Firebase Auth Emulator doesn't work with TOTP MFA secret generation #6224
Comments
|
Currently the Auth emulator doesn't support TOTP MFA. Internal bug: b/288313571 |
|
@christhompsongoogle are there any links I can check out or other discussions to read through on this topic as TOTP pertains to emulated environments? I'd like to learn more about it so I can anticipate if and when this will be supported. Thanks! |
|
Hey @jakehockey10, unfortunately, we can't make any promises to support this in the auth emulator anytime soon. |
|
@jakehockey10 We simple add a custom claim (e.g. import { initializeApp } from 'firebase/app';
import {
getAuth,
connectAuthEmulator,
authStateReady,
onAuthStateChanged,
getIdTokenResult
} from 'firebase/auth';
const app = initializeApp({
// your config
});
const auth = getAuth(app);
if (process.env.FIREBASE_EMULATOR) {
connectAuthEmulator(auth, 'http://localhost:9099', {
disableWarnings: true
});
}
await firebase.auth.authStateReady();
onAuthStateChanged(auth, async (authUser) => {
const idTokenResult = authUser ? await getIdTokenResult(authUser) : null;
if (
idTokenResult?.signInSecondFactor !== 'totp'
&& !idTokenResult?.claims?.emulator
) {
return;
}
// do something
}); |
No worries! Wasn't anticipating any promises or anything. Just didn't know if there was plans for it documented any where or if it wasn't really that far along yet. Thanks for the response! |
Thank you so much for your response! This approach makes a lot of sense and I appreciate you sharing your insight! |
|
I'm looking into implementing TOTP functionality soon in react-native-firebase on top of the android + ios native SDKs, and our current e2e testing infrastructure relies on the auth emulator, as it doesn't have the rate-limiting issues we were running into when running e2e in CI against "real" / cloud auth APIs. Would love to see the TOTP functionality supported in the emulator 🙏 , otherwise the cloud APIs are the only alternative and we'll be subject to CI flakiness related to the rate limits the cloud auth APIs implement That's a lot of words for basically a "👍" but if it helps raise priority it is worth it 😄 Cheers |
|
How is this still not fixed nearly a year has gone by? |
|
Been nearly 2 years now and you still don't support this most basic feature in the emulator. But you guys added AI support, which nobody cares about. |
|
@elucidsoft you'd be surprised the excitement amongst library consumers for the AI support, so I'd be careful generalizing your own preferences into an assertion of what people care about or not. There is demonstrated demand for AI support. Also, TOTP / MFA support is likely not "the most basic feature", otherwise I'd expect to see a PR from you with just a few That said, I would dearly love to see this feature implemented - please please - as the react-native-firebase maintainer this pops up from time to time as we don't support TOTP yet, and one of the reasons is that we converted our e2e test suite to use the emulator exclusively (so we don't hit rate limits on lots of the real-cloud-APIs we need to test...) but...then we have no test support for the TOTP APIs which makes it hard to implement. |
[REQUIRED] Environment info
firebase-tools: 12.4.7
Platform: Ubuntu 22.04.2 LTS (WSL)
[REQUIRED] Test case
Assume a button that generates a secret in any web app and calls the below function when clicked:
[REQUIRED] Steps to reproduce
Running everything exactly as the docs describe:
[REQUIRED] Expected behavior
It should print the the secret URI in order to display the QR for the user to scan. This operating should be the identical whether auth is emulated or live.
[REQUIRED] Actual behavior
When running under the Auth emulator, the following error appears client-side:
However, when disabling the Auth emulator and running everything with the live service, everything works as expected.
Reference Add TOTP multi-factor authentication to your web app
The text was updated successfully, but these errors were encountered: