Open Pessina opened 7 months ago
To add more details, I believe that the access token from firebase that we are using gets rotated (refreshed) after certain period of time. However, we are storing the full odic token string as part of key to store data on localStorage.
In which it won't be able to find the token after x period of time past. To resolve this, we need to update followings:
oidc_keypair_${oidcToken}
to oidc_keypair_${FIREBASE_USER_ID}
(Something that won't change unless user logout)getUserCredential
and if it is not valid, redirect to verify email page. @Pessina can you check if you can still repro this?
We should not get to the getUserCredential
call if a passkey exists in context and if a passkey doesn't firebase auth will return false and the expected behaviour in that case is to send an email
KeyPair retrieval fails if the OIDC token, used as a key in LocalStorage, refreshes between its storage and retrieval phases. This mismatch occurs due to the token change, leading to retrieval failure.
Steps to Reproduce (Chrome):
Note:
Avoid token refresh triggers (e.g., visiting AuthCallback or RemoveDevice pages) during reproduction.
Relevant Code:
Storage:
Retrieval: