Skip to content

Fix error handling when fetching fresh token in App Check #8829

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 2 commits into from
Closed

Fix error handling when fetching fresh token in App Check #8829

wants to merge 2 commits into from

Conversation

@nermeen-mattar
Copy link

@nermeen-mattar nermeen-mattar commented Mar 5, 2025
edited
Loading

Fixes #8822

Issue:

When calling Firebase App Check’s getToken with forceRefresh: true while a cached token exists, if fetching a new token failed, the error is stored in internalError but not returned or thrown to third-party callers. This leads to silent failures, causing the function to return a cached token instead of propagating the error.

Impact:

This misleads the caller, who has no clue that the cached token was returned instead of a new one, preventing proper error handling. While the cached token may still be valid, forceRefresh is intended to fetch a new token, making this behavior inconsistent with its purpose.

Fix:

Now, when forceRefresh is true, the function returns both the error and token, ensuring failure is recognized.

Why This is Correct:

This aligns with the expected behavior—if forceRefresh is requested, failures should be surfaced, not masked.

Benefit:

Allows third-party apps to handle errors properly and take proper corrective actions.

@nermeen-mattar nermeen-mattar requested review from a team and hsubox76 as code owners March 5, 2025 15:17
@changeset-bot
Copy link

changeset-bot bot commented Mar 5, 2025

🦋 Changeset detected

Latest commit: f4e1391

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 3 packages
Name Type
@firebase/app-check Minor
@firebase/app-check-compat Patch
firebase Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

@nermeen-mattar nermeen-mattar changed the title Fix force refresh error handling app check Fix app check get fresh token error handling when Mar 5, 2025
@nermeen-mattar nermeen-mattar changed the title Fix app check get fresh token error handling when Fix app check get fresh token error handling Mar 5, 2025
@nermeen-mattar nermeen-mattar changed the title Fix app check get fresh token error handling Fix error handling when fetching fresh token in App Check Mar 5, 2025
@nermeen-mattar nermeen-mattar mentioned this pull request Mar 9, 2025
Closed
@hsubox76
Copy link
Contributor

hsubox76 commented Mar 17, 2025

Thanks for looking into this bug, but taking a different approach to solving it with #8842

@hsubox76 hsubox76 closed this Mar 17, 2025
@firebase firebase locked and limited conversation to collaborators Apr 17, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@hsubox76 hsubox76 Awaiting requested review from hsubox76 hsubox76 is a code owner

1 more reviewer

@HourtashHAJI HourtashHAJI HourtashHAJI approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

app-check: getToken with forceRefresh:true swallows errors and returns cached token

3 participants

@nermeen-mattar @hsubox76 @HourtashHAJI