Firebase-ios-sdk: Firebase unlink account Identifier issue

Created on 21 Sep 2017 · 13Comments · Source: firebase/firebase-ios-sdk

Environment

Xcode version: _8.3.3_
Firebase SDK version: _4.0.4___
Library version: __4.0.0___
Firebase Product: _____ auth

Problem

I am linking different social media accounts using

user.link(with: credential, completion: { (user, error) in }
and it works successfully and the identifier in my backend authentication section changes to the newly set account email. That is fine, but whenever I unlink the account using

user.unlink(fromProvider: provider) { (user, error) in }
The email is not changed back to the other linked account.

Steps to reproduce:

What happened? How can we make the problem occur?
This could be a description, log/console output, etc.

[email protected] (Facebook account) -- identifier = "[email protected]"
Now I linked [email protected] (Gmail account) -- identifier = "[email protected]"
But when I unlink the gmail account the identifier should be now be "[email protected]"
Here is the issue the identifier doesn't change back to facebook account "[email protected]" as it should. It remains "[email protected]" even though gmail is unlinked.
On android every thing works perfectly and identifier is changed back. The issue is only in iOS.

Relevant Code:

user.link(with: credential, completion: { (user, error) in }
user.unlink(fromProvider: provider) { (user, error) in }

auth

Source

moazkh60

👍1

Most helpful comment

The top level email or identifier is set when the account is first created (single account per email setting). Adding additional providers or unlinking them will not affect that identifier. This is the behavior on all platforms. Clients do not enforce this behavior. It is done on the Firebase Auth backend. The Auth backend doesn't maintain a stack for this. If you need to update the top level email, an API is provided for that: updateEmail. You can call it at any time.

bojeil-google on 28 Sep 2017

👍2

All 13 comments

@moazkh60 What does 'identifier' mean in your post? Every Firebase user has a unique immutable identifier string that looks like a number, accessed as the uid property of the User class. This identifier is not an email address. If the Firebase user account is created with email/password or an IdP that provides email information, the email property of User is also populated with the email. But the email property is not changed when you link a new provider to the Firebase user, nor it is changed when you unlink that new provider later. So in your step 2 the user's email should still be "[email protected]".

I suspect what you app was accessing user.providerData[0].email instead of user.email. The providerData array is not necessarily sorted in any particular order, which would explain the different behavior between Android and iOS.

XiangtianDai on 27 Sep 2017

Thank you for your response XiangtianDai, please look at the attached screenshot of my firebase backend auth section. I have highlighted the identifier
firebase-backend

When I link the new provider, the email property isn't changed as you said but I believe that it should like in Android if I link a new provider the email property is changed and when I unlink the provider the email property is changed to the currently present provider but this behavior isn't present in iOS. It should be like a stack "Last in first out" and that is exactly what happens in android but not in iOS.

Consider this scenario if I first link with a google account and add hotmail account afterwards then I unlink google account now my email should be that of hotmail account as I have unlinked the google account. But right now it remains that of google account which is already unlinked and that is not what the required behavior should be. Even if you argue that it is the required behavior then if you go and sign up again using the previously unlinked google account then the firebase will give an error that the user with this email address already exists that happens because the email isn't changed when account was unlinked.

*Note: email = identifier

moazkh60 on 28 Sep 2017

bojeil-google on 28 Sep 2017

👍2

I am also currently using the update email function. Please update the firebase documentation for this then. In android the issue is still there, email is updated automatically even without calling updateEmail function and when user.getEmail() function is called it returns null although an email is present at the backend in auth identifier. Please look into that.

moazkh60 on 28 Sep 2017

We'll investigate this issue on Android. In the meantime, can you check calling user.reload() in Android after unlinking re-aligns it with the iOS behavior. Reload would repopulate the user object with the Auth backend data. If that is the case, then it could be some incorrect client side logic.

bojeil-google on 28 Sep 2017

We are already doing user.reload() and it's still giving empty result. There is no issue on our end. We have replicated the issue on a sample app and uploaded the repository on GitHub. Please take some time to go through the link
https://github.com/umarhussain15/FirebaseAuthProviderLinking

This app replicates the issue on Android. Please check the app and kindly resolve the issue in Android API as we are certain it's not an issue on our end.

moazkh60 on 28 Sep 2017

Hey @moazkh60, we have investigated this and it has been identified as a bug in our Android SDK (specifically unlinking an 'password' provider). We will work on a fix so that it is aligned with the iOS and Web SDK behavior.
Thank you for reporting this.

bojeil-google on 28 Sep 2017

👍1

I am glad the bug is finally identified. Can you please let me when can I expect the updated android sdk version?

moazkh60 on 29 Sep 2017

We don't have any timeline at the moment. We will keep you posted.
For now, to get you going, you can use the following logic on unlinking a password provider:
Before unlinking a password provider, call getEmail(), save email locally, unlink('password'), updateEmail(savedEmail).
You will reach the same end result.

Hopefully this helps.

bojeil-google on 29 Sep 2017

Tracked internally at b/67083779