Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

signInWithRedirect with FacebookAuthProvider working in iOS but not in IPadOS #6331

Closed
arturomf opened this issue Jun 3, 2022 · 6 comments · Fixed by #6379
Closed

signInWithRedirect with FacebookAuthProvider working in iOS but not in IPadOS #6331

arturomf opened this issue Jun 3, 2022 · 6 comments · Fixed by #6379
Labels
api: auth closed-by-bot needs-info v9

Comments

@arturomf
Copy link

arturomf commented Jun 3, 2022
edited
Loading

[REQUIRED] Describe your environment

  • Operating System version: iPadOS 15.5
  • Browser version: Ionic 5 + Angular App
  • Firebase SDK version: 9.8.2
  • Firebase Product: auth

[REQUIRED] Describe the problem

When using signInWithRedirect method with FacebookAuthProvider, in iOS (iPhone) it's working as intended, but in IPadOS (on iPad) it throws error:

Firebase: This domain is not authorized for OAuth operations for your Firebase project. Edit the list of authorized domains from the Firebase console. (auth/unauthorized-domain).

Steps to reproduce:

Simply try to use the code from https://firebase.google.com/docs/auth/web/cordova with FacebookAuthProvider in cordova App.

Relevant Code:

private async loginWithFacebookNative() {
    const auth = getAuth();
    const provider = new FacebookAuthProvider();
    return signInWithRedirect(auth, provider).then((res) => {
      return getRedirectResult(auth)
    }).then((result) => {
      const credential = FacebookAuthProvider.credentialFromResult(result);
      return result;
    }).catch((error: FirebaseError) => {
      // Handle Errors here.
      console.log('ERROR', error.code);
      console.log('ERROR', error.message);
      console.log('ERROR', error.stack);
    });
  }
@jbalidiong jbalidiong added the v9 label Jun 3, 2022
@sam-gc
Copy link
Contributor

sam-gc commented Jun 6, 2022

Hi @arturomf, thanks for filing this. To help us debug, would you please open the Safari remote debugging tools to determine if the redirect URL is the same for both the iPad and iPhone?

@google-oss-bot
Copy link
Contributor

Hey @arturomf. We need more information to resolve this issue but there hasn't been an update in 5 weekdays. I'm marking the issue as stale and if there are no new updates in the next 5 days I will close it automatically.

If you have more information that will help us get to the bottom of this, just add a comment!

@google-oss-bot
Copy link
Contributor

Since there haven't been any recent updates here, I am going to close this issue.

@arturomf if you're still experiencing this problem and want to continue the discussion just leave a comment here and we are happy to re-open this.

@arturomf
Copy link
Author

I'm sorry for the delay, I've been on holiday. I have tested both iPhones and iPad. After the signInWithRedirect call, I can see in the Safari console an HTTP request:

iPhone:
https://identitytoolkit.googleapis.com/v1/projects?key=xxxxxxxxxxxxx&iosBundleId=org.changedyslexia.newdytective

iPad
https://identitytoolkit.googleapis.com/v1/projects?key=xxxxxxxxxxxxx

The HTTP request has a different user agent (I think, the problem is here):

iPhone:
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 15_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148

iPad:
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148

On iPhone, after that request, I have another HTTP Request to:
https://identitytoolkit.googleapis.com/v1/accounts:signInWithIdp?key=xxxxxxxxxxxxxxxxxx

On iPad, I get the error.

@sam-gc sam-gc reopened this Jun 21, 2022
@sam-gc
Copy link
Contributor

sam-gc commented Jun 21, 2022

Thanks @arturomf, this was super helpful. It appears the issue is that the iPad's user agent isn't tripping this function:

firebase-js-sdk/packages/auth/src/core/util/browser.ts

Lines 125 to 127 in d87d3a8

export function _isIOS(ua = getUA()): boolean {
return /iphone|ipad|ipod/i.test(ua);
}

We'll need to do some investigating to see if there's a way to determin iPad from that user agent (we don't want to introduce false-positives). It looks like the only thing to go on would be AppleWebKit + Mobile but I'm not convinced that's a safe heuristic.

As an immediate fix, I believe in Cordova you can override the user agent (how depends on platform/version). If you update the user agent on iPad to include the string "iPad" the test linked above will work

@sam-gc sam-gc mentioned this issue Jun 22, 2022
Merged
@sam-gc
Copy link
Contributor

sam-gc commented Jun 23, 2022

The linked PR should fix the issue and should be available soon. Keep an eye on the release notes!

This was referenced Jul 6, 2022
Merged
Merged
@firebase firebase locked and limited conversation to collaborators Jul 24, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
api: auth closed-by-bot needs-info v9
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

[Auth] Update user agent detection to better detect iPad firebase/firebase-js-sdk
4 participants
@sam-gc @arturomf @google-oss-bot @jbalidiong