Storage rules not working with auth emulator

[valentinoavon]

[REQUIRED] Describe your environment

• Operating System version: Windows 10
• Browser version: Chrome Version 86.0.4240.111 (official build) (64 bit)
• Firebase SDK version: 8.0.0
• Firebase Product: storage and emulators

[REQUIRED] Describe the problem

Hi!
I tried the new auth emulator and I found that the storage rules do not consider the uid coming from the request.auth token, which basically prevents the interaction with the storage in emulator mode.
A workaround is to open the storage rules (read/write if true) for the devel project, but I don't like that as I would like to have my development platform as much as possible similar to the production one.

Steps to reproduce:

• Create this storage rule in a project:
  match /users/{uid}/{imageName} {allow create if request.auth.uid === uid}
• Start firebase with the auth emulator
• Try to upload an image in users/uid/image with a user which would have the permissions to to that and which exists in the auth emulator but doesn't in the real project

Expected behavior
The rules allow to upload the image

Actual behavior
The rules prevent the upload for insufficient permissions

[samtstern]

@valentinoavon thanks for the feedback. Right now this is working as intended. The tokens created by the Firebase Auth emulator are not real signed tokens so therefore the production Firebase Storage service doesn't recognize them.

In order to fix this development experience we will need a Storage emulator. The good news is we're working on it! You can follow along with the progress here:
#1738