Firebase authentication not working as expected - authentication

I'm following along with the firebase docs about anonymous authentication, but I must be missing something.
Here is my attempt at authenticating:
var dataRef = new Firebase('https://myfirebaseurl.firebaseio.com');
// Log me in
dataRef.authAnonymously(function(error, authData) {
if (error) {
console.log('Login Failed!', error);
} else {
console.log('Authenticated successfully with payload:', authData);
}
});
The result is that I get a 'TypeError: undefined is not a function' message because 'authAnonymously()' is supposedly not defined.
I have 'Enable Anonymous User Authentication' checked for my firebase though... and I don't know what else would keep this from being an option. Is it not offered in the 'Hacker' version?
I am running this locally, so it shouldn't be a domain permissions issue since 'localhost' is included in the default accepted domains.

David was right.
I followed a tutorial on Firebase to setup my angular app, and I assumed that the version that tutorial was using was up to date with the version used in the docs. It was not. Just change your version to the most recent one if you were also silly enough to run into this :P.

Related

Blazor WASM - OIDC Authentication - There was an error trying to log you in: 'Cannot read properties of undefined (reading 'redirectUri')'

I am changing an existing Blazor Web Assembly app from AzureAD authentication to another OIDC provider (AWS Cognito).
I used these instructions from Microsoft to perform the change. https://learn.microsoft.com/en-us/aspnet/core/blazor/security/webassembly/standalone-with-authentication-library?view=aspnetcore-6.0&tabs=visual-studio
However, when I tried to press the Log In button, I got an error message
There was an error trying to log you in: 'Cannot read properties of
undefined (reading 'redirectUri')'
I couldn't find any other documentation on this error that covered this exact case, so once I found out what the problem was, I decided to create this post to help others that might hit the same problem.
On first reading, I identified that primary change that I needed to make was to change
Client.Program.cs (delete the following)
builder.Services.AddMsalAuthentication(options =>
{
builder.Configuration.Bind("AzureAd", options.ProviderOptions.Authentication);
options.ProviderOptions.DefaultAccessTokenScopes.Add("api://api.id.uri/access_as_user");
});
Client.Program.cs (add the following)
builder.Services.AddOidcAuthentication(options =>
{
options.ProviderOptions.Authority = builder.Configuration["Aws:Authority"];
options.ProviderOptions.ClientId = builder.Configuration["Aws:ClientId"];
options.ProviderOptions.ResponseType = "code";
});
Add the following section to Client.wwwroot.appsettings.json
{
/*
The following identity settings need to be configured
before the project can be successfully executed.
For more info see https://aka.ms/dotnet-template-ms-identity-platform
"Aws": {
"Authority": "https://oidc-provider-authority",
"ClientId": "oidc-provider-clientid",
"ValidateAuthority": true
}
}
After a fair bit of investigation, I identified that I missed an important part of the instructions.
I also needed to replace the following on Index.html:
<script src="_content/Microsoft.Authentication.WebAssembly.Msal/AuthenticationService.js"></script>
with
<script src="_content/Microsoft.AspNetCore.Components.WebAssembly.Authentication/AuthenticationService.js"></script>
Once I made this change, the authentication worked and I was redirected to the signin page of my OIDC provider.

Twitter API OAuth 403 Error - Authentication with unknown is forbidden

I signed up for the Twitter API yesterday and I've been trying to get it working using node.js and the twitter-api-v2 npm package. I am pretty sure I've used the correct configuration (0Auth 1), I've looked through the twitter developer portal and my read-write permissions are correct. Checked my keys about a dozen times. Checked the twitter-api-v2 documentation too. Anybody know what I might be missing here? and writing something like this:
const {TwitterApi} = require('twitter-api-v2');
const config = {
appKey: 'XXXXXXXXX',appSecret: 'XXXXXXXXX', accessToken: 'XXXXXXXXX',accessTokenSecret: 'XXXXXXXXX', }
// OAuth 1.0a (User context)
const userClient = new TwitterApi( config );
const rwClient = userClient.readWrite;
const tweet = async () => {
try { await rwClient.currentUserV2(); await rwClient.tweet('Testing the Twitter API') } catch (err){ console.error(err) } }
tweet()
Unfortunately, each time I try run this I get the following error:
*
'Authenticating with Unknown is forbidden for this endpoint.
Supported authentication types are [OAuth 1.0a User Context, OAuth 2.0
User Context].'
I am pretty sure I've used the correct configuration (0Auth 1), I've looked through the twitter developer portal and my read-write permissions are correct. Checked my keys about a dozen times. Checked the twitter-api-v2 documentation too. Anybody know what I might be missing here?

OneDrive SDK UWA "AuthenticationFailure"

I'm building a W10 Universal app and I would like to know who is logged in to Windows so I can associate their data on my server with something that uniquely identifies the user w/o requiring a separate login.
OneDrive SDK is supposed to make this simple and easy.
So, I registered my app with OneDrive, used nuget to install the packages, downloaded the samples and wrote the following code.....
var scopes = new string[] { "wl.signin", "wl.offline_access", "onedrive.readonly" };
var client = OneDriveClientExtensions.GetUniversalClient(scopes);
try {
await client.AuthenticateAsync();
}
catch {
blahlblahblah;
}
This doesn't throw an exception, but, after AuthenticateAsync executes, the client's IsAuthenticated property is still false and the ServiceInfo's UserId is null.
So, I tried this next:
var client = OneDriveClient.GetMicrosoftAccountClient(
this.Resources["AppID"].ToString(),
this.Resources["ReturnUri"].ToString(),
scopes
);
where the AppID and ReturnUri match the Client ID and Redirect URL that are registered with the app.
This actually throws a OneDrive.Sdk.Error with a message of "Failed to retrieve a valid authentication token for the user."
So, I don't know what I'm doing wrong here. I'm at a total loss. I pulled up Fiddler to see what was being sent back & forth and nothing shows up. There's just not enough information for me to figure this out.
Anyone got any ideas?
So, ginach's workaround for the problem seems to be the solution until the bug is fixed. So, to sum it up....
Don't use the IsAuthenticated property of the UniversalClient. Instead, check the client's AuthenticationProvider's CurrentAccountSession to see if it has a value and an AccessToken.
var client = OneDriveClientExtensions.GetUniversalClient(scopes);
await client.AuthenticateAsync();
if (client.AuthenticationProvider.CurrentAccountSession != null && client.AuthenticationProvider.CurrentAccountSession.AccessToken != null) {
blahblahblahblahblah
}
This seems to do the trick.

getAuth() returns null

I need to use the user authentication for facebook,twitter and google. I initially created a firebase account and used this following code.
var ref = new Firebase("https://keks.firebaseio.com");
ref.getAuth();
console.log(ref.getAuth());
This always returns null in my console. Why this happens? Can someone help me?
Calling getAuth() doesn't authenticate the user, it only returns the current authentication state. The API documentation says:
Returns the current authentication state of the Firebase client. If the client is unauthenticated, this method will return null.
Since you are getting null, it means your user hasn't been authenticated yet. You can authenticate the user, by calling authWithOAuthPopup():
function authHandler(error, authData) {
if (error) {
console.log("Login Failed!", error);
} else {
console.log("Authenticated successfully with payload:", authData);
}
}
ref.authWithOAuthPopup("<provider>", authHandler);
This last snippet comes from the Firebase documentation on authentication.
Since both parts of my answer come from the Firebase documentation, I highly recommend that you spend some time there.

Firebase password resets

I'm trying to create a password reset mechanism and am stuck. Any suggestions how to do this with Firebase basic email/password authentication
[Engineer at Firebase - Update 2014-01-27]
Firebase Simple Login now supports password resets for email / password authentication.
Each of the Simple Login client libraries has been given a new method for generating password reset emails for the specified email address - sendPasswordResetEmail() on the Web and Android, and sendPasswordResetForEmail() on iOS.
This e-mail will contain a temporary token that the user may use to log into their account and update their credentials. This token will expire after 24 hours or when the user changes their password, whichever occurs first.
Also note that Firebase Simple Login enables full configuration of the email template as well as the sending address (including whitelabel email from your domain for paid accounts).
To get access to this feature, you'll need to update your client library to a version of v1.2.0 or greater. To grab the latest version, check out https://firebase.google.com/docs/.
Also, check out https://firebase.google.com/docs/auth/web/password-auth for the latest Firebase Simple Login - Web Client docs.
This is something that Firebase doesn't do very well. As you'll notice it requires the user to remember their old password. Usually if you want to reset a password it's because you've forgotten it. Hopefully the improve the methods they provide for account management.
https://www.firebase.com/docs/security/simple-login-email-password.html
authClient.changePassword(email, oldPassword, newPassword, function(error, success) {
if (!error) {
console.log('Password change successfully');
}
});
This was the first google result that came up when trying to figure out my issue.. for anyone who uses yeoman angularfire generator but would like to add the send email feature, this should work.
add the following to the simple login factory in simpleLogin.js:
resetPassword: function(emailIn){
return auth.$resetPassword({
email: emailIn
}, function(error) {
if (error) {
switch (error.code) {
case "INVALID_USER":
console.log("The specified user account does not exist.");
break;
default:
console.log("Error resetting password:", error);
}
} else {
console.log("Password reset email sent successfully!");
}
});
},
and call it from your login.js file
$scope.resetPassword = function(email){
simpleLogin.resetPassword(email)
};