Nativescript-plugin-firebase: Can't re-authenticate with Google/Facebook on app hard-restart

+1

are we sure this issue is resolved? I just updated to the newest version and I am still getting this error.

i login with fb, close my app, reopen, run the init and get current user. then if its facebook (which it is) i reauth with type facebook, but i get Not currently logged in with Facebook

It would seem that firebase._facebookAccessToken is not saving, I dont have time to today, but I will try to look further into it tomorrow.

I found a temporary solution. I save the token to appsettings, then on reauth I pass this token to the reauth function which i edited slightly to accept the token. It works but it obv doesnt fix the issue at hand.

You mean it doesn't fix the issue because the plugin needs to be update with your suggestion?

I was unable to find why the token isnt saving, I havent had to time to fully investigate it

I'm not sure if this issue is fixed.
The plugin itself doesn't fix that issue. You can solve it by manually copy and store the authTokens in your app. Then before you reauthenticate, you have to set this tokens again to the firebase object.

It this the expected behavior or should that be fixed?

@EddyVerbruggen @witi83 How should this fix solve this problem. With your change, one of the main functionality of the anonymous account got killed. Why would I have an anonymous user if I can't convert him to an authenticated user.

This commit needs to be reverted. I have a fix for the issue with the reauth problem, described above. Please reopen that issue.

PS: I am talkin about this change: https://github.com/EddyVerbruggen/nativescript-plugin-firebase/commit/e12af1c79ec0418650423c1b664bd92a42a20b65#diff-3270a7dfec3e08578a808b9499f53003R1145

@RaphaelJenni You are right, this way you can't link anonymous accounts. What fix for the reauth problem are you talking about - is there a PR I missed?

@EddyVerbruggen There isn't a PR. I solved it by manually copy and store the authTokens from the firebase object in the app. Then before reauthenticate, I set this tokens again to the firebase object.

Currently, I store it in the secure storage. I'm not sure where the plugin would store this tokens, else I would have created a PR.

Sounds like a great enhancement actually.

Do you use a plugin for secure storage? If not: keychain on iOS, and what exactly on Android?

Yes I do, I'm using your plugin 😆

What do you suggest @EddyVerbruggen ?

I think it would be great to have reauthenticate "just work". For now I think it would suffice to add your approach to the readme. Can you perhaps share the code you have to grab and restore the tokens? It would be perfect to have it here.

This is my code in a condensed way. You can extract the code you want for the README.

const fbase = require('nativescript-plugin-firebase');

//********************************

private static setAuthenticationToken(googleSignInToken: string, facebookSignInToken: string){
        const authTokens: AuthTokens = {
            googleSignInIdToken: googleSignInToken,
            facebookSignInToken: facebookSignInToken
        };

    this.secureStorage.set({
                key: UserService.SECURE_STORAGE_AUTH_TOKEN_KEY,
                value: JSON.stringify(authTokens)
            })
        );
}

private static getAuthenticationToken() {
        return JSON.parse(this.secureStorage.get({
                key: UserService.SECURE_STORAGE_AUTH_TOKEN_KEY
          }));
}

private static clearAuthenticationToken$() {
    this.secureStorage.remove({key: UserService.SECURE_STORAGE_AUTH_TOKEN_KEY});
}

//********************************

this.firebase.login({type: loginType})
   .then(() => UserService.setAuthenticationToken(fbase._googleSignInIdToken, fbase._facebookAccessToken))


//********************************


const reAuthenticationOptions = getAuthenticationToken();

fbase._googleSignInIdToken = authTokens.googleSignInIdToken;
fbase._facebookSignInToken = authTokens.facebookSignInToken;

this.firebase.reauthenticate(/*REAUTHENTICATION OPTIONS*/)

Thanks!

No problem. And please revert this commit as soon as possible. It's project critical.

Hey guys.

I'm not quite sure, if I understand this problem correctly. How could my change (#445) break reauthenticate in the first place? Correct me if I'm wrong, but the documentation states that reauthentication should only be used, if the user _was_ already signed in. But in your case @RaphaelJenni the user is not, he is anonymous.

Why would I have an anonymous user if I can't convert him to an authenticated user.
Maybe we're doing something conceptually different than you, but this works in our case without any problems.

That being said, we don't use reauthenticate to "convert" a user to an authenticated one. We just call login providing the proper LoginOptions.

@witi83

the documentation states that reauthentication should only be used, if the user was already signed in. But in your case @RaphaelJenni the user is not, he is anonymous.

No, the user is signed in, as an anonymous user. This user isn't just local, you can see him in the firebase console.

That being said, we don't use reauthenticate to "convert" a user to an authenticated one. We just call login providing the proper LoginOptions.

If you do that, the user gets a new uid and you would have to copy the data over to the new user. Definitely not the correct way.

It's described in the docs: https://firebase.google.com/docs/auth/web/anonymous-auth#convert-an-anonymous-account-to-a-permanent-account

No, the user is signed in, as an anonymous user. This user isn't just local, you can see him in the firebase console.

What happens in your case if you just call login instead of reauthenticate? Do you really see two accounts after it? AFAIK @EddyVerbruggen avoided this in the implementation of login where he takes care of the whole linking stuff.

So no, we don't copy any data from one user to another.

Yes, you see two users. And yes he did, but with your change it doesn't link the account anymore, it just does a login. (it checks if the user is already assigned to the same provider, except for anonymous user (your change))

After reviewing the code base (specifically login) and the firebase documentation, it seems to me that you are correct: Anonymous users have to be linked as well!

However, I'm still curious about two things: First, why this change fixes the ominous FirebaseAuthUserCollisionException, which occured to a couple of people. Obviously, the real reason lies somewhere else.
And second, why didn't we observe the creation of two users as well. This is something I have to investigate.

In the meantime @EddyVerbruggen , feel free to revert it.

Thanks for @RaphaelJenni reporting!