I'l like to use Firebase Authentication with user and password for my extentions based on Manifest V3.
Firebase Authentication using Google OAuth is possible but I am currioius if this is also possible with with user/pass.
I used for example https://github.com/PlasmoHQ/plasmo together with OAuth but need this with user/pass Auth and with Chrome Manifest V3.
Related
I have project which has both an Android app and a Python Desktop-app (using pyrebase).
I'm using firebase for Authentication. For the Android, I've enabled both Google Authentication and Email Authentication.
For the Python, just email authentication (there doesn't seem to be a nice way to do Google Auth from python).
I have "Link accounts that use the same email" checked in Firebase Authentication Settings. Now suppose I:
Create user account with Email in desktop, and log in to it.
Sign in with Google Auth using the same email in android.
Try to log in again in desktop with same user-name and password.
Guess what happens? Log in does not work - the Google auth has "taken over" that account and is now the only way to authenticate (which means the account cannot be used from the desktop-app anymore)
Question: Is there any way to allow users to log into the SAME user account through EITHER google-auth OR email?
Does Google authentication in Firebase provide a default password when creating users in the Firebase database?
There is no way to create a Google Authentication user through Firebase. While you can sign in to Firebase Authentication with a Google Authentication user, you can't create new Google Authentication users through it.
No, it doesn't. The purpose for using social authentication is to not using password. So you will not get any.
When I generate a token using createCustomToken from Firebase admin sdk, how can I verify that is the valid token without using the SDK again?
I assumed its a valid OAuth token but I can not find the signing key and therefore check the integrity. I use Firebase Auth for storing the token and the admin sdk.
Custom Tokens created with the Firebase admin SDK are signed using a service account. In the default setting the service account email has the form firebase-adminsdk-bh96s#<YOUR_PROJECT_ID>.iam.gserviceaccount.com.
Under https://www.googleapis.com/robot/v1/metadata/x509/<service account email> you will find the corresponding public keys.
See also https://firebase.google.com/docs/auth/admin/create-custom-tokens
Firebase ID tokens are JWTs (JSON Web Tokens) and can be verified either with the Firebase Admin SDK, or with any other JWT parsing library.
Mainly token are used for authentication but firebase provides different
Sign-in providers like email and password, Facebook, Google, GitHub and Anonymous for authentication. Then what are this tokens used for?
Can anybody guide me to a use case where this custom tokens are useful?
Here's where I got to know about this Custom tokens:
https://www.youtube.com/watch?v=VuqEOjBMQWE&t=93s
https://firebase.google.com/docs/auth/admin/create-custom-tokens
Custom tokens are used when you want to use a Custom Auth System:
You can integrate Firebase Authentication with a custom authentication
system by modifying your authentication server to produce custom
signed tokens when a user successfully signs in. Your app receives
this token and uses it to authenticate with Firebase.
For example: Let's say you're developing an app that needs authentication, but you don't want to use the Auth Providers that Firebase supports (Google,Twitter,Facebook,etc). Let's say you want to use Instagram Auth.
Since Instagram Auth is not provided by Firebase you can't set your Realtime Database rules to auth!=null. You'll probably set it to public, which means that anyone can access your data and this is an obvious security risk(Your database is not safe at all).
So what you can do is create your custom auth system that allows a user to authenticate with Instagram and then give him a Custom Token. The user will then use this token when signing in to your Firebase App, and he will be recognized on Firebase Authentication. Which means that he can now access data that is protected by auth!=null. Your database no longer needs to be public.
Problem
Firebase force overwrites previous authentication provider when we sign-up using Google OAuth.
Precondition
Both GitHub account and Google one are the same email.
Disallow multiple accounts with the same email address
Expected Behavior
Sign-up using GitHub OAuth
A new account (ACCOUNT_1) is created on Firebase Auth
Sign-out
Sign-up using Google OAuth, "auth/account-exists-with-different-credential" error occurs.
Actual
Sign-up using GitHub OAuth
A new account (ACCOUNT_1) is created on Firebase Auth
Sign-out
Sign-up using Google OAuth
ACCOUNT_1 is overwritten by Google OAuth provider on Firebase.
Sign-in using GitHub OAuth, "auth/account-exists-with-different-credential" error occurs.
What I tried
When a new account is created first time, I force updated emailVerified = True using Cloud Functions.
I saw the bellow article:
oauth - Unusual behavior from Firebase Authentication when signing in using existing account email - Stack Overflow
In my understanding, Google OAuth process only overwrites an account with non-verified email.