I am working on different domains in a single app... each domain has its own login. for example a person who has account in domain1 can also register in domain2. I am getting "Email already registered" error..
Related
Context:
I am developing an iOS app with sign-in with apple. This features gives users the ability to hide their emails and use an anonymous email to register. In order to be able to send information to these email addresses apple requires you to register both your emails and domain from which emails will be sent.
I followed these 2 guides to register and verify the domain:
https://sarunw.com/posts/sign-in-with-apple-2/
https://help.apple.com/developer-account/#/devf822fb8fc
Important to note:
In properly follow the directions I needed to make the .well-known folder myself
Domain is publicly accessible
I did make sure I added v=spf1 include:_spf.google.com ~all to my DNS records
I already have a Let's Encrypt SSL cert
Enviornment:
Wordpress running on AWS Lightsail
Problem
When I click the verify button, I am given a 1 line error message:
Verification failed for domain
I am not sure how to proceed with verifying my domain.
Troubleshooting steps I have taken:
Instead of verifying example.com, verify www.example.com incase it is being redirected
Move apple-developer-domain-association.txt to the root directory instead of /.well-known
Verify using Safari instead of Chrome
Download new verification file
Email Apple support (They just sent the same guide I found in their dev docs)
Checked to make sure I had a supported TLS 1.2 cipher using SSL Labs (I do have 1, do I need all?)
Response in Network Inspect Tool:
{
"responseId":"XXX",
"resultCode":13004,
"resultString":"Verification failed for domain",
"userString":"Verification failed for domain",
"creationTimestamp":"2020-01-23T21:48:37Z",
"protocolVersion":"QH65B2",
"userLocale":"en_US",
"requestUrl":"https://developer.apple.com/services-account/QH65B2/account/ios/identifiers/verifyDomain",
"httpCode":200
}
I'm using Firebase Authentication for my web app, and customizing the redirect domain for Firebase Authentication's Google Sign-In feature so that Google's authentication page will
show Continue to: https://auth.mydomain.com,
instead of Continue to: https://my-app-12345.firebaseapp.com.
So I did four steps according to instructions on Firebase's documentation:
(1) Create a CNAME record for auth.mydomain.com that points to my-app-12345.firebaseapp.com
(2) Add auth.mydomain.com to the list of authorized domains in the Firebase console
(3) In the Google OAuth setup page, whitelist the URL of the redirect page which is https://auth.mydomain.com/__/auth/handler
(4) Edit my app's JavaScript code which initializes Firebase library:
var config = {
...
// from 'authDomain: my-app-12345.firebaseapp.com,'
authDomain: 'auth.mydomain.com',
...
};
After that, however, when my app invokes firebase.auth().signInWithRedirect(provider) method, web browser will show privacy warning like the following:
Your connection is not private
Attackers might be trying to steal your information from auth.mydomain.com (for example, passwords, messages, or credit cards). Learn more
NET::ERR_CERT_COMMON_NAME_INVALID
...
This server could not prove that it is auth.mydomain.com; its security certificate is from firebaseapp.com. This may be caused by a misconfiguration or an attacker intercepting your connection.
Proceed to auth.mydomain.com (unsafe)
And certificate information is as follows:
firebaseapp.com
Issued by: Google Internet Authority G3
Expires: Tuesday, 13 November 2018
This certificate is valid.
Details
Subject Name
Country: US
State/Province: California
Locality: Mountain View
Organization: Google Inc
Common Name: firebaseapp.com
And below is URI:
https://auth.mydomain.com/__/auth/handler?apiKey=apiKey&appName=%5BDEFAULT%5D&authType=signInViaRedirect&providerId=google.com&scopes=profile&redirectUrl=https%3A%2F%2Fwww.mydomain.com%2Flogin&v=5.0.4
Why does customizing the redirect domain for Google Sign-In prompt NET::ERR_CERT_COMMON_NAME_INVALID warning, and how should I do to avoid the warning message from prompting, e.g. adding Subject Alternative Names into the certificate, using auth.mydomain.com's own certificate?
By the way, in the above warning page, if Proceed to auth.mydomain.com (unsafe) is clicked, authentication will work as expected.
Because auth.mydomain.com points to my-app-12345.firebaseapp.com via CNAME record, host of firebaseapp.com should provision SSL certificate for auth.mydomain.com. It has to be done in Firebase Hosting page even if my-app-12345 is not using Firebase Hosting. Here is step-by-step method for doing that based on Firebase's documentation:
In Firebase project my-app-12345's console, click Hosting on the side menu.
When Set up hosting pop-up appears, click Continue. Then click Finish.
In Hosting page, click Connect domain.
When Connect domain pop-up appears, enter auth.mydomain.com. Then click 'Redirect auth.mydomain.com to an existing website' checkbox. Then enter my-app-12345.firebaseapp.com. Then click Continue.
When 'Add the TXT records below to your DNS provider to verify you own mydomain.com' pop-up appears, follow the instruction. And click Verify. (Verifying may take some minutes). Then click Finish.
Now auth.mydomain.com will be appeared in domain section with Pending status. It will soon be changed to Connected. And after some time, the NET::ERR_CERT_COMMON_NAME_INVALID warning issue will be gone.
P.S. With help of Firebase technical support team, I have got the answer to my own question.
just to clarify, as of Jan 6th 2020, the method above (using 'Redirect' within Firebase Hosting) doesn't work anymore.
Following something written in https://levelup.gitconnected.com/how-to-connect-a-domain-to-your-firebase-project-cd47373bad79 - we can see for Authentication, we need to use "Custom Domains" and not "Redirect"
This is because if redirection is used, the SSL signed between the exit and entry points of the custom domain and Google's authentication servers will fail the handshake.
In other words:
If you are setting it up for the first time:
In Firebase project my-app-12345's console, click Hosting on the side menu.
When Set up hosting pop-up appears, click Continue. Then click Finish.
In Hosting page, click Connect domain.
When Connect domain pop-up appears, enter auth.mydomain.com. Then do not tick 'Redirect auth.mydomain.com to an existing website' checkbox. Then enter my-app-12345.firebaseapp.com. Then click Continue.
If you've already setup a Redirect domain, and you cannot get it to work - you can simply edit the entry, and change to a "Custom" type.
Wait 10 ~ 30 minutes once that has changed to have this function properly.
After Registering my application with Facebook for using Facebook OAuth Login with ASP.NET application i got error. when i am click on Facebook button in Development Environment.
Can't load URL: The domain of this URL isn't included in the app's domains.
To be able to load this URL, add all domains and sub-domains of your app to the App Domains field in your app settings.
Login Screen
Error Displayed
If you are getting same Error means you have Enter Wrong URIs in "Valid OAuth redirect URIs" while Registering my application with Facebook.
Choose App where you are getting error while Registering
After Choose App go to "PRODUCTS" section in that section choose Facebook Login , inside that section choose "Setting", after choosing "Client OAuth Settings" panel will appear in that there is "Valid OAuth redirect URIs" textbox in that just enter your localhost
URL [http://localhost: Port Number/signin-facebook].
e.g if you localhost URL is "http://localhost:8000/Account/Login"
then while entering in "Valid OAuth redirect URIs" textbox enter "http://localhost:8000/signin-facebook" and click on Save Changes
Registering Facebook Application
Just write carefully in your OAuth Redirect URI: http://{ your host }:{ port number } (e.g. http://example.com:8000).
There are two parts you need fill in.
Both on the right side of your app setting panel.
Settings -> Advanced -> Domain Manager( Add Your URL)
PRODUCTS -> Facebook Logion -> Settings -> Valid OAuth redirect URIs
Here to add your URL.
I am using Firebase Auth signInWithPopup() which is absolutely great. But
when initially configured, the popup reads:
Choose an account to continue to myApp-123.firebaseapp.com
I would really like it to read:
Choose an account to continue to myApp.com
How can I make the popup show my own domain?
In my solution that follows I should say that the steps I followed worked. It is possible that I did something that it not absolutely required, but to my knowledge and at this time, I have not broken anything.
This workflow (and the documentation) is a bit broken up because you must adjust both your Google Cloud Platform (GCP) credentials and the Firebase authentication. Documentation was provided by each side of this workflow but I was not able to find a document that covered the entire workflow to make this substitution.
GCP Console Setup
I first adjusted my GCP credentials for the OAuth Client:
Go to the GCP console > APIs & Services > Credentials page (https://console.cloud.google.com/apis/credentials?project=_ and select your project)
At the bottom of the page, find "OAuth 2.0 client IDs". There should be an entry titled "Web client (auto created by Google Service)"
To the right side of page click on the edit icon (pen), which opens the configuration page.
Under "Authorized JavaScript origins", you should see your yourFirebaseApp.firebaseapp.com domain. Click "+ Add URI" and add your custom URI. This should be an "https" domain, so use https://myApp.com
Under "Authorized redirect URIs", you should see https://yourFirebaseApp.firebaseapp.com/__/auth/handler. (The __/auth/handler bit on the tail is the auth callback that Firebase provides). Click "+ Add URI" and add your domain, with __/auth/handler at the end. (For example: https://myApp.com/__/auth/handler)
Click Save
Go to the OAuth Consent Screen (https://console.cloud.google.com/apis/credentials/consent/edit?project=_). Add your custom domain to "Application Homepage link", and fill in the "Application Name" and "Logo", and "Application Privacy Policy link" with custom values for your app.
Firebase Console Setup
Then, you'll need to add your custom domain to the Firebase auth authorized domain list:
Go to the Firebase Console > Authentication > Sign-in Methods page (https://console.firebase.google.com/project/_/authentication/providers and select your project)
Under "Authorized Domains" you should see localhost and the default yourFirebaseApp.firebaseapp.com domain. Click the "Add Domain" and enter your custom domain name, then click add.
Web App Setup
You will likely remember the block of code that you copied from your firebase project and pasted into the code from which you compile and deploy your Web App. (Some people use the hosting default init.js script - if you do, go back and setup your app using the config snippet instead)
Find the "authDomain" field in the code snippet, and change it to your custom domain, then re-deploy.
This procedure worked for me and my project, I have posted this in the hopes that these instructions may be refined via feedback from others performing this or similar operations.
I asked firebase support and got the following reply. Items in italics are my additions. This is more or less the same as Done's answer but with a custom domain. You do not need to host your app on Firebase.
--
Hi Jayen,
Thank you for reaching out. I'll be happy to assist you.
In order to update firebase-project-id.firebaseapp.com in the OAuth consent screen, you need a custom domain with Firebase Hosting (Firebase Console > Hosting > Connect Domain). This is because https://firebase-project-id.firebaseapp.com/__/auth/handler is hosted by Firebase Hosting. You need to point your custom domain to firebase-project-id.firebaseapp.com.
When connecting the custom domain, if you are not hosting your app on firebase, use a new subdomain (e.g. app.yourdomain.com) and do not redirect it. Firebase will prompt you to add a DNS entry and take of the SSL certificate automatically.
After connecting your custom domain to your Firebase project, you should also follow the steps below:
Go to the Firebase Console > Select Project > Authentication > Sign-in method > Facebook > Copy the URL under 'To complete setup, add this OAuth redirect URI to your Facebook app configuration.'
It will look something like https://firebase-project-id.firebaseapp.com/__/auth/handler
Replace the project ID with your custom domain. It will look something like: https://yourdomain.com/__/auth/handler
Go to the GCP Console > Select project > API Manager > Credentials > Add the link in #2 to the 'Authorized redirect URIs'
Then ensure to use yourdomain.com as the authDomain in your app's configuration instead of firebase-project-id.firebaseapp.com
firebase.initializeApp({
apiKey: ....,
authDomain: 'yourdomain.com',
...
});
Let me know if you have any other questions regarding this.
Regards,
Aye
--
In my case, yourdomain.com is where I host my site, so I used app.yourdomain.com where I needed it.
Firebase Hosting URL
handler url: https://app.yourdomain.com/__/auth/handler
GCP Credentials
Choose the right one under OAuth 2.0 client IDs . The client ID will match the one you have configured Firebase with in your code.
authDomain: "app.yourdomain.com"
long time user. Went to create a new app with the new console. Working on localhost. Added localhost to Authorized domains which I have done a hundred time. Not allowing access. Asking me to add domain. You having launch issues?
When I migrated, Google created a new OAuth client ID for me with a new secret key etc. The new client ID had 3 authorized javascript origins:
http://localhost
http://localhost:5000
<my project's URL>
I had to manually update my Firebase project with the new client ID/secret. To do this, I logged into my project in the new Firebase console, clicked 'Auth' in the lefthand menu, selected the 'Sign In Method' tab, then Google, then Web SDK Configuration.
After that, it worked.