CapacitorGoogleAuth icon indicating copy to clipboard operation
CapacitorGoogleAuth copied to clipboard
verified publisher icon CodetrixStudio

disallowed_useragent with google login on web and on android

Open GosuMania opened this issue 3 years ago • 4 comments

Hello everyone, I have updated several libraries in my project including firebase to 9.15.0 and angular/fire 7.4.* I'm using Capacitor 4, Ionic 6 and Angular 14.

But I have a problem with google login which returns this error i:

E/Capacitor/BrowserPlugin: Error binding to custom tabs service

I have this problem on an android device:

If I use the browser by emulating a ios device I have this problem:

{
  "error" : "disallowed_useragent",
  "error_description" : "You can’t sign in from this screen because this app doesn’t comply with Google’s secure browsers policy. If this app has a website, you can open a web browser and try signing in from there.\n\nYou can let the app developer know that this app doesn’t comply with Google’s secure browsers policy.",
  "error_uri" : "https://developers.google.com/identity/protocols/oauth2/web-server#authorization-errors-disallowed-useragent"
}

The code is as follows:

import {AngularFireAuth} from '@angular/fire/compat/auth';
import {AngularFirestore, AngularFirestoreDocument} from '@angular/fire/compat/firestore';
import firebase from 'firebase/compat/app';
import {GoogleAuth} from '@codetrix-studio/capacitor-google-auth';

    // call it in constructor
    async initiGoogleAuth() {
        const device = await Device.getInfo();
        if (device.platform === 'web') {
            GoogleAuth.initialize();
        }
    }

   // call it when click on google login button
    async googleLogin() {
        try {
            const googleUser = await GoogleAuth.signIn();
            const credential = firebase.auth.GoogleAuthProvider.credential(googleUser.authentication.idToken);
            return this.afAuth.signInWithCredential(credential);
        } catch (err) {
            console.log('Errore googleLogin', err);
        }
    }

Can you help me please!

GosuMania avatar Jan 10 '23 20:01 GosuMania

any updates here devs? Seems like a critical issue

rdecise avatar May 01 '23 16:05 rdecise

any updates? seems to have been broken for a few days

giuseeFG avatar Jun 19 '23 17:06 giuseeFG

I am also having this issue for 2+ weeks. It seems it happens because google dont let you use web client token (serverClientId) to login in with android anymore due to security reason. Anyway I tried to use androidClientId which what is required for android app for google but then this plugin run into :

{
  code: "10",
  message: "Something went wrong"
}

which was also the case previously but if we used the webtoken it was working both web and mobile devices but due to google new policy it wont work other than the android specific key.

Please Make this issue a priority.

lots of existing user are dropping due this policy and my use of this plugin. Unfortunately I did not find other plugin replace probably for the same reason.

Mehedi50200 avatar Jun 24 '23 10:06 Mehedi50200

I am also having this issue for 2+ weeks. It seems it happens because google dont let you use web client token (serverClientId) to login in with android anymore due to security reason. Anyway I tried to use androidClientId which what is required for android app for google but then this plugin run into :

{
  code: "10",
  message: "Something went wrong"
}

which was also the case previously but if we used the webtoken it was working both web and mobile devices but due to google new policy it wont work other than the android specific key.

Please Make this issue a priority.

lots of existing user are dropping due this policy and my use of this plugin. Unfortunately I did not find other plugin replace probably for the same reason.

I just tested it with webclient token and it works just fine. (without firebase)

You sure you made everything right?

  1. Make sure you make a webclient and an android token as well
  2. Make sure you put the right SHA-1 in for the android token
  3. Make sure you didn't accidentally used the android token instead of the webclient token. Use the webclient token everywhere. Like in strings.xml and capacitor.config and in the login initialization

GoogleAuth.initialize({ clientId: 'YOUR_WEBCLIENT_TOKEN_HERE', scopes: ['profile', 'email'], grantOfflineAccess: true, });

In strings.xml:

<string name="server_client_id">YOUR_WEBCLIENT_TOKEN_HERE</string>

capacitor.config.json:

"GoogleAuth": {
  "scopes": [
    "profile",
    "email"
  ],
  "serverClientId": "YOUR_WEBCLIENT_TOKEN_HERE",
  "forceCodeForRefreshToken": true,
  "grantOfflineAccess": true
}


I use it this way and works just fine.

Also make sure to build a debug version if you want to see anything in logcat to debug.

peter1599 avatar Jun 25 '23 12:06 peter1599