Java 尝试使用Google登录凭据在Firebase上重新验证时出错 tl；博士

1589401401发出的ID令牌已过期，无法登录

问题是： 我的应用程序使用谷歌登录Firebase。 用户登录后，可以选择删除其帐户，该帐户还可以从firebase auth中删除其用户。 登录工作完全正常。从firebase中删除用户也可以正常工作

D/Settings fragment:: userDelete: Deleting user... I/BiChannelGoogleApi: [FirebaseAuth: ] getGoogleApiForMethod() returned Gms: com.google.firebase.auth.api.internal.zzaq@c066c75 D/Settings fragment:: onFailure: Error deleteing user, probebly need to reauthenticate E/Settings fragment:: onFailure: Error:
    com.google.firebase.auth.FirebaseAuthRecentLoginRequiredException: This operation is sensitive and requires recent authentication. Log in again before retrying this request.
        at com.google.firebase.auth.api.internal.zzeh.zza(com.google.firebase:firebase-auth@@19.3.1:4)
        at com.google.firebase.auth.api.internal.zzfo.zza(com.google.firebase:firebase-auth@@19.3.1:21)
        at com.google.firebase.auth.api.internal.zzfe.zza(com.google.firebase:firebase-auth@@19.3.1:33)
        at com.google.firebase.auth.api.internal.zzfg.zza(com.google.firebase:firebase-auth@@19.3.1:74)
        at com.google.firebase.auth.api.internal.zzen.zza(com.google.firebase:firebase-auth@@19.3.1:18)
        at com.google.android.gms.internal.firebase_auth.zza.onTransact(com.google.firebase:firebase-auth@@19.3.1:13)
        at android.os.Binder.execTransactInternal(Binder.java:1021)
        at android.os.Binder.execTransact(Binder.java:994) D/Settings fragment:: reAuthenticateUser: Reauthenticating I/BiChannelGoogleApi: [FirebaseAuth: ] getGoogleApiForMethod() returned Gms: com.google.firebase.auth.api.internal.zzaq@c066c75 D/FirebaseAuth: Notifying id token listeners about user ( OF22mQlCILNAirW9tN87SV8WAiY2 ). D/Settings fragment:: Reauthenticated. D/Settings fragment:: onComplete: Try to delete user again... I/BiChannelGoogleApi: [FirebaseAuth: ] getGoogleApiForMethod() returned Gms: com.google.firebase.auth.api.internal.zzaq@c066c75 D/FirebaseAuth: Notifying id token listeners about a sign-out event.
    Notifying auth state listeners about a sign-out event. D/Settings fragment:: onSuccess: user deleted successfully

只有当用户在一段时间前登录时，即在尝试删除其帐户前一个小时左右，才会发生此错误

更多详情： Firebase要求在执行敏感操作（如删除帐户）之前进行最近的身份验证，因此我使用 user.reAuthenticationCredential在user.delete之前

正在删除用户代码流：

user.delete->if错误：FirebaseAuthRecentLoginRequiredException->user.reauthenticatecredential->user.delete

奇怪的是，如果最后一次登录只经过了30分钟，重新身份验证实际上就成功了，但如果是一个小时或更长时间，重新身份验证就会失败。 而且，它以前工作得很好，但我无法知道发生了什么变化，现在我得到了这个错误

我假设我可以使用谷歌登录强制用户再次登录，但据我所知 google登录方法不是强制性的，因为我使用以下方式获取用户id令牌： GoogleSignIn.GetLastSignedAccount并将令牌id作为凭据传递以进行重新身份验证

我的代码：

FirebaseUser user = FirebaseAuth.getInstance().getCurrentUser();

    private void userDelete() {
        Log.d(TAG, "userDelete: Deleting user...");
        user.delete().addOnSuccessListener(new OnSuccessListener<Void>() {
            @Override
            public void onSuccess(Void aVoid) {
                Log.d(TAG, "onSuccess: User deleted");
                Log.d(TAG, "userDelete: Signing out...");
                signOut(); //Signing out from Firebase and Google log-in
            }
        }).addOnFailureListener(new OnFailureListener() {
            @Override
            public void onFailure(@NonNull Exception e) {
                Log.d(TAG, "onFailure: Error deleteing user, probebly need to reauthenticate");
                Log.e(TAG, "onFailure: Error:", e);
                reAuthenticateUser(); //reauth and delete user
            }
        });


    }

另外，这里是我在上次登录15-30分钟后试图删除用户时遇到的已处理错误。 在这种情况下，重新身份验证按预期工作

D/Settings fragment:: userDelete: Deleting user... I/BiChannelGoogleApi: [FirebaseAuth: ] getGoogleApiForMethod() returned Gms: com.google.firebase.auth.api.internal.zzaq@c066c75 D/Settings fragment:: onFailure: Error deleteing user, probebly need to reauthenticate E/Settings fragment:: onFailure: Error:
    com.google.firebase.auth.FirebaseAuthRecentLoginRequiredException: This operation is sensitive and requires recent authentication. Log in again before retrying this request.
        at com.google.firebase.auth.api.internal.zzeh.zza(com.google.firebase:firebase-auth@@19.3.1:4)
        at com.google.firebase.auth.api.internal.zzfo.zza(com.google.firebase:firebase-auth@@19.3.1:21)
        at com.google.firebase.auth.api.internal.zzfe.zza(com.google.firebase:firebase-auth@@19.3.1:33)
        at com.google.firebase.auth.api.internal.zzfg.zza(com.google.firebase:firebase-auth@@19.3.1:74)
        at com.google.firebase.auth.api.internal.zzen.zza(com.google.firebase:firebase-auth@@19.3.1:18)
        at com.google.android.gms.internal.firebase_auth.zza.onTransact(com.google.firebase:firebase-auth@@19.3.1:13)
        at android.os.Binder.execTransactInternal(Binder.java:1021)
        at android.os.Binder.execTransact(Binder.java:994) D/Settings fragment:: reAuthenticateUser: Reauthenticating I/BiChannelGoogleApi: [FirebaseAuth: ] getGoogleApiForMethod() returned Gms: com.google.firebase.auth.api.internal.zzaq@c066c75 D/FirebaseAuth: Notifying id token listeners about user ( OF22mQlCILNAirW9tN87SV8WAiY2 ). D/Settings fragment:: Reauthenticated. D/Settings fragment:: onComplete: Try to delete user again... I/BiChannelGoogleApi: [FirebaseAuth: ] getGoogleApiForMethod() returned Gms: com.google.firebase.auth.api.internal.zzaq@c066c75 D/FirebaseAuth: Notifying id token listeners about a sign-out event.
    Notifying auth state listeners about a sign-out event. D/Settings fragment:: onSuccess: user deleted successfully

谢谢

所以我最后要求用户再次登录

除了通过再次登录强制用户获取刷新的令牌之外，没有找到任何解决方案。 正如Firebase文档所示：

在执行危险操作（如删除用户）时调用Firebase身份验证。 在这种情况下，也不可能进行静默登录

我认为删除Firebase用户的最佳实践是，如果重新身份验证失败，首先尝试重新身份验证。无论如何，您都无法删除该用户

---

然后，如果失败，请要求用户重新登录或启动登录顺序。

您好，itamargs，感谢您为我共享您的代码，这对于重新验证用户身份非常有用。是的，也许最好的方法是用户注销并再次登录以删除其帐户。

private void signOut() {
        //sign out from firebase
        FirebaseAuth.getInstance().signOut();
        //sign out from "google sign in"
        googleSignInClient.signOut().addOnCompleteListener(new OnCompleteListener<Void>() {
            @Override
            public void onComplete(@NonNull Task<Void> task) {
                //Get back to login screen
                Intent intent = new Intent(getContext(), LoginActivity.class);
                intent.addFlags(Intent.FLAG_ACTIVITY_CLEAR_TOP);
                startActivity(intent);
                getActivity().finish();
            }
        });
    }

D/Settings fragment:: onFailure: Error deleteing user, probebly need to reauthenticate E/Settings fragment:: onFailure: Error:
    com.google.firebase.auth.FirebaseAuthRecentLoginRequiredException: This operation is sensitive and requires recent authentication. Log in again before retrying this request.
        at com.google.firebase.auth.api.internal.zzdx.zza(com.google.firebase:firebase-auth@@19.1.0:4)
        at com.google.firebase.auth.api.internal.zzfa.zza(com.google.firebase:firebase-auth@@19.1.0:21)
        at com.google.firebase.auth.api.internal.zzet.zza(com.google.firebase:firebase-auth@@19.1.0:34)
        at com.google.firebase.auth.api.internal.zzev.zza(com.google.firebase:firebase-auth@@19.1.0:74)
        at com.google.firebase.auth.api.internal.zzed.zza(com.google.firebase:firebase-auth@@19.1.0:18)
        at com.google.android.gms.internal.firebase_auth.zza.onTransact(com.google.firebase:firebase-auth@@19.1.0:13)
        at android.os.Binder.execTransactInternal(Binder.java:1021)
        at android.os.Binder.execTransact(Binder.java:994) D/Settings fragment:: reAuthenticateUser: Reauthenticating I/BiChannelGoogleApi: [FirebaseAuth: ] getGoogleApiForMethod() returned Gms: com.google.firebase.auth.api.internal.zzao@da6aa2a E/Settings fragment:: onComplete: ERROR deleting user: task fail
    com.google.firebase.auth.FirebaseAuthInvalidCredentialsException: The supplied auth credential is malformed or has expired. [ ID Token issued at 1589401401 is stale to sign-in. ]
        at com.google.firebase.auth.api.internal.zzdx.zza(com.google.firebase:firebase-auth@@19.1.0:30)
        at com.google.firebase.auth.api.internal.zzfa.zza(com.google.firebase:firebase-auth@@19.1.0:21)
        at com.google.firebase.auth.api.internal.zzet.zza(com.google.firebase:firebase-auth@@19.1.0:34)
        at com.google.firebase.auth.api.internal.zzev.zza(com.google.firebase:firebase-auth@@19.1.0:74)
        at com.google.firebase.auth.api.internal.zzed.zza(com.google.firebase:firebase-auth@@19.1.0:18)
        at com.google.android.gms.internal.firebase_auth.zza.onTransact(com.google.firebase:firebase-auth@@19.1.0:13)
        at android.os.Binder.execTransactInternal(Binder.java:1021)
        at android.os.Binder.execTransact(Binder.java:994)

D/Settings fragment:: userDelete: Deleting user... I/BiChannelGoogleApi: [FirebaseAuth: ] getGoogleApiForMethod() returned Gms: com.google.firebase.auth.api.internal.zzaq@c066c75 D/Settings fragment:: onFailure: Error deleteing user, probebly need to reauthenticate E/Settings fragment:: onFailure: Error:
    com.google.firebase.auth.FirebaseAuthRecentLoginRequiredException: This operation is sensitive and requires recent authentication. Log in again before retrying this request.
        at com.google.firebase.auth.api.internal.zzeh.zza(com.google.firebase:firebase-auth@@19.3.1:4)
        at com.google.firebase.auth.api.internal.zzfo.zza(com.google.firebase:firebase-auth@@19.3.1:21)
        at com.google.firebase.auth.api.internal.zzfe.zza(com.google.firebase:firebase-auth@@19.3.1:33)
        at com.google.firebase.auth.api.internal.zzfg.zza(com.google.firebase:firebase-auth@@19.3.1:74)
        at com.google.firebase.auth.api.internal.zzen.zza(com.google.firebase:firebase-auth@@19.3.1:18)
        at com.google.android.gms.internal.firebase_auth.zza.onTransact(com.google.firebase:firebase-auth@@19.3.1:13)
        at android.os.Binder.execTransactInternal(Binder.java:1021)
        at android.os.Binder.execTransact(Binder.java:994) D/Settings fragment:: reAuthenticateUser: Reauthenticating I/BiChannelGoogleApi: [FirebaseAuth: ] getGoogleApiForMethod() returned Gms: com.google.firebase.auth.api.internal.zzaq@c066c75 D/FirebaseAuth: Notifying id token listeners about user ( OF22mQlCILNAirW9tN87SV8WAiY2 ). D/Settings fragment:: Reauthenticated. D/Settings fragment:: onComplete: Try to delete user again... I/BiChannelGoogleApi: [FirebaseAuth: ] getGoogleApiForMethod() returned Gms: com.google.firebase.auth.api.internal.zzaq@c066c75 D/FirebaseAuth: Notifying id token listeners about a sign-out event.
    Notifying auth state listeners about a sign-out event. D/Settings fragment:: onSuccess: user deleted successfully