Quickstart-unity: Sign in with Apple authentication flow issues.

Thank you for your question @fmorenogg. According to the docs, you can use a third-party plugin such as Unity's Sign In With Apple Asset Storage Package for nonce and token generation.

Hi paulion, the issue is not about how to get the token (witch I already have using this implementation)
It's about how the refresh token works in the Unity SDK of Firebase.
Thanks.

Hi @fmorenogg,

we're looking at how we can plumb the refresh token information from the iOS SDK to the Unity SDK. I hope to have an update soon.

Hi @fmorenogg,

we're looking at how we can plumb the refresh token information from the iOS SDK to the Unity SDK. I hope to have an update soon.

Great!

With the current implementation of Unity SDK we can't enable Sign in with Apple to our users. Looking forward to the new update.

Thanks.

any update on this?

Hi DellaBitta,

Apple is no longer accepting new apps that doesn't provide Sign In With Apple when they use authenticate or set up user accounts as stated here https://developer.apple.com/app-store/review/guidelines/#sign-in-with-apple

Furthermore updated apps that require Sign In With Apple and don't have this feature will be accepted until June 30, 2020.

Hi @fmorenogg,

we're looking at how we can plumb the refresh token information from the iOS SDK to the Unity SDK. I hope to have an update soon.

There is any update on this? Do you think that this will be ready before June 30 deadline?

Thanks.

Hi all,

I posted in Issue #576 that version 6.14.1 went out yesterday which includes a change in the flows for retreiving an updated credential in failed linked attempts with Apple. This should facilaite the functionality pointed to by firebase/firebase-ios-sdk#4434 (comment) mentioned above.

Please let me know if this solves our issue. Thanks!

Hi @DellaBitta,

Thanks for the update, appreciate it. We have been working with the updated version and unfortunately this doesn't solve our issue.
My understanding is that the new release now exposes the updated credential in a linking flow, (this is a great feature and we will use it when we have several providers) but we need this updated credential in a login flow.

Right now in 6.14.1 we can do this as you stated in Issue 576

auth.CurrentUser.LinkAndRetrieveDataWithCredentialAsync(Firebase.Auth.OAuthProvider.GetCredential("apple.com", idToken, rawNonce, null)).ContinueWithOnMainThread( task => {
   if (task.IsCompleted) {
      // Link Success
   } else {
      if (task.Exception != null) {
         foreach (Exception exception in task.Exception.Flatten().InnerExceptions) {
            Firebase.Auth.FirebaseAccountLinkException firebaseEx = 
               exception as Firebase.Auth.FirebaseAccountLinkException;          
            if (firebaseEx != null && firebaseEx.UserInfo.UpdatedCredential.IsValid()) {
               // Attempt to sign in with the updated credential.
               auth.SignInWithCredentialAsync(firebaseEx.UserInfo.UpdatedCredential).ContinueWithOnMainThread(HandleSignInWithUser);
            } else {
               DebugLog("Link with Apple failed:" + firebaseEx );     
            }
         } // end for loop
      } 
   }
});

What would solve our issue is something like this:

auth.SignInWithCredentialAsync(Firebase.Auth.OAuthProvider.GetCredential("apple.com", idToken, rawNonce, null)).ContinueWithOnMainThread( task => {
   if (task.IsCompleted) {
      // Link Success
   } else {
      if (task.Exception != null) {
         foreach (Exception exception in task.Exception.Flatten().InnerExceptions) {
            Firebase.Auth.FirebaseAccountLinkException firebaseEx = 
               exception as Firebase.Auth.FirebaseAccountLinkException;          
            if (firebaseEx != null && firebaseEx.UserInfo.UpdatedCredential.IsValid()) {
               // Attempt to sign in with the updated credential.
               auth.SignInWithCredentialAsync(firebaseEx.UserInfo.UpdatedCredential).ContinueWithOnMainThread(HandleSignInWithUser);
            } else {
               DebugLog("Link with Apple failed:" + firebaseEx );     
            }
         } // end for loop
      } 
   }
});

Please note the login method in the second block of code instead of the linking method.

Thanks.

Hi @fmorenogg,

The Unity SDK is based on the iOS Firebase SDK. I don't believe that there's a method in the iOS SDK to reuse a Nonce-based Apple Sign In Credential for signing in users. However, after the user account is signed in the first time, the User object should be persisted and may be used for subsequent auth operations even between sessions.

Generally this is handled by configuring the .StateChanged and the .IDTokenChanged listener properties on the FirebaseAuth object. An example of this is in the InitializeFirebase method of the Auth Quickstart where a force refresh of the token is made via TokenAync().

As a test I was able to update the display name of an account that was signed in a week ago via Apple Sign In, but using the refreshed tokens retrieved from the service via User.TokenAsync and not requiring a new Apple Sign In token to be generated.

Please let me know if this helps you or if you run into any problems If there's a specific need to call SignInWithApple for the user on every execution of the application then please let me know. Thanks!

It's not possible to reuse a nonce so I'm removing the feature request label. Additionally since we haven't heard from you I'm closing this isusue for now. Please see Issue #576 for more information, and mention me if you have any questions.