Node.js -Firebase Service Account Private Key won't parse
Jsonnode.jsParsingNpmFirebase AuthenticationJson Problem Overview
I use .env variables in my app.js file to access the keys. Everything was working fine until I downloaded a new Firebase Service Account Private Key. When I replaced the old value with the new value I can no longer access the key because in terminal when I run node app.js I keep getting an error message:
> /Users/Cpu/Desktop/...../node_modules/firebase-admin/lib/auth/credential.js:129
> throw new error_1.FirebaseAppError(error_1.AppErrorCodes.INVALID_CREDENTIAL,
> 'Failed to parse private key: ' + error);
> ^
>
> Error: Failed to parse private key: Error: Invalid PEM formatted
> message.
> at FirebaseAppError.FirebaseError [as constructor] (/Users/Cpu/Desktop/...../node_modules/firebase-admin/lib/utils/error.js:39:28)
> at FirebaseAppError.PrefixedFirebaseError [as constructor] (/Users/Cpu/Desktop/...../node_modules/firebase-admin/lib/utils/error.js:85:28)
> at new FirebaseAppError (/Users/Cpu/Desktop/...../node_modules/firebase-admin/lib/utils/error.js:119:28)
> at new Certificate (/Users/Cpu/Desktop/...../node_modules/firebase-admin/lib/auth/credential.js:129:19)
> at new CertCredential (/Users/Cpu/Desktop/...../node_modules/firebase-admin/lib/auth/credential.js:192:64)
> at Object.cert (/Users/Cpu/Desktop/.....)
> at Object.
All I did was c+p the new Private Key and then added it and saved the .env file, pushed to heroku, and it's no longer working. I even downloaded a new Private Key but the same problem occurs.
The old and new Private Keys
// old Private Key
-----BEGIN PRIVATE KEY-----\nbbbbbbbb\n-----END PRIVATE KEY-----\n
// new Private Key
-----BEGIN PRIVATE KEY-----\nzzzzzzzz\n-----END PRIVATE KEY-----\n
The .env file:
FIREBASE_PROJECT_ID=wwwwwwww
FIREBASE_CLIENT_EMAIL=xxxxxxxx
FIREBASE_DATABASE_URL=yyyyyyyy
FIREBASE_PRIVATE_KEY=-----BEGIN PRIVATE KEY-----\nzzzzzzzz\n-----END PRIVATE KEY-----\n
The app.js file:
const dotenv = require('dotenv');
dotenv.load();
var admin = require("firebase-admin");
admin.initializeApp({
credential: admin.credential.cert({
projectId: process.env.FIREBASE_PROJECT_ID, // I get no error here
clientEmail: process.env.FIREBASE_CLIENT_EMAIL, // I get no error here
privateKey: process.env.FIREBASE_PRIVATE_KEY // I get error HERE
}),
databaseURL: process.env.FIREBASE_DATABASE_URL
});
How can I fix this issue?
Json Solutions
Solution 1 - Json
The problem was since I used dotenv variables inside the .env file the FIREBASE_PRIVATE_KEY had escaping characters: \n inside of it.
I had to follow this answer and append .replace(/\\n/g, '\n') to the end of it to parse it:
privateKey: process.env.FIREBASE_PRIVATE_KEY.replace(/\\n/g, '\n')
So now the code looks like:
admin.initializeApp({
credential: admin.credential.cert({
projectId: process.env.FIREBASE_PROJECT_ID, // I get no error here
clientEmail: process.env.FIREBASE_CLIENT_EMAIL, // I get no error here
privateKey: process.env.FIREBASE_PRIVATE_KEY.replace(/\\n/g, '\n') // NOW THIS WORKS!!!
}),
databaseURL: process.env.FIREBASE_DATABASE_URL
});
Solution 2 - Json
You must add your key into double qoutes to allow expanded new lines option according with dotenv documentation.
You can check that option at Rules section in dotenv github.
https://github.com/motdotla/dotenv#rules
FIREBASE_PROJECT_ID=wwwwwwww
FIREBASE_CLIENT_EMAIL=xxxxxxxx
FIREBASE_DATABASE_URL=yyyyyyyy
FIREBASE_PRIVATE_KEY="-----BEGIN PRIVATE KEY-----\nzzzzzzzz\n-----END PRIVATE KEY-----\n"
Solution 3 - Json
I believe cert function is wating JSON object try converting the key into JSON and i think it will work
credential: admin.credential.cert(JSON.parse(serviceAccountKey))
this worked for me !
Solution 4 - Json
Generate admin SDK Firebase under Firebase > Settings > Admin SDK Firebase. Go to Google Cloud Platform in your project, click in IAM administrator > Source account, and generate the key code in account service (your account service is generated in the admin SDK Firebase).