[firebase_auth] [firebase_dynamic_links] Firebase Auth verification and reset links always open Flutter app from Gmail even when actionCodeSettings says not to

[stephenhuey]

Firebase Support was unable to solve this, so hopefully someone here knows what's going on. I have been successfully using firebase_dynamic_links in my Flutter app. I also added firebase_auth and it generally works fine but firebase_auth makes use of dynamic links and I encountered a problem:

Email verification and password reset links opened from the Gmail app on either Android or iOS force the Flutter app to open, even when I tell the Firebase Admin to generate links that should open the out-of-the-box Firebase Auth webpage handler, not my mobile app.

To Reproduce

Originally I tried to use the out-of-the-box email verification links that Firebase Auth sends (and just call the sendEmailVerification function from my Flutter client), but those didn't work correctly from the Gmail app (on either Android or iOS) and to control more of the process I started creating the links myself on the server side. Here's the JavaScript my Firebase function uses to generate the actionCodeSettings associated with the Firebase Admin links:

  let actionCodeUrl = 'https://www.mydomain.app/';

  var actionCodeSettings = {
    url: actionCodeUrl,
    handleCodeInApp: false
  };

https://firebase.google.com/docs/auth/admin/email-action-links

Quote from that webpage: "Whether the email action link will be opened in a mobile app or a web link first. The default is false." But that does not work for me. If I do not include the actionCodeSettings parameter, I would expect the default to be false, but it opens my mobile Flutter app. The same thing happens if I include actionCodeSettings with that flag flipped to false.

https://firebase.google.com/docs/dynamic-links/custom-domains

In looking at the webpage above, I was wondering if this portion of the Firebase Auth dynamic links' path are overriding something with a rewrite that I cannot control from the firebase.json at the root of the Firebase Hosting website located at my custom domain:

/__/auth** 

Some other strange pieces of the puzzle: if I tap these links from the FastMail mobile app, it opens the Firebase Auth webpage handler just fine. It also works fine if I copy and paste the links into either mobile Safari or Firefox or Chrome on either iOS or Android. But if I tap the links from Gmail, it always opens my Flutter app, and I'm having trouble catching that in my Flutter app, but that's a separate issue. Because I'm having trouble handling the verification or reset, the only way I see forward is to implement custom Firebase Auth handlers on a subdomain not associated with dynamic links. Annoying, but far too many people use Gmail to get around that (I'd have to instruct all Gmail users to copy and paste the URL or use a desktop browser).

Additional context
I went back and forth with Firebase Support for about 2 weeks and gave them screenshots showing my links correctly opening the Firebase Auth webpage handler for both the verification and reset actions when tapping the links from FastMail or copying and pasting them into a mobile browser. I also gave them a sample project but they were not able to reproduce the problem (I assume they used a test domain). They said they created a Flutter project from a tutorial but I'm not entirely sure what they did and if they actually implemented Firebase Dynamic LInks too, or just Firebase Auth, or what. Here's what they left me in the end:

Check out the projects used, you may want to check into them to see where the problem could be:

https://github.com/Mauratay/FlutterFirebaseAuthEmail

https://github.com/Mauratay/FirebaseiOSAuthEmailReset

Flutter doctor

I test on both an iPhone 11 and a Nokia with Android One.

[✓] Flutter (Channel stable, v1.17.5, on Mac OS X 10.15.4 19E287, locale en-US)
    • Flutter version 1.17.5 at /Users/stephen/wardrobe/flutter
    • Framework revision 8af6b2f038 (6 weeks ago), 2020-06-30 12:53:55 -0700
    • Engine revision ee76268252
    • Dart version 2.8.4

 
[✓] Android toolchain - develop for Android devices (Android SDK version 29.0.3)
    • Android SDK at /Users/stephen/Library/Android/sdk
    • Platform android-29, build-tools 29.0.3
    • Java binary at: /Applications/Android Studio.app/Contents/jre/jdk/Contents/Home/bin/java
    • Java version OpenJDK Runtime Environment (build 1.8.0_212-release-1586-b4-5784211)
    • All Android licenses accepted.

[✓] Xcode - develop for iOS and macOS (Xcode 11.5)
    • Xcode at /Applications/Xcode.app/Contents/Developer
    • Xcode 11.5, Build version 11E608c
    • CocoaPods version 1.9.3

[✓] Android Studio (version 3.6)
    • Android Studio at /Applications/Android Studio.app/Contents
    • Flutter plugin version 45.1.1
    • Dart plugin version 192.8052
    • Java version OpenJDK Runtime Environment (build 1.8.0_212-release-1586-b4-5784211)

[✓] VS Code (version 1.47.3)
    • VS Code at /Applications/Visual Studio Code.app/Contents
    • Flutter extension version 3.13.2

[✓] Connected device (1 available)
    • iPhone SE (2nd generation) • 45D76A5A-C10A-42B7-9753-51B3B0DF66B9 • ios • com.apple.CoreSimulator.SimRuntime.iOS-13-5 (simulator)

• No issues found!

[Salakar]

@stephenhuey which version of firebase_auth are you using here?

[stephenhuey]

@stephenhuey which version of firebase_auth are you using here?

firebase_auth: 0.16.0
firebase_dynamic_links: 0.5.3

[Salakar]

Hey 👋

Our rework of the firebase_auth plugin as part of the FlutterFire roadmap was published over a week ago with a ton of fixes and new features. There was some fixes and changes around the action code settings that may have resolved this. Please could you try the new version and see if this is still an issue for you? If it is would you mind submitting a new issue - copy paste if necessary (makes it easier for us to track new issues against the new plugins).

For help migrating to the new plugins please see the new migration guide: https://firebase.flutter.dev/docs/migration