firebase-js-sdk icon indicating copy to clipboard operation
firebase-js-sdk copied to clipboard

Published 20 hours ago verified publisher icon firebase

Email validation different between different auth functions

Open toppsdown opened this issue 1 year ago • 1 comments

[REQUIRED] Describe your environment

  • Operating System version: Mac OS Monterey (12.3)
  • Browser version: Chrome
  • Firebase SDK version: 9.8.1
  • Firebase Product: auth

[REQUIRED] Describe the problem

The email validation for fetchSignInMethodsForEmail is different from linkWithCredential.

Steps to reproduce:

submit these credentials to both functions: User: test@test Password 1234

Expected behavior: Both functions return error that email is invalid.

Actual behavior:

  • fetchSignInMethods returns no error.
  • linkWithCredential returns an error that email is invalid.

Relevant Code:

  const checkEmailFunctions = () => {
    const userEmail = 'test@test'
    const userPassword = '1234'
    fetchSignInMethodsForEmail(auth, userEmail).catch(error => {
      setErrorMessage1(error.message)
    })

    const currentUser = auth.currentUser
    const newAuthCredential = EmailAuthProvider.credential(
      userEmail,
      userPassword,
    )
    if (currentUser) {
      linkWithCredential(currentUser, newAuthCredential).catch(error => {
        setErrorMessage2(error.message)
      })
    }
  }
image

toppsdown avatar Sep 07 '22 20:09 toppsdown

For anyone visiting this issue, make sure to check this: https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection

foo4foo avatar Jan 30 '24 14:01 foo4foo