Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

firebase provider authentication refresh flow

Tags:

javascript

firebase

firebase-authentication

I am trying to use firebase authentication to get a google access token in order to call the youtube API.

I am able to initially get the access token like this:

const provider = firebase.auth.GoogleAuthProvider();
cosnt scopes = []; // ...scopes
scopes.forEach(scope => provider.addScope(scope));

firebase.auth().signInWithPopUp(provider)
  .then(userCredentials=> {
    const oauthCredentials = userCredentials.credentials;
    // using credentials for API calls
    axios.get("some-google-api-path", { params: { access_token: oauthCredentials.accessToken } }); // and so on...
  });

This works fine until the access token expires. As far as I can tell, it seems like firebase automatically refreshes the session, but I can find a way to get the new access token.

I tried:

firebase.auth().onAuthStateChange(user => {
  // could not find the access token on the user object
});

And since that failed, I tried to do it manually using:

const token = firebase.auth.GoogleAuthProvider.credential(
  oauthCredentials.idToken,
  oauthCredentials.accessToken
);

const authResult = await firebase.auth().signInWithCredential(token);

The issue is that authResult will only contain the idToken or the accessToken, but not both, depends on what I give the firebase.auth.GoogleAuthProvider.credential function.

Am I missing something? Is there another/better way to do it?

like image 258
Tomer Amir Avatar asked Dec 06 '25 20:12

Tomer Amir

2 Answers

There are two tokens in play here:

  • The refresh token, which is only available after the user actively signs in. Since it doesn't change, you can cache this token - which is what the Firebase SDKs actually also do.
  • The ID token, which is available at any moment from the current user. This token expires in an hour, and is auto-refreshed by the Firebase SDKs.

So if you want to retain access to the refresh token, you will have to store (typically in local storage) yourself when the user first actively signs in.

like image 82
Frank van Puffelen Avatar answered Dec 08 '25 10:12

Frank van Puffelen

So apparently firebase doesn't refresh tokens of other providers for you (not event google) according to this (thank you Frank van Puffelen!)

So what I did instead, is authenticate manually to google (since I use react, I used react-google-login), and got all tokens from there.

Then, once the session is initiated/refreshed, I create a firebase session using:

const token = firebase.auth.GoogleAuthProvider.credential(
  oauthCredentials.idToken,
  oauthCredentials.accessToken
);

const authResult = await firebase.auth().signInWithCredential(token);

I hope that this helps anyone, and I will accept another answer if firebase ever changes this.

like image 27
Tomer Amir Avatar answered Dec 08 '25 08:12

Tomer Amir
Sign in to Comment

Related questions

Javascript on JetBrains IDE: type-hinting the autonomous custom element instance
Accessibility of inputs with z-index showing in dialog
Ra-data-simple-rest is not working | ERROR: total is not a number and newRecords.forEach is not a function
How to keep and loop the style of HTML element from an Array in REACT?
Azure Server failed to authenticate the request. Make sure the value of the authorization header is formed correctly including the signature
Vue 3 Dynamically set selected option of select form element
D3.js Moving elements in the svg structure

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!