I'm using sign in with google via firebase, but I'd like to register a custom receiver (https://developers.google.com/identity/protocols/risc#register_your_receiver) to detect Security Events (https://developers.google.com/identity/protocols/risc#handle_events)
As reported in the errors table here https://developers.google.com/identity/protocols/risc#error_codes
403 "Existing stream configuration does not have spec-compliant
delivery method for RISC." -> "Your Google Cloud project must already
have a RISC configuration. If you are using Firebase and have Google
Sign-In enabled, then Firebase will be managing RISC for your project;
you will not be able to create a custom configuration. If you are not
using Google Sign-In for your Firebase project, please disable it, and
then try to update again after an hour."
I undestand that Firebase manage RISC for my project. Does it means that I cannot detect security events with custom receiver?
Is there any way I can intercept these events via Firebase?
Thanks
I contacted Firebase support team and they said that unfortunately, at the moment, there's no way to intercept these events using Firebase Authentication, it could be a new feature.
Related
I received an alarming email from Google a couple of days ago stating that:
[Action Required] Firebase services for your application are malfunctioning due to Application restrictions
I have a Vue based website that uses Firebase for Authorization of users and storing files they are uploading. When I configured the API key that I set up, I restricted this key on the application level, to only work from the address of my website.
I did not impose any API restrictions - Under API Restrictions the radio button with Don't Restrict Key is marked
Having said that, when I try to use my website, I get the following error:
[403] Requests from referer [WEBSITE] are blocked.
The email I got from Google stated that:
Firebase SDK updates on February 27, 2020 (Android) and January 14, 2020 (iOS) replaced the Firebase Instance ID service with a dependency on the Firebase Installations API.
As a result, Firebase services like Firebase Cloud Messaging will malfunction for users who installed your app after it was released with updated Firebase SDKs. Additionally, repeated failing requests to Firebase may slow down the end-user experience of your app.
Application restrictions you have applied to the API key used by your Firebase application need to be updated to allow your application to use the API key.
Inside this mail, there were the following instructions:
Open the Google Cloud Platform Console.
Choose the project you use for your application(s). Open APIs &
Services and select Credentials.
Click Edit API key for the API key in question.
Scroll down to the Application restrictions section.
Change the radio button to None, and click Save, or add your
application to the list of allowed Android apps, iOS apps, or HTTP
referrers, respectively.
If the radio button already shows None you may be looking at the
wrong API key.
You can check which API key is used for the Firebase Installations
API by looking at the service usage page for your project.
Since I do not have any API restrictions and there is also no other API key that I have, I don't understand how to solve this situation.
One option that works is having no application restrictions, but I don't think that is the correct solution.
I also tried changing the API Restrictions to allow only the services from Firebase that I am using, but that did not fix the problem.
Any help or direction to a solution, will be appreciated.
I developed an app to test the google login feature using flutter and google authentication. The project is a closed project and only I have access to it. But recently I saw that there was a google sign in from an unknown Email ID. How did the user login without the build of my app? Has my account been hacked? What is going on?
Anyone with knowledge of your project's API Keys can access your Firebase Project using simple CURL Commands.
This is why it's a good idea to add restriction to those API Keys
In case you haven't, go to https://console.cloud.google.com and
Select your project
Click the menu icon at the top left (hamburger icon)
Go to API & Services and then credentials
You can view the APIs for your Google Cloud Project (linked to your Firebase Project) and then set restrictions for the API keys, refresh them or restrict access to specific platforms like Android or iOS.
You can also set restrictions on which components of Firebase the API key is allowed to access. For example, if your project doesn't require the use of Cloud Firestore, you can ensure that the API Key cannot be used to make calls to the Firestore Database
All said and done, I would still recommend that you shoot a mail to the Firebase Support team at https://firebase.google.com/support/troubleshooter/contact
To anyone still wondering about this:
If you provide a native google sign in and the registered
email adresses look like this:
karolynmccorkle.91842#gmail.com
normabrock.69306#gmail.com
guillermogeorge.53163#gmail.com
kylegomez.35423#gmail.com
opalbarrett.09499#gmail.com
they are probably test accounts used to generate Google Plays Pre-Launch reports.
You can read about it in the Play Console Help here.
If your app has a sign-in screen and you want the crawler to test the
sign-in process or the content behind it, you need to provide account
credentials.
Note that you do not need to provide credentials if your
app supports "Sign-in with Google,” which enables the crawler to log
in automatically.
We are developing large number of customized Android and iOS applications for our customers. We have used Fabric to manage the crashes and Google Cloud Messaging to send push messages for the applications. We have now migrated all those applications to Google Firebase.
We are using Firebase Management REST API to create the applications into Firebase enabled projects from our PHP backend. For Android apps we use methods projects.androidApps.create and projects.androidApps.getConfig to get access to the application google-services.json. We include that to the build, which passes without errors and the push messages work without a problem. However, the Crashlytics side does not get enabled. In Firebase console there is only a wizard to set up a new Firebase app. When running it, it gives impression that Craslytics will get enabled, when the app starts using Firebase, but it is not.
Is there an API to enable the Crashlytics for an app? We can use REST or PHP based API in the backend. Also, if there is a client side API to awaken Crashlytics, we can use that too.
This is currently not possible, though with the new Crashlytics SDKs we are looking at ways of changing this behavior. In the future, as soon as we receive a crash event we will enable the Crashlytics dashboard. The timeline for this though, is unknown.
Overview: I would like to send targeted push notifications in my Native Mobile App by using the segmentation offered by Firebase. The way I would like to configure this segmentation is by leveraging on custom Firebase Analytics User Properties, like specific preferences or other business specific parameters.
I've seen that is possible to update User Properties by means of the Firebase SDK and through them I will update a "custom ID" user property which helps me identifying my users; on the other side I would like to update other user parameters, which should help me segmenting users, through a backend process.
The Problem: is that I've not found how to update User Properties from a backend side, like through APIs or something like that.
Have someone figured out to implement this scenario?
Thanks
There is no server-side or REST API for Google Analytics for Firebase at the moment.
The two options that I know of:
Send the properties from your server to the client, and use the Firebase SDK on the client to get those properties in to Analytics.
Hook your Firebase analytics up to BigQuery, store the additional information from your server into BigQuery too, and then join then in your own analysis.
I am trying to create a REST API for my app using Firebase Cloud Functions. I know how to use Admin SDK in Cloud Functions. It does have API to createUser. My front end app lets users sign in using Google and Facebook but I am not sure how to put it all together.
My app has successfully implemented Sign in with Google and Sign in with Facebook but how and what data do I transfer over to Cloud Functions (or any REST API Server for that matter) so that it could create a user in Firebase with appropriate provider.
Update for more explanation
I am creating an app for iOS and Android with some sort of cloud based backend. Right now I am experimenting with Firebase but I do not intend to tightly couple my apps to Firebase and hence do not want to pull Firebase-iOS and Firebase-Android SDKs into my app code. I want the ability and freedom to switch my backend over to AWS or Azure without changing frontend code.
The one (and only?) way is to create a server that will expose REST API endpoints and do the work on my behalf that usually SDK does. To achieve this, I am using Cloud Functions but that shouldn't matter as long as I have API to talk to actual cloud.
After putting that explanation, now my question is how do I let my users login to app using external providers like Google and Facebook and still achieve what I am trying to do. When I let users sign in with providers, I do not have their password to send to backend to create a new email/password user.
The sample code that best illustrates what you want to do here on GitHub.
It shows how to create an Express app that handles HTTP request pages. Learn more about Express to configure it for wildcards are needed.
It accepts and checks authentication tokens in HTTP requests from Firebase Authentication to validate the end user responsible for the request.