app/invalid-credential error when the clock is out of sync

[hiranya911]

Whenever the SDK is deployed on a server where the clock happens to be out of sync, the RTDB client logs the following error and goes into a tight loop, from which it can never recover:

@firebase/database: FIREBASE WARNING: {\"code\":\"app/invalid-credential\",\"message\":\"Credential implementation provided to initializeApp() via the \\\"credential\\\" property failed to fetch a valid Google OAuth2 access token with the following error: \\\"Failed to parse access token response: Error: Server responded with status 400.\\\".\"}

To the developer it appears the SDK is stuck/hung. Can we improve this behavior by:

1. Logging a more detailed and actionable error message (specifically, mention the clock is possibly out of sync)
2. Not going into a tight retry loop when this happens, and instead fail fast.

Related bug reports:
firebase/firebase-admin-node#435
firebase/firebase-admin-node#436

[google-oss-bot]

I found a few problems with this issue:

• I couldn't figure out how to label this issue, so I've labeled it for a human to triage. Hang tight.
• This issue does not seem to follow the issue template. Make sure you provide all the required information.

[mikelehen]

I think this error actually comes from the Admin SDK: https://github.com/firebase/firebase-admin-node/blob/42b5806352b36b3e2064043982333e9d970a5297/src/firebase-app.ts#L166

I think the retry loop should be subject to exponential backoff. But if we think it's worthwhile, we could special case the app/invalid-credential error code and stop retrying... as long as we're confident it's never going to be a recoverable error. This doesn't seem very high priority though.