Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AuthApiRequest expiresIn transformation is missing Math.round and causes rpc.BadRequest error #2708

Closed
mseeley opened this issue Sep 18, 2024 · 1 comment · Fixed by #2712
Closed

AuthApiRequest expiresIn transformation is missing Math.round and causes rpc.BadRequest error #2708

mseeley opened this issue Sep 18, 2024 · 1 comment · Fixed by #2712
Assignees
@jonathanedey
Labels
api: auth

Comments

@mseeley
Copy link

mseeley commented Sep 18, 2024

[READ] Step 1: Are you in the right place?

  • ✅ For issues related to the code in this repository file a Github issue.

[REQUIRED] Step 2: Describe your environment

  • Operating System version: n/a
  • Firebase SDK version: firebase-admin@12.4.0
  • Firebase Product: n/a
  • Node.js version: 20.17.0
  • NPM version: 10.8.2

[REQUIRED] Step 3: Describe the problem

Steps to reproduce:

What happened? How can we make the problem occur?

  • Call AuthApiRequeset.createSessionCookie() with a valid idToken and expiresIn = 604800000
    • Request handler promise will resolve.
  • Call AuthApiRequeset.createSessionCookie() with a valid idToken and expiresIn = 604799998
    • Request handler promise will reject.
    • Remote service receives float 604799.998 and expects int.

This could be a description, log/console output, etc.

createSessionCookie FirebaseAuthError: An internal error has occurred. Raw server response: "{"error":{"code":400,"message":"Invalid value at 'valid_duration' (TYPE_INT64), 604799.998","errors":[{"message":"Invalid value at 'valid_duration' (TYPE_INT64), 604799.998","reason":"invalid"}],"status":"INVALID_ARGUMENT","details":[{"@type":"type.googleapis.com/google.rpc.BadRequest","fieldViolations":[{"field":"valid_duration","description":"Invalid value at 'valid_duration' (TYPE_INT64), 604799.998"}]}]}}"
    at FirebaseAuthError.fromServerError (/app/node_modules/.pnpm/firebase-admin@12.4.0/node_modules/firebase-admin/lib/utils/error.js:148:16)
    at /app/node_modules/.pnpm/firebase-admin@12.4.0/node_modules/firebase-admin/lib/auth/auth-api-request.js:1628:49
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
    at async Module.createSessionCookie (/app/apps/api/src/auth-next/create-session-cookie.ts:8:12)
    at async authenticate (/app/apps/api/src/services/authenticate.ts:27:25)
    at async Object.authenticate (/app/apps/api/src/resolvers/capi/mutation-resolver.ts:26:31)
    at async file:///app/node_modules/.pnpm/@envelop+core@5.0.0/node_modules/@envelop/core/esm/orchestrator.js:383:27
    at async YogaServer.getResultForParams (file:///app/node_modules/.pnpm/graphql-yoga@5.6.0_graphql@16.8.1/node_modules/graphql-yoga/esm/server.js:278:26)
    at async handle (file:///app/node_modules/.pnpm/graphql-yoga@5.6.0_graphql@16.8.1/node_modules/graphql-yoga/esm/server.js:348:25)
    at async Object.handler (/app/apps/api/src/utils/build-graphql-route-options.ts:18:24) {
  errorInfo: {
    code: 'auth/internal-error',
    message: `An internal error has occurred. Raw server response: "{"error":{"code":400,"message":"Invalid value at 'valid_duration' (TYPE_INT64), 604799.998","errors":[{"message":"Invalid value at 'valid_duration' (TYPE_INT64), 604799.998","reason":"invalid"}],"status":"INVALID_ARGUMENT","details":[{"@type":"type.googleapis.com/google.rpc.BadRequest","fieldViolations":[{"field":"valid_duration","description":"Invalid value at 'valid_duration' (TYPE_INT64), 604799.998"}]}]}}"`
  }

Relevant Code:

The implementation is missing Math.round(expiresIn / 1000). You'll see ms->s conversion is using round consistently elsewhere.

firebase-admin-node/src/auth/auth-api-request.ts

Lines 1093 to 1101 in 5c92886

public createSessionCookie(idToken: string, expiresIn: number): Promise<string> {
const request = {
idToken,
// Convert to seconds.
validDuration: expiresIn / 1000,
};
return this.invokeRequestHandler(this.getAuthUrlBuilder(), FIREBASE_AUTH_CREATE_SESSION_COOKIE, request)
.then((response: any) => response.sessionCookie);
}

@google-oss-bot
Copy link

I couldn't figure out how to label this issue, so I've labeled it for a human to triage. Hang tight.

@jonathanedey jonathanedey self-assigned this Sep 19, 2024
@jonathanedey jonathanedey linked a pull request Sep 24, 2024 that will close this issue
fix(auth): Add missing Math.floor() when setting validDuration in createSessionCookie() #2712
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jonathanedey jonathanedey

Labels
api: auth
Projects
None yet
Milestone
No milestone
3 participants
@mseeley @google-oss-bot @jonathanedey