When users SignOut of my Firebase app, why doesn't it also SignOut from the auth provider, say Google?

Question

I am using Google as the auth provider to sign in with my app. My code calls the Firebase sign out method which redirects to the login page, but when user again clicks on the Google sign in button, it automatically authenticates and logs in into the app without prompting the user. Here is the code for sign-in:

 $('#GooglePluseLogin').click(function (e) {
        showLoaderPF(true);
        if (!firebase.auth().currentUser) {

            var provider = new firebase.auth.GoogleAuthProvider();
            provider.addScope('https://www.googleapis.com/auth/plus.login');
            firebase.auth().signInWithRedirect(provider);


        } else {
            firebase.auth().signOut();
            showLoaderPF(true);
        }
    });

And, here is the code for signout:

firebase.auth().signOut().then(function () {
            debugger;
            localStorage.clear();
            deleteAllCookies();

           // firebase.auth().unauth();

            window.location.href = "index.html";

        }, function (error) {
            showLoaderPF(false);
            console.error('Sign Out Error', error);
        });

It is not clear what the problem is here. Is the problem that you are not signed out from Google provider and only signed out from Firebase? If so, this is expected. — bojeil, Feb 21 '17 at 02:27
I have this problem too. A sign out from Firebase does not sign out from Google, or something similar. Next sign in attempt will use same credentials and user cannot change what account to use for sign in (and also the password is somehow stored) A sign out button SHOULD really also forget previous used passwords, am I right? — Jonny, Feb 22 '17 at 09:18
I used `GIDSignIn.sharedInstance().signOut()` to fix my issue for now (because my app currently uses Google auth), it lets me select another account on next try, however something (`SFSafariViewController`?) remembers the password behind the scenes... I guess the user might have to wipe something in Settings>Safari etc to have that password removed. — Jonny, Feb 22 '17 at 09:27
@Talha I use the framework for iOS. I realize you aren't, sorry. I'm not very used to the Firebase system yet, but maybe the iOS framework is just a wrapper around the same/similar functionality as web tools, and so we're sharing the same problem. — Jonny, Feb 27 '17 at 05:26
This looks similar to https://stackoverflow.com/questions/38707133/google-firebase-sign-out-and-forget-user-in-android-app — Craig, Jun 22 '17 at 01:08
@bojeil Just came across this issue myself, you mention in your comment that this is an expected behaviour? But what if the user wants to login with another Google account, how would they be able to do that? Thanks — linasmnew, Nov 19 '17 at 21:38
You have 2 options: you can call `googleAuthProvider.setCustomParameters({prompt: 'select_account})`. Then try to `signInWithRedirect` using that which will always show the currently signed in Google accounts and give the user a change to select a different account. Or you can on signOut, redirect to https://accounts.google.com/Logout to sign out the Google user if this is an issue for you (app is running on a public computer, etc) — bojeil, Nov 20 '17 at 05:32
try this link Hope it helps. [https://stackoverflow.com/questions/38707133/google-firebase-sign-out-and-forget-user-in-android-app](https://stackoverflow.com/questions/38707133/google-firebase-sign-out-and-forget-user-in-android-app) — Yashaswi Ratan, Jul 18 '18 at 20:56

wescpy · Answer 1 · 2022-10-31T20:45:13.393

MAIN ANSWER:

The answer provided by @Shib is basically correct but doesn't provide enough context for everyone arriving here, so let me elaborate. When your code calls firebase.auth().signOut(), you sign out of Firebase from your app, but not the auth provider overall (more in links below) because you don't really want to be signed out of your Gmail and other Google in your other tabs, right?

The issue you're running into only occurs if only a single Google login is available in your browser cache. If this is the case, the next time you use Firebase auth to login, it will automatically reuse the same Google credentials (since you didn't sign out of Google, and also, it's) to enable users to login faster with fewer mouse clicks.

IOW, it's not an issue for users who have signed-in with >1 Google/Gmail accounts in the past -- these users will get the expected account-picker dialog. If you only have a single Google login available and want to see the account-picker, you need to set the prompt custom parameter to select_account as @Shib noted:

var provider = new Firebase.auth.GoogleAuthProvider();
  provider.setCustomParameters({
    prompt: 'select_account'
  });

To learn more about doing Google sign-in from Firebase auth, see this page. Here's a post which describes this behavior in more detail. Above, @linasmnew asked @bojeil why they commented that this (not signing out of the auth provider) is the default/expected behavior, so here is a thread providing that explanation.

PART 2 (FirebaseUI library use only):

If you're using this convenience library (which sits atop Firebase auth), you'll also run into this if you have a single Google credential, but it may not be as straightforward how to fix the issue. The purpose of this library is to provide a reusable prebuilt UI letting users choose from various auth providers to reduce developer time and provide a consistent user experience.

Instead of instantiating a specific auth provider class like in the main answer above, developers list out the supported provider IDs in their signInOptions config (specfically step 3). (The Python 3 Google App Engine "building an app" Quickstart example uses FirebaseUI, and that's where I ran into this issue.)

For example, if you decide on using just Google and email auth, those options look like this:

signInOptions: [
  firebase.auth.GoogleAuthProvider.PROVIDER_ID,
  firebase.auth.EmailAuthProvider.PROVIDER_ID,
  //firebase.auth.FacebookAuthProvider.PROVIDER_ID,
  //firebase.auth.TwitterAuthProvider.PROVIDER_ID,
  //firebase.auth.GithubAuthProvider.PROVIDER_ID,
  //firebase.auth.PhoneAuthProvider.PROVIDER_ID
],
            . . .

This is exactly what the App Engine sample does, and here's the code. (This FirebaseUI JS can also be embedded in HTML.) When this bug (um, "feature") rears its undesired head here, add that prompt custom parameter to force the account-picker to show up like this:

signInOptions: [
  //firebase.auth.GoogleAuthProvider.PROVIDER_ID,
  {
    provider: firebase.auth.GoogleAuthProvider.PROVIDER_ID,
    customParameters: { prompt: 'select_account' },
  }
  firebase.auth.EmailAuthProvider.PROVIDER_ID,
  //firebase.auth.FacebookAuthProvider.PROVIDER_ID,
  //firebase.auth.TwitterAuthProvider.PROVIDER_ID,
  //firebase.auth.GithubAuthProvider.PROVIDER_ID,
  //firebase.auth.PhoneAuthProvider.PROVIDER_ID
],
            . . .

Happy to help. I didn't know the answer either and had to dig everywhere then experiment to arrive at the posted solution. I feel this issue probably more common than ppl think! — wescpy, Jun 15 '21 at 06:36

score 4 · Answer 2 · answered Apr 12 '19 at 17:48

4

var provider = new Firebase.auth.GoogleAuthProvider();
  provider.setCustomParameters({
    prompt: 'select_account'
  });

answered Apr 12 '19 at 17:48

Shib

76
3

When users SignOut of my Firebase app, why doesn't it also SignOut from the auth provider, say Google?

2 Answers2

Linked