firebase-android-sdk icon indicating copy to clipboard operation
firebase-android-sdk copied to clipboard
verified publisher icon firebase

startActivityForSignInWithProvider

Open salami opened this issue 4 years ago • 5 comments

[REQUIRED] Step 2: Describe your environment

  • Android Studio version: 2020.3.1 Patch 3
  • Firebase Component: Auth
  • Component version: 21.0.1

[REQUIRED] Step 3: Describe the problem

This is basically the same as #1385. Specifically, my case is using Apple ID Sign-In via FirebaseUI. Chrome opens up and displays this error message:

"{"error":{"code":403,"message":"Requests from this Android client application <empty> are blocked.","errors":[{"message":"Requests from this Android client application <empty> are blocked.","domain":"global","reason":"forbidden"}],"status":"PERMISSION_DENIED"}}"

I'm reopening this because 1) I don't think the other one should have been closed 2) I suggest a possible solution.

The issue happens when you set your Google Cloud API key restrictions for Android to only accept requests from Android apps with the correct package name and SHA-1.

My idea to fix it, though I could be totally off, is to have this __/auth/handler url use a browser based API key rather than the Android one. Then we could just whitelist our firebase app domain for the browser API key.

As an aside, I don't understand why this logic needs to even access Google Cloud.

salami avatar Dec 09 '21 22:12 salami

I found a few problems with this issue:

  • I couldn't figure out how to label this issue, so I've labeled it for a human to triage. Hang tight.
  • This issue does not seem to follow the issue template. Make sure you provide all the required information.

google-oss-bot avatar Dec 09 '21 22:12 google-oss-bot

At the very least it might be nice to add this to the Firebase docs so it's not so hard to track down what this issue is.

salami avatar Dec 09 '21 22:12 salami

Hi @salami, thanks for reporting and for the suggested solution. I'll notify our engineers and see what we can do about this.

However, I'll be marking this as a feature request, since it was noted by our engineers that this is currently working as intended. With that said, our engineers can have a look and discuss this further for future plans.

argzdev avatar Dec 10 '21 14:12 argzdev

Thanks!

salami avatar Dec 10 '21 18:12 salami

Was there any progress in relation to this? I'm facing the same issue: I had to remove all restrictions from my Android Firebase Api Key in order to implement apple sign in trough firebase and I feel very unconfortable with that.

claudioredi avatar Oct 16 '24 14:10 claudioredi

No signs of progress as far as I know

salami avatar Oct 21 '24 17:10 salami