Feature: Include Facebook accessToken

[JasonGoemaat]

I can't find where this is available anywhere so I would like to request that it be added. I can get it if I add the firebase script directly and call it like this:

var provider = new firebase.auth.FacebookAuthProvider();

firebase.auth().signInWithPopup(provider).then(function(result) {
	console.log(result.credential.accessToken);
}).catch(err => { console.error('error!', err); });

And this seems to work for me too, r.credential.accessToken is what I want (af is AngularFire):

af.auth._authBackend._fbAuth.signInWithPopup(af.auth._authBackend._enumToAuthProvider(2)).then(r => console.log(r));

I see that the state value returned in the promise from the login() using a pop-up does have a facebook property with the access token, so maybe there's no way to get the data except when logging in with a popup? Trying redirect I never got anything with getRedirectResult() either...

[etalazz]

using redirect, I found it to be in the auth.facebook object
then in typescript:

const token: any = auth.facebook;
accessToken = token.accessToken;

if you do auth.facebook.accessToken you might get an error.

[clark-stevenson]

I replied to this and then I considered it nonsense and deleted it but now I am not so sure again.

In the end I don't really like how auth.facebook changes as an object.

So auth.twitter returns this object when you first sign in.

{
    accessToken: string;
    provider: string;
    secret: string;
}

I don't know the exact properties, but later, if you come back in the day, and are signed in "automatically" then that same object becomes

{
    displayName: string;
    photoURL: string;
    email: string;
}

Infact, that first object above is hidden from you. According to the .d.ts this object is always the second one. That is why @ealvarezv casts to any and "you might get an error". You get an error because the object doesn't exist for long. I think this is because the tokens themselves are short lived. So coming back later in the day it makes sense not to assume they are there.

Anyway all I wanted to say here was, is if you look at firebaseApp.auth().getRedirectResult()

That returns a possible credential property on the error.

{
    code: string;
    credential: {
        accessToken: string;
        provider: string;
        secret: string;
     };
     email: string;
     message: string;
}

Is it possible to add a similar credential property to the second object above? So if you want these tokens, you can say if (auth.facebook.credential) rather than casting to any and figuring out the type of object?

I am out of my depth on the whole auth process but this ticket is high on a specific google search and wanted to put down my related findings when attempting to access these tokens.

[nick-jonas]

I'm successfully getting an access token with Google using the method @ealvarezv mentioned, but only when I sign in with AuthMethods.Redirect:

constructor(public auth$: FirebaseAuth, private http:Http) {
    auth$.subscribe((state: FirebaseAuthState) => {
      this.authState = state;
      if(state){
        const token: any = state.google;

       // this gives an access token:
        console.log(token.accessToken);

        this.getPeople(token.accessToken)
          .subscribe(
            people => console.log(people),
            error =>  console.log(error));
      }
    });
  }

However when I try to use it like so with a google api:

getPeople(accessToken){
    let path = 'https://people.googleapis.com/v1/people/me/connections?access_token=' + accessToken;
    return this.http.get(path)
      .map(this.extractData)
      .catch(this.handleError);
  }

I am getting an insufficient authentication scope:

{
  "error": {
    "code": 403,
    "message": "Request had insufficient authentication scopes.",
    "status": "PERMISSION_DENIED"
  }
}

That's a whole other issue that I need help with, might be related?

[nick-jonas]

Just to be clear, it looks like AngularFire isn't returning the proper access token needed to call Google APIs:

// This gives you a Google Access Token. You can use it to access the Google API.
var token = result.credential.accessToken;

[davideast]

AngularFire2 no longer provides these auth methods. If this problem still persists open a question on Stackoverflow for Firebase Authentication.