I have developed an app that should allow users to login with their Google account using Firebase authentication. However, after I run the app and try to log in, the account is taken and I see that it is present in the Firebase authentication, but the app does not navigate to the home page. What is wrong with my code?
Background:
I have followed the steps provided in the Firebase documentation for integrating Google sign-in with Firebase authentication. I have also tried to troubleshoot the issue by checking for syntax errors and debugging the code, but it still does not work.
Please provide the code or relevant portions of the code that you have written for the authentication process to better understand the issue and provide a solution.
Related
I just implemented Google OAuth social sign in to my firebase project today, and it works.
I have tested it with a new google account (with an email address that wasn't used yet in my firebase project), this worked.
I have tested it signing in with my usual google account, which uses the same email address as one of the accounts in my firebase project (with email&password login). In Firebase console I could see the Google logo got added next to the email icon on my user, this is exactly what I expected.
Now my problem is, I don't know how to add email & password login to an existing account, that was created with a third party provider.
To test this I have first created an account on my firebase project using google.
I have tried to sign in by using the same email address associated to that google account, which obviously wouldn't work as there is no password set.
I have tried to sign up (register) by using the email address, which would throw a FirebaseAuthException with the error code email-already-in-use.
And I have recognized a flaw in this logic^^: Let's say Bob creates an account on my firebase app with Google. Then just about anybody could use his email address and a new password to register, and therefore login to his account. A correct solution is to only allow the user to add a password while signed in or by requiring authentication.
I couldn't find any relevant method on FirebaseAuth.instance that could be the answer to my question.
I have noticed that many apps with social logins provide the Apple login ONLY for their iOS app.
If I do the same, the worst case scenario I can think of which is caused by this problem is:
Someone with an iPhone downloads my app and creates an account with Apple login.
Then that person switches to Android. Now that person can't use Apple login, and also can't log in to my app with their email address.
So for now, I have to include Apple login for my Android app too, and I don't see a reason why I should not do that. But I still want to find a solution to my question, as that could be an annoyance to users of my app.
See this video from the official Firebase YouTube account.
I want to clarify, my questions is different from this, so don't redirect me to it.
I have just found the answer to my question and implemented the funcitonality in my own project.
This webpage from the official firebase docs explains exactly how to do that.
I just created a new Ionic app and using Auth0 for user login and registrations. I have .net core backend.
I am following the Ionic quick start guide https://auth0.com/docs/quickstart/native/ionic4/01-login and everything is working ok. I use new Universal login.
The issue I have is users get logged out after the access_token has expired. I previously used Silent Authentication and refresh tokens in two different apps, however I am unable to find a sample code like quick start guide for either. I have an angular website too. Hence my users can either use mobile app or Angular website to login. I would appreciate any help to keep my users loggedin, in both website and ionic mobile app please.
Many thanks
Last I checked, Auth0 doesn't have many samples for acquiring refresh tokens from application frontends, which is typically what I would consider ionic/angular to be used for. Obviously, you could be building a "native" style application with either of those, but frontend auth is sometimes a little messy and insecure because the client has your code and you usually need to implement some kind of middleware.
It looks like the ionic quickstart uses auth0-js which defaults to an implicit flow, which would confirm my hunch above.
I personally pass the refresh token logic off to my backend, and let the backend function as my "middleware". You can find some basic code samples for backends/native apps here. I use the code-grant flow typically, but you could use PKCS.
The long and short is, I don't think you're going to find sample code on that, but you could hack something together with something like axios if you wanted to go the middleware route, or you could go backend with your auth.
I'm getting a 'This app isn't verified' error when I use the Flutter google_sign_in plug in. I want to get authorisation to Google Drive so added it to the google sign-in scope:
scopes: ['email', 'https://www.googleapis.com/auth/drive'],
And it is the request for the drive scope that is causing the error screen to come up ( I tested it with just email and works fine).
If I look at the docs it seems that Google are saying I have to verify the app, however this is a test app to see if I can get the functionality that a client has requested working with Google Drive and won't ever be promoted.
Does anyone know how I can remove this error message for test purposes only?
Many thanks
Here's the actual screen with the error:
The above warning shows when the app isn't verified. Google consents user that the app is not verifed yet and you are sharing sensitive data to it.
We can proceed and complete our flow by clicking the Advanced at bottom left. Once app is verfied this warning will be removed automatically.
Anyone can follow instruction listed on here
https://support.google.com/cloud/answer/7454865?hl=en
I'm trying to make a chatbot with Dialogflow for Google Home. It requires the user to input a URL. Now it will definitely be a long and complicated URL which I can't recreate and I can't have the user speak into the google home.
The idea I had was that the user would input the URL on an agent on messenger. I store this on a Firebase database and then access it with a second agent.
Now the issue I have is authentication, I was hoping to use account linking on my google action with facebook. But I can't login to Facebook with google home. Or if I can, I can't find any documentation specific to that case. Facebook doesn't provide the necessary client ID and secret(as far as I can see).
I managed amazon and Gmail account linking with Alexa and an Amazon Echo. In those cases, you would have to login to google or amazon on the Alexa app or webpage. Then this will be integrated with your Echo and the skill will become usable.
Anyone have an idea of how I can make the link happen, if not then anyone have an idea as to how I can solve the overall problem?
This question has been left unanswered on other forums, but I was hoping to either get it solved or find an alternative.
There are three approaches to solving your overall problem - getting the URL manually entered and available to your Action. Two of them tackle it the way you've suggested - involving authenticating to Facebook and tying that to the Assistant account somehow. One solves it entirely inside the Assistant.
Account linking to the Facebook account
You've tagged firebase-authentication, so I'm going to assume that you're using it to do the auth and you've enabled Facebook login through it. This means your user has a "Firebase Account", but they log into that account using Facebook.
I will assume you have a way to get the URL from messenger once they're logged in.
The trick in this case is to setup Account Linking between their Firebase account and their Assistant account. This is done by setting up an OAuth2 server that has access to the Firebase accounts and will create authorization and refresh tokens that are given to the Assistant.
In the Action, you'll send the user to the Sign In helper, which will redirect them to your login page and send back a one-time auth code to the Assistant. The assistant will then use your OAuth2 server to exchange this code for auth and refresh tokens. Periodically it will use the refresh token to get new auth tokens.
When the user returns to the conversation through the Assistant, you'll be handed an auth token and you can use this to lookup the user. Since you also know their Facebook account, you can get the URL via however you planned to do so.
There are drawbacks to this method - it is very complicated, and setting up your own OAuth2 server is not for the faint of heart. You may be able to use something like Auth0 instead of Firebase Authentication to accomplish the same thing, but then you don't have the ease of access to the Firebase database.
Account linking to both Facebook and Google
In your Firebase account, however, you don't need to limit them to just logging into Facebook. You can have them use Firebase to record both the Facebook and Google accounts that they're using. This would "link" the two accounts together in your system.
With this, you don't need to setup an OAuth2 server. Instead, you can have the Assistant use Google Sign In for authentication. If the Google Cloud Project that Firebase is using and the Assistant are using are the same project, then once the user has logged in to your project's web page with their Google account, you'll get an identity token on the Assistant which will contain their Google ID. You can use this to match up with their Firebase account and get the Facebook ID and proceed from there.
But this is still a lot of work and kinda messy, jumping between systems.
Using just the Google Assistant (and maybe a web page)
If you're willing to make some assumptions about the devices your users are using, then you may be able to do it all just using the Assistant. The Assistant doesn't just run on the Google Home and other smart speakers, it also works on most current Android and iOS devices.
So you can detect if they have such a device available and, if they do and they're not currently on it, direct them to switch to that device when you need the URL.
If they don't have such a device available (perhaps because their version of Android is older), and you think this may be a common scenario, you may need to make another entry source available. This could be one of the solutions above, or you may want to just have a simple web page (done via Firebase Hosting and Firebase Functions, perhaps) where they log in using their Google account (so you get their ID) and you let them enter the URL. If you just need a URL - going through Dialogflow may be more complexity than you need.
I am working on an iPhone application that uses Google app engine to host the backend. I need to authenticate with Google but I can't seem to find a way to do it from my app. It seems I am down to making a UIWebView to have a user sign in to the redirected login page I am getting from Google, but I would much rather have the user enter there credentials one time and then have it persist, unless the user signs out.
Is this possible? Should I be looking at other options or am I just not handling the redirect correctly?
Any suggestions or info would be appreciated.
Thanks
O-Auth is available on App Engine.
Just insert GTMOAuth in your projet and present the GTMOAuthViewControllerTouch. You'll be able to store the auth token in the user's keychain.
Then authorize your NSURLMutableRequests via [auth authorizeRequest:myNSURLMutableRequest]...
I think it might be easier than reusing and managing cookies.
This page has pretty complete information on how to access the built-in Signin flow that is included with the generated app-engine endpoint library:
https://developers.google.com/appengine/docs/python/endpoints/consume_ios