Google as an Auth provider doesn't work on iOS saved to homescreen #77
Comments
|
related issue: firebase/quickstart-js#94 |
|
This is a known issue and not really Firebase related (in the case of redirect) which is Google sign-in related. Webviews are insecure and Google sign-in no longer works in that environment anymore. Google sign-in recommends using SFSafariViewController for this but homescreen apps cannot run in a SFSafariViewController, instead they always run in a webview environment. |
|
I totally understand that, but saving to home screen isn’t something I have control over as an author. Does this really come down to “it’s impossible”? |
|
Unfortunately, it is currently impossible if you wish to use Google Sign in. If you are using other providers, you can use the recommended signInWithRedirect for that mode (it should work). |
|
This is a pretty big, deal breaker, any hope/news on this ? |
|
Sorry, it is out of our control. You need to reach out to the Google OAuth folks about this. I don't think there is currently anyway to get Google sign-in to work in a home screen iOS app. |
|
Android is also effected by this issue, this is definitely a deal breaker for pwa |
|
There are still no solution for this problem? |
|
Have just run into this issue myself, some of our users are trying to launch from iOS bookmarks and are unable to sign in. I appreciate this is not a firebase issue per say but wanted to add my voice here to draw attention that there are more affected users. I am using firebase web authentication, is there no way to allow login from iOS in this instance? Thanks |
|
This makes me sad. |
|
Facebook login and other non-Google providers should work in redirect mode only. |
|
Does anyone know where we can follow the progress on this PWA deal breaker ? |
|
We would welcome a solution to this problem as well. Unfortunately this is a "deal breaker" for us as well.... I wanted to share on this thread as we are running into this same issue and did not want to be silent about it. Looking forward to a resolution soon! |
|
How do we upvote a solution? |
|
Does anyone know where we can follow information on how this problem is being treated by either Google OAuth, Apple or Firebase? Is there a way for firebase to detect if the app is launched from the home screen so we can display an explanation for our users? |
|
The iOS embedded webview has a distinct useragent. You can test for that and display a message to the user. Embedded webviews for iOS 9 and above are blocked from accessing the Google OAuth page for security reasons: https://developers.googleblog.com/2016/08/modernizing-oauth-interactions-in-native-apps.html |
|
Why not just: When popup is not possible, like in Safari? |
|
@RileyDavidson-Evans Actually, I tried https://fir-ui-demo-84a6c.firebaseapp.com/ posted in the thread above with just the latest stable Chrome and couldn't reproduce the endless loop. Maybe someone fixed something behind the scene already? |
|
For me it looks like redirect auth works on https://friendly-pix.com/ on iOS homescreen apps with Google sign-in. But perhaps, since this is an old app, I was grandfathered into an exception. Popup auth works on Android Homescreen apps. This is how I implemented an exception just for iOS homescreen apps: var signInFlow = 'popup';
// For iOS full screen apps we use the redirect auth mode.
if (('standalone' in window.navigator)
&& window.navigator.standalone){
signInFlow = 'redirect';
}
// FirebaseUI config.
var uiConfig = {
'signInFlow': signInFlow,
'signInOptions': [
firebase.auth.GoogleAuthProvider.PROVIDER_ID,
firebase.auth.FacebookAuthProvider.PROVIDER_ID
]
};
var firebaseUi = new firebaseui.auth.AuthUI(firebase.auth()); |
|
Curious that iOS Safari on iPhone (11.4) doesn't work, however iPad (11.2.5) works without any problem. |
|
@tomodian The change in browser context handling on iOS was introduced in 11.3. 11.2 is unaffected. 👍 |
|
I´m assuming that you have a "manifest" meta tag to reference manifest.json file. I suggest to do this workaround, that works perfect in ios safari web app: |
|
@jorge-valvert is right. Tested in my own project and social login is working now. Thanks for sharing. |
|
@jorge-valvert solution works on iOS also for us, breaks Chrome so it still needs some imprevements. |
|
@aSegatto for me is working both. What I did was adding two link tags for the same manifest: When page is loaded I check if it's on iOS and do the following in order to avoid safari to read the rel="manifest": document.querySelector('link[rel="manifest"]').setAttribute("rel", "no-on-ios"); I'm not sure if it's necessary though. This way Chrome is able to read the manifest via rel="manifest" and pwacompat.js is able to prepare the meta tags for iOS using rel="pwa-setup". |
|
With: The and this configuration at index.html: it works! |
|
We are having a problem similar to this in our application. |
|
This works for me but without the manifest all the internal links in my application open a browser window. Did anyone run into this issue and resolve it? |
|
@jvitor83 the modified pwacompat.js solution stopped working for me recently. Was working a couple of weeks ago. Not sure what changed, perhaps it's because I updated to the latest version of angular and firebase. |
|
@jvitor83 thanks for your solution, a few comments/thoughts Looking at the pwacompat.js script, the <link rel="manifest" href="manifest.json">
<script src="pwacompat.js"></script>
<script>
var iOS = !!navigator.platform && /iPhone|iPod|iPad/.test(navigator.platform) && !window.MSStream;
if(iOS) {
document.querySelector('link[rel="manifest"]').setAttribute("rel", "no-on-ios");
}
</script> // pwacompat.js around line 36
function setup() {
const manifestHref = 'manifest.json';
const hrefFactory = buildHrefFactory([manifestHref, window.location]);
...Note I also tweaked the iOS detection to include iPads and to disregard some versions of IE that tried to be iPhones. Whilst I'm pleased that the fix is getting my app working, has anyone actually worked out how/why this fixes the OAuth issue? From reading the script, all it does is read your manifest.json file and then add some |
|
Did this "fix" stop working?
When I save the PWA to homescreen and try to log in, it opens Safari, I go through the oauth2 process and am redirected to the app in the Safari browser - not in the installed PWA. When I go back to the installed PWA it's still not authed. Authentication part: PWA Compat Hack HTML: PWA Compat Hack, pwacompat.js ~line 36 Tested on physical iPhone X with iOS 12.1.2. Tested in Xcode simulator on various simulators. |
|
We are currently using the solution proposed incomment and it's still working. |
|
Will Google Auth work with the next release of iOS 12.2? (Mike Hartington's comment on twitter seems to suggest this) |
|
I just tried the solution and while it lets you start the login to your google account you cannot complete it if Google decides to send you a text message code to confirm. When you leave to get your code and then come back the page for typing in your code disappears and you have to start the sign in process again. (iOS 12.2 - redirect) The Facebook login works now with this modification ... although, its not asking for 2-step authentication so who knows what happens if thats enabled. |
|
I just tested in iOS 12.3.1 and google login in my web app works correctly. I was able to complete 2 step verification by leaving my web app, picking up the number via text and popping back into my app. It looks like google login on the home screen is fixed! Facebook login works correctly as well. |
|
Closed, as the issue has been fixed. |
and others
[REQUIRED] Describe your environment
[REQUIRED] Describe the problem
Steps to reproduce:
Relevant Code:
The text was updated successfully, but these errors were encountered: