firebase-ios-sdk icon indicating copy to clipboard operation
firebase-ios-sdk copied to clipboard

Published 20 hours ago verified publisher icon firebase

SP: Firebase not check SIGN WITH APPLE current status at launch time

Open jesus-mg-ios opened this issue 1 year ago • 5 comments

[REQUIRED] Step 1: Describe your environment

  • Xcode version: 13.3.1
  • Firebase SDK version: 9.2.0
  • Installation method: Swift Package Manager
  • Firebase Component: Auth
  • Target platform(s): iOS

[REQUIRED] Step 2: Describe the problem

SIGN WITH APPLE

We notice that firebase not check the current token. I mean in this flow the user still be logged in:

  • User logged in with firebase apple sign in.
  • Go to settings, remove the login with apple
  • Back to app, the user is still being login.

Steps to reproduce:

  • User logged in with firebase apple sign in.
  • Go to settings, remove the login with apple
  • Back to app, the user is still being login.

Relevant Code:

We double check the firebase documentation and there's nothing related to it. Apple says that you should check the status at launch time.

https://developer.apple.com/app-store/review/guidelines/#sign-in-with-apple

Thanks in advance

jesus-mg-ios avatar Jul 11 '22 06:07 jesus-mg-ios

Thanks for reporting, @jesus-mg-ios. It looks like your issue is related to #9906.

rizafran avatar Jul 11 '22 15:07 rizafran

@rizafran, thanks for your response. I think that is not related to this issue, because it is about account deletion and this issue is about remove Sign In with Apple from settings

jesus-mg-ios avatar Jul 11 '22 15:07 jesus-mg-ios

Hi @jesus-mg-ios - that's right, you need to monitor the authorisation state yourself. This is because the user might be authenticated using more than just one provider (e.g. Sign in with Apple, and Email/Link or Email/Password), and it is up to the app developer to decide when to sign them out.

To monitor auth state, here are two snippets you might find useful:

Monitor authentication state while the app is running:

someSwiftUIView
  .onReceive(NotificationCenter.default.publisher(for: ASAuthorizationAppleIDProvider.credentialRevokedNotification)) { event in
    do {
      try Auth.auth().signOut()
    }
    catch {
      print(error)
    }
  }
}

Check User Credentials at Launch

Call this from your app entry point:

  func verifySignInWithAppleAuthenticationState() {
    let appleIDProvider = ASAuthorizationAppleIDProvider()
    let providerData = Auth.auth().currentUser?.providerData
    if let appleProviderData = providerData?.first(where: { $0.providerID == "apple.com" }) {
      Task {
        do {
          let credentialState = try await appleIDProvider.credentialState(forUserID: appleProviderData.uid)
          switch credentialState {
          case .authorized:
            break // The Apple ID credential is valid.
          case .revoked, .notFound:
            // The Apple ID credential is either revoked or was not found, so show the sign-in UI.
            self.signOut()
          default:
            break
          }
        }
        catch {
        }
      }
    }
  }

peterfriese avatar Jul 11 '22 17:07 peterfriese

Would be great, if Firebase would provide a method with your snippet under the hood. @peterfriese

jesus-mg-ios avatar Aug 27 '23 05:08 jesus-mg-ios