Firebase Error "Auth Emulator does not validate JWTs" - javascript

I am trying to test my auth function for firestore in the emulator suite. Is it normal to get this error when trying to authenticate a user via google?
This doc from Firebase seems to suggest that google auth should work in the emulator suite. https://firebase.google.com/docs/emulator-suite/connect_auth
This is an excerpt from the document:
Note that the emulator only supports signInWithCredential authentication for credentials retrieved from Google Sign-In, Apple, and other providers that use ID tokens implemented as JSON Web Tokens (JWTs). Access tokens (e.g. those provided by Facebook or Twitter, which are not JWTs) are not supported. The next section discusses an alternative in these cases.
However I am getting this error:
Received a signed JWT. Auth Emulator does not validate JWTs and IS NOT SECURE
Appreciate any help on this! This is the function which is authenticating the user:
exports.createStripeCustomer = functions.auth.user().onCreate(async (user) => {
const customer = await stripe.customers.create({ email: user.email });
const intent = await stripe.setupIntents.create({
customer: customer.id,
});
await admin.firestore().collection('stripe_customers').doc(user.uid).set({
customer_id: customer.id,
setup_secret: intent.client_secret,
});
return;
});
A customer has been created in the stripe console when running this code, but it has not created a customer in the firestore

Related

Firebase authentication error: auth/invalid-credential

I've been experimenting with the authentication service provided by firebase for more than 2 weeks. Everything was perfectly working until yesterday it became impossible for me to use the facebook auth provider neither twitter to make users connect to my web app.
I've tried to sign out and sign in, I deleted my facebook and twitter apps and created others even with other accounts and the problem persists.
The same problem occurred when I tried to use the code they provide on their github which was working before.
The strange thing is that it's working fine when I use the google provider or the sign in with email and password method.
PS: I made sure the providers are enabled in the console.
const signInWithFacebookButton = document.getElementById('signInWithFacebook');
const auth = firebase.auth();
const signInWithFacebook = () => {
const facebookProvider = new firebase.auth.FacebookAuthProvider();
auth.signInWithPopup(facebookProvider)
.then(() => {
console.log('Successfully signed in');
})
.catch(error => {
console.error(error);
})
}
signInWithFacebookButton.addEventListener('click', signInWithFacebook);
Error message when I try to authenticate using facebook :
{code: "auth/invalid-credential", message: "The supplied auth credential is malformed or has expired."}
Error message when I try to authenticate using twitter:
{code: "auth/invalid-credential", message: "Error getting request token: 403 <?xml version="1.…ode-project-fd88e.firebaseapp.com/__/auth/handler"}
For Twitter login, the error code 403 indicates that access to the URL by the client is Forbidden. It gives such an error because you have to whitelist callback URLs(your site).
From documentation,
As part of our continued effort to ensure safety and security on the Twitter developer platform, any developer using Sign in with Twitter must explicitly declare their callback URLs in a whitelist in the Twitter apps settings which can be accessed in the apps dashboard when logged into your Twitter account on developer.twitter.com. This means that if the callback_url parameter used with the oauth/request_token endpoint isn't whitelisted, you will receive an error.
So in Twitter app settings, you have to add your URL say for example,
https://sitename.example.com/auth/twitter and https://sitename.example.com/auth/twitter/callback
You want to use https://yourdomain.com?source=twitter as your callback URL
Add this to the Twitter app dashboard: https://yourdomain.com
Use this in your call to oauth/request_token: https://yourdomain.com?source=twitter.
Refer this community article for more detail:-
Twitter callback URLs
This is worth as an answer: Always click to show your Facebook app secret before copying and pasting it into Firebase setting console. It is counter-intuitive, but Facebook did not implement the clipboard correctly so the hidden asterisk characters will just be copied and pasted verbatim.

Firebase Authentication - Linking other auth providers

I am working with firebase authentication in web and ran into a problem. I signed in a user using google and now i also want the user to create a password so that he can login with email and password.
So basically i want to link both of them.
I tried firebase.auth.createUserWithEmailAndPassword(userEmail, newpassword) but it throws an error "email-already-in-use" which is correct because i signed in with google first.
Is there any way i can link these?
Here is an example how to link an email/password credential to an existing user (note you can also just user updatePassword)
// Email/Password credential. Similar logic can be used for linking
// other credentials.
var cred = firebase.auth.EmailAuthProvider.credential(
firebase.auth().currentUser.email, 'password');
firebase.auth().currentUser.linkWithCredential(cred)
.then(function() {
// Credential successfully linked.
})
.catch(function(error) {
// Some error occurred.
});
Check the docs: Link Multiple Auth Providers to an Account Using JavaScript

How to get provider access token in Firebase functions?

I'm planning to write Firebase function on Authentication user creation. My goal is to get the long live access token for the Facebook user page's.
To do that I need user access token in Firebase functions. Tried below..,
exports.saveLongLiveToken = functions.auth.user().onCreate(event => {
console.log(event.providerData)
})
I though providerData will have the information about the Facebook credentials, but not instead I got only undefined.
Note: In the event, I got below
{ data:
{ displayName: 'Rob',
email: 'xxx#xyz.com',
metadata:
{ createdAt: 2017-08-23T18:58:34.000Z,
lastSignedInAt: 2017-08-23T18:58:34.000Z },
photoURL: 'http...',
providerData: [ [Object] ],
uid: 'xfff...' },
eventId: 'xxx',
eventType: 'providers/firebase.auth/eventTypes/user.create',
notSupported: {},
resource: 'projects/fiobot-4fa94',
timestamp: '2017-08-23T18:58:34.571Z',
params: {} }
If you are signing in with Firebase Auth signInWithPopup/Redirect, you will only get the access token after sign-in. Firebase Auth does not store it for you (neither does it store the Facebook refresh token). You will need to save it in the Database where only the specified user can access it and the Admin SDK via Firebase Functions can allow you access it. If you think Firebase Auth should manage OAuth tokens for providers, please file a request via Firebase Support channels.
If this is essential for your app functionality, you can use the Facebook API to sign in the user and get a Facebook access token and sign in with firebase.auth().signInWithCredential(firebase.auth.FacebookAuthProvider.credential(fbAccessToken))
Facebook client API can manage the OAuth token for you. You can also use a backend OAuth node.js library to refresh Facebook tokens via the Firebase Functions whenever you need one. You would need to get the Facebook refresh token though.

Manage Other User Accounts via Firebase auth()

According to the Manage Users section in the Firebase docs, user profiles can be modified using the methods below
var user = firebase.auth().currentUser;
user.updateProfile({
displayName: "Jane Q. User",
photoURL: "https://example.com/jane-q-user/profile.jpg"
}).then(function() {
// Update successful.
}, function(error) {
// An error happened.
});
All of the examples in this guide seem tailored to only the currentUser that is signed in, but how can we modify other users programatically? Is there a getUser(uid) method that I'm not seeing?
It seems this can be done with the Firebase Admin Node.js SDK, but how can we do this from the Web?
The Web implementation of the Authentication API is intended to be used client-side only. To edit another user, you would have to authenticate/login as that user. Which would mean currentUser would be the user you require.
You should do this server-side using the Admin API. Which is a separate API.
Setup: https://firebase.google.com/docs/admin/setup/
Manage Users: https://firebase.google.com/docs/auth/admin/manage-users

Error when authenticating with Firebase OauthToken method

I am trying to authenticate a user in my ionic app using the authWithOAuthToken() method in Firebase. I am getting this error -> {"code":"INVALID_CREDENTIALS","details":"{\"providerErrorInfo\":{}}"} with my firebase ref, when I try with another firebase ref, it works.
In Firebase Error Listing, INVALID CREDENTIALS means
The specified authentication credentials are invalid. This may occur when credentials are malformed or expired.
But I am not passing any credential to the method
var Ref = new Firebase('https://<firebase-ref>.firebaseio.com');
Ref.authWithOAuthToken('facebook', '<facebook token>', function(error, authData) {
if (error) {
console.log('Login Failed!', JSON.stringify(error));
} else {
console.log('Authenticated successfully with payload:', authData);
}
});
Anybody encountered this before?
Go to Facebook Tab inside Login & Auth in firebase project, Copy and paste Credentials from your facebook developer app and try running your app, if you have already entered your details, make sure they are correct , if it still doesn't work check by creating a new facebook developer app and again enter the details in firebase

Categories