search

firebase / flutterfire

πŸ”₯ A collection of Firebase plugins for Flutter apps.
https://firebase.google.com/docs/flutter/setup
BSD 3-Clause "New" or "Revised" License
8.72k stars 3.97k forks source link

πŸ› [FIREBASE_AUTH] SMS code always Expired in some devices (Release Mode) #10549

Closed Greismorr closed 1 year ago

Greismorr commented 1 year ago

Bug report

Describe the bug

I have a Flutter app that use's Firebase Auth as authentication system. With the majority of devices, it work's without problems. The problem is that some users using specific devices can't authenticate because every code that is sent to them are expired (like Samsung A03 Core).

Basically, i ask to Firebase to send the code using the verifyPhone method below. If the device completes the verification automatically, the app is redirected to the authenticated app. If not, the user is redirected to a page where the OTP code should be inserted and validated using the method loginWithPhone below. When the problem happens, it is always a firebase/session-expired error in this part of the logic.

I imagine that probably the Firebase is signing the user because it shows their phone numbers in Firebase Auth Console, but i cannot imagine why the verificationCompleted wouldn't trigger if that's the case.


@override
Future<void> verifyPhone({
    required String phone,
    required Function verificationCompletedCallback,
    required Function codeSentCallback,
}) async {
    try {
      await _auth.verifyPhoneNumber(
        phoneNumber: phone,
        timeout: const Duration(seconds: 60),
        verificationCompleted: (PhoneAuthCredential credential) async {
          await _auth.signInWithCredential(credential);

          //Redirect user to the authenticated App
          verificationCompletedCallback();
        },
        verificationFailed: (FirebaseAuthException e) {
          switch (e.code) {
            case "too-many-requests":
              if (kDebugMode) {
                print("verificationFailed: TooManyRequests");
              }
              break;

            default:
              if (kDebugMode) {
                print("verificationFailed: Unknown");
              }
              break;
          }
        },
        codeSent: (String verificationId, int? resendToken) {
          actualCode = verificationId;

          //Redirect user to the page where the code should be inserted
          codeSentCallback();
        },
        codeAutoRetrievalTimeout: (String verificationId) {},
      );
    } on FirebaseAuthException catch (e, stackTrace) {
      switch (e.code) {
        case "invalid-verification-code":
          throw InvalidActionCodeError();
        case "invalid-verification-id":
          throw InvalidActionCodeError();
        default:
          throw AuthenticationError();
      }
    }
  }
@override
  Future<void> loginWithPhone(String smsCode) async {
    try {
      PhoneAuthCredential credential = PhoneAuthProvider.credential(
        verificationId: actualCode,
        smsCode: smsCode,
      );

      await _auth.signInWithCredential(credential);
    } on FirebaseAuthException catch (e, stackTrace) {

      switch (e.code) {
        case "invalid-verification-code":
          throw InvalidActionCodeError();
        case "invalid-verification-id":
          throw InvalidActionCodeError();
        case "session-expired":
          throw ExpiredActionCodeError();
        default:
          throw AuthenticationError();
      }
    }
  }

Steps to reproduce

Steps to reproduce the behavior:

  1. Try to ask for a SMS on some devices.
  2. Code that come's is always expired.

Expected behavior

The OTP code should be valid when inserted by the user.

Additional context

firebase_core: ^2.4.0 and firebase_auth: ^4.2.1

Flutter doctor

Run flutter doctor and paste the output below:

Click To Expand ``` [√] Flutter (Channel stable, 3.3.10, on Microsoft Windows [versΓ†o 10.0.22000.1574], locale pt-BR) [!] Android toolchain - develop for Android devices (Android SDK version 30.0.3) X cmdline-tools component is missing Run `path/to/sdkmanager --install "cmdline-tools;latest"` See https://developer.android.com/studio/command-line for more details. X Android license status unknown. Run `flutter doctor --android-licenses` to accept the SDK licenses. See https://flutter.dev/docs/get-started/install/windows#android-setup for more details. [√] Chrome - develop for the web [√] Android Studio (version 2021.3) [√] IntelliJ IDEA Community Edition (version 2020.1) [√] VS Code (version 1.75.1) [√] Connected device (2 available) [√] HTTP Host Availability ```

Flutter dependencies

Run flutter pub deps -- --style=compact and paste the output below:

Click To Expand ``` Dart SDK 2.18.6 Flutter SDK 3.3.10 izeline 12.7.0+1 dependencies: - app_settings 4.1.8 [flutter] - avatars 3.0.2 [flutter crypto flutter_cache_manager] - brasil_fields 1.6.0 [flutter intl] - cached_network_image 3.2.2 [flutter flutter_cache_manager octo_image cached_network_image_platform_interface cached_network_image_web] - carousel_slider 4.1.1 [flutter] - cloud_firestore 4.2.0 [cloud_firestore_platform_interface cloud_firestore_web collection firebase_core firebase_core_platform_interface flutter meta] - collection 1.16.0 - cupertino_icons 1.0.5 - dartz 0.10.1 - device_info_plus 8.0.0 [device_info_plus_platform_interface ffi file flutter flutter_web_plugins meta win32] - dio 4.0.6 [http_parser path] - disable_battery_optimization 1.1.0+1 [flutter] - dropdown_search 5.0.5 [flutter] - enum_to_string 2.0.1 - equatable 2.0.5 [collection meta] - estados_municipios 2.0.1+1 [flutter http] - file_picker 5.2.4 [flutter flutter_web_plugins flutter_plugin_android_lifecycle plugin_platform_interface ffi path win32] - firebase_auth 4.2.1 [firebase_auth_platform_interface firebase_auth_web firebase_core firebase_core_platform_interface flutter meta] - firebase_auth_web 5.2.1 [firebase_auth_platform_interface firebase_core firebase_core_web flutter flutter_web_plugins http_parser intl js meta] - firebase_core 2.4.0 [firebase_core_platform_interface firebase_core_web flutter meta] - firebase_crashlytics 3.0.7 [firebase_core firebase_core_platform_interface firebase_crashlytics_platform_interface flutter stack_trace] - flagsmith 3.0.3 [flagsmith_flutter_core collection dio rxdart] - flutter 0.0.0 [characters collection material_color_utilities meta vector_math sky_engine] - flutter_bloc 8.1.1 [flutter bloc provider] - flutter_foreground_task 3.10.0 [flutter plugin_platform_interface platform shared_preferences shared_preferences_android shared_preferences_ios] - flutter_localizations 0.0.0 [flutter intl characters clock collection material_color_utilities meta path vector_math] - flutter_map 3.0.0 [async collection flutter http latlong2 meta polylabel positioned_tap_detector_2 proj4dart tuple vector_math] - flutter_modular 5.0.3 [flutter_modular_annotations modular_core meta flutter] - flutter_native_splash 2.2.17 [args flutter flutter_web_plugins js html image meta path universal_io xml yaml] - flutter_polyline_points 1.0.0 [flutter http] - flutter_secure_storage 7.0.1 [flutter flutter_secure_storage_linux flutter_secure_storage_macos flutter_secure_storage_platform_interface flutter_secure_storage_web flutter_secure_storage_windows meta] - flutter_svg 1.1.5 [flutter meta path_drawing vector_math xml] - flutter_svg_provider 1.0.3 [flutter http flutter_svg] - get 4.6.5 [flutter] - google_fonts 3.0.1 [flutter http path_provider crypto] - http 0.13.5 [async http_parser meta path] - http_interceptor 1.0.2 [http] - http_parser 4.0.2 [collection source_span string_scanner typed_data] - image_cropper 3.0.0 [flutter image_cropper_platform_interface image_cropper_for_web] - image_picker 0.8.6 [flutter image_picker_android image_picker_for_web image_picker_ios image_picker_platform_interface] - internet_connection_checker 1.0.0+1 - intl 0.17.0 [clock path] - latlng 0.2.0 - latlong2 0.8.1 [intl] - launch_review 3.0.1 [flutter] - line_awesome_flutter 2.0.0 [flutter] - loader_overlay 2.1.0 [flutter back_button_interceptor] - localstorage 4.0.0+1 [flutter path_provider] - location 4.4.0 [flutter location_platform_interface location_web] - lottie 2.1.0 [archive flutter path vector_math] - maps_toolkit 2.0.1 - new_version 0.3.1 [flutter package_info_plus http html url_launcher collection] - onesignal_flutter 3.4.1 [flutter] - package_info_plus 1.4.3+1 [flutter package_info_plus_platform_interface package_info_plus_linux package_info_plus_macos package_info_plus_windows package_info_plus_web] - percent_indicator 4.2.2 [flutter] - permission_handler 10.1.0 [flutter meta permission_handler_android permission_handler_apple permission_handler_windows permission_handler_platform_interface] - rxdart 0.27.7 - share_plus 6.3.0 [cross_file meta mime flutter flutter_web_plugins share_plus_platform_interface file url_launcher_web url_launcher_windows url_launcher_linux url_launcher_platform_interface ffi win32] - shared_preferences 2.0.15 [flutter shared_preferences_android shared_preferences_ios shared_preferences_linux shared_preferences_macos shared_preferences_platform_interface shared_preferences_web shared_preferences_windows] - shimmer 2.0.0 [flutter] - vector_map_tiles 3.1.4 [flutter flutter_map http latlong2 path_provider vector_tile_renderer async executor_lib] - vector_tile_renderer 3.0.4 [flutter vector_tile fixnum collection] - video_player 2.4.7 [flutter html video_player_android video_player_avfoundation video_player_platform_interface video_player_web] - wakelock 0.6.2 [flutter meta wakelock_macos wakelock_platform_interface wakelock_web wakelock_windows] dev dependencies: - build_runner 2.3.0 [args async analyzer build build_config build_daemon build_resolvers build_runner_core code_builder collection crypto dart_style frontend_server_client glob graphs http_multi_server io js logging meta mime package_config path pool pub_semver pubspec_parse shelf shelf_web_socket stack_trace stream_transform timing watcher web_socket_channel yaml] - fake_cloud_firestore 2.1.0 [flutter cloud_firestore cloud_firestore_platform_interface collection plugin_platform_interface quiver rxdart] - flutter_lints 2.0.1 [lints] - flutter_test 0.0.0 [flutter test_api path fake_async clock stack_trace vector_math async boolean_selector characters collection matcher material_color_utilities meta source_span stream_channel string_scanner term_glyph] - integration_test 0.0.0 [flutter flutter_driver flutter_test path vm_service archive async boolean_selector characters clock collection crypto fake_async file matcher material_color_utilities meta source_span stack_trace stream_channel string_scanner sync_http term_glyph test_api typed_data vector_math webdriver] - mockito 5.3.2 [analyzer build code_builder collection dart_style matcher meta path source_gen test_api] - modular_test 2.0.0 [modular_core] transitive dependencies: - _fe_analyzer_shared 49.0.0 [meta] - _flutterfire_internals 1.0.10 [cloud_firestore_platform_interface cloud_firestore_web collection firebase_core firebase_core_platform_interface flutter meta] - analyzer 5.1.0 [_fe_analyzer_shared collection convert crypto glob meta package_config path pub_semver source_span watcher yaml] - archive 3.3.0 [crypto path] - args 2.3.1 - asn1lib 1.1.1 - async 2.9.0 [collection meta] - back_button_interceptor 6.0.2 [collection flutter] - bloc 8.1.0 [meta] - boolean_selector 2.1.0 [source_span string_scanner] - build 2.3.1 [analyzer async convert crypto glob logging meta path] - build_config 1.1.0 [checked_yaml json_annotation path pubspec_parse yaml] - build_daemon 3.1.0 [built_collection built_value http_multi_server logging path pool shelf shelf_web_socket stream_transform watcher web_socket_channel] - build_resolvers 2.0.10 [analyzer async build crypto graphs logging path package_config pool pub_semver stream_transform yaml] - build_runner_core 7.2.4 [async build build_config build_resolvers collection convert crypto glob graphs json_annotation logging meta path package_config pool timing watcher yaml] - built_collection 5.1.1 - built_value 8.4.1 [built_collection collection fixnum meta] - cached_network_image_platform_interface 2.0.0 [flutter flutter_cache_manager] - cached_network_image_web 1.0.2 [flutter flutter_cache_manager cached_network_image_platform_interface] - characters 1.2.1 - checked_yaml 2.0.1 [json_annotation source_span yaml] - clock 1.1.1 - cloud_firestore_platform_interface 5.9.1 [_flutterfire_internals collection firebase_core flutter meta plugin_platform_interface] - cloud_firestore_web 3.1.1 [_flutterfire_internals cloud_firestore_platform_interface collection firebase_core firebase_core_web flutter flutter_web_plugins js] - code_builder 4.3.0 [built_collection built_value collection matcher meta] - convert 3.1.1 [typed_data] - cross_file 0.3.3+2 [js meta] - crypto 3.0.2 [typed_data] - csslib 0.17.2 [source_span] - dart_style 2.2.4 [analyzer args path pub_semver source_span] - device_info_plus_platform_interface 7.0.0 [flutter meta plugin_platform_interface] - encrypt 5.0.1 [args asn1lib clock collection crypto pointycastle] - executor_lib 0.2.1 [flutter async] - fake_async 1.3.1 [clock collection] - ffi 2.0.1 - file 6.1.2 [meta path] - firebase_auth_platform_interface 6.11.5 [_flutterfire_internals collection firebase_core flutter meta plugin_platform_interface] - firebase_core_platform_interface 4.5.2 [collection flutter flutter_test meta plugin_platform_interface] - firebase_core_web 2.0.2 [firebase_core_platform_interface flutter flutter_web_plugins js meta] - firebase_crashlytics_platform_interface 3.3.8 [_flutterfire_internals collection firebase_core flutter meta plugin_platform_interface] - fixnum 1.0.1 - flagsmith_flutter_core 2.3.1 [crypto encrypt rxdart json_annotation collection] - flutter_blurhash 0.7.0 [flutter] - flutter_cache_manager 3.3.0 [clock collection file flutter http path path_provider pedantic rxdart sqflite uuid] - flutter_driver 0.0.0 [file flutter flutter_test fuchsia_remote_debug_protocol path meta vm_service webdriver archive async boolean_selector characters clock collection crypto matcher material_color_utilities platform process source_span stack_trace stream_channel string_scanner sync_http term_glyph test_api typed_data vector_math] - flutter_modular_annotations 0.0.2 [flutter] - flutter_plugin_android_lifecycle 2.0.7 [flutter] - flutter_secure_storage_linux 1.1.2 [flutter flutter_secure_storage_platform_interface] - flutter_secure_storage_macos 2.0.0 [flutter flutter_secure_storage_platform_interface] - flutter_secure_storage_platform_interface 1.0.1 [flutter plugin_platform_interface] - flutter_secure_storage_web 1.1.1 [flutter flutter_secure_storage_platform_interface flutter_web_plugins js] - flutter_secure_storage_windows 1.1.3 [flutter flutter_secure_storage_platform_interface] - flutter_web_plugins 0.0.0 [flutter js characters collection material_color_utilities meta vector_math] - frontend_server_client 2.1.3 [async path] - fuchsia_remote_debug_protocol 0.0.0 [process vm_service file meta path platform] - glob 2.1.0 [async collection file path string_scanner] - graphs 2.1.0 [collection] - html 0.15.1 [csslib source_span] - http_multi_server 3.2.1 [async] - image 4.0.10 [archive meta xml] - image_cropper_for_web 1.0.2 [flutter flutter_web_plugins image_cropper_platform_interface js] - image_cropper_platform_interface 3.0.2 [flutter plugin_platform_interface http] - image_picker_android 0.8.5+3 [flutter flutter_plugin_android_lifecycle image_picker_platform_interface] - image_picker_for_web 2.1.10 [flutter flutter_web_plugins image_picker_platform_interface] - image_picker_ios 0.8.6+1 [flutter image_picker_platform_interface] - image_picker_platform_interface 2.6.2 [cross_file flutter http plugin_platform_interface] - io 1.0.3 [meta path string_scanner] - js 0.6.4 - json_annotation 4.7.0 [meta] - lints 2.0.0 - lists 1.0.1 [meta] - location_platform_interface 2.3.0 [flutter meta plugin_platform_interface] - location_web 3.1.1 [flutter flutter_web_plugins http_parser js location_platform_interface meta] - logging 1.1.0 - matcher 0.12.12 [stack_trace] - material_color_utilities 0.1.5 - meta 1.8.0 - mgrs_dart 2.0.0 [unicode] - mime 1.0.2 - modular_core 2.0.3+1 [characters meta modular_interfaces] - modular_interfaces 2.0.2 - nested 1.0.0 [flutter] - octo_image 1.0.2 [flutter flutter_blurhash] - package_config 2.1.0 [path] - package_info_plus_linux 1.0.5 [package_info_plus_platform_interface flutter path] - package_info_plus_macos 1.3.0 [flutter] - package_info_plus_platform_interface 1.0.2 [flutter meta plugin_platform_interface] - package_info_plus_web 1.0.6 [flutter flutter_web_plugins http meta package_info_plus_platform_interface] - package_info_plus_windows 2.1.0 [package_info_plus_platform_interface ffi flutter win32] - path 1.8.2 - path_drawing 1.0.1 [vector_math meta path_parsing flutter] - path_parsing 1.0.1 [vector_math meta] - path_provider 2.0.11 [flutter path_provider_android path_provider_ios path_provider_linux path_provider_macos path_provider_platform_interface path_provider_windows] - path_provider_android 2.0.20 [flutter path_provider_platform_interface] - path_provider_ios 2.0.11 [flutter path_provider_platform_interface] - path_provider_linux 2.1.7 [ffi flutter path path_provider_platform_interface xdg_directories] - path_provider_macos 2.0.6 [flutter path_provider_platform_interface] - path_provider_platform_interface 2.0.5 [flutter platform plugin_platform_interface] - path_provider_windows 2.1.3 [ffi flutter path path_provider_platform_interface win32] - pedantic 1.11.1 - permission_handler_android 10.1.0 [flutter permission_handler_platform_interface] - permission_handler_apple 9.0.6 [flutter permission_handler_platform_interface] - permission_handler_platform_interface 3.9.0 [flutter meta plugin_platform_interface] - permission_handler_windows 0.1.1 [flutter permission_handler_platform_interface] - petitparser 5.0.0 [meta] - platform 3.1.0 - plugin_platform_interface 2.1.3 [meta] - pointycastle 3.6.2 [collection convert js] - polylabel 1.0.1 [collection] - pool 1.5.1 [async stack_trace] - positioned_tap_detector_2 1.0.4 [flutter] - process 4.2.4 [file path platform] - proj4dart 2.1.0 [mgrs_dart wkt_parser meta] - protobuf 2.1.0 [fixnum collection meta] - provider 6.0.4 [collection flutter nested] - pub_semver 2.1.2 [collection meta] - pubspec_parse 1.2.1 [checked_yaml collection json_annotation pub_semver yaml] - quiver 3.1.0 [matcher] - share_plus_platform_interface 3.2.0 [cross_file flutter meta mime plugin_platform_interface path_provider uuid] - shared_preferences_android 2.0.14 [flutter shared_preferences_platform_interface] - shared_preferences_ios 2.1.1 [flutter shared_preferences_platform_interface] - shared_preferences_linux 2.1.1 [file flutter path path_provider_linux path_provider_platform_interface shared_preferences_platform_interface] - shared_preferences_macos 2.0.4 [flutter shared_preferences_platform_interface] - shared_preferences_platform_interface 2.1.0 [flutter plugin_platform_interface] - shared_preferences_web 2.0.4 [flutter flutter_web_plugins shared_preferences_platform_interface] - shared_preferences_windows 2.1.1 [file flutter path path_provider_platform_interface path_provider_windows shared_preferences_platform_interface] - shelf 1.4.0 [async collection http_parser path stack_trace stream_channel] - shelf_web_socket 1.0.2 [shelf stream_channel web_socket_channel] - sky_engine 0.0.99 - source_gen 1.2.6 [analyzer async build dart_style glob meta path source_span yaml] - source_span 1.9.0 [collection path term_glyph] - sqflite 2.1.0+1 [flutter sqflite_common path] - sqflite_common 2.3.0 [synchronized path meta] - stack_trace 1.10.0 [path] - stream_channel 2.1.0 [async] - stream_transform 2.0.1 - string_scanner 1.1.1 [source_span] - sync_http 0.3.1 - synchronized 3.0.0+3 - term_glyph 1.2.1 - test_api 0.4.12 [async boolean_selector collection meta source_span stack_trace stream_channel string_scanner term_glyph matcher] - timing 1.0.0 [json_annotation] - tuple 2.0.1 - typed_data 1.3.1 [collection] - unicode 0.3.1 [lists] - universal_io 2.0.4 [collection crypto meta typed_data] - url_launcher 6.1.6 [flutter url_launcher_android url_launcher_ios url_launcher_linux url_launcher_macos url_launcher_platform_interface url_launcher_web url_launcher_windows] - url_launcher_android 6.0.19 [flutter url_launcher_platform_interface] - url_launcher_ios 6.0.17 [flutter url_launcher_platform_interface] - url_launcher_linux 3.0.1 [flutter url_launcher_platform_interface] - url_launcher_macos 3.0.1 [flutter url_launcher_platform_interface] - url_launcher_platform_interface 2.1.1 [flutter plugin_platform_interface] - url_launcher_web 2.0.13 [flutter flutter_web_plugins url_launcher_platform_interface] - url_launcher_windows 3.0.1 [flutter url_launcher_platform_interface] - uuid 3.0.6 [crypto] - vector_math 2.1.2 - vector_tile 1.0.0 [fixnum protobuf] - video_player_android 2.3.9 [flutter video_player_platform_interface] - video_player_avfoundation 2.3.7 [flutter video_player_platform_interface] - video_player_platform_interface 5.1.4 [flutter plugin_platform_interface] - video_player_web 2.0.12 [flutter flutter_web_plugins video_player_platform_interface] - vm_service 9.0.0 - wakelock_macos 0.4.0 [flutter flutter_web_plugins wakelock_platform_interface] - wakelock_platform_interface 0.3.0 [flutter meta] - wakelock_web 0.4.0 [flutter flutter_web_plugins js wakelock_platform_interface] - wakelock_windows 0.2.1 [flutter wakelock_platform_interface win32] - watcher 1.0.2 [async path] - web_socket_channel 2.2.0 [async crypto stream_channel] - webdriver 3.0.0 [archive matcher path stack_trace sync_http] - win32 3.1.2 [ffi] - wkt_parser 2.0.0 - xdg_directories 0.2.0+2 [meta path process] - xml 6.1.0 [collection meta petitparser] - yaml 3.1.1 [collection source_span string_scanner] ```
darshankawar commented 1 year ago

Thanks for the report @Greismorr Since you are getting [firebase_auth/session-expired], that too on a specific device and not on other devices, it doesn't look like a plugin issue, because the code is same. Most probably on the said device, the SMS code is verified as soon as it comes on the phone, ie the code may be getting auto-verified. You may try by setting a timeout and check if it helps in your case.

I'll go ahead and close this as not a plugin issue and sounds like device specific as how it handles the incoming OTP. If you disagree, write in comments and I'll reopen it.