search

firebase / flutterfire

🔥 A collection of Firebase plugins for Flutter apps.
https://firebase.google.com/docs/flutter/setup
BSD 3-Clause "New" or "Revised" License
8.68k stars 3.97k forks source link

google_sign_in & firebase_auth: Google authentication mysterious access! #2442

Closed nikkelberg closed 4 years ago

nikkelberg commented 4 years ago

Hi everyone,

these days I have implemented firebase authentication with google in my test application. Today I logged into the firebase and noticed many authentications. The application is not published, I only own it, so how is this possible? Among other things, the user who authenticates himself is added only in the "authentication" section of firebase and not in the document dedicated for db users. Has it ever happened to you too?

This is the code:

import 'dart:async';

import 'package:firebase_auth/firebase_auth.dart';
import 'package:google_sign_in/google_sign_in.dart';
import 'package:ride/api/domain/member.dart';
import 'package:ride/api/repository/member_repository.dart';
import 'package:ride/api/service/service_locator.dart';

class GoogleAuthService {
  final GoogleSignIn _googleSignIn = GoogleSignIn();
  final FirebaseAuth _auth = FirebaseAuth.instance;
  final _memberRepository = ServiceLocator().get<MemberRepository>();

  Future<void> googleSignIn() async {
    final GoogleSignInAccount googleUser = await _googleSignIn.signIn();
    final GoogleSignInAuthentication googleAuth =
        await googleUser.authentication;
    final AuthCredential credential = GoogleAuthProvider.getCredential(
      accessToken: googleAuth.accessToken,
      idToken: googleAuth.idToken,
    );

    final FirebaseUser user =
        (await _auth.signInWithCredential(credential)).user;

    final names = user.displayName.split(' ');
    final firstName = names[0];
    final lastName = names.length > 1 ? names[1] : '';

    if (await _memberRepository.findByAuthUserId(user.uid) == null) {
      await _memberRepository
          .save(Member.create(user.uid, firstName, lastName, user.email));
    }
    print("signed in " + user.displayName);
  }

  void signOut() {
    _auth.signOut();
  }
}

I thank you in advance for helping with this phantom menace!

iapicca commented 4 years ago

Hi @nikkelberg can you please provide your flutter doctor -v , your flutter run --verbose and your pubspec.yaml Thank you

nikkelberg commented 4 years ago

flutter doctor

C:\Users\Freak\source\flutter\bin\flutter.bat doctor --verbose
[√] Flutter (Channel stable, v1.12.13+hotfix.9, on Microsoft Windows [Versione 10.0.18363.778], locale it-IT)
    • Flutter version 1.12.13+hotfix.9 at C:\Users\Freak\source\flutter
    • Framework revision f139b11009 (4 weeks ago), 2020-03-30 13:57:30 -0700
    • Engine revision af51afceb8
    • Dart version 2.7.2

[√] Android toolchain - develop for Android devices (Android SDK version 29.0.2)
    • Android SDK at C:\Users\Freak\AppData\Local\Android\sdk
    • Android NDK location not configured (optional; useful for native profiling support)
    • Platform android-29, build-tools 29.0.2
    • Java binary at: C:\Users\Freak\AppData\Local\JetBrains\Toolbox\apps\AndroidStudio\ch-0\192.6308749\jre\bin\java
    • Java version OpenJDK Runtime Environment (build 1.8.0_212-release-1586-b04)
    • All Android licenses accepted.

[√] Android Studio (version 3.5)
    • Android Studio at C:\Users\Freak\AppData\Local\JetBrains\Toolbox\apps\AndroidStudio\ch-0\191.5977832
    • Flutter plugin version 44.0.1
    • Dart plugin version 191.8593
    • Java version OpenJDK Runtime Environment (build 1.8.0_202-release-1483-b03)

[√] Android Studio (version 3.6)
    • Android Studio at C:\Users\Freak\AppData\Local\JetBrains\Toolbox\apps\AndroidStudio\ch-0\192.6308749
    • Flutter plugin version 45.1.1
    • Dart plugin version 192.7761
    • Java version OpenJDK Runtime Environment (build 1.8.0_212-release-1586-b04)

[√] Connected device (1 available)
    • Android SDK built for x86 • emulator-5554 • android-x86 • Android 10 (API 29) (emulator)

• No issues found!
Process finished with exit code 0

Pubspec:

name: Tutto
description: Tutto app

version: 1.0.0+1

environment:
  sdk: ">=2.7.0 <3.0.0"

dependencies:
  flutter:
    sdk: flutter
  flutter_localizations:
    sdk: flutter
  flutter_cupertino_localizations: ^1.0.1

  bloc: ^3.0.0
  flutter_bloc: ^3.2.0
  equatable: ^1.0.2
  http: ^0.12.0+4
  http_server: ^0.9.8+3
  money2: ^1.3.0
  cupertino_icons: ^0.1.2
  logging: ^0.11.4
  flutter_calendar_carousel: ^1.4.10
  uuid: ^2.0.4
  youtube_player_flutter: ^6.0.3+2
  webview_media: ^0.1.1+3
  flutter_webview_plugin: ^0.3.10+1
  date_format: ^1.0.8
  google_sign_in: ^4.4.0
  flutter_auth_buttons: ^0.8.0
  rxdart: ^0.23.1
  observable: ^0.22.2
  random_string: ^2.0.1
  url_launcher: ^5.4.2

  # Firebase
  firebase_core: ^0.4.3+2
  firebase_analytics: ^5.0.9
  firebase_auth: ^0.15.3+1
  cloud_firestore: ^0.13.0+1

dev_dependencies:
  flutter_test:
    sdk: flutter
  flutter_driver:
    sdk: flutter
  test: any
  mockito: ^4.1.1
  bloc_test: ^3.0.1

# The following section is specific to Flutter.
flutter:

  uses-material-design: true

flutter run

Launching lib\main_dev.dart on Android SDK built for x86 in debug mode...
Running Gradle task 'assembleDevDebug'...
√ Built build\app\outputs\apk\dev\debug\app-dev-debug.apk.
Installing build\app\outputs\apk\app.apk...
W/( 6269): Accessing hidden method Landroid/view/accessibility/AccessibilityNodeInfo;->getSourceNodeId()J (greylist, reflection, allowed)
W/( 6269): Accessing hidden method Landroid/view/accessibility/AccessibilityRecord;->getSourceNodeId()J (greylist, reflection, allowed)
W/( 6269): Accessing hidden field Landroid/view/accessibility/AccessibilityNodeInfo;->mChildNodeIds:Landroid/util/LongArray; (greylist, reflection, allowed)
W/( 6269): Accessing hidden method Landroid/util/LongArray;->get(I)J (greylist, reflection, allowed)
Debug service listening on ws://127.0.0.1:21385/8odGhE4LRb0=/ws
Syncing files to device Android SDK built for x86...
D/HostConnection( 6269): HostConnection::get() New Host Connection established 0xddc565a0, tid 6369
D/HostConnection( 6269): HostComposition ext ANDROID_EMU_CHECKSUM_HELPER_v1 ANDROID_EMU_native_sync_v2 ANDROID_EMU_native_sync_v3 ANDROID_EMU_native_sync_v4 ANDROID_EMU_dma_v1 ANDROID_EMU_direct_mem ANDROID_EMU_host_composition_v1 ANDROID_EMU_host_composition_v2 ANDROID_EMU_vulkan ANDROID_EMU_deferred_vulkan_commands ANDROID_EMU_vulkan_null_optional_strings ANDROID_EMU_vulkan_create_resources_with_requirements ANDROID_EMU_YUV420_888_to_NV21 ANDROID_EMU_YUV_Cache ANDROID_EMU_async_unmap_buffer GL_OES_EGL_image_external_essl3 GL_OES_vertex_array_object GL_KHR_texture_compression_astc_ldr ANDROID_EMU_gles_max_version_3_0 
W/OpenGLRenderer( 6269): Failed to choose config with EGL_SWAP_BEHAVIOR_PRESERVED, retrying without...
D/HostConnection( 6269): HostConnection::get() New Host Connection established 0xddc567d0, tid 6381
D/eglCodecCommon( 6269): setVertexArrayObject: set vao to 0 (0) 0 0
D/HostConnection( 6269): HostComposition ext ANDROID_EMU_CHECKSUM_HELPER_v1 ANDROID_EMU_native_sync_v2 ANDROID_EMU_native_sync_v3 ANDROID_EMU_native_sync_v4 ANDROID_EMU_dma_v1 ANDROID_EMU_direct_mem ANDROID_EMU_host_composition_v1 ANDROID_EMU_host_composition_v2 ANDROID_EMU_vulkan ANDROID_EMU_deferred_vulkan_commands ANDROID_EMU_vulkan_null_optional_strings ANDROID_EMU_vulkan_create_resources_with_requirements ANDROID_EMU_YUV420_888_to_NV21 ANDROID_EMU_YUV_Cache ANDROID_EMU_async_unmap_buffer GL_OES_EGL_image_external_essl3 GL_OES_vertex_array_object GL_KHR_texture_compression_astc_ldr ANDROID_EMU_gles_max_version_3_0 
D/EGL_emulation( 6269): eglCreateContext: 0xddc1a600: maj 3 min 0 rcv 3
D/eglCodecCommon( 6269): setVertexArrayObject: set vao to 0 (0) 0 0
D/EGL_emulation( 6269): eglCreateContext: 0xddc1a720: maj 3 min 0 rcv 3
D/EGL_emulation( 6269): eglMakeCurrent: 0xddc1a600: ver 3 0 (tinfo 0xddc0f9e0)
W/Gralloc3( 6269): mapper 3.x is not supported
D/HostConnection( 6269): createUnique: call
D/HostConnection( 6269): createUnique: call
D/HostConnection( 6269): HostConnection::get() New Host Connection established 0xddc56960, tid 6369
D/HostConnection( 6269): HostConnection::get() New Host Connection established 0xc6165360, tid 6381
D/HostConnection( 6269): HostComposition ext ANDROID_EMU_CHECKSUM_HELPER_v1 ANDROID_EMU_native_sync_v2 ANDROID_EMU_native_sync_v3 ANDROID_EMU_native_sync_v4 ANDROID_EMU_dma_v1 ANDROID_EMU_direct_mem ANDROID_EMU_host_composition_v1 ANDROID_EMU_host_composition_v2 ANDROID_EMU_vulkan ANDROID_EMU_deferred_vulkan_commands ANDROID_EMU_vulkan_null_optional_strings ANDROID_EMU_vulkan_create_resources_with_requirements ANDROID_EMU_YUV420_888_to_NV21 ANDROID_EMU_YUV_Cache ANDROID_EMU_async_unmap_buffer GL_OES_EGL_image_external_essl3 GL_OES_vertex_array_object GL_KHR_texture_compression_astc_ldr ANDROID_EMU_gles_max_version_3_0 
D/eglCodecCommon( 6269): allocate: Ask for block of size 0x1000
D/eglCodecCommon( 6269): allocate: ioctl allocate returned offset 0x3ffff6000 size 0x2000
D/HostConnection( 6269): HostComposition ext ANDROID_EMU_CHECKSUM_HELPER_v1 ANDROID_EMU_native_sync_v2 ANDROID_EMU_native_sync_v3 ANDROID_EMU_native_sync_v4 ANDROID_EMU_dma_v1 ANDROID_EMU_direct_mem ANDROID_EMU_host_composition_v1 ANDROID_EMU_host_composition_v2 ANDROID_EMU_vulkan ANDROID_EMU_deferred_vulkan_commands ANDROID_EMU_vulkan_null_optional_strings ANDROID_EMU_vulkan_create_resources_with_requirements ANDROID_EMU_YUV420_888_to_NV21 ANDROID_EMU_YUV_Cache ANDROID_EMU_async_unmap_buffer GL_OES_EGL_image_external_essl3 GL_OES_vertex_array_object GL_KHR_texture_compression_astc_ldr ANDROID_EMU_gles_max_version_3_0 
D/EGL_emulation( 6269): eglMakeCurrent: 0xddc1a720: ver 3 0 (tinfo 0xddc0f930)
I/( 6269): Background young concurrent copying GC freed 34847(6885KB) AllocSpace objects, 20(708KB) LOS objects, 65% free, 3193KB/9337KB, paused 10.037ms total 115.403ms
D/EGL_emulation( 6269): eglMakeCurrent: 0xddc1a600: ver 3 0 (tinfo 0xddc0f9e0)
D/eglCodecCommon( 6269): setVertexArrayObject: set vao to 0 (0) 1 0
I/Choreographer( 6269): Skipped 37 frames!  The application may be doing too much work on its main thread.
I/flutter ( 6269): 2020-04-27 15:29:37.891526 :                     AppBloc :   FINE : Received event [Instance of 'LoadApp']
I/flutter ( 6269): 2020-04-27 15:29:37.917494 :                     AppBloc :   FINE : Emitting state [Instance of 'AppLoading']
I/flutter ( 6269): 2020-04-27 15:29:37.945800 :         FirebaseAuthService :   FINE : Get current user
I/flutter ( 6269): 2020-04-27 15:29:38.218275 :         FirebaseAuthService :   FINE : Curent user [uid : mail]
I/BiChannelGoogleApi( 6269): [FirebaseAuth: ] getGoogleApiForMethod() returned Gms: com.google.firebase.auth.api.[...]
D/EGL_emulation( 6269): eglMakeCurrent: 0xddc1a720: ver 3 0 (tinfo 0xddc0f930)
D/eglCodecCommon( 6269): setVertexArrayObject: set vao to 0 (0) 1 0
W/DynamiteModule( 6269): Local module descriptor class for providerinstaller not found.
I/DynamiteModule( 6269): Considering local module providerinstaller:0 and remote module providerinstaller:0
W/ProviderInstaller( 6269): Failed to load providerinstaller module: No acceptable module found. Local version is 0 and remote version is 0.
I/( 6269): The ClassLoaderContext is a special shared library.
I/( 6269): The ClassLoaderContext is a special shared library.
W/( 6269): Accessing hidden method Lsun/misc/Unsafe;->getLong(Ljava/lang/Object;J)J (greylist,core-platform-api, linking, allowed)
W/( 6269): Accessing hidden method Lsun/misc/Unsafe;->arrayBaseOffset(Ljava/lang/Class;)I (greylist,core-platform-api, linking, allowed)
W/( 6269): Accessing hidden method Lsun/misc/Unsafe;->copyMemory(JJJ)V (greylist, linking, allowed)
W/( 6269): Accessing hidden method Lsun/misc/Unsafe;->objectFieldOffset(Ljava/lang/reflect/Field;)J (greylist,core-platform-api, linking, allowed)
W/( 6269): Accessing hidden method Lsun/misc/Unsafe;->getByte(J)B (greylist,core-platform-api, linking, allowed)
W/( 6269): Accessing hidden method Lsun/misc/Unsafe;->getByte(Ljava/lang/Object;J)B (greylist,core-platform-api, linking, allowed)
W/( 6269): Accessing hidden method Lsun/misc/Unsafe;->getLong(J)J (greylist,core-platform-api, linking, allowed)
W/( 6269): Accessing hidden method Lsun/misc/Unsafe;->putByte(JB)V (greylist,core-platform-api, linking, allowed)
W/( 6269): Accessing hidden method Lsun/misc/Unsafe;->putByte(Ljava/lang/Object;JB)V (greylist,core-platform-api, linking, allowed)
W/( 6269): Accessing hidden method Lsun/misc/Unsafe;->getLong(Ljava/lang/Object;J)J (greylist,core-platform-api, reflection, allowed)
W/( 6269): Accessing hidden method Lsun/misc/Unsafe;->getLong(Ljava/lang/Object;J)J (greylist,core-platform-api, reflection, allowed)
W/( 6269): Accessing hidden field Ljava/nio/Buffer;->address:J (greylist, reflection, allowed)
I/( 6269): The ClassLoaderContext is a special shared library.
V/NativeCrypto( 6269): Registering com/google/android/gms/org/conscrypt/NativeCrypto's 286 native methods...
W/( 6269): Accessing hidden method Ljava/security/spec/ECParameterSpec;->getCurveName()Ljava/lang/String; (greylist, reflection, allowed)
D/NetworkSecurityConfig( 6269): No Network Security Config specified, using platform default
I/ProviderInstaller( 6269): Installed default security provider GmsCore_OpenSSL
D/FirebaseAuth( 6269): Notifying id token listeners about user ( uid ).
W/( 6269): Accessing hidden field Ljava/net/Socket;->impl:Ljava/net/SocketImpl; (greylist, reflection, allowed)
W/( 6269): Accessing hidden method Ldalvik/system/CloseGuard;->get()Ldalvik/system/CloseGuard; (greylist,core-platform-api, linking, allowed)
W/( 6269): Accessing hidden method Ldalvik/system/CloseGuard;->open(Ljava/lang/String;)V (greylist,core-platform-api, linking, allowed)
W/( 6269): Accessing hidden field Ljava/io/FileDescriptor;->descriptor:I (greylist, JNI, allowed)
W/( 6269): Accessing hidden method Ljava/security/spec/ECParameterSpec;->setCurveName(Ljava/lang/String;)V (greylist, reflection, allowed)
W/( 6269): Accessing hidden method Ldalvik/system/BlockGuard;->getThreadPolicy()Ldalvik/system/BlockGuard$Policy; (greylist,core-platform-api, linking, allowed)
W/( 6269): Accessing hidden method Ldalvik/system/BlockGuard$Policy;->onNetwork()V (greylist, linking, allowed)
I/flutter ( 6269): 2020-04-27 15:29:39.614567 :                     AppBloc :   FINE : Emitting state [Instance of 'AppLoaded']
I/flutter ( 6269): 2020-04-27 15:29:39.879897 :               CatalogScreen :   FINE : Building CatalogScreen with state [InitialCatalogState]
I/flutter ( 6269): 2020-04-27 15:29:40.254463 :                 CatalogBloc :   FINE : Received event [Instance of 'FetchFilteredCatalog']
I/flutter ( 6269): 2020-04-27 15:29:40.254914 :                 CatalogBloc :   FINE : Emitting state [ContentLoading]
I/flutter ( 6269): 2020-04-27 15:29:40.256208 :         FirebaseAuthService :   FINE : Get current user
I/flutter ( 6269): 2020-04-27 15:29:40.261986 :         FirebaseAuthService :   FINE : Curent user [uid : mail]
I/flutter ( 6269): 2020-04-27 15:29:40.275089 :               CatalogScreen :   FINE : Building CatalogScreen with state [ContentLoading]
I/flutter ( 6269): 2020-04-27 15:29:40.395595 :      FirebaseCatalogService :   INFO : Get filtered catalog
I/flutter ( 6269): 2020-04-27 15:29:40.399563 :  FirestoreTrainerRepository :   INFO : findAllByCategory [filters: []]
I/flutter ( 6269): 2020-04-27 15:29:40.400656 :      FirebaseCatalogService :   INFO : Get catalog
I/flutter ( 6269): 2020-04-27 15:29:40.401536 :  FirestoreTrainerRepository :   INFO : findAll
I/flutter ( 6269): 2020-04-27 15:29:40.593739 :  FirestoreTrainerRepository :   INFO : findAll
I/flutter ( 6269): 2020-04-27 15:29:40.673928 :                 CatalogBloc :   FINE : Emitting state [FilteredCatalogLoaded]
I/flutter ( 6269): 2020-04-27 15:29:40.680350 :               CatalogScreen :   FINE : Building CatalogScreen with state [FilteredCatalogLoaded]
I/flutter ( 6269): 2020-04-27 15:29:45.756379 :               CatalogScreen :   FINE : Building CatalogScreen with state [InitialCatalogState]
I/flutter ( 6269): 2020-04-27 15:29:45.819795 :                 CatalogBloc :   FINE : Received event [Instance of 'FetchFilteredCatalog']
I/flutter ( 6269): 2020-04-27 15:29:45.820046 :                 CatalogBloc :   FINE : Emitting state [ContentLoading]
I/flutter ( 6269): 2020-04-27 15:29:45.821526 :         FirebaseAuthService :   FINE : Get current user
I/flutter ( 6269): 2020-04-27 15:29:45.824553 :         FirebaseAuthService :   FINE : Curent user [uid : mail]
I/flutter ( 6269): 2020-04-27 15:29:45.835374 :               CatalogScreen :   FINE : Building CatalogScreen with state [ContentLoading]
I/flutter ( 6269): 2020-04-27 15:29:45.953855 :      FirebaseCatalogService :   INFO : Get filtered catalog
I/flutter ( 6269): 2020-04-27 15:29:45.954027 :  FirestoreTrainerRepository :   INFO : findAllByCategory [filters: []]
I/flutter ( 6269): 2020-04-27 15:29:45.954470 :      FirebaseCatalogService :   INFO : Get catalog
I/flutter ( 6269): 2020-04-27 15:29:45.954806 :  FirestoreTrainerRepository :   INFO : findAll
I/flutter ( 6269): 2020-04-27 15:29:46.094544 :  FirestoreTrainerRepository :   INFO : findAll
I/flutter ( 6269): 2020-04-27 15:29:46.174017 :                 CatalogBloc :   FINE : Emitting state [FilteredCatalogLoaded]
I/flutter ( 6269): 2020-04-27 15:29:46.182251 :               CatalogScreen :   FINE : Building CatalogScreen with state [FilteredCatalogLoaded]
Ehesp commented 4 years ago

@nikkelberg Closing this as it seems out of scope - not really sure how this could happen however I'd advise raising an internal Firebase ticket if this happens again.