I am currently in the process of getting my project to run with Firebase. I've completed authentication through this script here.
using System.Collections.Generic;
using UnityEngine;
using GooglePlayGames;
using GooglePlayGames.BasicApi;
using UnityEngine.SocialPlatforms;
using System.Threading.Tasks;
using Firebase;
using Firebase.Auth;
public class FirebaseManager : MonoBehaviour
{
private string AuthCode;
private void Start()
{
// Initialize Play Games Configuration and Activate it.
PlayGamesClientConfiguration config = new PlayGamesClientConfiguration.Builder()
.RequestServerAuthCode(false)
.Build();
Debug.LogWarning("Config Built");
PlayGamesPlatform.InitializeInstance(config); Debug.LogWarning("Instance");
PlayGamesPlatform.Activate(); Debug.LogWarning("Activate");
Firebase.Auth.FirebaseAuth auth = Firebase.Auth.FirebaseAuth.DefaultInstance; // Sign In and Get a server auth code.
UnityEngine.Social.localUser.Authenticate((bool success) =>
{
if (!success)
{
Debug.LogError("SignInOnClick: Failed to Sign into Play Games Services.");
return;
}
string authCode = PlayGamesPlatform.Instance.GetServerAuthCode();
if (string.IsNullOrEmpty(authCode))
{
Debug.LogError("SignInOnClick: Signed into Play Games Services but failed to get the server auth code.");
return;
}
Debug.LogFormat("SignInOnClick: Auth code is: {0}", authCode); // Use Server Auth Code to make a credential
Firebase.Auth.Credential credential = Firebase.Auth.PlayGamesAuthProvider.GetCredential(authCode); // Sign In to Firebase with the credential
auth.SignInWithCredentialAsync(credential).ContinueWith(task => {
if (task.IsCanceled)
{
Debug.LogError("SignInOnClick was canceled.");
return;
}
if (task.IsFaulted)
{
Debug.LogError("SignInOnClick encountered an error: " + task.Exception);
return;
}
Firebase.Auth.FirebaseUser newUser = task.Result;
Debug.LogFormat("SignInOnClick: User signed in successfully: {0} ({1})", newUser.DisplayName, newUser.UserId);
});
});
}
}
Once i build this project onto Google Play and test it, it has the google UI pop up that shows my Google Play account name. Checking firebase authentication panel i can see my google play account populate the field with a UID.
I send some data to my database via REST API
using System.Collections.Generic;
using UnityEngine;
using Firebase.Database;
using Proyecto26;
using Firebase;
using Firebase.Auth;
using UnityEngine.UI;
using TMPro;
public class Database : MonoBehaviour
{
#region Instance
public static Database I;
public void GetInstance()
{
if(I == null)
{
I = this;
}
else
{
Destroy(I);
I = this;
}
}
private void Awake()
{
GetInstance();
}
#endregion
private string UID;
PlayerSaveData playerSaveData = new PlayerSaveData();
private void Start()
{
Debug.Log("Sending data");
LoadedData();
}
public void SavePlayerData()
{
UserID();
Debug.Log(UID);
RestClient.Put("https://-censored project linkrtdb.firebaseio.com/users" + UID + ".json", playerSaveData);
Debug.Log("Sent Data function complete");
}
public void LoadedData()
{
RestClient.Get<PlayerSaveData>("https://-censored project link-rtdb.firebaseio.com/users" + UID + ".json").Then(response =>
{
playerSaveData = response;
});
}
// UID //
public void UserID()
{
Firebase.Auth.FirebaseAuth auth = Firebase.Auth.FirebaseAuth.DefaultInstance;
Firebase.Auth.FirebaseUser user = auth.CurrentUser;
if (user != null)
{
string playerName = user.DisplayName;
// The user's Id, unique to the Firebase project.
// Do NOT use this value to authenticate with your backend server, if you
// have one; use User.TokenAsync() instead.
string uid = user.UserId;
Debug.LogWarning("Player UID: " + uid);
UID = uid;
}
else
{
UID = "No UID";
}
}
}
Once i check my data on the Database page on the Firebase Console on a live build via Google Play Market, the data only populates when i set the rules to test "Write = true and read = true for everyone"
However, once i add the rules from the documents that fit my situation
{
"rules": {
"users": {
"$uid": {
// Allow only authenticated content owners access to their data
".read": "auth != null && auth.uid == $uid",
".write": "auth != null && auth.uid == $uid"
}
}
}
}
The live application does not continue to write to the database.
My debug log on Logcat shoes the UID is spitting out the same exact UID that is authenticated on firebase.
I hate to be the guy that floods a forum with a question that i am sure has been asked a 100 times. I have been at this firebase thing for about 2 days, but i am throwing in the towel on this one. I can't find anything unique to my situation. With the little knowledge i have, i do feel that somehow the authentication is not sending with the way i structured my database.cs with REST. But i was assured this is the way i should go.
Any help would be greatly appreciated, much thanks to those that take the time! :D
It seems like your REST client is not passing the user credentials along with the request. The Firebase SDK passes this information with each connection/request, and you'll have to do the same here.
Have a look at the Firebase documentation on authorizing REST requests, specifically the section on authenticating with an ID token, which is probably easiest for you.
On the other hand, I'd recommend having a look using using the Firebase Realtime Database SDK instead of calling the REST API, as this will pass the required information automatically.
Related
I am grabbing the android device token and saving it to firestore. This works in most of the cases totally fine. Now I encountered a device where it does not work. Oddly enough I end up with attributes in firestore that my model does not reflect and I do not understand where those attributes and their values come from.
This is my method to retrieve the token:
public static void updateToken(String userId, FcmToken.Action action) {
if (StringUtils.checkNull(userId)) return;
//FCM
FirebaseMessaging.getInstance().getToken().addOnCompleteListener(task -> {
if (!task.isSuccessful()) {
Log.w(TAG, "Could not get firebase token. ", task.getException());
return;
}
String token = task.getResult();
Log.i(TAG, "[FCM TOKEN]: " + token);
//Do not ask firebase to write an existing token again,
//this only creates traffic and costs but does not change the database
String storedToken = FcmProvider.loadToken(false);
if (StringUtils.checkNull(storedToken) || !token.equals(storedToken) || action == FcmToken.Action.DELETE) {
FcmToken fcmToken = new FcmToken(token, userId, action);
FcmRepo.getInstance().setToken(fcmToken, documentId -> {
Log.d(TAG, "Token " + action + " successfully");
FcmProvider.saveToken(token);
}, e -> {
Log.d(TAG, "Failed to " + action + " token. " + e);
});
} else {
Log.d(TAG, "Stored token is identical. No update needed");
}
});
}
This is the FcmToken class (And I assume the way I use the field values here are the issue, yet I do not understand the outcome)
#Getter
#Setter
#IgnoreExtraProperties
public class FcmToken {
private String userId;
private FieldValue fcmToken;
#ServerTimestamp
private Date ut;
public enum Action {SET, DELETE}
public FcmToken(String fcmToken, String userId, Action action) {
this.userId = userId;
if (action == Action.SET) this.fcmToken = FieldValue.arrayUnion(fcmToken);
else if (action == Action.DELETE) this.fcmToken = FieldValue.arrayRemove(fcmToken);
}
}
For completness this is the method I use to set the token:
public void setToken(#NonNull FcmToken fcmToken, #Nullable OnSetSuccessListener callbackSuccess, #Nullable OnFailureListener callbackFailure) {
getFcmRef().document(fcmToken.getUserId()).set(fcmToken, SetOptions.merge()).addOnCompleteListener(task ->...);
}
Now this is what ends up in my firestore for that user only:
This HAS to to come from the app itself. There is no other way this document could have been created:
If I use another device or the emulator the result looks like expected. Where does the "a" field come from? Why is it assigned to userId and why is there no fcmToken field?
The problem is, that I do not have physical access to the phone that produces this behaviour (Samsung S21 Ultra, Android 12). I need to debug this without having access to the log outputs.
But I know that the task comes back successfully (I used another version to save the error in the token field and there was none).
Any ideas?
This typically means that you didn't configure ProGuard correctly, and it's minifying the classes that you're writing to the database.
You'll need to prevent ProGuard from modifying the classes that you use to interact with the database. See the Firebase documentation on configuring ProGuard (the link is for the Realtime Database, but the same applies to Firestore), or one of these previous questions about configuring ProGuard for Firebase.
I am a Unity programmer and I am using Firebase to manage user accounts. I tried to set up Facebook Login. No problems with the Facebook sdk and I can log in successfully. However, when the credential returned by Facebook sdk is used as a parameter of FirebaseAuth.DefaultInstance.SignInWithCredentialAsync, it returns internal error.
And here is my code:
void authCallBack(IResult result) {
if (result.Error != null) {
Debug.Log(result.Error);
}
else {
if (FB.IsLoggedIn) {
Debug.Log("Log in successfully.");
AccessToken token = AccessToken.CurrentAccessToken;
Credential credential = FacebookAuthProvider.GetCredential(token.TokenString);
accessToken(credential);
}
else
Debug.Log("not logged in");
}
}
public void accessToken(Credential firebaseResult) {
FirebaseAuth auth = FirebaseAuth.DefaultInstance;
Debug.Log("Auth CurrentUser: " + FirebaseAuth.DefaultInstance.CurrentUser);
if (!FB.IsLoggedIn){
return;
}
if (auth.CurrentUser != null && !string.IsNullOrEmpty(auth.CurrentUser.UserId)){
Debug.Log("CurrentUser ID: " + auth.CurrentUser.UserId);
auth.CurrentUser.LinkAndRetrieveDataWithCredentialAsync(firebaseResult).ContinueWith(task =>
{
if (task.IsCanceled || task.IsFaulted)
{
Debug.LogError("LinkWithCredentialAsync encountered an error: " + task.Exception);
// TODO: Show error message to player
return;
}
FirebaseUser newUser = task.Result.User;
Debug.LogFormat("Credentials successfully linked to Firebase user: {0} ({1})",
newUser.DisplayName, newUser.UserId);
});
} else {
auth.SignInWithCredentialAsync(firebaseResult).ContinueWith(task =>
{
if (task.IsCanceled || task.IsFaulted) {
Debug.LogError("SignInWithCredentialAsync encountered an error: " + task.Exception.InnerExceptions[0].Message);
// TODO: Show error message to player
return;
}
FirebaseUser newUser = task.Result;
Debug.LogFormat("Credentials successfully created Firebase user: {0} ({1})",
newUser.DisplayName, newUser.UserId);
});
}
}
More details in VS Debugging:
When I test it on my Android device, it comes out an error message g_methods_cached only.
Can anyone help?
P.S. Here is another question asked yesterday and I don't know if it is relevant.
FirebaseAuthWebException not found. Please verify the AAR
Oh, I have made a silly mistake!
In the Facebook Developer page, there is the App Secret in Setting > Basic. And it has to be added into Firebase Console with the App ID. No problem right now. And then......
I just copied the App Secret without showing and pasted into Firebase Console.
Which means I have set 8 black dots (●●●●●●●●) as my App Secret in my Firebase Console. I know it is too silly. But just in case there is someone careless like me.
I am creating my first app engine app and having problems with authenticating the users.
I have followed the https://cloud.google.com/appengine/docs/python/endpoints/consume_android#making_authenticated_calls - seems a bit magical, that I just "setAccountName" and it is supposed to work, but w/e, I guess that it should load the app scopes from Android Audience and then just check if the account name I passed has actually logged into the device.
The API call works, passes the authentication, but sadly - the "endpoints.get_current_user()" function on the backend returns None.
So I kept digging, but I can't seem to find anything on the topic. Best thing I have found is http://blog.notdot.net/2010/05/Authenticating-against-App-Engine-from-an-Android-app - but that's an article from 6 years ago and the author uses HTTP client and nothing related to endpoints libs.
All I can think of would be to follow some "non-endpoints" way of adding "login with Google" to my app and then try to pass the credentials I would get to my API builder, but that just feels wrong, like there should be an easier way to do that.
So, am I missing some step, that was not mentioned in https://cloud.google.com/appengine/docs/python/endpoints/consume_android#making_authenticated_calls ?
Actual code (slightly simplified) below:
Backend:
auth_api = endpoints.api(
name='auth_api',
version='v1.0',
auth_level=endpoints.AUTH_LEVEL.REQUIRED,
allowed_client_ids=[
ANDROID_CLIENT_ID,
WEB_CLIENT_ID,
endpoints.API_EXPLORER_CLIENT_ID,
],
audiences=[
WEB_CLIENT_ID,
endpoints.API_EXPLORER_CLIENT_ID,
],
scopes=[
'https://www.googleapis.com/auth/userinfo.profile',
'https://www.googleapis.com/auth/userinfo.email',
],
)
#auth_api.api_class(resource_name='rating')
class RatingHandler(remote.Service):
#endpoints.method(
message_types.VoidMessage,
RatingsMessage,
path='rating/getRatings',
http_method='GET',
)
def getRatings(self, request):
rating_query = Rating.query(
ancestor=ndb.Key(
Account,
endpoints.get_current_user().user_id(), // ERROR! endpoints.get_current_user() is None
)
).order(-Rating.rating)
Client:
// Somewhere these lines exist
if (credential == null || credential.getSelectedAccountName() == null) {
startActivityForResult(
AuthUtils.getCredentials(getActivity()).newChooseAccountIntent(),
AuthUtils.REQUEST_ACCOUNT_PICKER
);
} else {
LoadRatings();
}
#Override
public void onActivityResult(
int requestCode,
int resultCode,
Intent data
) {
super.onActivityResult(requestCode, resultCode, data);
if (data != null && data.getExtras() != null) {
String accountName =
data.getExtras().getString(
AccountManager.KEY_ACCOUNT_NAME
);
if (accountName != null) {
credential = GoogleAccountCredential.usingAudience(
getApplicationContext(),
"server:client_id:" + Constants.ANDROID_AUDIENCE
);
credential.setSelectedAccountName(accountName);
LoadRatings();
}
}
}
public void LoadRatings() {
// AuthApi was auto-generated by Google App Engine based on my Backend
AuthApi.Builder api = new AuthApi.Builder(
AndroidHttp.newCompatibleTransport(),
new AndroidJsonFactory(),
credential
).setApplicationName(getPackageName());
AuthApi service = api.build();
try {
ApiMessagesRatingRatedBeerListMessage result = service.rating().getRatings().
// some stuff done with result, but the Exception is thrown in line above
OK, I figured it out. When I removed "scopes" from API declaration, it works. I'm not sure how I am going to access user's email / profile yet, but that's at least a step forward.
This issue has been actually brought up before - How to add more scopes in GoogleCloud Endpoints - sadly, without any answers
You won't have a User object (Entity that is) on the backend created for you. You have to do that yourself. For example:
#Entity
public class AppEngineUser {
#Id
private String email;
private User user;
private AppEngineUser() {}
public AppEngineUser(User user) {
this.user = user;
this.email = user.getEmail();
}
public User getUser() {
return user;
}
public Key<AppEngineUser> getKey() {
return Key.create(AppEngineUser.class, email);
}
}
When you create an API method and specify a User object like this:
#ApiMethod(name = "insertRecord", path = "insert_record", httpMethod = HttpMethod.POST)
public Record insertRecord(User user, Record record)
// check if google user is authenticated
throws UnauthorizedException {
if (user == null) {
throw new UnauthorizedException("Authorization required");
}
// user is authenticated... do some stuff!
}
The User object is an injected type. It is actually: com.google.appengine.api.users.User. See "injected types" on https://cloud.google.com/appengine/docs/java/endpoints/paramreturn_types.
What this means is that GAE injects the Google user object if the user provided the correct credentials to their Google+ account. If they did not, then User will be null. If it is, you can throw an UnauthorizedException the way the above method does.
You can now get things like the User's gmail address among other things if the user object is not null. From there, you must store those values in your own custom entity, such as AppEngineUser and save it to the datastore. Then you can do other things with it later, such as load it, check if the user is registered and whatever else all by yourself.
Hope that helps!
I am using couchbase mobile for an application and I want to use facebook for authentication. As per documentation, couchbase offers it's own implementation for authentication, the only required thing would be the token which I retrieve from the android facebook login flow.
The code for Synchronize class looks something like this:
public class Synchronize {
public Replication pullReplication;
public Replication pushReplication;
public static class Builder {
public Replication pullReplication;
public Replication pushReplication;
public Builder(Database database, String url, Boolean continuousPull) {
if (pullReplication == null && pushReplication == null) {
URL syncUrl;
try {
syncUrl = new URL(url);
} catch (MalformedURLException e) {
throw new RuntimeException(e);
}
pullReplication = database.createPullReplication(syncUrl);
pullReplication.setContinuous(true);
pushReplication = database.createPushReplication(syncUrl);
pushReplication.setContinuous(true);
}
}
public Builder facebookAuth(String token) {
if (!TextUtils.isEmpty(token)) {
Authenticator facebookAuthenticator = AuthenticatorFactory.createFacebookAuthenticator(token);
pullReplication.setAuthenticator(facebookAuthenticator);
pushReplication.setAuthenticator(facebookAuthenticator);
}
return this;
}
public Builder basicAuth(String username, String password) {
Authenticator basicAuthenticator = AuthenticatorFactory.createBasicAuthenticator(username, password);
pullReplication.setAuthenticator(basicAuthenticator);
pushReplication.setAuthenticator(basicAuthenticator);
return this;
}
public Builder addChangeListener(Replication.ChangeListener changeListener) {
pullReplication.addChangeListener(changeListener);
pushReplication.addChangeListener(changeListener);
return this;
}
public Synchronize build() {
return new Synchronize(this);
}
}
private Synchronize(Builder builder) {
pullReplication = builder.pullReplication;
pushReplication = builder.pushReplication;
}
public void start() {
pullReplication.start();
pushReplication.start();
}
public void destroyReplications() {
if (pullReplication != null && pushReplication != null) {
pullReplication.stop();
pushReplication.stop();
pullReplication.deleteCookie("SyncGatewaySession");
pushReplication.deleteCookie("SyncGatewaySession");
pullReplication = null;
pushReplication = null;
}
}
}
And I use it like this:
...
public void startReplicationSync(String facebookAccessToken) {
if (sync != null) {
sync.destroyReplications();
}
final String url = BuildConfig.URL_HOST + ":" + BuildConfig.URL_PORT + "/" + DATABASE_NAME;
sync = new Synchronize.Builder(databaseManager.getDatabase(), url, true)
.facebookAuth(facebookAccessToken)
.addChangeListener(getReplicationChangeListener())
.build();
sync.start();
}
...
My sync gateway json config file:
{
"interface":":4984",
"adminInterface":":4985",
"log":["REST"],
"facebook":{
"register" : true
},
"databases":{
"sync_gateway":{
"server":"http://localhost:8091",
"bucket":"sync_gateway",
"users": {
"GUEST": {"disabled": false}
},
"sync":`function(doc) {channel(doc.channels);}`
}
}
}
I also tried with "GUEST": {"disabled": true}, no luck
My problem is that if I do this
pullReplication.setAuthenticator(facebookAuthenticator);
pushReplication.setAuthenticator(facebookAuthenticator);
Nothing will ever get replicated/pulled from the server. However if I don't set an authenticator, everything is pulled. Is it something I am doing wrong? I really need to use the authenticator in order to prevent some documents to not being replicated for non-authenticated users.
Note! The token is good, as if I am looking in the users section of sync gateway admin, I can see the right profile id of the logged in user token I passed to the couchbase facebook authenticator.
In the Sync Gateway config you provided, the Sync Function is function(doc, oldDoc) {channel(doc.channels);} which means that if the document processed by Sync Gateway contains a string(s) under the channels field, the document will be mapped to this/these channel(s). Let's assume the following config file:
{
"log": ["CRUD"],
"databases": {
"db": {
"server": "walrus:",
"users": {
"GUEST": {"disabled": false, "admin_channels": ["*"]}
},
"sync": `
function sync(doc, oldDoc) {
channel(doc.channels);
}
`
}
}
}
If the channels field doesn't exist then the document will be mapped to a channel called undefined. But the GUEST account has access to the * channel (a placeholder to represent all channels). So, all unauthenticated replications will pull all documents. Let's now introduce the facebook login field in the config file. This time, replications authenticated with a facebook token represent a new user which has only access to the ! channel by default (watch this screencast to understand the ! channel, a.k.a the public channel https://www.youtube.com/watch?v=DKmb5mj9pMI). To give a user access to other channels, you must use the access API call in the Sync Function (read more about all Sync Function API calls here).
In the case of facebook authentication, the user's facebook ID is used to represent the user name. Supposing that the document has a property holding the user's facebook ID (user_id: FACEBOOK_ID), you can map the document to a channel and give the user access to it. The new Sync Function would look like this:
function(doc, oldDoc) {
channel(doc._id);
access(doc.user_id, doc._id);
}
You can retrieve the user's facebook ID with the Facebook Android SDK and save on a document field.
I am trying to build a chat application using firebase.
The structure for message table :
message -
$message_id
- $message_push_id
- message {
sender : 3,
receiver : 58,
token : token_of_sender,
message : hi
....}
message_id here is generated using the sender and receiver ids "3_58"
I am using push to save messages into firebase.
{
"rules": {
".read": true,
"message":
{
"$messageid": {
"$messagepushid":
{
".read": true,
".write": "auth != null && !data.exists()",
".indexOn": ["token", "userid", "receiverid", "sent_time"],
".validate": "auth.token == newData.child('token').val() && newData.hasChildren(['token', 'userid', 'receiverid', 'text'])"
}
}
}
}
}
I have already generated token using custom token generator :
Firebase firebase = getFirebase();
Map<String, Object> authPayload = new HashMap<String, Object>();
authPayload.put("uid", user.getUserid());
authPayload.put("token", user.getToken());
TokenGenerator tokenGenerator = new TokenGenerator(Constants.FIREBASE_KEY);
TokenOptions tokenOptions = new TokenOptions();
tokenOptions.setAdmin(false);
final String firebaseToken = tokenGenerator.createToken(authPayload, tokenOptions);
firebase.authWithCustomToken(firebaseToken, new Firebase.AuthResultHandler() {
#Override
public void onAuthenticated(AuthData authData) {
Log.d("Auth", "Success : " + authData.toString());
Log.d("Auth", "Token : " + firebaseToken);
SharedPrefs.setFirebaseUserToken(getActivity(), firebaseToken);
}
#Override
public void onAuthenticationError(FirebaseError
firebaseError) {
firebaseError.toException().printStackTrace();
}
});
I am trying to push a new message but I am getting error :
RepoOperation﹕ setValue at /message/3_58/-Jy2We4cqLjuQNF6Oyhs failed: FirebaseError: Permission denied
I am unable to figure out where I am going wrong.
This is the code to send chat :
mConversationReferenceFireBase = mFireBase.child("message").child(mConversationId);
Chat conversation = new Chat( mToken, mUserId, mReceiverId, message );
mConversationReferenceFireBase.push().setValue(conversation, new Firebase.CompletionListener() {
#Override
public void onComplete(FirebaseError firebaseError, Firebase firebase) {
if (firebaseError != null) {
Log.e("Conversation", firebaseError.toString());
}
}
});
mConversationId = 3_58
The token here is generated for a user. We have a separate server to maintain the user accounts. The token is being used to upload/ download any files, the firebase is used as Chat Server.
With the rules set to .read = true and .write = true; everything works, however when I am attempting to have an authentication performed, it results in the error mentioned above. I've tried using the token from token generator, to check if I may possibly be using the wrong token.
I am following this example to generate token for firebase auth :
https://www.firebase.com/docs/web/guide/login/custom.html
Since storing a firebase secret key is bad in terms of security, what other alternative can be followed to generate a token for authentication?
I was too stuck on this point and here's what helped me.
First things first, there are two types of users who can access database from firebase
Authorized
Non-authorized
By default it is set to non-authorized but then they do not have any permissions neither read nor write, so initially if you try to perform any operation you get the permission denied error.
So basically one has to change the required permissions on the firebase console in-order to access the database.
Complete answer here
Check the rule defined in your firebase account and also the simulator options. Description is given below in a image.