Open Thaina opened 5 years ago
I found a few problems with this issue:
Authentication and account linking are all client-side APIs. I think this should be reported in the JS SDK repo.
I found a few problems with this issue:
@hiranya911 This functionality could be useful in both client and server side. And if it has this function in server side, client side could proxy it around this time
Also if logic would required server side to check the existence of 3rd party access token. Server side could do so
Please move this back to node repo
There is no API to do so. Feel free to file an official feature request for it. It is unlikely to be supported but we have plans to provide an admin sdk API to lookup by federated ID. So if you have the Facebook user ID, you can lookup if the user exists in the Auth database.
@bojeil-google
we have plans to provide an admin sdk API to lookup by federated ID
I was request that functionality for such years and it's not exist yet
But still I wish that atleast the google auth server could have some endpoint, like verifyAssertion
, that could specify parameter to actually only verify the token but not create new account just yet
It's too weird that we didn't have this functionality available anywhere at all. It just so common when we could link any ID with credential, we should have some way to check that this credential was not linked with anything yet
Actually I was expect that
from this doc https://firebase.google.com/docs/reference/rest/auth#section-sign-in-with-oauth-credential
I should call relyingparty/verifyAssertion
with "returnSecureToken":false
and then it will not try to create user, return empty userID if not exist. Or something like that
@bojeil-google Hello are there any update on this?
@bojeil-google @MeghaB As of now we have getUsers in Admin SDK. Are there any chance it would be exposed in client SDK ?
In my use case it could just return object as UserInfo
instead of full UserRecord
. But it should be allowed to be called from client directly. Or else I need to made cloud function for call it anyway
Actually I wish that it would be the same API. But if it called from client directly then it could be call as anonymous, only return some field (maybe just ID,name,photoURL) and would have lower limit of number it could request (is 30 possible ?)
And firebase server could limit client spamming on this API too
In this way it also useful for social multiplayer game that user could get a friend list (such as from facebook) and then they could get firebaseID to do other thing directly from client side
Hey Thaina,
I've filed b/169068814 to track this feature request internally. If you want to be able to solve this problem right now, you can upgrade your project to Identity Platform (the enterprise offering of Firebase Authentication) and disable client signup. Other than that, you can just use a Cloud Function and the Admin SDK like you've suggested.
Hope that helps! ~Malcolm
Thank you very much
Is this feature solved?
I want to know how to see the status of this feature request.
b/169068814
how do I use this?
Since we could get and link credential with many sources. Google, Facebook, GooglePlay, GameCenter, github, etc. I need to have some way to verified that, is the credential already existed and linked with some ID or not
But I don't want to signed in with that credential immediately. Because I need to generate custom userID. If it linked I will let it signed it. But if it not I would like to have user pass the initial process first and the server will minting the token to let user signing in and link their credential with it after that
Is there any API to do that, especially in client?
If not I would like to request API Auth.getUserIDFromCredential(credential) or Auth.signInWithExistingCredential(credential) that will signed in only if the credential has already been linked with any account