FirebaseUI-Android
FirebaseUI-Android copied to clipboard
firebase
Not handling error: "FacebookProvider: Error logging in with Facebook. User logged in as different Facebook user"
- Android device: HTC A9
- Android OS version: 6.0
- Google Play Services version: 3.1.0
- Firebase/Play Services SDK version: 11.0.4
- FirebaseUI version: 2.3.0
- Facebook-android-sdk: 4.25.0
Firebase UI does not handle "E/FacebookProvider: Error logging in with Facebook. User logged in as different Facebook user."
Steps to reproduce:
- Use native Facebook app to log out current user A
- Launch firebase-ui and try log in in with another facebook user B
Expected: firebase-ui should display any errors, or onActivityResult should be called with some error
Actual: Nothing happens. Logcat prints "E/FacebookProvider: Error logging in with Facebook. User logged in as different Facebook user."
This use case might be quite rare, but it is confusing for customer to not get any feedback.
This comes from the `onError callback here: https://github.com/firebase/FirebaseUI-Android/blob/bee4c1a9f6e4e872670796d30bc94e7a396751e3/auth/src/main/java/com/firebase/ui/auth/provider/FacebookProvider.java#L173
It does call onFailure().
@joknu1 what happens in this case exactly? Does it return back to the sign-in button screen?
Yes. It looks like it actually never leaves the sign-in button screen.
Or maybe on first attempt I got to select Facebook account to use before returning to sign-in button screen. On sequential attempts I do not get to select Facebook account. From a user perspective, the Facebook button then appears non functional.
What happened with this?, I'm facing the same issue and I couldn't find a solution :/
@ericalima if you have an idea of what's wrong and how to fix it we'd love your help! We are always looking for new contributors.
Hi @samtstern @SUPERCILEX ! I believe this issue is not related with Firebase-UI, but with Facebook Auth Library. It checks in AccessToken class if:
/**
* Returns whether the current {@link AccessToken} is active or not.
*
* @return true if the current AccessToken exists and has not expired; false, otherwise.
*/
public static boolean isCurrentAccessTokenActive() {
final AccessToken accessToken = AccessTokenManager.getInstance().getCurrentAccessToken();
return accessToken != null && !accessToken.isExpired();
};
The thing is, in our case the Token is not expired yet and is also not null. But it has been removed access as you can see in the screenshot below.
Since we return true in isCurrentAccessTokenActive() we instantiate our AccessTokenAppIdPair wrongly here:
// If we have a session and the appId passed is null or matches the session's app ID:
if (AccessToken.isCurrentAccessTokenActive() &&
(applicationId == null || applicationId.equals(accessToken.getApplicationId()))
) {
accessTokenAppId = new AccessTokenAppIdPair(accessToken);
} else {
// If no app ID passed, get it from the manifest:
if (applicationId == null) {
applicationId = Utility.getMetadataApplicationId(
`FacebookSdk.getApplicationContext());
}
accessTokenAppId = new AccessTokenAppIdPair(null, applicationId);
}
The current implementation works fine if after the token has been removed access the user tries to log in with the same account, but it breaks when the user tries it with a different account.
Solution: isCurrentAccessTokenActive() should return true only if accessToken != null && !accessToken.isExpired() && !accessToken.toTokenString().equals("ACCESS_TOKEN_REMOVED");
