I'm trying to implement a token verification as a middleware how firebase recomends.(https://firebase.google.com/docs/app-check/custom-resource-backend?hl=es-419)
The thing is When I try to test it using postman it doesn`t work.
Here is my middleware in my middleware file
import {request, response, NextFunction} from "express";
import {getAppCheck} from "firebase-admin/app-check";
export const appCheckVerification =
async (req = request, res = response, next: NextFunction) => {
const appCheckToken = req.header("X-Firebase-AppCheck");
if (!appCheckToken) {
res.status(401);
return next("Unauthorized");
}
try {
const appCheckClaims = await getAppCheck().verifyToken(appCheckToken);
// If verifyToken() succeeds, continue with the next middleware
// function in the stack.
return next();
} catch (err) {
res.status(401);
return next("Unauthorized");
}
};
This is my endpoint in my index file
import {onRequest} from "firebase-functions/v2/https";
import * as express from "express";
import * as admin from "firebase-admin";
admin.initializeApp();
const app = express();
app.get("/", [appCheckVerification], myEndpoint);
exports.myEndpoint = onRequest(app);
And in this image I'm giving to the endpoind the X-Firebase-AppCheck token as a header.
Any idea Why this is not working? The verifyToken never succeeds and I'm getting always 'Unauthorized' from the catch flow.
I'm trying to verify a token using firebase functions v2