Error with IOS /Android integration

g11 · April 6, 2023, 3:28pm

For the iOS native app, Web3Auth is used with a custom auth, and we send the JWT from Firebase after a successful user sign-up. In the Web3Auth dashboard, I’ve set up the project and verifiers accordingly. The iOS app uses the Web3Auth Swift SDK, version 5.0.0. I’ve done a standard integration as described in their documentation.

The errors we get occasionally are the following:

During our tests the other day, we tried simultaneously to log in on Web3Auth. It failed for you but was successful for me!

My system time is correct (I’m in the CEST timezone, but it also occurred to you in the US), and my Internet connection is fast. I also don’t use any VPN on my iPhone. Tests were done on an iPhone 12 Pro running iOS 16.4 and the simulator (during development) also running iOS 16.4.

To be exhaustive, let me show you the code of the integration itself:

    let clientID = "BJsLRKiQL-3nvCy9gGMe8X3M_5I89xBxod-isKVoC_is4GXDqkX9_Wn6NaFr3ZxLyOVwGOa_oxWB2k6b2osmlHE"
    let web3Auth = await Web3Auth(
        W3AInitParams(
            clientId: clientID,
            network: .cyan,
            loginConfig: [
                Web3AuthProvider.JWT.rawValue: W3ALoginConfig(
                    verifier: "cached-firebase-verifier",
                    typeOfLogin: TypeOfLogin.jwt,
                    name: "Web3Auth Firebase Verifier",
                    clientId: clientID
                )
            ]
        )
    )
    
    let jwt = try await getJwt()
    let result = try await web3Auth.login(
        W3ALoginParams(
            loginProvider: .JWT,
            extraLoginOptions: ExtraLoginOptions(display: nil, prompt: nil, max_age: nil, ui_locales: nil, id_token_hint: nil, id_token: jwt, login_hint: nil, acr_values: nil, scope: nil, audience: nil, connection: nil, domain: "xyz.cached.bridge", client_id: clientID, redirect_uri: "xyz.cached.bridge://auth", leeway: 10, verifierIdField: "sub", isVerifierIdCaseSensitive: nil)
        )
    )

Please let me know if they find an issue with the integration. I tried to correctly set all parameters to the best of my knowledge, but I might be wrong.

shahbaz · April 10, 2023, 12:24pm

Hey @g11

g11:

        W3ALoginParams(
            loginProvider: .JWT,
            extraLoginOptions: ExtraLoginOptions(display: nil, prompt: nil, max_age: nil, ui_locales: nil, id_token_hint: nil, id_token: jwt, login_hint: nil, acr_values: nil, scope: nil, audience: nil, connection: nil, domain: "xyz.cached.bridge", client_id: clientID, redirect_uri: "xyz.cached.bridge://auth", leeway: 10, verifierIdField: "sub", isVerifierIdCaseSensitive: nil)
        )

Don’t pass the client_id and redirect_uri in extraLoginOptions. Please look at this example for reference:

github.com

Web3Auth/web3auth-pnp-examples/blob/main/ios/ios-firebase-example/ios-firebase-example/ViewModel.swift#L31-L63


      
          func loginViaFirebaseEP() {
              Task{
                  do {
                      let res = try await Auth.auth().signIn(withEmail: "custom+jwt@firebase.login", password: "Testing@123")
                      let id_token = try await res.user.getIDToken()
                      let result = try await Web3Auth(.init(
                          clientId: clientId,
                          network: network,
                          loginConfig: [
                              TypeOfLogin.jwt.rawValue:
                                      .init(
                                          verifier: "web3auth-firebase-examples",
                                          typeOfLogin: .jwt
                                      )
                          ]
                      )).login(
                          W3ALoginParams(
                          loginProvider: .JWT,
                          dappShare: nil,
                          extraLoginOptions: ExtraLoginOptions(display: nil, prompt: nil, max_age: nil, ui_locales: nil, id_token_hint: nil, id_token: id_token, login_hint: nil, acr_values: nil, scope: nil, audience: nil, connection: nil, domain: nil, client_id: nil, redirect_uri: nil, leeway: nil, verifierIdField: "sub", isVerifierIdCaseSensitive: nil),

This file has been truncated. show original

g11 · April 12, 2023, 3:15pm

Hi,

We tried this but are still having the same errors.

Any other suggestions or could we set up a quick meeting?

yashovardhan · April 13, 2023, 2:49am

Can you send us the logs of the error you’re facing? Also please tell the steps to reproduce it if possible. We need to try and reproduce the issue on our end to help you out.

Also, please have a look at out examples repository where we have implemented some of the common use cases: web3auth-pnp-examples/ios at main · Web3Auth/web3auth-pnp-examples · GitHub

p11t · April 14, 2023, 12:17pm

Hey,

I’m the iOS developer working on this integration.

Thanks for adding a Firebase example, it’s helpful! I’ve aligned our code with your example, when it comes to the initialization of Web3Auth and login.

So I’ve just tried the new code:

It worked the first time I tried it, the login was successful but the following errors were logged:

2023-04-14 13:45:32.380304+0200 App[61679:10853750] [core] The operation couldn’t be completed. (Web3Auth.Web3AuthError error 4.)
2023-04-14 13:45:32.480823+0200 App[61679:10853791] [core] The operation couldn’t be completed. (Web3Auth.Web3AuthError error 4.)
Web3Auth logged in

The second time I saw a page about a missing network share.

All subsequent tries give the following error logs with a blank page in the web flow as the result:

2023-04-14 13:48:15.043147+0200 App[62249:10859124] [core] The operation couldn’t be completed. (Web3Auth.Web3AuthError error 5.)
2023-04-14 13:48:15.154875+0200 App[62249:10859126] [core] The operation couldn’t be completed. (Web3Auth.Web3AuthError error 5.)
Error during Web3Auth login: The operation couldn’t be completed. (Web3Auth.Web3AuthError error 2.)

So it seems to be a decoding error, but I’m not sure what’s the root cause of it. Could it be our integration or configuration in the Web3Auth dashboard?

Many thanks for your help!

p11t · April 25, 2023, 8:24am

Hey, did you have a chance to look at our issue? Do you need more info from us?

Thanks in advance and all the best!

shahbaz · April 27, 2023, 5:14am

Hey @p11t

Would need to see the web3auth initialization and login code? Along with Firebase’s implementation.

p11t · May 1, 2023, 5:06pm

Hey @shahbaz, thanks for your answer!

I just tried with the latest 5.2.1 version but get the same result.

Here is the init and login code (client ID is redacted):

let clientID = "<WEB3AUTH_CLIENT_ID>"
let network: Network = .cyan

let web3Auth = await Web3Auth(.init(clientId: clientID, network: network))
guard web3Auth.state == nil else {
    print("Web3Auth already logged in")
    return
}

let jwt = try await getJwt()
let result = try await Web3Auth(.init(clientId: clientID, network: network, loginConfig: [TypeOfLogin.jwt.rawValue: .init(verifier: "cached-firebase-verifier", typeOfLogin: .jwt)]))
            .login(W3ALoginParams(loginProvider: .JWT, dappShare: nil, extraLoginOptions: ExtraLoginOptions(display: nil, prompt: nil, max_age: nil, ui_locales: nil, id_token_hint: nil, id_token: jwt, login_hint: nil, acr_values: nil, scope: nil, audience: nil, connection: nil, domain: nil, client_id: nil, redirect_uri: nil, leeway: nil, verifierIdField: "sub", isVerifierIdCaseSensitive: nil), mfaLevel: .NONE, curve: .SECP256K1))

getJwt() returns the JWT from Firebase, here is its implementation:

private func getJwt() async throws -> String {
    return try await user.getIDToken()
}

The Firebase login call is the following (2FA is enabled at a later point but not shown here):

try await Auth.auth().signIn(withEmail: email, password: password)

Any hints welcome!

Thanks

shahbaz · May 2, 2023, 10:36am

Hey @p11t

Thanks for sharing the code snippet. Could you help me with one of the JWT token you get here?

p11t · May 2, 2023, 11:17am

Hey @shahbaz,

Thanks for your quick response! This is the payload of a JWT with some values redacted:

{
  "iss": "https://securetoken.google.com/<firebase_project_id>",
  "aud": "<firebase_project_id>",
  "auth_time": 1682959684,
  "user_id": "GMtfxi0rSPffoipCDYVTOzaO5uz1",
  "sub": "GMtfxi0rSPffoipCDYVTOzaO5uz1",
  "iat": 1682959685,
  "exp": 1682963285,
  "email": "<user_email>",
  "email_verified": true,
  "firebase": {
    "identities": {
      "email": [
        "<user_email>"
      ]
    },
    "sign_in_provider": "password",
    "sign_in_second_factor": "phone",
    "second_factor_identifier": "b20384de-6216-439d-b47f-73a849d7c8a8"
  }
}

Does it look good for you?

Thanks!

shahbaz · May 2, 2023, 11:51am

Yes, things look good to me.

Can you please test if this is working for you?

pepper · October 3, 2023, 6:30am