firebase / flutterfire

πŸ”₯ A collection of Firebase plugins for Flutter apps.
https://firebase.google.com/docs/flutter/setup
BSD 3-Clause "New" or "Revised" License
8.69k stars 3.97k forks source link

πŸ› [FirebaseAuth] Invalid exception INVALID_LOGIN_CREDENTIALS #11713

Closed yostrokon closed 1 year ago

yostrokon commented 1 year ago

await FirebaseAuth.instance.signInWithEmailAndPassword responds with INVALID_LOGIN_CREDENTIALS instead of 'wrong-password' or 'user-not-found'

I/FirebaseAuth( 6974): Logging in as someuser@fakedomain.com with empty reCAPTCHA token
E/RecaptchaCallWrapper( 6974): Initial task failed for action RecaptchaAction(action=signInWithPassword)with exception - An internal error has occurred. [ INVALID_LOGIN_CREDENTIALS ]
I/flutter ( 6974): [firebase_auth/INVALID_LOGIN_CREDENTIALS] An internal error has occurred. [ INVALID_LOGIN_CREDENTIALS ]

firebase_auth: ^4.10.1 firebase_core: ^2.17.0

Steps to reproduce the behavior:

static Future<String?> checkIfEmailInUse(String emailAddress) async {
    try {
      await FirebaseAuth.instance.signInWithEmailAndPassword(email: emailAddress.toLowerCase().trim(), password: const Uuid().v4());

    } on FirebaseAuthException catch(error){
      return error.code;
    }
    return null;
  }

Flutter doctor

Run flutter doctor and paste the output below:

Click To Expand [βœ“] Flutter (Channel stable, 3.13.7, on macOS 14.0 23A344 darwin-x64, locale en-BG) [βœ“] Android toolchain - develop for Android devices (Android SDK version 30.0.3) [βœ“] Xcode - develop for iOS and macOS (Xcode 15.0) [βœ“] Chrome - develop for the web [βœ“] Android Studio (version 2022.1) [βœ“] VS Code (version 1.83.0) [βœ“] Connected device (3 available) [βœ“] Network resources

darshankawar commented 1 year ago

@yostrokon It seems your issue is same as and since has been fixed. It doesn't seem to have yet been rolled out with new auth plugin version, but you can keep an eye on newer plugin version on pub.dev and once available, run your scenario again to confirm if the error persists or not.

Kinomad commented 1 year ago

Hello,

Just my first step with firebase and I try to have a simple login or user subscription, but I get same message and issue than @yostrokon (same Firebase version installed and pretty same flutter doctor)

Error Message

[VERBOSE-2:dart_vm_initializer.cc(41)] Unhandled Exception: [firebase_auth/INVALID_LOGIN_CREDENTIALS] Error Domain=FIRAuthErrorDomain Code=17999 "An internal error has occurred, print and inspect the error details for more information." UserInfo={FIRAuthErrorUserInfoNameKey=ERROR_INTERNAL_ERROR, NSLocalizedDescription=An internal error has occurred, print and inspect the error details for more information., NSUnderlyingError=0x2825964c0 {Error Domain=FIRAuthInternalErrorDomain Code=3 "(null)" UserInfo={NSUnderlyingError=0x28257f4e0 {Error Domain=com.google.HTTPStatus Code=400 "(null)" UserInfo={data={length = 224, bytes = 0x7b0a2020 22657272 6f72223a 207b0a20 ... 5d0a2020 7d0a7d0a }, data_content_type=application/json; charset=UTF-8}}, FIRAuthErrorUserInfoDeserializedResponseKey={
    code = 400;
    errors =     (
                {
            domain = global;
            message = "INVALID_LOGIN_CREDENTIALS";
            reason = invalid;
        }

    );
    message = "INVALID_LOGIN_CREDENTIALS";
}}}}
#0      FirebaseAuthHostApi.signInWithEmailAndPassword (package:firebase_auth_platform_interface/src/pigeon/messages.pigeon.dart:1125:7)
<asynchronous suspension>
#1      MethodChannelFirebaseAuth.signInWithEmailAndPassword (package:firebase_auth_platform_interface/src/method_channel/method_channel_firebase_auth.dart:332:22)
<asynchronous suspension>
#2      FirebaseAuth.signInWithEmailAndPassword (package:firebase_auth/src/firebase_auth.dart:583:9)
<asynchronous suspension>
#3      AuthState.build.<anonymous closure> (package:trackstories/ui/pages/auth_pages.dart:111:19)
<asynchronous suspension>

What I try to do

static Future<String?> login(String email, String password) async {
    try {
      await FirebaseAuth.instance
          .signInWithEmailAndPassword(email: email, password: password);
    } on FirebaseAuthException catch (error) {
      return error.toString();
    }
    return null;
  }

I expected to have "wrong password" or "user-not-found" What I'm doing wrong or should I wait a new version of firebase_auth like @darshankawar suggested ?

Firebase plug-in firebase_auth: ^4.10.1 firebase_core: ^2.17.0

Flutter doctor Doctor summary (to see all details, run flutter doctor -v): [βœ“] Flutter (Channel stable, 3.13.7, on macOS 13.6 22G120 darwin-x64, locale fr-FR) [βœ“] Android toolchain - develop for Android devices (Android SDK version 33.0.2) [βœ“] Xcode - develop for iOS and macOS (Xcode 15.0) [βœ“] Chrome - develop for the web [βœ“] Android Studio (version 2022.2) [βœ“] VS Code (version 1.83.1) [βœ“] Connected device (4 available) [βœ“] Network resources

Kinomad commented 1 year ago

Just tried with new update of firebase (published in the hour):

firebase_core: ^2.18.0 firebase_auth: ^4.11.0 cloud_firestore: ^4.10.0 firebase_storage: ^11.3.0

But I can't build and I have this message:

Could not build the precompiled application for the device.
Lexical or Preprocessor Issue (Xcode): 'PigeonParser.h' file not found
/Users/stephanelecanu/.pub-cache/hosted/pub.dev/firebase_auth-4.11.0/ios/Classes/PigeonParser.m:4:8

I tried also 'flutter pub cache clean' and a 'pod install --repo-update' (all was updated well, but still this PigeonParser error)

yostrokon commented 1 year ago

@darshankawar There is no difference

darshankawar commented 1 year ago

@Kinomad You are hitting https://github.com/firebase/flutterfire/issues/11720

darshankawar commented 1 year ago

@yostrokon I tried below code sample using stable version (3.13.7) and with latest firebase_auth and firebase_core plugin versions with which I received expected error in the console as below:

I/FirebaseAuth(16387): Logging in as testdan2@gmail.com with empty reCAPTCHA token
W/System  (16387): Ignoring header X-Firebase-Locale because its value was null.
I/flutter (16387): User : testdan248@gmail.com
E/RecaptchaCallWrapper(16387): Initial task failed for action RecaptchaAction(action=signInWithPassword)with exception - There is no user record corresponding to this identifier. The user may have been deleted.
E/flutter (16387): [ERROR:flutter/runtime/dart_vm_initializer.cc(41)] Unhandled Exception: [firebase_auth/user-not-found] There is no user record corresponding to this identifier. The user may have been deleted.
E/flutter (16387): #0      FirebaseAuthHostApi.signInWithEmailAndPassword (package:firebase_auth_platform_interface/src/pigeon/messages.pigeon.dart:1125:7)
E/flutter (16387): <asynchronous suspension>
E/flutter (16387): #1      MethodChannelFirebaseAuth.signInWithEmailAndPassword (package:firebase_auth_platform_interface/src/method_channel/method_channel_firebase_auth.dart:332:22)
E/flutter (16387): <asynchronous suspension>
E/flutter (16387): #2      FirebaseAuth.signInWithEmailAndPassword (package:firebase_auth/src/firebase_auth.dart:583:9)
E/flutter (16387): <asynchronous suspension>
E/flutter (16387): #3      main (package:firebase_auth_example/main.dart:114:3)
E/flutter (16387): <asynchronous suspension>
E/flutter (16387): 
Future<void> main() async {
  WidgetsFlutterBinding.ensureInitialized();
  await Firebase.initializeApp(options: DefaultFirebaseOptions.currentPlatform);
  FirebaseAuth.instance.userChanges().listen((event) {
    print("User : ${event?.email}");
  });
  await FirebaseAuth.instance.signInWithEmailAndPassword(email: "testdan2@gmail.com", password: "testdan1234");

  runApp(const MaterialApp());
}

Check the same at your end and see if you get still same error or the one I get above.

yostrokon commented 1 year ago

@darshankawar tried with old project in firebase from before 1 year and works as expected, but with the newly created one getting error INVALID_LOGIN_CREDENTIALS

yostrokon commented 1 year ago

Also on old project FirebaseAuth.instance.fetchSignInMethodsForEmail returns [password] on new one empty list

yostrokon commented 1 year ago

@darshankawar Seems this is a reason for this response https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection

yostrokon commented 1 year ago

Disabled email enumeration protection solved problem

FaresM0hamed commented 1 year ago

@yostrokon How can i disabled email enumeration from firebase , i don't have external server , I just using firebase and i didn't find any way to disable it

yostrokon commented 1 year ago

@FaresM0hamed https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection