firebase_auth Login with Microsoft Oauth2 not working.

[parth22]

I'm doing login with Microsoft in my Flutter app using firebase_auth. I have followed each step written in Firebase's official documentation. But still, I'm getting the below error when I try to log in with my Microsoft account.

[VERBOSE-2:dart_vm_initializer.cc(41)] Unhandled Exception: [firebase_auth/invalid-credential] Error getting access token from microsoft.com, OAuth2 redirect uri is: https://flutterdev-58b4c.firebaseapp.com/__/auth/handler, response: OAuth2TokenResponse{params: error=invalid_request&error_description=AADSTS90023:%20Public%20clients%20can't%20send%20a%20client%20secret.%0D%0ATrace%20ID:%20f0f59fc3-915a-4772-9bbb-bcdc4242b200%0D%0ACorrelation%20ID:%205b0dd92e-1095-40ec-9a53-92e373a413c1%0D%0ATimestamp:%202023-07-14%2007:59:48Z&timestamp=2023-07-14%2007:59:48Z&trace_id=f0f59fc3-915a-4772-9bbb-bcdc4242b200&correlation_id=5b0dd92e-1095-40ec-9a53-92e373a413c1, httpMetadata: HttpMetadata{status=400, cachePolicy=NO_CACHE, cacheDurationJava=null, cacheImmutable=false, staleWhileRevalidate=null, filename=null, lastModified=null, retryAfter=null, crossOriginEmbedderPolicy=null, crossOriginOpenerPolicy=null, crossOriginResourcePolicy=null, headers=HTTP/1.1 200 OK

The error itself says that Public clients can't send a client secret. So, I have tried to remove the client's secret value from my Firebase project config. But, this field is mandatory.
I'm also attaching the configuration screenshots of my Firebase and Azure portals.

[danagbemava-nc]

Hi @parth22, can you share the code sample you use to call Microsoft?

Your error message indicates that you're sending something which public client should not be sending

[parth22]

@danagbemava-nc This is the code I'm using.

final FirebaseAuth auth = FirebaseAuth.instance;
    var microsoftProvider = MicrosoftAuthProvider();
    microsoftProvider.addScope('mail.read');

    UserCredential token = await auth.signInWithProvider(microsoftProvider);

[danagbemava-nc]

Hi @parth22, what platform are you targeting? You may need to switch the method being called based on the platform you're testing. See https://firebase.google.com/docs/auth/flutter/federated-auth#ios+_1

[parth22]

@danagbemava-nc I'm targeting the Android and iOS platforms.

[danagbemava-nc]

Hi @parth22, one final thing, can you try using OAuthProvider directly, instead of MicrosoftAuthProvider to see if it works for you? The provider id would be "microsoft.com".

[parth22]

@danagbemava-nc Sure, let me try.

[parth22]

@danagbemava-nc I have tried as you say.
Below is the sample code.

final FirebaseAuth auth = FirebaseAuth.instance;
    OAuthProvider oAuthProvider = OAuthProvider('microsoft.com');
    UserCredential userCredential =
        await auth.signInWithProvider(oAuthProvider);

Ended with the same error.

[VERBOSE-2:dart_vm_initializer.cc(41)] Unhandled Exception: [firebase_auth/invalid-credential] Error getting access token from microsoft.com, OAuth2 redirect uri is: https://mind-bank-ai.firebaseapp.com/__/auth/handler, response: OAuth2TokenResponse{params: error=invalid_request&error_description=AADSTS90023:%20Public%20clients%20can't%20send%20a%20client%20secret.%0D%0ATrace%20ID:%204e0e2c67-c996-482b-9e2a-9b498bd45400%0D%0ACorrelation%20ID:%20e988768f-8cb8-4515-a973-d5728b25e0ab%0D%0ATimestamp:%202023-07-19%2011:27:26Z&timestamp=2023-07-19%2011:27:26Z&trace_id=4e0e2c67-c996-482b-9e2a-9b498bd45400&correlation_id=e988768f-8cb8-4515-a973-d5728b25e0ab, httpMetadata: HttpMetadata{status=400, cachePolicy=NO_CACHE, cacheDurationJava=null, cacheImmutable=false, staleWhileRevalidate=null, filename=null, lastModified=null, retryAfter=null, crossOriginEmbedderPolicy=null, crossOriginOpenerPolicy=null, crossOriginResourcePolicy=null, headers=HTTP/1.1 200 OK

[danagbemava-nc]

Thanks for the info, labeling for the teams attention

[CanDuru4]

Hi, did you able to solve this problem? I am facing with the same issue.

[parth22]

No, Even after trying everything. At last, my client changes the requirements.

[CanDuru4]

I just figured it out. From the Azure AD portal, your client should authorize an access token (from "Implicit grant and hybrid flows").

[parth22]

Great. I will check it out. And, update you here.

[xanscale]

i have same problem using Android native integration

com.google.firebase.auth.FirebaseAuthInvalidCredentialsException: The supplied auth credential is malformed or has expired. [ Error getting access token from microsoft.com, OAuth2 redirect uri is: https://advisory-certificates.firebaseapp.com/__/auth/handler, response: OAuth2TokenResponse{params: error=invalid_request&error_description=AADSTS90023:%20Public%20clients%20can't%20send%20a%20client%20secret.%0D%0ATrace%20ID:%207375c6a1-bbdf-4e8c-a382-3992a0f31400%0D%0ACorrelation%20ID:%20fc522470-8f35-4fe4-9e7c-8e9fa9c33af9%0D%0ATimestamp:%202023-09-12%2023:13:25Z&timestamp=2023-09-12%2023:13:25Z&trace_id=7375c6a1-bbdf-4e8c-a382-3992a0f31400&correlation_id=fc522470-8f35-4fe4-9e7c-8e9fa9c33af9, httpMetadata: HttpMetadata{status=400, cachePolicy=NO_CACHE, cacheDurationJava=null, cacheImmutable=false, staleWhileRevalidate=null, filename=null, lastModified=null, retryAfter=null, crossOriginEmbedderPolicy=null, crossOriginOpenerPolicy=null, crossOriginResourcePolicy=null, headers=HTTP/1.1 200 OK

[Lyokone]

Hello, a lot have changed since this issue, are you still reproducing this?

[google-oss-bot]

Hey @parth22. We need more information to resolve this issue but there hasn't been an update in 7 weekdays. I'm marking the issue as stale and if there are no new updates in the next 7 days I will close it automatically.

If you have more information that will help us get to the bottom of this, just add a comment!