Description
Hi everybody,
I don't know what I'm not doing right but Firebase custom token created with this JWT library can't be decoded properly.
Encoding process (PHP 5.4):
function create_custom_token($uid, $is_premium_account){
$service_account_email = "[email protected]";
$private_key = "-----BEGIN PRIVATE KEY-----\nMI..."; //It includes \n but I have tried without \n or <<<EOD...
$now_seconds = time();
$payload = array(
"iss" => $service_account_email,
"sub" => $service_account_email,
"aud" => "https://identitytoolkit.googleapis.com/google.identity.identitytoolkit.v1.IdentityToolkit",
"iat" => $now_seconds,
"exp" => $now_seconds + (60 * 60),
"uid" => $uid,
"claims" => array(
"premium_account" => $is_premium_account
)
);
return JWT::encode($payload, $private_key, "RS256");
}
$uid = "YYY";
$jwt = create_custom_token($uid, false);
It returns a JWT that I store in the app in order to check the validity of the comming events. If I go to jwt.io I get an invalid signature message.
Decoding process (PHP 5.4):
$jwt is the JWT returned by the server.
$publicKeyURL = 'https://www.googleapis.com/robot/v1/metadata/x509/[email protected]';
$key = json_decode(file_get_contents($publicKeyURL), true);
$key = array_shift($key); //I check that the key is the proper one and seems right.
$decoded = JWT::decode($jwt, $key, array("RS256"));
I get Fatal error: Class 'SignatureInvalidException' not found in /var/www/vhosts/XXXXX.local/jwt.php on line 92
If I go deeper, I see that when it does:
openssl_verify($msg, $signature, $key, $algorithm);
The error message returned by openssl_error_string() is:
error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01
I have read in the net that it seems to be a key issue, but I have checked everything and seems OK.
I will much appreciate if you could help me because I have been with this issue for 3 days.
Thank you very much in advance,
GSDiama