Menu
In my Android app I'm signing in via Firebase AuthUI using Google sign in. That part works. Now I tried to sign in using the IdToken but I always get this error message:
com.google.android.gms.tasks.RuntimeExecutionException: com.google.firebase.auth.FirebaseAuthInvalidCredentialsException: The supplied auth credential is malformed or has expired. [ Invalid id_token in IdP response: XXXXXXX... ]
This works and logs me in successfully in my Firebase project:
@OnClick(R.id.sign_in)
public void signIn() {
startActivityForResult(
AuthUI.getInstance().createSignInIntentBuilder()
.setTheme(getSelectedTheme())
.setLogo(getSelectedLogo())
.setAvailableProviders(getSelectedProviders())
.setTosAndPrivacyPolicyUrls(getSelectedTosUrl(),getSelectedPrivacyPolicyUrl())
.setIsSmartLockEnabled(true,
true)
.build(),
RC_SIGN_IN);
}
But trying to use signInWithCredential using credentials made from the IdToken gives me the error above:
@Override
protected void onActivityResult(int requestCode, int resultCode, Intent data) {
super.onActivityResult(requestCode, resultCode, data);
if (requestCode == RC_SIGN_IN) {
handleSignInResponse(resultCode, data);
return;
}
}
@MainThread
private void handleSignInResponse(int resultCode, Intent data) {
IdpResponse response = IdpResponse.fromResultIntent(data);
if (resultCode == RESULT_OK) {
FirebaseAuth auth = FirebaseAuth.getInstance();
FirebaseUser firebaseUser = auth.getCurrentUser();
if(firebaseUser != null){
auth.getCurrentUser().getIdToken(true).addOnCompleteListener(task -> {
String idToken = task.getResult().getToken();
AuthCredential cred = GoogleAuthProvider.getCredential(idToken ,null);
auth.signInWithCredential(cred).addOnCompleteListener(task1 ->
Log.v(TAG,"results: " + task1.getResult()));
});
}
}
}
I'm following this tutorial and my goal is to sign in to multiple Firebase projects.
Trying to sign in to a secondary Firebase project using the credentials from the IdToken above returns the same error.
FirebaseApp app = FirebaseApp.getInstance("secondary");
FirebaseAuth.getInstance(app).signInWithCredential(credential);
914
The response contains the Identity Platform ID token and refresh token associated with the authenticated user. CREDENTIAL_TOO_OLD_LOGIN_AGAIN: The user's credential is no longer valid. The user must sign in again. TOKEN_EXPIRED: The user's credential is no longer valid.
You can sign in a user with an OAuth credential by issuing an HTTP POST request to the Auth verifyAssertion endpoint. Content-Type: application/json The URI to which the IDP redirects the user back. Contains the OAuth credential (an ID token or access token) and provider ID which issues the credential.
CREDENTIAL_TOO_OLD_LOGIN_AGAIN: The user's credential is no longer valid. The user must sign in again. TOKEN_EXPIRED: The user's credential is no longer valid.
The response contains the Identity Platform ID token and refresh token associated with the authenticated user. CREDENTIAL_TOO_OLD_LOGIN_AGAIN: The user's credential is no longer valid. The user must sign in again. TOKEN_EXPIRED: The user's credential is no longer valid. The user must sign in again.
I got this error when the time or time zone on the device was wrong. Setting the correct time solved it.
92
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
