Description
[REQUIRED] Describe your environment
- Operating System version: Windows 11
- Browser version: Chrome 100
- Firebase SDK version: 9.6.10
- Firebase Product: App Check
[REQUIRED] Describe the problem
Firebase App Check deadlocks itself when using a custom attestation provider and a HTTPS Callable Function for verification as it makes the call to the HTTPS Callable Function for verification wait forever.
Resulting from this discussion: #6070
Steps to reproduce:
- I have a Callable Firebase HTTP Cloud Function that verifies the attestation provider's authenticity data
- I initialize a token on the client using something like this:
const appCheckCustomProvider = new CustomProvider({
getToken: async () => {
// ... do something to retrieve the client part
const clientSolution = ...
const verificationFn = httpsCallable(functionsInstance, "verifyClientSolutionAndGenerateAppToken")
const appCheckToken = await verificationFn(clientSolution)
return appCheckToken
},
})So the desired flow is:
- Client generates its
clientSolution(using a 3rd party attestation provider) - Client calls the Callable HTTP Function to verifiy the
clientSolutionand retrieve an App Check token
The trouble I'm running into is that generating the clientSolution works but as soon as we hit the await verificationFn(..) line, the browser stops and just stays there forever.
Checking in the network monitor, the browser does not even try to do the fetch call to the cloud function, it just waits.
My guess is that it waits for the getToken to complete before executing any Cloud Function call (to be able to put the AppCheck token in the headers).
Note: When using a regular HTTP Cloud Function (=not Callable Cloud Function), the deadlock does not occur (see #6070 (reply in thread)).
Relevant Code:
See above