Step 1: Describe the issue
I am implementing a custom FUIAuthProvider to support a third-party login (e.g., Line Login) that integrates via a custom backend flow. The authentication process involves:
- Getting an access token from the third-party SDK.
- Exchanging it for a Firebase Custom Token via my backend.
- Signing in using
[[FIRAuth auth] signInWithCustomToken:...].
The Issue:
According to the Firebase SDK documentation, signInWithCustomToken successfully signs the user in but returns a FIRAuthDataResult where the credential property is nil. This is expected behavior for custom tokens as they don't generate an OAuth credential.
However, when I pass this nil credential to the FUIAuthProviderSignInCompletionBlock (to signal a successful login), FirebaseUI crashes internally.
It appears that FUIAuth or VerifyAssertionRequest assumes that a successful login (non-nil error) must be accompanied by a non-nil FIRAuthCredential object. It attempts to access properties on this nil object (likely provider), resulting in a Bad Access crash.
Step 2: Steps to reproduce
- Create a class that conforms to
FUIAuthProvider.
- Implement
signInWithDefaultValue:presentingViewController:completion:.
- Inside the implementation, perform a sign-in using
[[FIRAuth auth] signInWithCustomToken:token completion:...].
- In the completion handler, observe that
authResult.credential is nil.
- Call the FirebaseUI completion block with this nil credential:
// authResult.credential is nil here
completion(authResult.credential, nil, nil, nil);
- The app crashes immediately.
Code Sample
// Inside a custom FUIAuthProvider implementation
- (void)signInWithDefaultValue:(nullable NSString *)defaultValue
presentingViewController:(nullable UIViewController *)presentingViewController
completion:(nullable FUIAuthProviderSignInCompletionBlock)completion {
// ... logic to get custom token ...
[[FIRAuth auth] signInWithCustomToken:customToken completion:^(FIRAuthDataResult * _Nullable authResult, NSError * _Nullable error) {
if (error) {
completion(nil, error, nil, nil);
return;
}
// authResult.credential is NIL for custom tokens (Design behavior of the main SDK).
// Passing this nil credential causes FUIAuth to crash.
completion(authResult.credential, nil, nil, nil);
}];
}Step 3: Expected behavior
FirebaseUI should gracefully handle the case where a custom provider signs in successfully via a Custom Token (where no OAuth credential exists).
Since signInWithCustomToken is a valid way to authenticate, FUIAuth should check if [FIRAuth auth].currentUser is set, or allow a nil credential in the completion block without crashing, and proceed to the authUI:didSignInWith:error: delegate method.
Step 4: Actual behavior
The app crashes with EXC_BAD_ACCESS.
Crash Log snippet:
Task 55: EXC_BAD_ACCESS (code=1, address=0x8)
...
[VerifyAssertionRequest ...]
...
(It seems to be trying to access a property, likely provider, on the nil credential object).
Step 5: Environment details
- Xcode version: [26]
- FirebaseSDK version: [last version]
- FirebaseUI version: [15.1.0],
- Installation method: CocoaPods
Workaround
To prevent the crash, I currently have to "trick" FirebaseUI by reporting a fake "User Cancelled" error when the custom token login succeeds. This stops FirebaseUI from processing the nil credential, and I manually handle the successful state in the FUIAuthDelegate.
// Current workaround
if (authResult.credential == nil) {
// Manually dismiss the view controller on main thread
dispatch_async(dispatch_get_main_queue(), ^{
[self.presentingViewController dismissViewControllerAnimated:YES completion:nil];
});
// Send a fake cancel error to stop FUIAuth internal processing
NSError *cancelError = [NSError errorWithDomain:NSCocoaErrorDomain code:NSUserCancelledError userInfo:nil];
completion(nil, cancelError, nil, nil);
}
Step 1: Describe the issue
I am implementing a custom
FUIAuthProviderto support a third-party login (e.g., Line Login) that integrates via a custom backend flow. The authentication process involves:[[FIRAuth auth] signInWithCustomToken:...].The Issue:
According to the Firebase SDK documentation,
signInWithCustomTokensuccessfully signs the user in but returns aFIRAuthDataResultwhere thecredentialproperty isnil. This is expected behavior for custom tokens as they don't generate an OAuth credential.However, when I pass this
nilcredential to theFUIAuthProviderSignInCompletionBlock(to signal a successful login), FirebaseUI crashes internally.It appears that
FUIAuthorVerifyAssertionRequestassumes that a successful login (non-nil error) must be accompanied by a non-nilFIRAuthCredentialobject. It attempts to access properties on this nil object (likelyprovider), resulting in a Bad Access crash.Step 2: Steps to reproduce
FUIAuthProvider.signInWithDefaultValue:presentingViewController:completion:.[[FIRAuth auth] signInWithCustomToken:token completion:...].authResult.credentialisnil.Code Sample
Step 3: Expected behavior
FirebaseUI should gracefully handle the case where a custom provider signs in successfully via a Custom Token (where no OAuth credential exists).
Since
signInWithCustomTokenis a valid way to authenticate,FUIAuthshould check if[FIRAuth auth].currentUseris set, or allow anilcredential in the completion block without crashing, and proceed to theauthUI:didSignInWith:error:delegate method.Step 4: Actual behavior
The app crashes with
EXC_BAD_ACCESS.Crash Log snippet:
(It seems to be trying to access a property, likely
provider, on the nil credential object).Step 5: Environment details
Workaround
To prevent the crash, I currently have to "trick" FirebaseUI by reporting a fake "User Cancelled" error when the custom token login succeeds. This stops FirebaseUI from processing the nil credential, and I manually handle the successful state in the
FUIAuthDelegate.