Firebase Authenticate AccessToken Verification Script

firebase_auth_token.py

import re
import jwt
import traceback
from urllib.request import urlopen


def verify_token(userid, token):
    """Firebase 개발자 문서에 제시된 토큰 검증 과정에 userid 검증 과정을 추가하여 토큰검증함수 설계

    :param userid: firebase auth userid value
    :param token: firebase auth accesstoken value
    :return: verify result in boolean
    """
    try:
        token_header = bytes(token.split(".")[0], 'utf-8')
        token_header_information = re.findall(r'"alg" *: *"(.*?)","kid" *: *"(.*?)"', decode_base64(token_header))
        google_publickey_set = urlopen(
            "https://www.googleapis.com/robot/v1/metadata/x509/securetoken@system.gserviceaccount.com").read()
        token_publickey = \
            re.findall(r'"{0}" *: *"(.*?)"'.format(token_header_information[0][1]), str(google_publickey_set))[
                0].replace("\\n", "\n").replace("\\", "")
        obj_token_publickey = load_pem_x509_certificate(bytes(token_publickey, 'utf-8'), default_backend()).public_key()
        token_payload_information = jwt.decode(jwt=token, key=obj_token_publickey,
                                               algorithms=[token_header_information[0][0]], audience='instagram-8ebdd')
        token_uid = re.findall(r"'user_id' *: *'(.*?)'", str(token_payload_information))
        return True if userid == token_uid[0] else False
    except:
        traceback.print_exc()
        return False