Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

🐛 [firebase_auth] No way to remove email and name scope when using Firebase Auth #11139

Open
nilsreichardt opened this issue Jun 14, 2023 · 7 comments
Open

🐛 [firebase_auth] No way to remove email and name scope when using Firebase Auth #11139

nilsreichardt opened this issue Jun 14, 2023 · 7 comments
Labels
platform: web Issues / PRs which are specifically for web. plugin: auth type: bug Something isn't working

Comments

@nilsreichardt
Copy link
Contributor

nilsreichardt commented Jun 14, 2023
edited
Loading

Bug report

Describe the bug
When using the Firebase Auth Apple Sign In, there is no way to remove the email and name scope for Firebase Auth. This is a problem because you can't follow GDPR Art. 5 (c):

adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (‘data minimisation’);

Steps to reproduce

Steps to reproduce the behavior:

  1. Setup Apple Sign In
  2. Try to sign in with Apple

I have tested it on Web.

Expected behavior

A clear and concise description of what you expected to happen.

Sample project

Future<UserId> signInWithApple() async {
    final appleProvider = AppleAuthProvider();

    late UserCredential userCredential;
    if (kIsWeb) {
      userCredential =
          await FirebaseAuth.instance.signInWithPopup(appleProvider);
    } else {
      userCredential =
          await FirebaseAuth.instance.signInWithProvider(appleProvider);
    }

    return userCredential.user!.uid;
  }

Additional context

I would expect that

flutterfire/packages/firebase_auth/firebase_auth_platform_interface/lib/src/providers/apple_auth.dart

Line 59 in 70ab153

List<String> _scopes = [];

would contain the two default scopes and that AppleAuthProvider has a method setScope or removeScope to remove the default scopes.
@nilsreichardt nilsreichardt added Needs Attention This issue needs maintainer attention. type: bug Something isn't working labels Jun 14, 2023
@darshankawar darshankawar added the triage Issue is currently being triaged. label Jun 15, 2023
@darshankawar
Copy link

Thanks for the report @nilsreichardt
#9471 removed the default scopes on iOS for apple sign-in.
Is this issue to do the same but for web ?
@darshankawar darshankawar added blocked: customer-response Waiting for customer response, e.g. more information was requested. and removed Needs Attention This issue needs maintainer attention. labels Jun 15, 2023
@nilsreichardt
Copy link
Contributor Author

I haven't tested it on iOS only on web
@google-oss-bot google-oss-bot added Needs Attention This issue needs maintainer attention. and removed blocked: customer-response Waiting for customer response, e.g. more information was requested. labels Jun 15, 2023
@darshankawar
Copy link

I am wondering how different is this issue from the linked one above. Can you please elaborate ?
@darshankawar darshankawar added blocked: customer-response Waiting for customer response, e.g. more information was requested. and removed Needs Attention This issue needs maintainer attention. labels Jun 15, 2023
@google-oss-bot google-oss-bot added the Stale Issue with no recent activity label Jun 26, 2023
@google-oss-bot
Copy link

Hey @nilsreichardt. We need more information to resolve this issue but there hasn't been an update in 7 weekdays. I'm marking the issue as stale and if there are no new updates in the next 7 days I will close it automatically.

If you have more information that will help us get to the bottom of this, just add a comment!
@nilsreichardt
Copy link
Contributor Author

Screen.Recording.2023-06-26.at.10.49.41.mov

Source code: https://github.com/nilsreichardt/ankigpt/blob/53d3fce88d55744e7af99a39434ddbcaeb79f780/lib/src/infrastructure/user_repository.dart#L54

@darshankawar As you can in the video the scopes Email and Name are requested.
@google-oss-bot google-oss-bot added Needs Attention This issue needs maintainer attention. and removed Stale Issue with no recent activity blocked: customer-response Waiting for customer response, e.g. more information was requested. labels Jun 26, 2023
@darshankawar
Copy link

Thanks for the update.

/cc @Lyokone
@darshankawar darshankawar added plugin: auth platform: web Issues / PRs which are specifically for web. and removed Needs Attention This issue needs maintainer attention. triage Issue is currently being triaged. labels Jun 27, 2023
@alexda12
Copy link

alexda12 commented Mar 1, 2024

@nilsreichardt @darshankawar Does this mean that Firebase Auth is NOT GDPR compliant ?

Additionally - where is the data stored , with Firestore/storage - we get to choose the locations - but what about firebase auth ?

Lastly - if firebase auth was used without social provider login (i.e no gmail, apple sign in etc) and just the standard email/password - would this then make Firebase auth GDPR compliant ?
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
platform: web Issues / PRs which are specifically for web. plugin: auth type: bug Something isn't working
4 participants
@nilsreichardt @google-oss-bot @alexda12 @darshankawar