search

invertase / react-native-firebase

🔥 A well-tested feature-rich modular Firebase implementation for React Native. Supports both iOS & Android platforms for all Firebase services.
https://rnfirebase.io
Other
11.52k stars 2.18k forks source link

In Android, sending the wrong secret value(OTP) for firebase mobile number authentication is validating the user. #7831

Open MynkPaliwal opened 2 weeks ago

MynkPaliwal commented 2 weeks ago

Issue

User is getting authenticate apart from sending wrong secret value in firebase auth signInWithCredential().

Case: It will only happen when the user enters the wrong OTP on the same device from which it is sent.

firebase.auth().signInWithCredential(credential: AuthCredential)

export interface AuthCredential {
    providerId: string;
    token: string;
    secret: string;
}

Project Files

Javascript

Click To Expand

#### `package.json`: ```json "react": "18.2.0", "react-native": "0.71.0", "@react-native-firebase/auth": "^14.11.0", "@react-native-firebase/app": "^14.11.0", "@react-native-firebase/analytics": "^14.11.0" ``` #### `firebase.json` for react-native-firebase v6: ```json # N/A ```

iOS

Click To Expand

#### `ios/Podfile`: - [ ] I'm not using Pods - [x] I'm using Pods and my Podfile looks like: ```ruby # N/A ``` #### `AppDelegate.m`: ```objc // N/A ```

Android

Click To Expand

#### Have you converted to AndroidX? - [ ] my application is an AndroidX application? - [ ] I am using `android/gradle.settings` `jetifier=true` for Android compatibility? - [ ] I am using the NPM package `jetifier` for react-native compatibility? #### `android/build.gradle`: ```groovy buildscript { ext { buildToolsVersion = "33.0.1" minSdkVersion = 21 compileSdkVersion = 33 targetSdkVersion = 33 supportLibVersion = "30.0.3" kotlinVersion = "1.6.21" // We use NDK 23 which has both M1 support and is the side-by-side NDK version from AGP. ndkVersion = "23.1.7779620" } repositories { google() mavenCentral() } dependencies { classpath("com.android.tools.build:gradle:7.3.1") classpath("com.facebook.react:react-native-gradle-plugin") classpath("de.undercouch:gradle-download-task:5.0.1") classpath 'com.google.gms:google-services:4.3.14' classpath 'com.google.firebase:firebase-crashlytics-gradle:2.9.0' classpath 'com.google.firebase:perf-plugin:1.4.2' } } ``` #### `android/app/build.gradle`: ```groovy // N/A ``` #### `android/settings.gradle`: ```groovy // N/A ``` #### `MainApplication.java`: ```java // N/A ``` #### `AndroidManifest.xml`: ```xml ```

Environment

Click To Expand

**`react-native info` output:** ``` OUTPUT GOES HERE ``` - **Platform that you're experiencing the issue on**: - [ ] iOS - [ ] Android - [ ] **iOS** but have not tested behavior on Android - [ ] **Android** but have not tested behavior on iOS - [ ] Both - **`react-native-firebase` version you're using that has this issue:** - `e.g. 5.4.3` - **`Firebase` module(s) you're using that has the issue:** - `e.g. Instance ID` - **Are you using `TypeScript`?** - `Y/N` & `VERSION`

snowluminum commented 1 week ago

Maybe it is related to automatic android auth?

image

mikehardy commented 1 week ago

very well could be, I imagine there would be some evidence of this in logcat (adb logcat to watch on device while things are happening...)