I am setting up a password-less environment for my Flutter app and I am having issues with the FirebaseAuth.instance.sendSignInWithEmailLink command.
await FirebaseAuth.instance.sendSignInWithEmailLink(
email: email,
url: url// Using whitelisted url,
handleCodeInApp: true,
iOSBundleID: bundleId // bundle id for ios app,
androidPackageName: androidId // package name for android,
androidInstallIfNotAvailable: false,
androidMinimumVersion: "18",
);
The error I get is the following:
Exception has occurred.
PlatformException (PlatformException(ERROR_UNAUTHORIZED_DOMAIN, Domain not whitelisted by project, null))
Even though the url I have attempted to us is on the white list under Authentication > Sign In Methods > Authorized Domains.
Any help would be greatly appreciated.
Related
I am using a Cloud Function to generate a password-reset-link through the admin sdk.
I need to handle the action link in my website and not my mobile app.
my action code settings looks like :
ActionCodeSettings codeSettings = ActionCodeSettings(
url: "https://example.com/links/reset",
handleCodeInApp: false,
dynamicLinkDomain: "https://example.com/links"
);
and i have also tried :
ActionCodeSettings codeSettings = ActionCodeSettings(
url: "https://example.com/links/reset",
handleCodeInApp: false,
);
Both gives me the following error :
FirebaseAuthError: The provided dynamic link domain is not configured or authorized for the current project.
I am simply using the : admin.auth().generatePasswordResetLink(data.email, actionCodeSettings) method in an onCall https request to my function.
I have of course setup dynamic links for my project and my project is hosted fine with Firebase Hosting.
I have also added this to my firebase.json file :
"rewrites": [ {
"source": "/links/**",
"dynamicLinks": true
} ]
As stated in the documentation.
What i am doing wrong ?
If i generate the ActionCodeSettings from flutter it doesn't work.
However, if in my NodeJS code I implement :
const actionCodeSettings = {
url: "https://example.com/links",
handleCodeInApp: false
};
It's working.
In the logs i could see that the param dynamicLinkDomain was set to null and passed even if i was not using it.
Firebase documentation states that custom claims can be accessed like so:
admin
.auth()
.verifyIdToken(idToken)
.then((claims) => {
if (claims.admin === true) {
// Allow access to requested admin resource.
}
});
I have implemented Firebase auth following this sample project and tutorial. Specifically, the token is being decoded inside Next.JS' getServerSideProps here.
It's also worth mentioning that I'm running this project in development mode with Firebase Emulators.
So, on calling:
verifyIdToken(token)
I get this error message:
Error: Firebase ID token has no "kid" claim. See https://firebase.google.com/docs/auth/admin/verify-id-tokens for details on how to retrieve an ID token.
Any idea where I'm failing?
---------- UPDATE ----------
The decoded token has this info:
{
"header":{
"alg":"none",
"typ":"JWT"
},
"payload":{
"email":"user#test.test",
"email_verified":false,
"auth_time":1626004181,
"user_id":"MY_USER_ID",
"firebase":{
"identities":{
"email":[
"user#test.test"
]
},
"sign_in_provider":"password"
},
"iat":1626004181,
"exp":1626007781,
"aud":"MY_FIREBASE_PROJECT_ID",
"iss":"https://securetoken.google.com/MY_FIREBASE_PROJECT_ID",
"sub":"SOME_KEY"
}
}
I am trying to implement passwordless authentication in my Flutter app using dynamic links, but the link the app receives always returns false for the isSignInWithEmailLink() method.
The dynamic link I created in the firebase console is the following:
Dynamic Links configuration
And the code I am using to send it is:
var acs = ActionCodeSettings(
url: "https://XXXXXX.page.link/eP3A",
handleCodeInApp: true,
iOSBundleId: "com.example.XXXXX",
androidPackageName: "com.example.XXXXXX",
androidInstallApp: true,
androidMinimumVersion: "12",
);
FirebaseAuth.instance.sendSignInLinkToEmail(
email: email, actionCodeSettings: acs)
.catchError((onError) =>
print('Error sending email verification $onError'))
.then((value) => print('Successfully sent email verification'));
I am able to receive the link in the email, and when clicking on it, it opens the app. However, the link always return false in isSignInWithEmailLink(). Am I missing something? I've tried different combinations on the ActionCodeSettings object but none of them seem to work. I am using the latest versions of firebase_auth and firebase_dynamic_links.
I use knpuniversity/oauth2-client-bundle and league/oauth2-google to connect users in my Symfony 4 web app using a "Sign in with Google" feature. I followed this tuto. I registered my app in Google.
I set access_type: offline in the knpu.oauth2.client.google configuration (config/packages/knpu_oauth2_client.yaml file)
I try to get the user refresh token in my GoogleAuthenticator::getUser(League\OAuth2\Client\Token\AccessToken $credentials) method (which extends KnpU\OAuth2ClientBundle\Security\Authenticator\SocialAuthenticator).
Unfortunately, $credentials->getRefreshToken() always returns null.
Why don't I get the user refresh token ?
As per documentation, "Refresh tokens are only provided to applications which request offline access". So, when instantiating the provider you need to set the accessType.
use League\OAuth2\Client\Provider\Google;
$provider = new Google([
'clientId' => '{google-client-id}',
'clientSecret' => '{google-client-secret}',
'redirectUri' => 'https://example.com/callback-url',
'accessType' => 'offline',
]);
In knpu_oauth2_client configuration, you can do:
google:
type: google
client_id: '%env(OAUTH_GOOGLE_CLIENT_ID)%'
client_secret: '%env(OAUTH_GOOGLE_CLIENT_SECRET)%'
redirect_params: {}
access_type: offline
I'm using functions.auth.user().onCreate() as part of a firestore project, and trying to set up some default data when a new user registers. For the front end, I'm using firebase-ui, with Google and Email/Password providers enabled.
When I sign in with an email and password, the UI widget prompts to enter a name and set a password. I was expecting to see the name as part of the user parameter in the onCreate() function call, but I'm getting practically nothing:
user: { email: 'xxx#yyyy.co.uk',
emailVerified: false,
displayName: null,
photoURL: null,
phoneNumber: null,
disabled: false,
providerData: [],
customClaims: {},
passwordSalt: null,
passwordHash: null,
tokensValidAfterTime: null,
metadata:
UserRecordMetadata {
creationTime: '2018-11-20T15:06:01Z',
lastSignInTime: '2018-11-20T15:06:01Z' },
uid: 'QDJ5OJTwbvNo2QNDVQV9VsxC2pz2',
toJSON: [Function] }
Not even getting the provider info so I can tell which 'kind' of user registered. It's almost like this function is triggered before the user record has been populated (except the email address does get through). Also, registrations via the Google provider come with a fully-populated user record, so I guess this is a problem with Email/Password specifically.
Is this a bug, or am I missing something? I didn't see anything else useful in the context parameter either.
The fact that displayName is not populated in the Cloud Functions onCreate trigger for email+password is expected. The function is triggered from the first API call (createUserWithEmailAndPassword()), while the display name is set with a second API call (updateProfile).
The usual workaround would be to create a Cloud Function to update the user profile, as shown here: Firebase Auth+Functions | create user with displayName
I also highly recommend filing a feature request to be able to have a Cloud Function triggered on profile changes.