I have been trying and searching various methods to make Firebase Phone Auth to work in my flutter application. (There is an open issue talking about conflicts between Firebase Cloud Messaging & Firebase Phone Auth, but I am unsure if my issue is related to that. I do use Firebase Cloud Messaging which works perfectly fine.).
In iOS simulator, whenever I call FirebaseAuth.instance.verifyPhoneNumber, my app opens a web page for reCAPTCHA workflow, and returns back to the app. Then I see the error logs like below in verificationFailed callback. (It is expected to follow reCAPTCHA flow for iOS Simulator according to Firebase Phone Auth Doc)
flutter: Instance of 'AuthException'
flutter: {"error":{"code":403,"message":"Requests from this ios client application <empty> are blocked.","errors":[{"message":"Requests from this ios client application <empty> are blocked.","domain":"global","reason":"forbidden"}],"status":"PERMISSION_DENIED"}}
It is suspicious that error message is using <empty> as my application name, instead of my real app name (or default firebase app name which is __FIRAPP_DEFAULT), but I am unsure why that is happening.
In real iOS device, whenever I call FirebaseAuth.instance.verifyPhoneNumber, the app invokes verificationFailed callback again and I get the error with verifyPhoneNumberError as code and Token mismatch as error message. This is happening in both debug build as well as in release build.
I am using following SDK & library versions.
Flutter SDK = 1.12.13+hotfix.5
firebase_core = 0.4.3
firebase_auth = 0.15.4
firebase_messaging = 6.0.9
Has anyone been able to get Firebase Auth Phone auth working in iOS? I am stuck in this limbo state because I cannot seem to search any info online related to this. I have setup iOS APN, GoogleService-info.plist, Google Cloud Credentials multiple times so far with no luck. (Given that Firebase Cloud Messaging works perfectly fine, I doubt it is an issue with credentials or APN setup.)
Answering my own question since I figured out the root cause.
In Google Cloud Project that is connected to Firebase, I was able to find a set of API Keys that were created by Firebase.
https://console.cloud.google.com/apis/credentials
For each App you define and create in Firebase, a new API key will be auto-created in the API key section. In my case, there was one for 'iOS key (auto created by Firebase)' and another for 'Android key (auto created by Firebase)'.
Well, by default, they do not impose any restrictions and you see a yellow triangle next to the key. So I added restrictions to those keys so that they can only be useable in my app. This is done by setting Application restrictions with corresponding bundle id for iOS and another app id for Android within each API key detail page.
This restriction was actually the reason that Phone Auth has not been working in my apps. Once I reverted the change back to None, I no longer encountered Token mismatch or AuthException.
Ideally, I should restrict these API keys to my app only, but it seems like my Flutter app is unable to prove its identity/appId/bundleId to google services, and Google had been rejecting requests from my App. This must be why I was seeing Requests from this ios client application <empty> are blocked. error message.
For now, everything is working because there is no restriction, but I will need to figure out why my app and its id association is not working as expected sooner than later, so that I can add restriction back.
Related
Background
I have an almost finished webapp already working with the following stack
Firebase
React/TypeScript
Context
I'm adding Capacitor to my WebApp so I have a native app where I can send push notifications, and have presence in App Store, Google Play Store. The application already works on its web version, so there is no rule (Real Time Database, FireStore, etc) problem, no credentials problems at all on its web version, all well tested.
Problem
I've added Authentication to my application via Firebase Authentication, which works well, and I have also connected the Native iOS version to it, as it's described in the documentation
Auth flows works fine, User/Password & Google sign up are working fine and actually triggering the methods like onIdTokenChange and OnAuthStateChange from the official Firebase Auth library, in both cases, iOS and WebApp, and also the OnAuthStateChange from the Capacitor plugin (in both clients too).
The problem is that the Firebase JS library remains somehow in a unauthenticated state, where any call to FireStore, Database, or Storage, ends up in "Permissions Denied" error (Only on iOS). Once the Token ID has changed, I can see that currentUser is NULL, and the "signed in user" is not propagating to the Firebase official library from the Capacitor Plugin.
Once I have connected the Capacitor Firebase Authentication plugin, I was expecting that the Firebase official JS library was going to be updated, I've also used Firebase Authentication with IndexedDB local persistence as follows (when being in Native) as follows:
export const Authentication = Capacitor.isNativePlatform() ? initializeAuth(FirebaseApp, {
persistence: indexedDBLocalPersistence
}) : getAuth(FirebaseApp);
I have updated SHA-1 key to firebase project settings from Google Play console. Also I have added release and debug SHA-1 keys. But still google team can't able to use the app. It is login successfully with testing mobile number and OTP, but after that it will fetch data from firebase database in an activity. At that moment application got crashed. And it is rejected by them again and again.
Kindly help me on this.
We are using firebase phone authentication to authenticate our users. We've been using it for over a year now.
Today at 13:00 GMT, new users are receiving 17028 An invalid safety_net_token was passed after entering their phone number.
I tried to verify each of the causes I found on the firebase docs:
Verifying the SHA1 and SHA256 on the firebase console (We use the fingerprints that are on the play store console)
Verifying the package name
The last app update was on October 1st and since then thousands of users created an account with Firebase Auth and there were no configuration changes on the firebase console.
Upon looking at other StackOverflow questions, the error we are getting is not the same as 17028 A safety_net_token was passed, but no matching SHA-256 was registered in the Firebase console. Please make sure that this application's packageName/SHA256 pair is registered in the Firebase Console Even though it is the same error code, in our case, it says an invalid token was passed.
We are using firebase with react-native-firebase module.
EDIT: After disabling Android device verification API from Google Cloud Console the verification is now working but with no device verification. (Users have to verify they're not robots with a CAPTCHA).
Update: It is working fine now, and the outage has been fixed.
It looks to be a firebase internal issue, and the only solution now is to disable "Android Device Verification" and all your users will see the Recaptcha page.
check
https://status.firebase.google.com/
https://status.firebase.google.com/incidents/TYeQBVB4kkzyk2kE8vbP
We are developing large number of customized Android and iOS applications for our customers. We have used Fabric to manage the crashes and Google Cloud Messaging to send push messages for the applications. We have now migrated all those applications to Google Firebase.
We are using Firebase Management REST API to create the applications into Firebase enabled projects from our PHP backend. For Android apps we use methods projects.androidApps.create and projects.androidApps.getConfig to get access to the application google-services.json. We include that to the build, which passes without errors and the push messages work without a problem. However, the Crashlytics side does not get enabled. In Firebase console there is only a wizard to set up a new Firebase app. When running it, it gives impression that Craslytics will get enabled, when the app starts using Firebase, but it is not.
Is there an API to enable the Crashlytics for an app? We can use REST or PHP based API in the backend. Also, if there is a client side API to awaken Crashlytics, we can use that too.
This is currently not possible, though with the new Crashlytics SDKs we are looking at ways of changing this behavior. In the future, as soon as we receive a crash event we will enable the Crashlytics dashboard. The timeline for this though, is unknown.
I have a react native project that is already connected to my firebase project. I use firebase as my database. Everything works great. But...
I am trying to get a simple firebase cloud messaging test to work with my react native android app. As I said, I already have firebase in use with my app for db purposes and for authentication.
I am using the react-native-firebase package (http://invertase.io/react-native-firebase) to do all my firebase work. I followed the directions on their site to get the messaging to work, but I haven't had any success.
I have followed the installation directions here: http://invertase.io/react-native-firebase/#/installation-android
All the database stuff works fine, but no luck with messaging. I am sending out test notifications using the firebase notifications console. I get the firebase token using this code in my app.
firebase.messaging().getToken()
.then((token) => {
firebase.database().ref(user.providerData[0].uid+'/agents/'+user.providerData[0].uid+'/fcmToken').set(token);
});
That code successfully gets the token and saves it to my firebase database. I then copy the token manually from my db and use it in my firebase notification console to send out a test notification. I know that the app is supposed to be running in the background. To get my app in the background I simply hit the home button. Then I send my test message. I don't get any errors in the firebase notification console and it says my token I supplied is all good. After a few seconds it says the notification status is completed. However in my app, nothing appears in my system tray, no notifications.
Does my app have to be in production mode or something? Anyone else get react-native-firebase to work with firebase cloud messaging on android?
I use the firebase console to send test messages