aboutsummaryrefslogtreecommitdiffhomepage
path: root/Firebase
diff options
context:
space:
mode:
authorGravatar Xiangtian Dai <xiangtian@google.com>2017-10-02 14:15:05 -0700
committerGravatar GitHub <noreply@github.com>2017-10-02 14:15:05 -0700
commitbf550507ffa8beee149383a5bf1e2363bccefbb4 (patch)
tree234ac2ff5df20d8c54c7cd89b590791f3429a25b /Firebase
parent7fa0b0de42141d90b8ba3da67cad037becf6f065 (diff)
Automatically signs user out if the token is no longer valid. (#323)
Diffstat (limited to 'Firebase')
-rw-r--r--Firebase/Auth/Source/FIRAuth.m7
-rw-r--r--Firebase/Auth/Source/FIRUser.m37
-rw-r--r--Firebase/Auth/Source/RPCs/FIRVerifyPhoneNumberRequest.m2
3 files changed, 33 insertions, 13 deletions
diff --git a/Firebase/Auth/Source/FIRAuth.m b/Firebase/Auth/Source/FIRAuth.m
index f0a069c..245e600 100644
--- a/Firebase/Auth/Source/FIRAuth.m
+++ b/Firebase/Auth/Source/FIRAuth.m
@@ -1207,13 +1207,6 @@ static NSMutableDictionary *gKeychainServiceNameForAppName;
if (![strongSelf->_currentUser.uid isEqualToString:uid]) {
return;
}
- // If the error is an invalid token, sign the user out.
- if (error.code == FIRAuthErrorCodeInvalidUserToken) {
- FIRLogNotice(kFIRLoggerAuth, @"I-AUT000005",
- @"Invalid refresh token detected, user is automatically signed out.");
- [strongSelf signOutByForceWithUserID:uid error:nil];
- return;
- }
if (error) {
// Kicks off exponential back off logic to retry failed attempt. Starts with one minute
// delay (60 seconds) if this is the first failed attempt.
diff --git a/Firebase/Auth/Source/FIRUser.m b/Firebase/Auth/Source/FIRUser.m
index ef42a29..c4396ad 100644
--- a/Firebase/Auth/Source/FIRUser.m
+++ b/Firebase/Auth/Source/FIRUser.m
@@ -18,8 +18,6 @@
#import "FIRUser_Internal.h"
-#import "AuthProviders/EmailPassword/FIREmailPasswordAuthCredential.h"
-#import "FIREmailAuthProvider.h"
#import "FIRAdditionalUserInfo_Internal.h"
#import "FIRAuth.h"
#import "FIRAuthCredential_Internal.h"
@@ -29,18 +27,21 @@
#import "FIRAuthSerialTaskQueue.h"
#import "FIRAuthOperationType.h"
#import "FIRAuth_Internal.h"
-#import "FIRSecureTokenService.h"
-#import "FIRUserInfoImpl.h"
#import "FIRAuthBackend.h"
#import "FIRAuthRequestConfiguration.h"
#import "FIRDeleteAccountRequest.h"
#import "FIRDeleteAccountResponse.h"
+#import "FIREmailAuthProvider.h"
+#import "FIREmailPasswordAuthCredential.h"
#import "FIRGetAccountInfoRequest.h"
#import "FIRGetAccountInfoResponse.h"
#import "FIRGetOOBConfirmationCodeRequest.h"
#import "FIRGetOOBConfirmationCodeResponse.h"
+#import "FIRLogger.h"
+#import "FIRSecureTokenService.h"
#import "FIRSetAccountInfoRequest.h"
#import "FIRSetAccountInfoResponse.h"
+#import "FIRUserInfoImpl.h"
#import "FIRUserMetadata_Internal.h"
#import "FIRVerifyAssertionRequest.h"
#import "FIRVerifyAssertionResponse.h"
@@ -261,6 +262,7 @@ static void callInMainThreadWithAuthDataResultAndError(
callback:^(FIRGetAccountInfoResponse *_Nullable response,
NSError *_Nullable error) {
if (error) {
+ // No need to sign out user here for errors because the user hasn't been signed in yet.
callback(nil, error);
return;
}
@@ -386,6 +388,7 @@ static void callInMainThreadWithAuthDataResultAndError(
callback:^(FIRGetAccountInfoResponse *_Nullable response,
NSError *_Nullable error) {
if (error) {
+ [self signOutIfTokenIsInvalidWithError:error];
callback(nil, error);
return;
}
@@ -459,6 +462,7 @@ static void callInMainThreadWithAuthDataResultAndError(
callback:^(FIRSetAccountInfoResponse *_Nullable response,
NSError *_Nullable error) {
if (error) {
+ [self signOutIfTokenIsInvalidWithError:error];
complete();
callback(error);
return;
@@ -576,6 +580,7 @@ static void callInMainThreadWithAuthDataResultAndError(
callback:^(FIRGetAccountInfoResponse *_Nullable response,
NSError *_Nullable error) {
if (error) {
+ [self signOutIfTokenIsInvalidWithError:error];
callback(error);
return;
}
@@ -648,7 +653,8 @@ static void callInMainThreadWithAuthDataResultAndError(
callback:^(FIRVerifyPhoneNumberResponse *_Nullable response,
NSError *_Nullable error) {
if (error) {
- completion(error);;
+ [self signOutIfTokenIsInvalidWithError:error];
+ completion(error);
return;
}
// Get account info to update cached user info.
@@ -805,6 +811,7 @@ static void callInMainThreadWithAuthDataResultAndError(
NSError *_Nullable error,
BOOL tokenUpdated) {
if (error) {
+ [self signOutIfTokenIsInvalidWithError:error];
callback(nil, error);
return;
}
@@ -897,6 +904,7 @@ static void callInMainThreadWithAuthDataResultAndError(
[FIRAuthBackend verifyAssertion:request
callback:^(FIRVerifyAssertionResponse *response, NSError *error) {
if (error) {
+ [self signOutIfTokenIsInvalidWithError:error];
completeWithError(nil, error);
return;
}
@@ -923,6 +931,7 @@ static void callInMainThreadWithAuthDataResultAndError(
callback:^(FIRGetAccountInfoResponse *_Nullable response,
NSError *_Nullable error) {
if (error) {
+ [self signOutIfTokenIsInvalidWithError:error];
completeWithError(nil, error);
return;
}
@@ -976,6 +985,7 @@ static void callInMainThreadWithAuthDataResultAndError(
callback:^(FIRSetAccountInfoResponse *_Nullable response,
NSError *_Nullable error) {
if (error) {
+ [self signOutIfTokenIsInvalidWithError:error];
completeAndCallbackWithError(error);
return;
}
@@ -1055,6 +1065,7 @@ static void callInMainThreadWithAuthDataResultAndError(
callback:^(FIRGetOOBConfirmationCodeResponse *_Nullable
response,
NSError *_Nullable error) {
+ [self signOutIfTokenIsInvalidWithError:error];
callInMainThreadWithError(completion, error);
}];
}];
@@ -1088,6 +1099,22 @@ static void callInMainThreadWithAuthDataResultAndError(
});
}
+/** @fn signOutIfTokenIsInvalidWithError:
+ @brief Signs out this user if the user or the token is invalid.
+ @param error The error from the server.
+ */
+- (void)signOutIfTokenIsInvalidWithError:(nullable NSError *)error {
+ NSInteger errorCode = error.code;
+ if (errorCode == FIRAuthErrorCodeUserNotFound ||
+ errorCode == FIRAuthErrorCodeUserDisabled ||
+ errorCode == FIRAuthErrorCodeInvalidUserToken ||
+ errorCode == FIRAuthErrorCodeUserTokenExpired) {
+ FIRLogNotice(kFIRLoggerAuth, @"I-AUT000016",
+ @"Invalid user token detected, user is automatically signed out.");
+ [_auth signOutByForceWithUserID:_userID error:NULL];
+ }
+}
+
@end
@implementation FIRUserProfileChangeRequest {
diff --git a/Firebase/Auth/Source/RPCs/FIRVerifyPhoneNumberRequest.m b/Firebase/Auth/Source/RPCs/FIRVerifyPhoneNumberRequest.m
index 8af4c4e..022ab9e 100644
--- a/Firebase/Auth/Source/RPCs/FIRVerifyPhoneNumberRequest.m
+++ b/Firebase/Auth/Source/RPCs/FIRVerifyPhoneNumberRequest.m
@@ -86,7 +86,7 @@ static NSString *const kOperationKey = @"operation";
}
/** @fn FIRAuthOperationString
- @brief Returns a string object corresponding to the provided FIRAuthOperationType value.
+ @brief Returns a string object corresponding to the provided FIRAuthOperationType value.
@param operationType The value of the FIRAuthOperationType enum which will be translated to its
corresponding string value.
@return The string value corresponding to the FIRAuthOperationType argument.