Error when authenticating with Firebase OauthToken method - javascript

I am trying to authenticate a user in my ionic app using the authWithOAuthToken() method in Firebase. I am getting this error -> {"code":"INVALID_CREDENTIALS","details":"{\"providerErrorInfo\":{}}"} with my firebase ref, when I try with another firebase ref, it works.
In Firebase Error Listing, INVALID CREDENTIALS means
The specified authentication credentials are invalid. This may occur when credentials are malformed or expired.
But I am not passing any credential to the method
var Ref = new Firebase('https://<firebase-ref>.firebaseio.com');
Ref.authWithOAuthToken('facebook', '<facebook token>', function(error, authData) {
if (error) {
console.log('Login Failed!', JSON.stringify(error));
} else {
console.log('Authenticated successfully with payload:', authData);
}
});
Anybody encountered this before?

Go to Facebook Tab inside Login & Auth in firebase project, Copy and paste Credentials from your facebook developer app and try running your app, if you have already entered your details, make sure they are correct , if it still doesn't work check by creating a new facebook developer app and again enter the details in firebase

Related

Cannot access Firebase Storage with or without authentication (web)

I want to use Firebase Storage (web version 9.6.0) but the access to Firebase Storage is being denied with the following error:
unhandledRejection: FirebaseError: Firebase Storage: User is not authenticated, please authenticate using Firebase Authentication and try again. (storage/unauthenticated)
You would want to say to me that I just need the user to be authenticated, but two problems:
the user is already authenticated (getAuth().currentUser returns something)
the rules in Firebase Storage don't say that a user needs to be authenticated:
rules_version = '2';
service firebase.storage {
match /b/{bucket}/o {
match /{allPaths=**} {
allow read: if true;
allow write: if request.auth != null;
}
}
}
The problem is caused when I try this:
// initializeApp(config) etc.
const storage = getStorage() // enabled in Firebase console
const a_correct_path = "something..."
const reference = ref(storage, a_correct_path) // this is working (I get the right reference)
const url = getDownloadURL(reference) // this throws the error
NOTE: Because I have already had problems with it, please not that I'm using App Check which I have enforced for the Storage feature.
Why did I do wrong?
Firstly,
The
const a_correct_path = ""
Can't be empty and should have the correct path if it's in a folder.
But if that doesn't help... Reset your storage rules to the first one.
If that doesn't work, check the line where you imported things from firebase
On the Firebase Console, go to Authentication. Check that the user that you are logged in with appears there. If the user is not there then that means you are not authenticating users with Firebase Authentication, and maybe you're just adding users to your Firestore. That is why the error is placing emphasis on Firebase Authentication.
User is not authenticated, please authenticate using Firebase Authentication and try again.

How to create a Google oauth2 token from a Firebase user?

I am trying to get a valid Google oauth2 token for a user that has logged in through Firebase. I need a Google token so I can authenticate this user through other Google services (not just Firebase).
I am currently using the firebase-admin for this on a server and passing that user's Firebase token to nodejs. I'm doing something like this:
admin.auth().verifyIdToken(tokenId)
.then((decoded) => {
const uid = decoded.uid;
console.log(tokenId);
admin.auth().createCustomToken(uid).then((t) => {
console.log(t);
})
}
However neither the token I'm passing to the admin or the custom token seems to work for other Google services. I'm able to create a custom token, just not sure if or how I can use that to get a google oauth token for that user.

Firebase authentication error: auth/invalid-credential

I've been experimenting with the authentication service provided by firebase for more than 2 weeks. Everything was perfectly working until yesterday it became impossible for me to use the facebook auth provider neither twitter to make users connect to my web app.
I've tried to sign out and sign in, I deleted my facebook and twitter apps and created others even with other accounts and the problem persists.
The same problem occurred when I tried to use the code they provide on their github which was working before.
The strange thing is that it's working fine when I use the google provider or the sign in with email and password method.
PS: I made sure the providers are enabled in the console.
const signInWithFacebookButton = document.getElementById('signInWithFacebook');
const auth = firebase.auth();
const signInWithFacebook = () => {
const facebookProvider = new firebase.auth.FacebookAuthProvider();
auth.signInWithPopup(facebookProvider)
.then(() => {
console.log('Successfully signed in');
})
.catch(error => {
console.error(error);
})
}
signInWithFacebookButton.addEventListener('click', signInWithFacebook);
Error message when I try to authenticate using facebook :
{code: "auth/invalid-credential", message: "The supplied auth credential is malformed or has expired."}
Error message when I try to authenticate using twitter:
{code: "auth/invalid-credential", message: "Error getting request token: 403 <?xml version="1.…ode-project-fd88e.firebaseapp.com/__/auth/handler"}
For Twitter login, the error code 403 indicates that access to the URL by the client is Forbidden. It gives such an error because you have to whitelist callback URLs(your site).
From documentation,
As part of our continued effort to ensure safety and security on the Twitter developer platform, any developer using Sign in with Twitter must explicitly declare their callback URLs in a whitelist in the Twitter apps settings which can be accessed in the apps dashboard when logged into your Twitter account on developer.twitter.com. This means that if the callback_url parameter used with the oauth/request_token endpoint isn't whitelisted, you will receive an error.
So in Twitter app settings, you have to add your URL say for example,
https://sitename.example.com/auth/twitter and https://sitename.example.com/auth/twitter/callback
You want to use https://yourdomain.com?source=twitter as your callback URL
Add this to the Twitter app dashboard: https://yourdomain.com
Use this in your call to oauth/request_token: https://yourdomain.com?source=twitter.
Refer this community article for more detail:-
Twitter callback URLs
This is worth as an answer: Always click to show your Facebook app secret before copying and pasting it into Firebase setting console. It is counter-intuitive, but Facebook did not implement the clipboard correctly so the hidden asterisk characters will just be copied and pasted verbatim.

Firebase Authentication - Linking other auth providers

I am working with firebase authentication in web and ran into a problem. I signed in a user using google and now i also want the user to create a password so that he can login with email and password.
So basically i want to link both of them.
I tried firebase.auth.createUserWithEmailAndPassword(userEmail, newpassword) but it throws an error "email-already-in-use" which is correct because i signed in with google first.
Is there any way i can link these?
Here is an example how to link an email/password credential to an existing user (note you can also just user updatePassword)
// Email/Password credential. Similar logic can be used for linking
// other credentials.
var cred = firebase.auth.EmailAuthProvider.credential(
firebase.auth().currentUser.email, 'password');
firebase.auth().currentUser.linkWithCredential(cred)
.then(function() {
// Credential successfully linked.
})
.catch(function(error) {
// Some error occurred.
});
Check the docs: Link Multiple Auth Providers to an Account Using JavaScript

Soundcloud Login with NodeJS and Liking Sounds Issue - 401 Unauthorized

I've been working on this for the past day and can't seem to figure it out. I am using this Passport-Soundcloud to implement a soundcloud authentication. However what I don't understand is how I can get, and pass an authentication token to a front-end button push to like a sound.
My front-end code looks like:
function allowLike(){
$('.queueTrack').off('click').on('click', function(user){
console.log('clicked');
SC.put('/me/favorites/' + 21928809);
consol.log('sound liked')
});
};
Whenever I try to login through my app using the /login route, it works as expected and redirects me to my homepage. The problem is that I don't know how to get the oauth token from the passport-soundcloud so I can implement it into the front-end click event.
My routes followed the passport-soundcloud instructions and seem to work, but I can't figure out how to get the oauth token...
Any ideas? I'm totally lost on this.
So, I'm not familiar with the specific details of the soundcloud api. But if it follows the basic patterns of popular oauth apis. Then you'll want to do something like this.
User arrives at your site without a cookie
they authorize your app using oauth
when the user is redirected back to your app, SoundCloud will give you an access key for this user. Store this value, in a database or a cache or in memory. But most importantly, you must create a cookie on that users browser. So that when they return you can lookup the access key again.
When the user clicks like, lookup the accesskey on the backend and hit SoundCloud api with that token.
In the initial oauth flow....
function(accessToken, refreshToken, profile, done) {
User.findOrCreate({
soundcloudId: profile.id,
token: accessToken // <--- store the token!
}, function (err, user) {
return done(err, user);
});
}
then when they click like
app.put('/me/favorites/12345' function(req, res) {
var id = req.user.id; // <--- passport and connect session saved the user id for you
// lookup the token in your database
// use the token to hit the soundcloud api
})
I hope this make some kind of sense. This is completely untested pseudo code.

Categories