Linking OAuthProvider auth/multi-factor-auth-required #8563
Description
Operating System
Arch linux
Environment (if applicable)
Firefox 131
Firebase SDK Version
10.14.0
Firebase SDK Product(s)
Auth, Functions
Project Tooling
Vue 3.5 application with Vite 5 ,
Running nodejs blocking functions on beforeSignIn
Detailed Problem Description
We are having problems with linking a new OAuthProvider on existing accounts with MFA (TOTP and SMS)
When an existing user without mfa signs in with OAuthProvider account, we get the auth/account-exists-with-different-credential as expected, and we can do the linking as expected. When the linking is attempted, the blocking function runs and we can block the linking before it is completed.
When an existing user with mfa signs in with OAuthProvider account, we get the auth/account-exists-with-different-credential, but after completing the login step the linkWithCredential function throws another auth/multi-factor-auth-required error, and the accounts are linked with no beforeSignIn execution.
Steps and code to reproduce issue
- Create new email user with MFA active
- Start OAuthProvider sign in
- Catch the auth/account-exists-with-different-credential exception
- Confirm user by logging in with email credentials
- Catch the
auth/multi-factor-auth-requiredexception - Start provider linking
- Get another
auth/multi-factor-auth-requiredexception - Observe that the accounts have been linked, but not the beforeSignIn function