Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

createSessionCookie does not pick up USER_DISABLED errors #1503

Closed
rhodgkins opened this issue Nov 18, 2021 · 3 comments · Fixed by #1506
Closed

createSessionCookie does not pick up USER_DISABLED errors #1503

rhodgkins opened this issue Nov 18, 2021 · 3 comments · Fixed by #1506
Assignees
@xil222
Labels
api: auth

Comments

@rhodgkins
Copy link

[READ] Step 1: Are you in the right place?

  • For issues related to the code in this repository file a Github issue.
  • If the issue pertains to Cloud Firestore, read the instructions in the "Firestore issue"
    template.
  • For general technical questions, post a question on StackOverflow
    with the firebase tag.
  • For general Firebase discussion, use the firebase-talk
    google group.
  • For help troubleshooting your application that does not fall under one
    of the above categories, reach out to the personalized
    Firebase support channel.

[REQUIRED] Step 2: Describe your environment

  • Operating System version: macOS
  • Firebase SDK version: 10.0.0
  • Firebase Product: auth
  • Node.js version: 16
  • NPM version: N/A

[REQUIRED] Step 3: Describe the problem

The following generic error is returned:

{
    code: 'auth/internal-error', 
    message: 'An internal error has occurred. Raw server response: "{"error":{"code":400,"message":"USER_DISABLED","errors":[{"message":"USER_DISABLED","reason":"invalid","domain":"global"}]}}"'
}

Where as there is a auth/user-disabled error code defined so should use that instead:

firebase-admin-node/src/utils/error.ts

Lines 724 to 727 in 94dd7c3

public static USER_DISABLED = {
code: 'user-disabled',
message: 'The user record is disabled.',
}

So I'd expect a similar error to using .verfiyIdToken for a disabled user:

{
   code: 'auth/user-disabled',
   message: 'The user record is disabled.'
}

Steps to reproduce:

  1. Create a user
  2. Sign in to a client SDK as the user and .getIdToken
  3. Disable the user
  4. In Admin SDK try .createSessionCookie(idToken, { expiresIn: 300000 })
@lahirumaramba
Copy link
Member

@bojeil-google @xil222 Should we check for disabled accounts in createSessionCookie () similar to #1401 ?

@rhodgkins
Copy link
Author

rhodgkins commented Nov 18, 2021
edited

Just to note - the issue, for me, isn’t that it’s not checking for disabled users, it’s just not parsing the server error correctly and dumping it into the message, like it’s just been missed:

An internal error has occurred. Raw server response: "{"error":{"code":400,"message":"USER_DISABLED","errors":[{"message":"USER_DISABLED","reason":"invalid","domain":"global"}]}}"

@xil222
Copy link
Contributor

xil222 commented Nov 18, 2021

Thanks for the info, I'm looking on this

@xil222 xil222 mentioned this issue Nov 22, 2021
Merged
@lahirumaramba lahirumaramba linked a pull request Nov 23, 2021 that will close this issue
fix(auth): Add user disabled error code. #1506
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@xil222 xil222

Labels
api: auth
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix(auth): Add user disabled error code. firebase/firebase-admin-node
4 participants
@lahirumaramba @rhodgkins @xil222 @google-oss-bot