Retrieve credential for a custom auth in firebase in order to link the custom provider

Question

In my firebase app, users can login using

• Google (federated provider by Firebase) or
• Slack (implemented as custom Auth Provider)

I want to give the user the opportunity to link both accounts. So the case I am opening is:

1. User signs in with Google
2. User goes to Settings and clicks 'Connect with Slack'
3. User account should then be linked so he can sign in with either Slack or Google next time

As per documentation, in order to link accounts, you can call either linkWithPopup/Redirect for federated providers or auth.currentuser.link(credential) for the email provider (https://firebase.google.com/docs/auth/web/account-linking).

I am now wondering if I can somehow obtain an AuthCredential from my custom Slack authentication and use the above link(credential) method?
Did anybody managed linking accounts to custom auth providers successfully?

Answer 1

This is not supported out of the box. What you can do is the following (requires tweaking of the order, mainly switching the order):

1. Sign in with custom auth using slack: (the uid used here in the custom auth account could be the same as the slack user identifier).
2. linkWithPopup/Redirect/Credential using the Google provider or credential to the existing slack custom user.

If you insist on the proposed flow, you can do the following:

1. Sign in with Google first (uid allocated).
2. Sign in with Slack (slack OAuth credential obtained).
3. Send Firebase ID token and slack credential to your backend.
4. Verify Firebase ID token, query slack userinfo endpoint to get slack user data, including slack identifier.
5. Save a hash map with the Slack identifier as key and the Firebase uid as value, another hash map with firebase uid as key and slack identifier as value.
6. Mint a custom token with the firebase uid, set slack custom attribute (slack: {Slack Identifier}).
7. Send custom token to front end and signInWithCustomToken (slack identifier will now be available in token)
8. The slack account is now linked to the existing account.

The next time the user logs in with Slack:

1. Send the slack OAuth credential to the backend.
2. Query slack userinfo to get slack identifier.
3. Check hash map using slack identifier key for corresponding firebase uid.
4. Mint custom token with firebase uid, add slack identifier as custom attribute.
5. sign in with custom token on the client.

If the user signs in with Google.

1. Send firebase ID token to the backend.
2. Verify ID token, lookup corresponding slack identifier in the hash map with firebase uid keys.
3. Mint custom token with Firebase uid and slack identifier as custom attribute.
4. sign in with custom token on the client.