AppCheck with custom provider using HTTPS Callable Function "deadlocks" itself

[sceee]

I am wondering if I'm doing anything wrong but when trying out App Check with a custom provider, it deadlocks itself, thus never gets to complete the getToken function.

The setup is:

1. I have a Callable Firebase HTTP Cloud Function that verifies the attestation provider's authenticity data
2. I initialize a token on the client using something like this:

const appCheckCustomProvider = new CustomProvider({
      getToken: async () => {
        // ... do something to retrieve the client part
        const clientSolution = ...

        const verificationFn = httpsCallable(functionsInstance, "verifyClientSolutionAndGenerateAppToken")
        const appCheckToken = await verificationFn(clientSolution)

        return appCheckToken
      },
    })

So the desired flow is:

1. Client generates its clientSolution (using a 3rd party attestation provider)
2. Client calls the Callable HTTP Function to verifiy the clientSolution and retrieve an App Check token

The trouble I'm running into is that generating the clientSolution works but as soon as we hit the await verificationFn(..) line, the browser stops and just stays there forever.
Checking in the network monitor, the browser does not even try to do the fetch call to the cloud function, it just waits.
My guess is that it waits for the getToken to complete before executing any Cloud Function call (to be able to put the AppCheck token in the headers).
But how can this deadlock be avoided without using a completely different verification function (e.g. in another project)?

I could not find any information on this and wonder how others get this working to use a HTTPS Callable Cloud Function as App Check Token "minter" without running in this deadlock.

[hsubox76]

I'll look into this, if not a bug it seems like at least a legit documentation issue. Ping me again or create an issue if you don't hear back.

[sceee]

Thanks @hsubox76 @weixifan , I can confirm that when using a plain HTTP function rather than a Callable Function, it does not deadlock.

@hsubox76 shall I create an issue for this or did you already address this somewhere?

[weixifan]

@sceee Yes please -- please file an issue against App Check and please post a link here, and we'll track the progress via the issue.

[sceee]

Alright, thanks, I filed this issue #6176 for this.

[artask]

I think documentation needs to be updated. In the AppCheck Server Implementation a callable function is used.

[marianofreitas]

Sorry for resurrecting this discussion. But is it known if this happens on other implementations as well (I'm concerned with android)?