Android (6.0): onAuthStateChanged returns user with expired token

[michaelmika]

Issue

I use the firebase Authentication with no custom tokens (I do not receive or store them explicitly).

Code in componentWillMount:

this.unsub = this.firebase.auth().onAuthStateChanged(function(user) {
      if (user) {
        this.props.loadUser(user).then(
          profile => {
             
          });
        console.log("Logged in");
        
      } else {
        console.log("NOT Logged in");
      }
    });

This works for Web and iOS and even on my Android device running android 8.x

But my emulated android device running android 6.0 does not refresh the token when it is expired and therefor returns a user with an expired token in the code above. This causes the database operations in this.props.loadUser(user) to crash with these errors:

02-28 16:00:09.755 3240-3329/com.myapp I/ReactNativeJS: Logged in
02-28 16:00:09.760 3240-3330/com.myapp I/DynamiteModule: Considering local module com.google.android.gms.firebase_database:4 and remote module com.google.android.gms.firebase_database:6
02-28 16:00:09.760 3240-3330/com.myapp I/DynamiteModule: Selected remote version of com.google.android.gms.firebase_database, version >= 6
02-28 16:00:09.784 3333-3333/? W/dex2oat: Unexpected CPU variant for X86 using defaults: dalvik.vm.isa.x86.features=default
02-28 16:00:09.784 3333-3333/? W/dex2oat: Mismatch between dex2oat instruction set features (ISA: X86 Feature string: smp,-ssse3,-sse4.1,-sse4.2,-avx,-avx2) and those of dex2oat executable (ISA: X86 Feature string: smp,ssse3,sse4.1,sse4.2,-avx,-avx2) for the command line:
02-28 16:00:09.784 3333-3333/? W/dex2oat: /system/bin/dex2oat --runtime-arg -classpath --runtime-arg  --debuggable --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2 --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=dalvik.vm.isa.x86.features=default --dex-file=/data/data/com.google.android.gms/app_chimera/m/00000004/DynamiteModulesC_GmsCore_prodmnc_alldpi_release.apk --oat-file=/data/dalvik-cache/x86/data@data@com.google.android.gms@app_chimera@m@00000004@DynamiteModulesC_GmsCore_prodmnc_alldpi_release.apk@classes.dex
02-28 16:00:09.784 3333-3333/? E/dex2oat: Failed to create oat file: /data/dalvik-cache/x86/data@data@com.google.android.gms@app_chimera@m@00000004@DynamiteModulesC_GmsCore_prodmnc_alldpi_release.apk@classes.dex: Permission denied
02-28 16:00:09.784 3333-3333/? I/dex2oat: dex2oat took 417.456us (threads: 2) 
02-28 16:00:09.785 3240-3330/com.myapp W/art: Failed execv(/system/bin/dex2oat --runtime-arg -classpath --runtime-arg  --debuggable --instruction-set=x86 --instruction-set-features=smp,ssse3,sse4.1,sse4.2,-avx,-avx2 --runtime-arg -Xrelocate --boot-image=/system/framework/boot.art --runtime-arg -Xms64m --runtime-arg -Xmx512m --instruction-set-variant=dalvik.vm.isa.x86.features=default --dex-file=/data/data/com.google.android.gms/app_chimera/m/00000004/DynamiteModulesC_GmsCore_prodmnc_alldpi_release.apk --oat-file=/data/dalvik-cache/x86/data@data@com.google.android.gms@app_chimera@m@00000004@DynamiteModulesC_GmsCore_prodmnc_alldpi_release.apk@classes.dex) because non-0 exit status
02-28 16:00:09.811 3240-3330/com.myapp W/System: ClassLoader referenced unknown path: /data/data/com.google.android.gms/app_chimera/m/00000004/n/x86
02-28 16:00:09.826 3240-3335/com.myapp W/BiChannelGoogleApi: [FirebaseAuth: ] getGoogleApiForMethod() returned Gms
02-28 16:00:09.850 2005-2776/com.google.android.gms.persistent W/ConfigurationChimeraPro: Got null configs for com.google.android.gms.common_auth
02-28 16:00:09.860 2449-2765/com.google.android.gms I/Auth: [ReflectiveChannelBinder] Successfully bound channel!
02-28 16:00:09.861 2449-2765/com.google.android.gms E/BaseAppContext: Tried to stop global GMSCore RequestQueue. This is likely unintended, so ignoring.
02-28 16:00:09.868 2449-2704/com.google.android.gms I/AuthChimeraService: Executing request: ProxyRequest[ url: https://securetoken.googleapis.com/v1/token?alt=proto&key=AIzaSyD1oQk-FeaYv2cW2-9nfKNj0KLYTaTt0RI, method: 1 ]
02-28 16:00:09.878 2005-2777/com.google.android.gms.persistent W/GLSUser: [DeviceKeyStore] Cannot load key: Device key file not found.
02-28 16:00:09.878 2005-2777/com.google.android.gms.persistent W/GLSUser: [DeviceKeyStore] Cannot load key: Device key file not found.
02-28 16:00:09.950 2449-3338/com.google.android.gms W/Conscrypt: Could not set socket write timeout:
02-28 16:00:09.950 2449-3338/com.google.android.gms W/Conscrypt:    java.lang.reflect.Method.invoke(Native Method)
02-28 16:00:09.952 2449-3338/com.google.android.gms W/Conscrypt:    com.google.android.gms.org.conscrypt.Platform.setSocketWriteTimeout(:com.google.android.gms@11947480:13)
02-28 16:00:10.090 2449-3338/com.google.android.gms W/Conscrypt: Could not set socket write timeout:
02-28 16:00:10.091 2449-3338/com.google.android.gms W/Conscrypt:    java.lang.reflect.Method.invoke(Native Method)
02-28 16:00:10.092 2449-3338/com.google.android.gms W/Conscrypt:    com.google.android.gms.org.conscrypt.Platform.setSocketWriteTimeout(:com.google.android.gms@11947480:13)
02-28 16:00:10.266 2449-3338/com.google.android.gms E/Volley: [319] BasicNetwork.performRequest: Unexpected response code 400 for https://securetoken.googleapis.com/v1/token?alt=proto&key=AIzaSyD1oQk-FeaYv2cW2-9nfKNj0KLYTaTt0RI
02-28 16:00:10.267 2449-2704/com.google.android.gms I/AuthChimeraService: Error description received from server: ���TOKEN_EXPIRED
02-28 16:00:10.269 2449-2754/com.google.android.gms W/FirebaseAuth: [PhoneNumberAuthPostProcessor] postProcess starts
02-28 16:00:10.269 2449-2754/com.google.android.gms W/FirebaseAuth: [PhoneNumberAuthPostProcessor] postProcess ends
02-28 16:00:10.854 3240-3335/com.myapp W/BiChannelGoogleApi: [FirebaseAuth: ] getGoogleApiForMethod() returned Gms
02-28 16:00:10.865 2449-2704/com.google.android.gms I/AuthChimeraService: Executing request: ProxyRequest[ url: https://securetoken.googleapis.com/v1/token?alt=proto&key=AIzaSyD1oQk-FeaYv2cW2-9nfKNj0KLYTaTt0RI, method: 1 ]

In my understanding onAuthStateChanged should automatically refresh the token if necessary, or at least return not a valid user. I have also tried to refresh the token by calling the following in the promise of onAuthStateChanged:

user.getIdToken().then(
   () => {
       //Database stuff
       this.props.loadUser(user);
   }
)

Environment

1. Application Target Platform: Android Marshmallow (6.0, API 23)

2. Development Operating System: Android Studio 3.0.1

3. Build Tools: gradle version: 2.2.3

4. React Native version: 0.52.2

5. RNFirebase Version: react-native-firebase@3.2.5

6. Firebase Module: Auth

[chrisbianca]

Have you checked that you have the latest google play services on the device?

I'm not sure we're going to be able to help here as the errors are internal to the Firebase / Google Play Services libraries, and as it's working on other devices, there might be some sort of mismatch going on...

[Salakar]

Closing this issue as no response from issue reporter.