search

baumblatt / capacitor-firebase-auth

Capacitor Firebase Authentication Plugin
MIT License
261 stars 129 forks source link

Facebook Token, get e-mail and e-mail varified? #109

Open Kailyou opened 4 years ago

Kailyou commented 4 years ago

Hello,

first of all I would like to thank you for your time and work for this plugin.

is there any way to get a Token as result from Facebook which includes the E-Mail and the E-Mail varified status as it works for Google and Apple?

"permissions": { "google": ["profile", "https://www.googleapis.com/auth/drive"], "facebook": ["email"] }

I could not find any example how to add those permissions.

I tried it like this but I could not find any change, not even dialog about sharing those email informations.

Finally, I wonder if that even would result in the e-mail would be in the token encoded?

Best regards

baumblatt commented 4 years ago

Hello @Kailyou ,

First, are you sure that you don’t have access to user's email? Please make a double check in the permissions of your application at Facebook, but i think the email is the default.

For awhile, just Google Handler has the additional permissions feature, but the email is asked on Facebook Handler as we can see here

Anyway, if you need more permissions, please give me an example and I can made it happen.

Despite that I don’t think that you need it, another way is use the alternative facade, you will receive entire information from the native layer, more information here

Best regards, Bernardo Baumblatt

Kailyou commented 4 years ago

Hello @baumblatt ,

Thank you for your time and your fast reply!

First, are you sure that you don’t have access to user's email? Please make a double check in the permissions of your application at Facebook, but i think the email is the default.

I will check this but I would be interested to know if e-mail and e-mail verified ever would be in a token encoded. I cannot check it myself that quick because I do not have access myself to those settings.

Do I understand it correctly that it should be in the Token encoded when the permission for this exists?

What I exactly need is a Facebook token, which has the e-mail (if available) and the status email verified encoded, like the Google token has it.

The Facebook token I received while trying:

cfaSignInFacebook() .pipe(takeUntil(this._unsubscribeAll$)) .subscribe({ next: (response) => { response.getIdTokenResult().then((tokenresult) => { // tokenresult.token does not include e-mail or e-mail varified }); }, });

If it is not possible to receive my needed information from a token generated from the cfaSigninFacebook(), would it work with your other suggested way with the native layer? If so, could you give me an example on how to use it with Facebook?

Thank you a lot for your time and great work!

Best regards, Kailyou

keyurboss commented 4 years ago

Hello @baumblatt ,

Thank you for your time and your fast reply!

First, are you sure that you don’t have access to user's email? Please make a double check in the permissions of your application at Facebook, but i think the email is the default.

I will check this but I would be interested to know if e-mail and e-mail verified ever would be in a token encoded. I cannot check it myself that quick because I do not have access myself to those settings.

Do I understand it correctly that it should be in the Token encoded when the permission for this exists?

What I exactly need is a Facebook token, which has the e-mail (if available) and the status email verified encoded, like the Google token has it.

The Facebook token I received while trying:

cfaSignInFacebook() .pipe(takeUntil(this._unsubscribeAll$)) .subscribe({ next: (response) => { response.getIdTokenResult().then((tokenresult) => { // tokenresult.token does not include e-mail or e-mail varified }); }, });

If it is not possible to receive my needed information from a token generated from the cfaSigninFacebook(), would it work with your other suggested way with the native layer? If so, could you give me an example on how to use it with Facebook?

Thank you a lot for your time and great work!

Best regards, Kailyou

Hiii @Kailyou I would like to quote that as of you are requesting for external data which may not be public

So You will get Oauth Token after success full login

then you need to make Request from your server to Facebook with that oauth token ... Keep Access Token Is Different from firebase token

You May need to white list your server url or ip-address in your facebook developer settings

PLEASE refer this Documentation from facebook

https://developers.facebook.com/docs/graph-api/reference/user/

Kailyou commented 4 years ago

Hi @rpsoftech

Thank you for your reply.

So You will get Oauth Token after success full login

then you need to make Request from your server to Facebook with that oauth token ... Keep Access Token Is Different from firebase token

Are there differences? The result token from Firebase for the Google login had all information I needed in the token included.

What I do need is an access token (if possible from Firebase), which I get as response, which includes the e-mail and the e-mail verified status. This information must be inside an access token from Firebase, or from Facebook if not possible from Firebase.

The result token from "cfaSignInFacebook", is it a Firebase access token or what exactly is this token?

Best regards, Kailyou

keyurboss commented 4 years ago

Hello @Kailyou Yes they are two different things what is firebase access token and another is oauth access token of Facebook..

https://firebase.google.com/docs/auth/web/facebook-login#handle_the_sign-in_flow_with_the_firebase_sdk

Please refer above URL point number 5..

Kailyou commented 4 years ago

Hello @baumblatt I still could not get it working.

Do you have any example of how to use the FB Login using your plugin? I need to access the user's e-mail address for sure and if possible the e-mail verification status.

cfaSignInFacebook() returns me a longer token with some information inside, the e-mail is missing tho. I have no clue what kind of token this is and what I need to do with this one. If I try to send this token as OAuth access token to the Facebook Graph API, it gives me the following error:

ERROR Error: Uncaught (in promise): The supplied auth credential is malformed or has expired. [ Bad access token: {"code":190,"message":"Invalid OAuth access token."} ]

Any idea?

Best regards, Kailyou