I'm using this code to send a verification email with a custom dynamicLinkDomain links.myapp.com.
final acs = ActionCodeSettings(
url: 'https://myapp.com/finishLogin',
handleCodeInApp: true,
iOSBundleId: 'com.myapp.mobileApp',
androidPackageName: 'com.myapp.mobileApp',
androidInstallApp: true,
androidMinimumVersion: '18',
dynamicLinkDomain: 'links.myapp.com',
);
await SecureStorageService.to.postEmail(email);
await FirebaseService.to.auth.sendSignInLinkToEmail(
email: email,
actionCodeSettings: acs,
);
That dynamicLinkDomain is setup correctly because I am using it in my app both with Android and iOS. But when I click on the login link on an Android device (emulator or real) I always get a 400 API key expired error
I tried
to clean the project with flutter clean
create a new API key without restriction
but I still get the error. It seems like a dynamic link problem, but I can't spot it. Does someone have an idea?
I can see that i have in the email is very different depending if I'm generating the email from iOS
https://links.myapp.com/?link=https://links.myapp..com/__/auth/action?apiKey%3DAIzaS...NedNY%26mode%3DsignIn%26oobCode%3DKI4NK...F4ao-7yw%26continueUrl%3Dhttps://myapp..com/finishLogin%26lang%3Den&ibi=com.myapp..mobileApp&ifl=https://links.myapp..com/__/auth/action?apiKey%3DAIza...tNedNY%26mode%3DsignIn%26oobCode%3DKI...-7yw%26continueUrl%3Dhttps://myapp..com/finishLogin%26lang%3Den
or Android
https://links.myapp.com/__/auth/action?apiKey=AIza...edNY&mode=signIn&oobCode=XQI...2pCw&continueUrl=https://myapp.com/finishLogin&lang=en
Is that normal?
Related
I am implementing sign in with Apple. I can successfully see the Apple login page. I key in the correct credentials. It should be able to sign in/sign up to the firebase based on the returned value from Apple.
However I am getting this error Error: The supplied auth credential is malformed, has expired or is not currently supported. Something must be wrong at the firebase side? You may refer to the onPressAppleLogin function below on the logic. Many thanks!
What I have done:
In Firebase
Authentication with Sign-in provider Apple enabled
My service id is co.myexampleapp.signinwithapple
My authorization callback is https://my-example-app.firebaseapp.com/__/auth/handler
In developer.apple.com
I created a service id co.myexampleapp.signinwithapple with the service Sign In with Apple enabled
I added my-example-app.firebaseapp.com for the Domain and https://my-example-app.firebaseapp.com/__/auth/handler in the Return URLs
My React Native source code
import { appleAuthAndroid } from '#invertase/react-native-apple-authentication';
import firebase from 'react-native-firebase'
getRandomString = (length: any) => {
let randomChars =
'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789'
let result = ''
for (let i = 0; i < length; i++) {
result += randomChars.charAt(Math.floor(Math.random() * randomChars.length))
}
return result
}
onPressAppleLogin = async () => {
const rawNonce = this.getRandomString(20);
const state = this.getRandomString(20)
appleAuthAndroid.configure({
clientId: 'co.myexampleapp.signinwithapple',
redirectUri: 'https://my-example-app.firebaseapp.com/__/auth/handler',
responseType: appleAuthAndroid.ResponseType.ALL,
scope: appleAuthAndroid.Scope.ALL,
nonce: rawNonce,
state,
});
const response = await appleAuthAndroid.signIn();
const appleCredential = await firebase.auth.AppleAuthProvider.credential(response.id_token, rawNonce)
const appleUserCredential = await firebase.auth().signInWithCredential(appleCredential) // error happens here!
}
This is 100% due to the wrong Services ID on the server or the client.
I was working on a project in which we have Django as the backend server the backend developer used a different Services ID on the server & I on the client-side used a different Services ID.
How we solved this issue.
Open the Firebase console in the general settings check the bundle ID of the ios app compare it with the bundle ID in your Xcode. Make sure the Services is ID is correct and you have the latest provisioning profile with the Services Id added inside it.
Read this article to understand how to create a service ID. https://firebase.google.com/docs/auth/android/apple?authuser=4
You need to add the same services ID that you created above in the firebase console where you enable apple auth service in the authentication section
In your case you need to add service id
co.myexampleapp.signinwithapple
in the input box that is shown in the screenshot.
There is some sort of error in initializing the credentials.
Three types of errors may occur:
In the response, the token may be get expired. In that time you can use refresh token function to get new token.
Have a look at the rules in the firebase, if you initialized your app in the locked mode read and write will be set to false. If it so, change it to true.
Check whether you have enabled Api keys.
Important Check whether you enabled the third party access for the Apple Id.
Since the problem is with token, I suggest you to check the following.
Make sure you provided your email in support email in firebase project settings.
Try logging out before performing signing in operation. Due to improper logout during development this may happen.
Make sure you always logout before signin. Helped me in some cases.
Device time - since the token generated will be based on timestamp.
I have an Ionic Angular app which I'm deploying to an Android device. I am using OpenID + KeyCloak for authentication, on the clientside I am taking care of this by using the angular-auth-oidc-client. The configuration I have set up is:
scope: 'openid profile tino_access',
silentRenewUrl: `${window.location.origin}/silent-renew.html`,
responseType: 'code',
postLogoutRedirectUri: window.location.origin,
silentRenew: true,
silentRenewUrl: `${window.location.origin}/silent-renew.html`,
logLevel: LogLevel.Warn,
postLoginRoute: window.location.origin,
useRefreshToken: true
This works perfectly fine when deployed locally or on a custom domain on my server, however when testing on a mobile phone as an app it does not work. I notice that the value of window.location.origin is http://localhost. After successful login, a request is made in the form of ${window.location.origin}/?state='token'&code='token', such that 'token' is the value of the token generated by the OAuth. When this request is made on the mobile device, the request http://localhost/?state=...&code=... is not recognized and the app fails to launch, I only get an error screen that the web page does not exist.
Is there any way to go around this problem?
Thanks
Answer: Since an app's origin is http://localhost, and a local server is not running on the phone, the solution is to change the redirect_url parameter of the auth configuration to the package id of the application. Example: com.package.id://home
This will redirect you back to the app after finishing the authentication in the OAuth page
I'm using Ionic with React and #codetrix-studio's capacitor-google-auth plugin to enable google auth. The processed idToken has different lengths when comparing Web to Android environments.
When running in the web browser I'm getting 1224 chars and everything works just fine. But when running android I'm only getting 1122 chars. Also I'm not getting anything out of the accessToken.
Can anyone provide some hits on how to solve this?
I'm getting the token like so:
async signIn(): Promise<void> {
const result: any = await Plugins.GoogleAuth.signIn();
if (result) {
let token = result.authentication.idToken;
this.setToastMsg(token.length + "");
}
}
This is triggered from a simple button:
<IonButton onClick={() => this.signIn2()} >Login with Google</IonButton>
Turns out the token provided by google for the android api is actually smaller. So everything is ok.
I recently migrated my database from my Parse account to MongoLab and I've also set up a Parse Server on Heroku. Everything is working great except that I want to add an email verification feature using the emailVerified parameter that exists in Parse and I don't see how to do it because I didn't had the option activated before migrating my database.
Thanks.
I think you might have to add the feature yourself using a combination of Cloud Code and a mailing service such as Mandril or SendGrid.
Cannot currently find the reference, but believe I saw somewhere that this is the case.
It would make sense as any mailing service would need some form of credentials in order to handle emailing.
You could of course also have a look at the source code to verify: https://github.com/ParsePlatform/parse-server
You can use SendGrid for this. You need to install parse-server-sendgrid-adapter to your parse-server directory.
Run this command inside your parse-server directory:
npm i parse-server-sendgrid-adapter
After installation finishes. You need to set variables inside your index.js file.
var SimpleSendGridAdapter = require('parse-server-sendgrid-adapter');
And add these to your var api = new ParseServer function as parameters:
.
.
.
appName: '', //enter your app name
publicServerURL: '', //enter your server url
verifyUserEmails: true,
emailAdapter: new SimpleSendGridAdapter({
apiKey: '***', //enter your api key
fromAddress: '' //the address that mails will be sending.
}),
customPages: {
invalidLink: 'http://yourpage/link_invalid.html',
verifyEmailSuccess: 'http://yourpage/verify_email_success.html',
choosePassword: 'http://yourpage/new_password.html',
passwordResetSuccess: 'http://yourpage/sucess.html'
},
.
.
.
Also enable email verification from your app's Parse dashboard.
Using the Instagram rubygem and sinatra I am able to successfully authenticate via oauth from a small AngularJS app and use the Instagram API. Here are the relevant oauth routes from my sinatra app:
get '/oauth/connect' do
logger.info "going here " + (Instagram.authorize_url :redirect_uri => CALLBACK)
redirect Instagram.authorize_url :redirect_uri => CALLBACK
end
get "/oauth/callback" do
logger.info params[:code]
response = Instagram.get_access_token params[:code], :redirect_uri => CALLBACK
session[:access_token] = response.access_token
users = DB[:users]
current_user = users[:instagram_id => response.user.id.to_i]
if current_user.nil?
new_user = response.user
users.insert :instagram_id => new_user.id.to_i,
:username => new_user.username,
:profile_picture => new_user.profile_picture,
:created_at => DateTime.now
current_user = users[:instagram_id => new_user.id]
end
session[:current_user] = current_user
redirect "/app"
end
However, when trying to authenticate from within a webview in an Android app using the same routes (GET oauth/connect, redirected to Instagram, then redirected back to oauth/callback) I get the following error:
Instagram::BadRequest - POST https://api.instagram.com/oauth/access_token/: 400: OAuthException: No matching code found.:
I have verified that I am using the same code returned from Instagram and that the redirect_uri is the same as what I registered with Instagram.
Note, Oauth works when I use my web interface, but not via the Android webview.
I have read a number of posts where other people have seen this behavior, but the solutions provided do not work for me:
Instagram can disable your app because it thinks it is misbehaving. Nope, because oauth works via my web-interface still using the same client ID and secret and the same routes.
You are not using the same redirect_uri as that listed with Instagram. I have checked and re-checked this and it looks fine.
Where can I debug next to get to the bottom of this issue?
I know my answer is a bit late, but I'm posting it here so others (hopefully) won't have to search as hard as I did.
It looks like you're using the Explicit auth. We were having this issue using the explicit flow.
Here's the problem: In the instant after you send the code to Instagram (step 3), that code expires. However, Instagram will not send you a new code (step 1 & 2) for at least 5 minutes (it re-issues the old code).
Make certain that you aren't sending more than one request with the same code (Android WebView tends to arbitrarily send multiple requests). Or, better yet, cache the code->Instagram_response mapping on the server.