From a21a40555ae3a75ff291e533f39bd5d9af09118f Mon Sep 17 00:00:00 2001 From: tristangoogle Date: Thu, 15 Sep 2016 11:22:44 -0700 Subject: [PATCH 1/2] Verify issuer claim --- .../standard/firebase/firenotes/backend/firebase_helper.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/appengine/standard/firebase/firenotes/backend/firebase_helper.py b/appengine/standard/firebase/firenotes/backend/firebase_helper.py index 314b9598eba..b4a443bf79f 100644 --- a/appengine/standard/firebase/firenotes/backend/firebase_helper.py +++ b/appengine/standard/firebase/firenotes/backend/firebase_helper.py @@ -111,7 +111,8 @@ def verify_auth_token(request): request_jwt, public_key, algorithms=['RS256'], - audience=os.environ['FIREBASE_PROJECT_ID']) + audience=os.environ['FIREBASE_PROJECT_ID'], + issuer="https://securetoken.google.com/" + os.environ['FIREBASE_PROJECT_ID']) except jwt.exceptions.InvalidTokenError as e: logging.warning('JWT verification failed: {}'.format(e)) return None From 016b278309d05e8d290e53763671a97838f30482 Mon Sep 17 00:00:00 2001 From: tristangoogle Date: Thu, 15 Sep 2016 16:26:49 -0700 Subject: [PATCH 2/2] Verify issuer claim --- .../standard/firebase/firenotes/backend/firebase_helper.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/appengine/standard/firebase/firenotes/backend/firebase_helper.py b/appengine/standard/firebase/firenotes/backend/firebase_helper.py index b4a443bf79f..c1b95aaf883 100644 --- a/appengine/standard/firebase/firenotes/backend/firebase_helper.py +++ b/appengine/standard/firebase/firenotes/backend/firebase_helper.py @@ -112,7 +112,8 @@ def verify_auth_token(request): public_key, algorithms=['RS256'], audience=os.environ['FIREBASE_PROJECT_ID'], - issuer="https://securetoken.google.com/" + os.environ['FIREBASE_PROJECT_ID']) + issuer="https://securetoken.google.com/" + + os.environ['FIREBASE_PROJECT_ID']) except jwt.exceptions.InvalidTokenError as e: logging.warning('JWT verification failed: {}'.format(e)) return None