firebase-functions
firebase-functions copied to clipboard
firebase
Incorrect emailVerified Status Returned as false for Microsoft Provider in functions.auth.user().onCreate()
Related issues
I did not find any related issues that address this specific problem.
[REQUIRED] Version info
node: v18.20.3
firebase-functions: 5.0.1
firebase-tools: 13.11.2
firebase-admin: 12.2.0
[REQUIRED] Test case
I have a Firebase Cloud Function that triggers on user creation (functions.auth.user().onCreate()). When a user registers using the Microsoft authentication provider, the emailVerified field is returned as false in the user object, even though the Microsoft account has a verified email.
[REQUIRED] Steps to reproduce
- Set up Firebase Authentication with Microsoft as a provider.
- Create a Cloud Function that triggers on user creation (functions.auth.user().onCreate()).
- Register a new user using the Microsoft provider.
- Inspect the emailVerified field in the user object within the triggered Cloud Function.
[REQUIRED] Expected behavior
The emailVerified field should be true when the user registers using the Microsoft provider, as the email is verified by Microsoft during their authentication process.
[REQUIRED] Actual behavior
The emailVerified field is returned as false for users registering with the Microsoft provider, even though the email should be considered verified by Microsoft.
result User into hook
{
"uid": "BLTZuXMlmxSotyULCIifeenCxE82",
"email": "[email protected]",
"emailVerified": false,
"displayName": "My Name",
"photoURL": null,
"phoneNumber": null,
"disabled": false,
"passwordHash": null,
"passwordSalt": null,
"tokensValidAfterTime": null,
"metadata": {
"creationTime": "2024-08-14T05:55:07Z",
"lastSignInTime": "2024-08-14T05:55:07Z"
},
"customClaims": {},
"providerData": [
{
"displayName": "My Name",
"email": "[email protected]",
"providerId": "microsoft.com",
"uid": "c0698c11-44b8-41ed-9f2c-8f431484a35e",
"toJSON": "[Function (anonymous)]"
}
]
}
Note: Locally in the emulator, this works as expected, and the emailVerified field is set to true.
Were you able to successfully deploy your functions?
Yes, the functions deploy successfully without any errors.
Hey @AmilKey. Does this happen with Microsoft provider only, or any others?
Hey @AmilKey. Does this happen with Microsoft provider only, or any others?
with Microsoft provider only
I'm noticing this same behavior when using the Firebase Authentication JS SDK.
The reason it is an issue in our case is because the automatic account linking of multiple providers does not work for Microsoft. In the Firebase console for our project under the Authentication > Settings > User account linking section we have the "Link accounts that use the same email" setting enabled. This works properly for the Google and Email Link sign-in methods but not for Microsoft which returns the error auth/account-exists-with-different-credential on sign in. My assumption is that it's related to the fact that the Microsoft provider info returns with emailVerified as false.
Reproduced this issue. With Google authentication, emailVerified returns true, but this is not the case with Microsoft authentication.
For now, you could use and deploy something like the following function:
import {
beforeUserSignedIn,
} from "firebase-functions/v2/identity";
export const beforeSignIn2 = beforeUserSignedIn((event) => {
if (!event.data?.providerData) return;
for (const provider of event.data?.providerData) {
if (provider?.providerId === "microsoft.com") {
return {
emailVerified: true
};
}
}
});