Open nroman446 opened 3 weeks ago
@nroman446 could you try using flutter_facebook_auth:6.1.1
?
Version 6.2.0 use the facebook SDK 17.0.0 so I need to be sure if the problem is due to this upgrade
@nroman446 could you try using
flutter_facebook_auth:6.1.1
? Version 6.2.0 use the facebook SDK 17.0.0 so I need to be sure if the problem is due to this upgrade
I have the same error.
I confirm that it also happens with 6.1.1
At least in my case, it only happens on IOS. Android works fine, I tested API 31 and 34.
Maybe unrelated, but in IOS facebook login screen it also shows the warning:
"If you are not using limited login you will need to handle all graph..." with link to this blog
[(https://developers.facebook.com/blog/post/2024/03/28/changes-made-to-fb-login-sdk/)]
Regards
@nroman446 could you try using
flutter_facebook_auth:6.1.1
? Version 6.2.0 use the facebook SDK 17.0.0 so I need to be sure if the problem is due to this upgrade
6.1.1 is working as expected. Facebook backdoored the sunsetting of classic login so I suspect that's leading to the issue.
edit: 6.1.1 works with classic login, it does NOT work for limited login
In my case it fails with this same error both in versions 6.1.1 and 6.2.0 Maybe Im doing something wrong because its the first time I use this package,
final LoginResult loginResult = await FacebookAuth.instance.login();
if (loginResult.accessToken?.token != null) {
final OAuthCredential facebookAuthCredential = FacebookAuthProvider.credential(loginResult.accessToken!.token);
await FirebaseAuth.instance.signInWithCredential(facebookAuthCredential);
The loginResult returns success and an AccessToken, but the FirebaseAuth.instance.signInWithCredential returns:
firebase_auth/invalid-credential] {"code":190,"message":"Malformed access token"}
This happens only in IOS. Android works fine
Same error here!
@pamafe1976 @bdezso Did you try changing it to 6.1.1 on both pubspec.yaml
and Podfile.lock
?
@shamjam you're right that after downgrading in pubspec.yaml to 6.1.1, the podfile.lock was still in 6.2.0 I had to do a flutter clean, and after that it went to 6.0.4 on podfile.lock and now it works fine.
I don't know why it goes to 6.0.4 instead of 6.1.1. If I try to force it to 6.1.1, I get an error when running pod install
@pamafe1976 , try rm Podfile.lock
in ios directory
@shamjam Thanks for the tip. It's working now. I had to update the .lock file too.
I believe I have figured out the issue. FacebookAuth at line 90 only provides the providerid and accesstoken. oauth for limited login requires the raw nonce
the same is report here https://github.com/darwin-morocho/flutter-facebook-auth/issues/396 Please provide us the AuthenticationToken to check it and retrive data that are stored inside that jwt token
In my case it fails with this same error both in versions 6.1.1 and 6.2.0 Maybe Im doing something wrong because its the first time I use this package,
final LoginResult loginResult = await FacebookAuth.instance.login(); if (loginResult.accessToken?.token != null) { final OAuthCredential facebookAuthCredential = FacebookAuthProvider.credential(loginResult.accessToken!.token); await FirebaseAuth.instance.signInWithCredential(facebookAuthCredential);
The loginResult returns success and an AccessToken, but the FirebaseAuth.instance.signInWithCredential returns:
firebase_auth/invalid-credential] {"code":190,"message":"Malformed access token"}
This happens only in IOS. Android works fine
Is your problem solved? I am getting same problem for iOS version 17.0 and above
I believe I have figured out the issue. FacebookAuth at line 90 only provides the providerid and accesstoken. oauth for limited login requires the raw nonce
Please add more context and how the issue could be fixed.
I believe I have figured out the issue. FacebookAuth at line 90 only provides the providerid and accesstoken. oauth for limited login requires the raw nonce
Please add more context and how the issue could be fixed.
https://firebase.google.com/docs/auth/ios/facebook-login I hope this will use full.
I believe I have figured out the issue. FacebookAuth at line 90 only provides the providerid and accesstoken. oauth for limited login requires the raw nonce
Please add more context and how the issue could be fixed.
https://firebase.google.com/docs/auth/ios/facebook-login I hope this will use full.
I will check it and try to deploy a pre-release version
I have deployed a pre-release version of the limited login on iOS.
flutter_facebook_auth: ^7.0.0-dev.3
Please check the BREAKING CHANGES https://pub.dev/packages/flutter_facebook_auth/versions/7.0.0-dev.3/changelog#700-dev3
@darwin-morocho Still getting the same error. When I tried to send credential to Firebase.
FirebaseAuth.instance.signInWithCredential(facebookAuthCredential);
flutter: Facebook Auth : AuthCredential(providerId: facebook.com, signInMethod: facebook.com, token: null, accessToken: o7p2zV6p7UUjBVP61BMm9fUrjyYXXt0AHOZ0asPgaPz4mmxfmebNvJaC69bgFTgZZxSAGFH4l925sMt5ta71k0jeX6Xalw1gXC7KnaBO1N0tj4hzGtMZRK3fmX29tZbTKbEXrsldUXYycgKUtL8SQ69ZY6LZwoK2QCGUNDlsel3ubdiEYoxY8GeqPEobzI10ssItKu5pxIPihf7pMcRdCPiUUTQwOekPB1gqj9sRNl1uhW6onH5nHywIMDgH1OB) flutter: Firebase Auth error: [firebase_auth/invalid-credential] {"code":190,"message":"Invalid OAuth access token - Cannot parse access token"}
@darwin-morocho Still getting the same error. When I tried to send credential to Firebase.
FirebaseAuth.instance.signInWithCredential(facebookAuthCredential);
flutter: Facebook Auth : AuthCredential(providerId: facebook.com, signInMethod: facebook.com, token: null, accessToken: o7p2zV6p7UUjBVP61BMm9fUrjyYXXt0AHOZ0asPgaPz4mmxfmebNvJaC69bgFTgZZxSAGFH4l925sMt5ta71k0jeX6Xalw1gXC7KnaBO1N0tj4hzGtMZRK3fmX29tZbTKbEXrsldUXYycgKUtL8SQ69ZY6LZwoK2QCGUNDlsel3ubdiEYoxY8GeqPEobzI10ssItKu5pxIPihf7pMcRdCPiUUTQwOekPB1gqj9sRNl1uhW6onH5nHywIMDgH1OB) flutter: Firebase Auth error: [firebase_auth/invalid-credential] {"code":190,"message":"Invalid OAuth access token - Cannot parse access token"}
@kamyweb following this documentation you need to pass a nonce similar to the next swift code
// Initialize a Firebase credential.
let idTokenString = AuthenticationToken.current?.tokenString
let nonce = currentNonce
let credential = OAuthProvider.credential(withProviderID: "facebook.com",
idToken: idTokenString!,
rawNonce: nonce)
Thus plugin now has the LimitedLogin
class that allow you get the generated nonce of your access token
String randomNonceString({int length = 32}) {
assert(length > 0);
List
String charset = '0123456789ABCDEFGHIJKLMNOPQRSTUVXYZabcdefghijklmnopqrstuvwxyz-._';
String nonce = String.fromCharCodes(randomBytes.map((byte) {
// Pick a random character from the set, wrapping around if needed.
return charset.codeUnitAt(byte % charset.length);
}));
return nonce;
}
final nonce = sha256.convert(utf8.encode(randomNonceString())).toString();
I am passing nonce too, now facing different error. flutter: Firebase Auth error: [firebase_auth/invalid-credential] {"code":190,"message":"Bad signature"}
For limited login, aren't we supposed to pass SHA256 of raw nonce to Facebook? I noticed this in your changes.
guard let configuration = LoginConfiguration(
permissions: permissions,
tracking: isLimitedLogin ? .limited : tracking,
nonce: UUID().uuidString
)
UUID().uuidString
supposed to be SHA256 of raw nonce which should be passed from the lib users (not randomly generated by lib itself) because then the lib users will need to provide that exact raw nonce to Firebase in order to get Firebase credential
// Initialize a Firebase credential.
let idTokenString = AuthenticationToken.current?.tokenString
let nonce = currentNonce
let credential = OAuthProvider.credential(withProviderID: "facebook.com",
idToken: idTokenString!,
rawNonce: nonce)
If incorrect raw nonce is passed to Firebase, we get this flutter: [firebase_auth/missing-or-invalid-nonce] The nonce in ID Token "..." does not match the SHA256 hash of the raw nonce "..." in the request.
Ref: https://firebase.google.com/docs/auth/ios/facebook-login#implement_facebook_limited_login
You will send the SHA-256 hash of the nonce with your sign-in request, which Facebook will pass unchanged in the response. Firebase validates the response by hashing the original nonce and comparing it to the value passed by Facebook.
@nroman446 @RaghvindYadav you can use the next code
final result = await FacebookAuth.instance.login();
if (result.status == LoginStatus.success){
final accessToken = result.accessToken;
final nonce = accessToken is LimitedToken ? accessToken.nonce : null;
}
For classic token, I got this:
type 'Null' is not a subtype of type 'int'
at new ClassicToken.fromJson (package:flutter_facebook_auth_platform_interface/src/access_token.dart:109:13)
For classic token, I got this:
type 'Null' is not a subtype of type 'int'
atnew ClassicToken.fromJson (package:flutter_facebook_auth_platform_interface/src/access_token.dart:109:13)
Try with flutter_facebook_auth: 7.0.0-dev.4
I get a similar issue:
type 'LimitedToken' is not a subtype of type 'String' in type cast
I get a similar issue:
type 'LimitedToken' is not a subtype of type 'String' in type cast
LimitedToken is a class
@darwin-morocho Limited Login still not works.
flutter: AuthCredential(providerId: facebook.com, signInMethod: facebook.com, token: null, accessToken: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImVjMTFkNTAzNDFjMDhlODI4OTk2NTBlNmFmY2M2NjY4ZjJhMGE0MjAifQ.eyJpc3MiOiJodHRwczpcL1wvd3d3LmZhY2Vib29rLmNvbSIsImF1ZCI6IjE1NTUyNTg3NTg2NTUzMzIiLCJzdWIiOiIxMjIxMzkwNjc4ODYxNzU1OTkiLCJpYXQiOjE3MTQ0NDg1NDgsImV4cCI6MTcxNDQ1MjE0OCwianRpIjoiUjQ3Ri40NDRmNTRlYTU0YWQxMWFkMmEzMTdjOGRkMTU4ZDVhMGEyOTcyODA5ZmI3ZDk2ZTI4NGQ5YTBiOGJmMGZhYjNhIiwibm9uY2UiOiI2MEQwM0UxQS0wRUYxLTQwRjctQTZFMi04NUE4NDNCNjExOTAiLCJlbWFpbCI6ImphaGFudmlcdTAwNDBiYXJhZ2F1bi5jb20iLCJnaXZlbl9uYW1lIjoiSmFoYW52aSIsImZhbWlseV9uYW1lIjoiVnlhcyIsIm5hbWUiOiJKYWhhbnZpIFZ5YXMiLCJwaWN0dXJlIjoiaHR0cHM6XC9cL3Njb250ZW50LmZkZWw4LTIuZm5hLmZiY2RuLm5ldFwvdlwvdDEuMzA0OTctMVwvODQ2MjgyNzNfMTc2MTU5ODMwMjc3ODU2Xzk3MjY5MzM2MzkyMjgyOTMxMl9uLmpwZz9zdHA9YzI5LjAuMTAwLjEwMGFfY3AwX2RzdC1qcGdfZTE1X3AxMDB4MTAwX3E2NSZfbmNfY2F0PTEmY2NiPTEtNyZfbmNfc2lkPTVmMjA0OCZlZmc9ZXlKcElqb2lkQ0o5Jl9uY19vaGM9Sk52aGFTaTIwRnNBYjRWQWVkRSZfbmNfb2M9QW<…> flutter: Firebase Auth error: [firebase_auth/invalid-credential] {"code":190,"message":"Bad signature"}
If I am using LoginTracking.enabled then it also through error but different flutter: Firebase Auth failed: type 'Null' is not a subtype of type 'int',
However this package works if I allowed to ATT permission. Login get succeed. Now the problem is for Limited login.
For classic token, I got this:
type 'Null' is not a subtype of type 'int'
atnew ClassicToken.fromJson (package:flutter_facebook_auth_platform_interface/src/access_token.dart:109:13)
Try with
flutter_facebook_auth: 7.0.0-dev.4
Yes, that was from flutter_facebook_auth: 7.0.0-dev.4
For classic token, I got this:
type 'Null' is not a subtype of type 'int'
atnew ClassicToken.fromJson (package:flutter_facebook_auth_platform_interface/src/access_token.dart:109:13)
Try with
flutter_facebook_auth: 7.0.0-dev.4
Yes, that was from
flutter_facebook_auth: 7.0.0-dev.4
Try with flutter_facebook_auth: 7.0.0-dev.5
@darwin-morocho still limited login not works, getting the below response.
flutter: AuthCredential(providerId: facebook.com, signInMethod: oauth, token: null, accessToken: null) flutter: Firebase Auth error: [firebase_auth/invalid-credential] The audience in ID Token [-----] does not match the expected audience ++++.
Now non limited login also get failed.
flutter: AuthCredential(providerId: facebook.com, signInMethod: facebook.com, token: null, accessToken: EAAWGfZBXX7WQBO4s7lT6tPPj3XTza52ZAAWiaV0cnqZAO41K5KB7EQtWRaIlqTlfvsJFDlOmLU1Gp3O8GTVSzCRPVEPGnm1KPt8Xh7OrE11UnZAKZBJG4ZBTMhGM9JO2W6cA45Bk7FYBP4he5XOygZCwS3bxN7SvrGPdovyOa732lH4cbZCPwJYUGa0QuydxODhcbT4kMLKvBRcjD62W1VFZBHpaykSaUlmVP3I7qyPPyDfXGeFYph14y5RcskgTuUbCHaQZDZD) flutter: Firebase Auth error: [firebase_auth/invalid-credential] {"error":{"message":"(#100) The App_id in the input_token did not match the Viewing App","type":"OAuthException","code":100,"fbtrace_id":"A4kfyvC_XSWJtqbexuhZB9a"}}
he App_id in the input_token did not match the Viewing App
I am not sure that the error is due to this plugin please check your configuration into the facebook and firebase console
@darwin-morocho this flutter_facebook_auth: ^6.2.0 works fine when I added ATT prompt when user allow to track app, but login failed user revoke the tracking request.
In android and web everything works good.
@darwin-morocho this flutter_facebook_auth: ^6.2.0 works fine when I added ATT prompt when user allow to track app, but login failed user revoke the tracking request.
In android and web everything works good.
I will try to reproduce the issue creating a firebase project and adding it to this repo.
For limited login, aren't we supposed to pass SHA256 of raw nonce to Facebook? I noticed this in your changes.
guard let configuration = LoginConfiguration( permissions: permissions, tracking: isLimitedLogin ? .limited : tracking, nonce: UUID().uuidString )
UUID().uuidString
supposed to be SHA256 of raw nonce which should be passed from the lib users (not randomly generated by lib itself) because then the lib users will need to provide that exact raw nonce to Firebase in order to get Firebase credential// Initialize a Firebase credential. let idTokenString = AuthenticationToken.current?.tokenString let nonce = currentNonce let credential = OAuthProvider.credential(withProviderID: "facebook.com", idToken: idTokenString!, rawNonce: nonce)
If incorrect raw nonce is passed to Firebase, we get this
flutter: [firebase_auth/missing-or-invalid-nonce] The nonce in ID Token "..." does not match the SHA256 hash of the raw nonce "..." in the request.
Ref: https://firebase.google.com/docs/auth/ios/facebook-login#implement_facebook_limited_login
You will send the SHA-256 hash of the nonce with your sign-in request, which Facebook will pass unchanged in the response. Firebase validates the response by hashing the original nonce and comparing it to the value passed by Facebook.
This looks to be the remaining blocker for our implementation, where Limited Logins are responding with:
Firebase Auth error: [firebase_auth/missing-or-invalid-nonce] The nonce in ID Token "<generated via login method>" does not match the SHA256 hash of the raw nonce "<from accessToken.nonce>" in the request.
...
late LoginResult loginResult;
late OAuthCredential facebookAuthCredential;
final trackingPermission = await Permission.appTrackingTransparency.status;
try {
String tokenString = '';
String? nonce;
if (trackingPermission == PermissionStatus.granted) {
loginResult = await FacebookAuth.instance.login(
permissions: ['public_profile', 'email'],
loginTracking: LoginTracking.enabled,
);
} else {
loginResult = await FacebookAuth.instance.login(permissions: ['public_profile', 'email']);
}
if (loginResult.status == LoginStatus.success) {
final AccessToken? accessToken = loginResult.accessToken;
tokenString = accessToken!.tokenString;
if (accessToken is LimitedToken) {
nonce = accessToken.nonce;
facebookAuthCredential = OAuthCredential(
providerId: 'facebook.com',
signInMethod: 'oauth',
idToken: tokenString,
rawNonce: nonce,
);
} else {
facebookAuthCredential = FacebookAuthProvider.credential(tokenString);
}
}
} catch (e) {
...
I will add an option to pass a custom nonce and release it tomorrow
What version are you using?
6.2.0
What OS and version are you using to local deploy your application?
MacOS Sonoma 14.0
What platforms are you seeing the problem on?
iOS
pubspec.yaml
Describe the Bug
Attempting to login via facebook via FBSDK Login Kit facebook will spit out error [firebase_auth/invalid_credential]{"code":190,"message":"Invalid OAuth access token - Cannot parse access token"}
Expected Behavior
The facebook login popup should clear
To Reproduce
Log In via FacebookAuth.login()
Relevant log output
No response
flutter doctor -v
Info.plist (iOS)
Podfile (iOS)
AndroidManifest.xml
No response
MainActivity.java
No response
MainActivity.kt
No response
index.html
No response
Info.plist (macOS)
No response