Firebase Auth saved after uninstall. How can I delete it?

Question

I've recently discovered that Firebase Auth saves itself on the device even after my app is uninstalled. I can't figure out how to REMOVE this old Auth info.

I don't want a user to still be signed in after uninstalling and reinstalling the app. If for no other reason than my own testing of what I expect to be "clean installs" on the same device.

I understand there is no easy way to capture an uninstall event, so I want to clear out any potential old Auth info on the first launch.

So I added code (which seems to work fine) to check if this is the first launch:

Boolean firstRun = prefs.getBoolean("firstrun", true);
if (firstRun) {
    // delete everything an old user could have left behind
    // ==> This is where I need help <==
    prefs.edit().putBoolean("firstrun", false).apply();
} else {
    // move along, not the first launch
}

I've tried (unsuccessfully):

FirebaseAuth authData = FirebaseAuth.getInstance();  
authData.signOut();

These calls also seem to be the advice in this related question for iOS, but I haven't been able to apply its wisdom: Firebase - Deleting and reinstalling app does not un-authenticate a user

Even after calling signOut() the app keeps logging me in under the old account!

My "logout" button uses FirebaseAuth.getInstance().signOut(); and works. Is there something odd (possessed?) about this "old" Auth instance that is being saved after an uninstall that it just won't die?

Specifically when I uninstall and then install/run from Android Studio:

1. at first authData and currentUser both are not null
2. I call the above code, trying to get rid of this old user
3. 3 millisecond later (immediately after I call that code) they are still NOT NULL.
4. Another 2 milliseconds, currentUser IS NULL (yay?)
5. Another 71 milliseconds... still null (so far so good)
6. Just under a second later... I'M SIGNED IN AS THE OLD USER?! How is this possible?

In the Firebase Console under Authentication, this account is shown as last signed in 6 days ago. So it's not somehow getting re-signed-in.

Does anyone know how to remove FirebaseAuth data from a device? I don't want to "delete" the user account, just remove all traces of it from this device.

Oddly enough, the account I keep getting unwillfully logged in under isn't even the last account that logged into my app on this device. And this was never a problem in the past (hence my not even knowing that Firebase saved Auth after uninstall). So it looks like Auth info isn't always saved after uninstall... but when it happens it's impossible to remove?

Any help much appreciated!

Answer 1

Add android:allowBackup="false" in your <application> in manifest:

From the docs:

android:allowBackup

Whether to allow the application to participate in the backup and restore infrastructure. If this attribute is set to false, no backup or restore of the application will ever be performed, even by a full-system backup that would otherwise cause all application data to be saved via adb. The default value of this attribute is true.

Answer 2

Try also FirebaseAuth.getInstance().getCurrentUser().delete

Answer 3

Firebase stores auth info in shared preference with file names starting with "com.google.firebase.auth.api.". Therefor if you delete these files as part of your log off flow it would help the purpose.

public void clearFirebaseAuthInfo(Context ctx)
    {
        File dir = new File(ctx.getFilesDir().getParent() + "/shared_prefs/");
        String[] children = dir.list();
        for (int i = 0; i < children.length; i++)
        {
            if(children[i].contains("com.google.firebase.auth.api."))
            {
                new File(dir, children[i]).delete();
            }
        }
    }