I am developing google sign in feature in flutter and i'm able to extract id token from auth header but when i try to hit google api token info endpoint with the id token it's giving invalid id token as response but the accessToken is still working which is comming from the same header. Can anyone please help me solve this issue?
This is the code i'm using for extracting id token
try {
_googleSignIn.signIn().then((result) {
print(result);
result!.authentication.then((googleKey) {
// print(googleKey.accessToken);
print(googleKey.idToken);
// print(_googleSignIn.currentUser!.displayName);
}).catchError((err) {
print('inner error');
});
}).catchError((err) {
print('error occured');
});
} catch (e) {
print(e);
}
Related
I have a flutter app where users are required to pay to see some content the payment is done with pay pal and after the payment is done from the browser/web view then a request is sent to the backend and the backend will send the token to the webpage so I want to access that token in the app to check if the payment was successful to open the payment page I use
_launchURLApp() async {
if (await canLaunchUrl(Uri.parse(url))) {
await launchUrl(Uri.parse(url));
} else {
throw 'Could not launch $url';
}
}
onTap: () {
ApiClient.payWithPayPal().then((response) => {
setState(() {
url = response;
}),
_launchURLApp()
});
}
I have a website where when user logsIn, they are assigned an access and a refresh token. When the access token is expried, a request to the server is made and checks if the refresh token is present in the global array in the database. If it is, a new access token is assigned to the user.
But I wanted to ask if should also check for the user by the information given by the refresh token when it is decoded. Or it is not necessary.
Please suggest me good practice and also tell me if something is wrong with my process.
routes.post("/newAccessToken", async (req, res) => {
const token = req.headers.cookie?.split("=")[1];
try {
const existingToken = await refreshTokens.findOne({
tokens: { $in: [token] },
});
if (existingToken) {
const email = await jwt.verify(token, process.env.RefreshTokenSecret);
if (email) {
const user = await userSchema.findOne({ email });
if (user) {
const newAccessToken = await jwt.sign(
{ email },
process.env.AccessTokenSecret
);
res.json({ newAccessToken });
}
} else res.json({ message: "token is invalid" });
} else res.json({ message: "No token found" });
} catch (error) {
console.log(error);
}
});
I am using phone authentification with OTP codes with flutter.
My code:
checkPin(String pin) async {
setState(() {
checkingPin = true;
});
UserCredential? response;
try {
PhoneAuthCredential? credential = PhoneAuthProvider.credential(
verificationId: verificationCode, smsCode: pin);
response = await FirebaseAuth.instance.signInWithCredential(credential);
} on FirebaseAuthException catch (err) {
print(err);
} on FirebaseException catch (err) {
print(err);
} on PlatformException catch (err) {
print(err);
} catch (err) {
print(err);
}
When purposely entering te wrong code, it throws a PlatformError. Despite me catching multiple errors (including PlatformError) in the ty catch block.
The error reads:
PlatformException (PlatformException(invalid-verification-code, The SMS verification code used to create the phone auth credential is invalid. Please resend the verification code SMS and be sure to use the verification code provided by the user., {code: invalid-verification-code, message: The SMS verification code used to create the phone auth credential is invalid. Please resend the verification code SMS and be sure to use the verification code provided by the user., nativeErrorMessage: The SMS verification code used to create the phone auth credential is invalid. Please resend the verification code SMS and be sure to use the verification code provided by the user., nativeErrorCode: 17044, additionalData: {}}, null))
I do not understand why it crashes the app rather than catching the error, when i explicity try to catch PlatformExceptions. My firebase_auth package version is :^3.3.5.
I have a use case where a user, on Flutter Web, needs to link an Apple auth with their existing account, and the email may not match.
However, the only available method for Flutter Web Apple Authentication is signInWithPopUp. If the user's apple email is different from the User firebase account email, a new firebase account is created, and a user is returned, short circuiting the process of linking, this creates a new account in firebase, and I'm unable to linkWithCredential.
My method to try to link accounts is as follows:
Future<String> linkWithAppleWeb() async {
try {
final User user = _auth.currentUser!;
final provider = OAuthProvider("apple.com")
..addScope('email')
..addScope('name');
await _auth.signInWithPopup(provider).then((appleCredential) async {
final authCredential = appleCredential.credential;
await user.linkWithCredential(authCredential!).then((result) {
DatabaseService().updateUserSocialAuth(user.uid, 'apple');
return 'Success';
}).catchError((e) {
return 'Error: $e';
});
});
} catch (e) {
return 'Error: $e';
}
return 'Success';
}
As you would expect, my project starts with Streaming a User Object, and when the pop up signs in, it returns the new user, which rebuilds the entire project. Is there a way to authenticate an apple user without returning a new user? I can link a google or phone authorization method fine. It's apple that is problematic. I don't fully understand why Google doesn't break in the same way, other than Firebase put in the work to ensure the functionality of linking for GoogleSignIn().signIn() I'm not using other social auth methods, and I don't use password/email.
This method is not documented in the Flutter Fire Docs, but works perfectly:
Future<String> linkWithAppleWeb() async {
try {
final User user = _auth.currentUser!;
final provider = OAuthProvider("apple.com")
..addScope('email')
..addScope('name');
await user.linkWithPopup(provider).then((result) {
DatabaseService().updateUserSocialAuth(user.uid, 'apple');
return 'Success';
}).catchError((e) {
return 'Error: $e';
});
} catch (e) {
debugPrint('auth linkWithGoogle error: ${e.toString()}');
return 'Error: $e';
}
return 'Success';
}
Im using the Facebook Account Kit to login with phone and email in my project, the response from this login is a token, but I need to save the phone number and email in my DB, how can I getting the user email-phone used to login?
componentDidMount() {
RNAccountKit.configure({
responseType: 'code',
initialPhoneCountryPrefix: '+55',
defaultCountry: 'BR',
});
}
emailVerify = async () => {
try {
const token = await RNAccountKit.loginWithEmail();
if (token) {
this.setState({ verification: true });
}
} catch (err) {
this.setState({ error: "Email não verificado." });
}
}
You Can get account info after user logged in successfully
// Retrieves the logged user account info, if any user is logged
RNAccountKit.getCurrentAccount()
.then((account) => {
console.log(`Current account: ${account}`)
})