the user.
  3. Create a custom token for the user with the Firebase Authentication Admin SDK.
  4. Use that token to sign in to Firebase on the client.

Steps 2 and 3 must happen in a trusted environment, such as your development machine, a server you control, or Cloud Functions.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

4

Check out the Firebase documentation regarding the use of custom token: https://firebase.google.com/docs/auth/admin/create-custom-tokens#create_custom_tokens_using_a_third-party_jwt_library

Firebase needs to successfully decode the auth token your client submits then use its claims to validate access to your Firebase resources. As such, Firebase requires that custom tokens be formatted according to the rules spelled out in their docs. (They describe a very typical JSON Web Token.)

The access token you're getting from KakaoTalk does not follow Firebase's token rules so Firebase doesn't know what to do with it. I suggest you revisit the KakaoTalk docs to see if it can generate a standard RS256 JWT token with which Firebase can work.

Improve this answer

2 Comments

Oh, I now see this question already answered. Guess I shouldn't go make coffee while in the middle of writing answers. :)
Thanks, I appreciate your effort.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.