You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Unfortunately, in some environments, connecting to Google is either unreliable or not directly possible. In my case, my Hetzner VServer's IPs get regularly blocked by Google (see https://bsky.app/profile/juliusv.com/post/3lczuagphbs2w), although verifying Firebase tokens is the only thing my backend does in terms of external connectivity. In this kind of situation, I would really like to have more control over the downloading of these certificates, for example some alternative means of providing the certificate externally without the SDK connecting directly to Google. Then at least I can manage around the IP blocks somehow.
The text was updated successfully, but these errors were encountered:
The
VerifyIDToken()
method on the auth Client downloads Google's signing certificates from https://www.googleapis.com/robot/v1/metadata/x509/[email protected] in the background when verifying a user ID token.Unfortunately, in some environments, connecting to Google is either unreliable or not directly possible. In my case, my Hetzner VServer's IPs get regularly blocked by Google (see https://bsky.app/profile/juliusv.com/post/3lczuagphbs2w), although verifying Firebase tokens is the only thing my backend does in terms of external connectivity. In this kind of situation, I would really like to have more control over the downloading of these certificates, for example some alternative means of providing the certificate externally without the SDK connecting directly to Google. Then at least I can manage around the IP blocks somehow.
The text was updated successfully, but these errors were encountered: