fb_auth icon indicating copy to clipboard operation
fb_auth copied to clipboard
verified publisher icon rodydavis

Fix currentUser() in FbClient

Open instance-id opened this issue 5 years ago • 0 comments

The currentUser() method within the FbClient class, upon successful login, the token information is saved to fb_auth.json. Once application is closed and reopened the following occurs:

  @override
  Future<AuthUser> currentUser() async {
    FirestoreJsonAccessToken token = await _loadToken(); // 1. --- Loading saved token data from fb_auth.json
    if (token != null) {
      var result = await http.post( 
        'https://identitytoolkit.googleapis.com/v1/accounts:lookup?key=${app.apiKey}',
        body: json.encode({
          "idToken": token?.idToken,
          "returnSecureToken": true,
        }),
      );
      token = await _saveToken(result); // 2. -- Sending results to _saveToken, which decodes json
      return _getUser(token); // 7. --- Incorrect token data (actually user
    }
    return null;
  }

  Future<FirestoreJsonAccessToken> _saveToken(http.Response result) async {
    final _data = json.decode(result.body); // 3. --- Data is decoded, which results in the data in the next code block 
    final token = FirestoreJsonAccessToken(_data, DateTime.now()); // 4. --- Unable to map the data, as it is not an access token, it is user data.
    await onSave(_data); // 5. --- This incorrect data is then saved to fb_auth.json
    return token; // 6. --- Incorrect token is passed back to currentUser()
  }

Results of 'results' http.Response json

{
    "kind": "identitytoolkit#GetAccountInfoResponse",
    "users": [
    {
        "localId": "xxxxxxxxxxxxxxxxxxxxxxxxxx",
        "email": "[email protected]",
        "displayName": "xxxxxxxxxxxxx",
        "passwordHash": "xxxxxxxxxx=",
        "emailVerified": false,
        "passwordUpdatedAt": 1587344957542,
        "providerUserInfo": [
        {
            "providerId": "password",
            "displayName": "xxxxxxxxxxx",
            "federatedId": "[email protected]",
            "email": "[email protected]",
            "rawId": "[email protected]"
        }],
        "validSince": "1587344957",
        "disabled": false,
        "lastLoginAt": "1588119233200",
        "createdAt": "1587344957542",
        "lastRefreshAt": "2020-04-29T00:13:53.200Z"
    }]
}

My changes allow it to work properly in my testing, as the loaded token gets sent to the _getUser() method properly, the user data is returned and usable within the application, and the application is able to continue.

Please do let me know if I am mistaken on any of this.

Thanks, -instance.id

instance-id avatar Apr 29 '20 00:04 instance-id