Closed
Description
[REQUIRED] Step 2: Describe your environment
- Operating System version: macOS 10.13.4
- Python version: 3.7
- Firebase SDK version: 2.13.0
- Firebase Product: auth
[REQUIRED] Step 3: Describe the problem
Steps to reproduce:
-
Issue a token with Firebase Auth Web SDK example
-
Use
access_tokenand try to verify it with:auth.verify_id_token(raw_access_token, check_revoked=True)
Traceback:
Traceback (most recent call last):
File "/Users/mrhobot/Development/woosdev/server/src/core/auth.py", line 62, in authenticate_with_identity_token
token = auth.verify_id_token(raw_token, check_revoked=checked_revoked)
File "/Users/mrhobot/.local/share/virtualenvs/server-wDDl2oy7/lib/python3.7/site-packages/firebase_admin/auth.py", line 146, in verify_id_token
_check_jwt_revoked(verified_claims, _ID_TOKEN_REVOKED, 'ID token', app)
File "/Users/mrhobot/.local/share/virtualenvs/server-wDDl2oy7/lib/python3.7/site-packages/firebase_admin/auth.py", line 454, in _check_jwt_revoked
if verified_claims.get('iat') * 1000 < user.tokens_valid_after_timestamp:
TypeError: '<' not supported between instances of 'int' and 'NoneType'
Relevant code:
tokens_valid_after_timestamp returns None in some cases, while expected to be int only.
at firebase_admin/_user_mgt.py(206) tokens_valid_after_timestamp()
205 @property
206 def tokens_valid_after_timestamp(self):
207 """Returns the time, in milliseconds since the epoch, before which tokens are invalid.
208
209 Note: this is truncated to 1 second accuracy.
210
211 Returns:
212 int: Timestamp in milliseconds since the epoch, truncated to the second.
213 All tokens issued before that time are considered revoked.
214 """
215 valid_since = self._data.get('validSince')
216 if valid_since is not None:
217 return 1000 * int(valid_since)
218 -> return None
at firebase_admin/auth.py(454)_check_jwt_revoked()
452 def _check_jwt_revoked(verified_claims, error_code, label, app):
453 user = get_user(verified_claims.get('uid'), app=app)
454 -> if verified_claims.get('iat') * 1000 < user.tokens_valid_after_timestamp:
455 raise AuthError(error_code, 'The Firebase {0} has been revoked.'.format(label))