search

auth0 / react-native-auth0

React Native toolkit for Auth0 API
https://auth0.com
MIT License
478 stars 206 forks source link

Firebase auth (via custom token) not working #14

Closed ajonno closed 7 years ago

ajonno commented 7 years ago

I can authenticate to Auth0 ok. This example is via uid/pwd.

Note: In Auth0 web console, FIREBASE has been enabled and I have pasted in the Private Key Id, Private Key and Client Email values (that FIREBASE gives me via the Service Accounts tab in their web console) into Auth0 Firebase API Add On "Settings" view. Simple copy/paste. When I save it, Auth0 says 'saved successfully'. This is for an IOS project in Auth0.

Note 2: We were advised by Auth0 support to add a Rule. Here it is:

function (user, context, callback) {
  var isFirebase = context.isDelegation && context.request.body.api_type === "firebase";

  if (isFirebase) {
    var identity = user.identities[0];
    user.firebase_data = {
      uid: identity.provider + ":" + identity.user_id,
      email: user.email,
      test: user.user_metadata
    };
    console.log(user);
  }
  return callback(null, user, context);
}

Now, back to the auth flow :

When the uid/pwd login completes to AUTH0 , I then receive a return payload from Auth0 that includes an "id_token" and an "access_token"

ok great. at this point, because i have enabled Firebase in Auth0 (via "Addon" connections as explained above) for this iOS app - I must assume that the id_token I am getting back from Auth0 has magically been made ready - to be then passed along to the Firebase login call.

So, I then pass the "id_token" INTO the Firebase authentication call.

The response is an ERROR!!: The custom token format is incorrect. Please check the documentation.

Here is the code block:

auth0
   .authentication('yyyyyxxxxxxxxxxxxxCjxJjbIis')
   .login("info@auth0.com", "password", "myconnection")
   .then(credentials => {

      //now need to call delegation endpoint
      auth0
      .authentication('xxxxxxxx')
      .delegation(credentials.id_token, 'id_token', 'firebase', {scope : 'openid name email displayName'})
      .then( response => {

          //look out Firebase here goes......!
          firebase.auth().signInWithCustomToken(response.id_token).catch(function(error) {
             // Handle Errors here.
             var errorCode = error.code;
             var errorMessage = error.message;
             console.log(errorCode);
             console.log(errorMessage);
             // ...
          });

      })
      .catch(error => console.log(error));

   })
   .catch(error => console.log(error));

For reference the DECODED id_token (using https://jwt.io/#debugger):

HEADER:ALGORITHM & TOKEN TYPE { "typ": "JWT", "alg": "RS256", "kid": "3a9c98xxxxxx86ec694ad" }

PAYLOAD:DATA { "uid": "auxxxxxxxxxxxxx7190", "claims": { "uid": "autxxxxxxxxxxxx7190", "email": "info@auth0.com" }, "iat": 14xx90, "exp": 1480xxxxx0, "aud": "https://identitytoolkit.googleapis.com/google.identity.identitytoolkit.v1.IdentityToolkit", "iss": "firebase-adminsdk-4h0fb@xxxxxxxxxxxxxgserviceaccount.com", "sub": "firebase-adminsdk-4h0fb@xxxxxxxxxxxx.gserviceaccount.com" }

Lastly, we went to the REST API tests page here: https://auth0.com/docs/api/authentication#!#post--delegation

same/similar error with this response:

{
  "error": "invalid_token",
  "error_description": "invalid aud: https://identitytoolkit.googleapis.com/google.identity.identitytoolkit.v1.IdentityToolkit",
  "statusCode": 401
}

We are going rapidly insane trying to get this authentication via Auth0 -> Firebase to work. Perhaps just the documentation is lacking. Either way can someone please look at this and help to resolve. We'd be happy to update your docs on Github for the React Native api once this thing starts working.

ajonno commented 7 years ago

OK - with no code changes or amendments to any of the above info - the USERID / PWD auth on Auth0 -> Firebase started working. Maybe some delay in registration of .... ? Anyway thats good.