Firebase Auth - get provider ID - ios

I'm using the following code, to detect auth provider and log out properly
static func logOut() {
let auth = FIRAuth.auth()!
let provider = auth.currentUser?.providerID
switch provider! {
case "Facebook": FBSDKLoginManager().logOut()
case "Google": GIDSignIn.sharedInstance().signOut()
case "Twitter": Twitter.sharedInstance().sessionStore.logOutUserID(TWTRAPIClient.withCurrentUser().userID!)
default:
print("Unknown provider ID: \(provider!)")
return
}
try! auth.signOut()
}
But the provider is always "Firebase". What am I doing wrong? 0_o Once that code throw "Facebook" when I was logged in twitter. Thanks in advance
UPD: Yeah, I actually can store auth provider in UserDefaults, but maybe it's Firebase bug. I'm using Firebase SDK 3.5.2

Since a user can sign into their Firebase Authentication account with multiple providers, the top-level provider ID will now (usually) be Firebase.
But the currentUser has a providerData property that provides information on the speciic providers. Looping over FIRAuth.auth()!.currentUser.providerData will give you the FIRUserInfo.providerID you're looking for.
See also this question about UIDs, which are in a similar situation: Firebase returns multiple IDs, Which is unique one?

Swift 4 solution:
if let providerData = Auth.auth().currentUser?.providerData {
for userInfo in providerData {
switch userInfo.providerID {
case "facebook.com":
print("user is signed in with facebook")
case "google.com":
print("user is signed in with google")
default:
print("user is signed in with \(userInfo.providerID)")
}
}
}

I had to JSON.stringify(currentUser.providerData)
in order to see how it's organized:
Stringify result
And i finally found the Auth Provider like this:
currentUser.providerData[0].providerId
Cheers, gl with your code : )

Using currentUser.providerData gives you the array of providers with each provider having its own uid. The list is sorted by the most recent provider used to sign in. So the first element in currentUser.providerData is the method that the user used to sign in.
So currentUser.providerData[0].providerId will give you the method that the user used to sign in.

// Provider Type
struct AuthProviders {
static let phone = "phone"
static let facebook = "facebook.com"
static let google = "google.com"
static let apple = "apple.com"
}
let providerIds = auth.currentUser?.providerData.map { $0.providerID }

To logout there is a simpler method:
let authUI = FUIAuth.defaultAuthUI()
do {
try authUI?.signOut()
} catch let err {
print(err);
}
On the other hand, if you want to find the provider AND determine if the user is logged in via that provider, check the accessToken. To get the accessToken you need the specific provider instance you provided to providers.
I find this is best achieved by first declaring your providers in your class this way:
lazy var facebookProvider = FUIFacebookAuth()
lazy var googleProvider = FUIGoogleAuth()
Then when you provide the providers:
let providers: [FUIAuthProvider] = [ facebookProvider, googleProvider ]
When you want the specific provider data:
if let providerData = Auth.auth().currentUser?.providerData {
for userInfo in providerData {
switch userInfo.providerID {
case "facebook.com":
if !facebookProvider.accessToken.isEmpty {
print("user is signed in with facebook")
}
case "google.com":
if !googleProvider.accessToken.isEmpty {
print("user is signed in with google")
}
default:
print("user is signed in with \(userInfo.providerID)")
}
}
}
Otherwise you will get info on each provider regardless of whether the user is actually logged in.

2022 Simple Javascript Solution (Firebase v8)
let signInMethod =
firebase.auth().currentUser?.providerData[0]?.providerId;

Related

Converting switch-as from Switch to Objective-C

My question is regarding this sample code from Apple.
How do I convert this switch statement using the as keyword to an Objective-C equivalent? I'm just interested in the case statements.
func authorizationController(controller: ASAuthorizationController, didCompleteWithAuthorization authorization: ASAuthorization) {
switch authorization.credential {
case let appleIDCredential as ASAuthorizationAppleIDCredential:
// Create an account in your system.
let userIdentifier = appleIDCredential.user
let fullName = appleIDCredential.fullName
let email = appleIDCredential.email
// For the purpose of this demo app, store the `userIdentifier` in the keychain.
self.saveUserInKeychain(userIdentifier)
// For the purpose of this demo app, show the Apple ID credential information in the `ResultViewController`.
self.showResultViewController(userIdentifier: userIdentifier, fullName: fullName, email: email)
case let passwordCredential as ASPasswordCredential:
// Sign in using an existing iCloud Keychain credential.
let username = passwordCredential.user
let password = passwordCredential.password
// For the purpose of this demo app, show the password credential as an alert.
DispatchQueue.main.async {
self.showPasswordCredentialAlert(username: username, password: password)
}
default:
break
}
}
In ObjC, the equivalent of this kind of as is -isKindOfClass:. You'll need to use if statements, since there's no equivalent version of switch. It would be something along these lines:
id<ASAuthorizationCredential> credential = authorization.credential;
if ([credential isKindOfClass:[ASAuthorizationAppleIDCredential class]]) {
ASAuthorizationAppleIDCredential *appleIDCredential = (ASAuthorizationAppleIDCredential *)credential;
// ...
}
else if ([credential isKindOfClass:[ASPasswordCredential class]]) {
ASPasswordCredential *passwordCredential = (ASPasswordCredential *)credential;
// ...
}
ObjC has two class-checking methods, -isKindOfClass: and -isMemberOfClass:. The "kind" version checks for the given class and all subclasses. The "member" version checks the exact class, so it can differentiate between superclasses and their subclasses if needed.

Firebase Authentication Link Facebook to Google

After many tests I decided to create a new xCode project to better understand Firebase authentication with multiple providers.
I set up in Firebase -> SignIn Methods -> An account per email address
An account per email address
Prevents users from creating multiple
accounts using the same email address with different authentication
providers
At this point I have implemented, carefully following the Firebase guide, the login with Facebook and with Google .. Everything seems to work perfectly but I always find myself with the same error that I can't manage:
When my user creates a Firebase account via Google he is no longer able to log in if he decides to use Facebook.
Facebook returns its error when it completes its authentication flow with Firebase:
Firebase Error With Facebook Provider: An account already exists with the same email address but different sign-in credentials. Sign in using a provider associated with this email address.
Continuing to follow the documentation step by step I stopped here (firebase explains how to handle this error)
I have also implemented error handling but after calling Auth.auth().fetchSignInMethods Firebase says I should authenticate the user with the existing provider, at this point how do I get the credentials for authentication with the existing provider?
I wouldn't want to reopen the existing provider controller to get new credentials
Am I obliged to ask the user to log in with the existing provider and show another access controller again (in this case that of Google)?
How should I handle this situation?
override func viewDidLoad() {
super.viewDidLoad()
facebookSetup()
}
func facebookSetup() {
let loginButton = FBLoginButton(permissions: [ .publicProfile, .email ])
loginButton.center = view.center
loginButton.delegate = self
view.addSubview(loginButton)
}
//MARK: - FACEBOOK Delegate
func loginButton(_ loginButton: FBLoginButton, didCompleteWith result: LoginManagerLoginResult?, error: Error?) {
if let error = error {
print(error.localizedDescription)
return
}
let credential = FacebookAuthProvider.credential(withAccessToken: AccessToken.current!.tokenString)
Auth.auth().signIn(with: credential) { (authResult, error) in
if let error = error {
print("\n FIREBASE: ",error.localizedDescription)
// An account with the same email already exists.
if (error as NSError?)?.code == AuthErrorCode.accountExistsWithDifferentCredential.rawValue {
// Get pending credential and email of existing account.
let existingAcctEmail = (error as NSError).userInfo[AuthErrorUserInfoEmailKey] as! String
let pendingCred = (error as NSError).userInfo[AuthErrorUserInfoUpdatedCredentialKey] as! AuthCredential
// Lookup existing account identifier by the email.
Auth.auth().fetchSignInMethods(forEmail: existingAcctEmail) { providers, error in
if (providers?.contains(GoogleAuthProviderID))! {
// Sign in with existing account.
Auth.auth().signIn(with: "? ? ? ?") { user, error in
// Successfully signed in.
if user != nil {
// Link pending credential to account.
Auth.auth().currentUser?.link(with: pendingCred) { result, error in
// Link Facebook to Google Account
}
}
}
}
}
}
}
}

Unable to link Facebook and Google in Firebase Authentication

I am trying to link Facebook and Google. So, the scenario is this:
I have already authenticated with Google. So, now I am logging in Facebook, having same email id which was used earlier with Google. So, I get the error of account Exists with a different credential. And, I did this:
func fetchUserInfo()
{
Auth.auth().signInAndRetrieveData(with:FacebookAuthProvider.credential(withAccessToken: (FBSDKAccessToken.current().tokenString)!), completion: { (result, error) in
if let error = AuthErrorCode.init(rawValue: error!._code)
{
switch error
{
case .accountExistsWithDifferentCredential :
let credential = FacebookAuthProvider.credential(withAccessToken: (FBSDKAccessToken.current()?.tokenString)!)
Auth.auth().currentUser?.linkAndRetrieveData(with: credential, completion: { (result, error) in
if let error = error
{
print("Unable to link Facebook Account", error.localizedDescription)
}
else
{
NavigationHelper.shared.moveToHome(fromVC: self)
}
})
default: break
}
}
else
{
GeneralHelper.shared.keepLoggedIn()
if let currentUser = Auth.auth().currentUser
{
print(currentUser.email!)
}
NavigationHelper.shared.moveToHome(fromVC: self)
}
})
}
Here Firebase Documentation says that we need to just link the currentUser and retrieve data. But, the issue I am facing is that the currentUser is always nil. So, how can I get the current user? I have already tried this months ago and then I was able to link Facebook, Google and Email. Do, I need to signInAndRetrieve the data from Google in order to get the currentUser?
The Error "account Exists with a different credential" is because, by default, Firebase do not allow to use the same email address for two (or more) different Sing In methods. You need to enable this option.
1 - Go to Authentication > Sign-in method
2 - Scroll down to Advanced: Multiple accounts per email address
3 - Change the option to Allow creation of multiple accounts with the same email address
FYI: You need to do whole login process for each Sign In method in your app. Each method has is own credentials.
Hope this helps.

AWS Cognito User Pool + Facebook Login iOS

I have started integrating AWS Cognito User Pools into my app and the signup + login works (I have followed this tutorial: https://docs.aws.amazon.com/cognito/latest/developerguide/tutorial-integrating-user-pools-ios.html)
Now I'm struggling to properly integrate a Facebook login. This is what I do:
After the user has successfully signed in with facebook (using the facebook SDK), I'm getting the token and calling this function:
func signInFacebook(){
let customProviderManager = CustomIdentityProvider(tokens: nil)
self.credentialsProvider = AWSCognitoCredentialsProvider(
regionType:CognitoIdentityUserPoolRegion,
identityPoolId: CognitoIdentityPoolId,
identityProviderManager: customProviderManager)
let configuration = AWSServiceConfiguration(region:CognitoIdentityUserPoolRegion, credentialsProvider: self.credentialsProvider!)
AWSServiceManager.default().defaultServiceConfiguration = configuration
}
My CustomIdentityProvider class looks like this:
class CustomIdentityProvider: NSObject, AWSIdentityProviderManager {
var tokens : NSDictionary?
init(tokens: NSDictionary?) {
self.tokens = tokens
}
func logins() -> AWSTask<NSDictionary> {
if let fbToken = AccessToken.current?.authenticationToken {
return AWSTask(result: [AWSIdentityProviderFacebook: fbToken])
} else if let googleToken = GIDSignIn.sharedInstance().currentUser.authentication.idToken {
return AWSTask(result: [AWSIdentityProviderGoogle: googleToken])
}
return AWSTask(error:NSError(domain: "Social login", code: -1 , userInfo: ["Social login" : "No current social access token"]))
}
}
After signInFacebook() is called, I also call
self.credentialsProvider?.credentials().continueOnSuccessWith { (task:AWSTask<AWSCredentials>) -> Any? in
print("credentials: \(task.result!)")
return nil
}
and it prints some data in the log which looks fine.
But for some reason it doesn't seem to link properly everything together.
When I'm calling my backend to fetch some data, I usually do it like this:
I call self.user?.getSession().continueOnSuccessWith (user is an instance of AWSCognitoIdentityUser) and inside the closure I build the request where I put the token in the header. But if there are no tokens, the SDK shows my login screen. And this is what happens all the time. I would expect the user object to be updated with the correct tokens after the social login with Facebook has succeeded. What am I doing wrong?

Passing LWA token to Cognito

I am working a an app which uses the Alexa Voice Service and maintains different users, so the users needs to login with Amazon (LWA). I have implemented it like it is written in the docs and it works flawlessly.
LWA docs: https://developer.amazon.com/de/docs/login-with-amazon/use-sdk-ios.html
AMZNAuthorizationManager.shared().authorize(request, withHandler: {(result : AMZNAuthorizeResult?, userDidCancel : Bool, error : Error?) -> () in
if error != nil {
// Handle errors from the SDK or authorization server.
}
else if userDidCancel {
// Handle errors caused when user cancels login.
}
else {
// Authentication was successful.
// Obtain the access token and user profile data.
self.accessToken = result!.token
self.user = result!.user!
}
})
Furthermore I need to retrieve information from DynamoDB, which uses Cognito for authentification. As stated in the docs, there should be a way pass the access token form LWA to Cognito, but I can't find the proper place to do it. They say LWA provides an AMZNAccessTokenDelegate, which it does not. The delegate method provides an API result which Cognito needs. The link in the Cognito docs below refers to the same exact link from the LWA docs I posted above.
Cognito docs: https://docs.aws.amazon.com/cognito/latest/developerguide/amazon.html
func requestDidSucceed(apiResult: APIResult!) {
if apiResult.api == API.AuthorizeUser {
AIMobileLib.getAccessTokenForScopes(["profile"], withOverrideParams: nil, delegate: self)
} else if apiResult.api == API.GetAccessToken {
credentialsProvider.logins = [AWSCognitoLoginProviderKey.LoginWithAmazon.rawValue: apiResult.result]
}
}
What am I missing?
[EDIT]
I crawled through the LWA sources today until I finally found the correct delegate method.
Use AIAuthenticationDelegate instead of AMZNAccessTokenDelegate
But that lets me sit in front of the next two problems:
I.
Value of type 'AWSCognitoCredentialsProvider' has no member 'logins'
Maybe I have to use the following?
.setValue([AWSCognitoLoginProviderKey.LoginWithAmazon.rawValue: apiResult.result], forKey: "logins")
II.
Use of unresolved identifier 'AWSCognitoLoginProviderKey'
What do I put here? Maybe the API key I got from LWA?
[EDIT2]
I wanted to try it out, but requestDidSucceed never gets called, even through I successfully logged in.
class CustomIdentityProvider: NSObject, AWSIdentityProviderManager {
func logins() -> AWSTask<NSDictionary> {
return AWSTask(result: loginTokens)
}
var loginTokens : NSDictionary
init(tokens: [String : String]) {
self.loginTokens = tokens as NSDictionary
}
}
in the Authorization code at this below in successsful
AMZNAuthorizationManager.shared().authorize(request) { (result, userDidCancel, error) in
if ((error) != nil) {
// Handle errors from the SDK or authorization server.
} else if (userDidCancel) {
// Handle errors caused when user cancels login.
} else {
let logins = [IdentityProvider.amazon.rawValue: result!.token]
let customProviderManager = CustomIdentityProvider(tokens: logins)
guard let apiGatewayEndpoint = AWSEndpoint(url: URL(string: "APIGATEWAYURL")) else {
fatalError("Error creating API Gateway endpoint url")
}
let credentialsProvider = AWSCognitoCredentialsProvider(regionType: .USWest2, identityPoolId: "IDENTITY_ID", identityProviderManager:customProviderManager)
let configuration = AWSServiceConfiguration(region: .USWest2, endpoint: apiGatewayEndpoint, credentialsProvider: credentialsProvider)
}

Resources