I have a firebase site which initialises with
<script src="/__/firebase/init.js"></script>
as described here: https://firebase.google.com/docs/hosting/reserved-urls#sdk_auto-configuration
init.js is auto-generated by either the firebase deploy console or firebase hosting (I'm unclear which). This was all working fine until recently, when a new API key for my project was created in the https://console.developers.google.com/apis/credentials console. This new key had HTTP referrer restrictions, for some other domains (not my firebase site).
The next time I deployed my site after this key was created, firebase auth was broken. The error was Requests from referer https://my-site.firebaseapp.com/ are blocked.. I found the reason was because now init.js contained the wrong API key - the new, unrelated, restricted key, rather than the correct "Web API key" as shown in firebase console under settings -> General.
How do I control how init.js is generated? Is this a bug in firebase?
Related
I've added my project to firestore and I'm doing firestore google auth just fine.
My problem is firebase firestore.
It just doesn't work and I have no idea why.
I'm trying to do a simple add before doing the actual process for my app and it doesn't work.
here I implemented a simple function to add a user and then called it, doing it all in build function.
I get this in my console:
p.s.
"adding user" is printed on console.
p.s.
I do have the firebase_options.dart file.
These thing are you sure that the correct:
1.Using correct google_services.json file
2.Edit Fire store rules if you are not using authorization
You have to manually whitelist your existing Google OAuth 2.0 client IDs in the Firebase console before using it with the new Auth APIs.
In order to do so, follow these steps:
Go to the Credentials section in the Google API Console.
Select from the top right corner the project where you had previously configured Google Sign-In.
Go to the OAuth 2.0 client IDs section
If you are using Google Sign-In on Android or iOS applications:
Take note of the Client ID string corresponding to all the entries registered for your applications.
Input these Client IDs into your Firebase project’s configuration:
Go to the Firebase console at https://console.firebase.google.com
Open the Auth section
Under Sign-In methods, open the Google configuration, and add there all you client IDs, to the whitelist of client IDs from external projects.
If you are using Google Sign-In on a web application:
Click to open your web client ID and take note of both the client ID and secret.
Input this Client ID into your Firebase project’s configuration:
Go to the Firebase console at https://console.firebase.google.com
Open the Auth section
Under Sign-In methods, open the Google configuration, and add the values under the Web SDK configuration section.
I received an alarming email from Google a couple of days ago stating that:
[Action Required] Firebase services for your application are malfunctioning due to Application restrictions
I have a Vue based website that uses Firebase for Authorization of users and storing files they are uploading. When I configured the API key that I set up, I restricted this key on the application level, to only work from the address of my website.
I did not impose any API restrictions - Under API Restrictions the radio button with Don't Restrict Key is marked
Having said that, when I try to use my website, I get the following error:
[403] Requests from referer [WEBSITE] are blocked.
The email I got from Google stated that:
Firebase SDK updates on February 27, 2020 (Android) and January 14, 2020 (iOS) replaced the Firebase Instance ID service with a dependency on the Firebase Installations API.
As a result, Firebase services like Firebase Cloud Messaging will malfunction for users who installed your app after it was released with updated Firebase SDKs. Additionally, repeated failing requests to Firebase may slow down the end-user experience of your app.
Application restrictions you have applied to the API key used by your Firebase application need to be updated to allow your application to use the API key.
Inside this mail, there were the following instructions:
Open the Google Cloud Platform Console.
Choose the project you use for your application(s). Open APIs &
Services and select Credentials.
Click Edit API key for the API key in question.
Scroll down to the Application restrictions section.
Change the radio button to None, and click Save, or add your
application to the list of allowed Android apps, iOS apps, or HTTP
referrers, respectively.
If the radio button already shows None you may be looking at the
wrong API key.
You can check which API key is used for the Firebase Installations
API by looking at the service usage page for your project.
Since I do not have any API restrictions and there is also no other API key that I have, I don't understand how to solve this situation.
One option that works is having no application restrictions, but I don't think that is the correct solution.
I also tried changing the API Restrictions to allow only the services from Firebase that I am using, but that did not fix the problem.
Any help or direction to a solution, will be appreciated.
I'm trying to get Google Login working with Firebase from an Expo snack. I can login with Google and get the idToken and accessToken, but when I try to signInWithCredential to Firebase, I get a message that "the Google id_token is not allowed to be used with this application.". I feel like I'm missing some Firebase configuration step that I couldn't find in any of the Expo Firebase tutorials.
What step might be missing in my Firebase configuration or this Expo snack? https://snack.expo.io/HJWiiNRtW
Older post, but for posterity sake:
Your setup on the Expo snack looks fine. The problem you are having is a result of a mismatch between the client ID in the google developer console and firebase google Web SDK settings.
From google developer console, in your app, this will be the Client ID for Web application
603386649315-vp4revvrcgrcjme51ebuhbkbspl048l9.apps.googleusercontent.com
there will also be a client secret in there too.
In the firebase console for your app, in the authentication section, under google, click on Web SDK Configuration
and put the above noted project number (Web client ID) and client secret, and put these in their respective spots.
You will see that the project # being referenced in the error "873097287154..." will already be in the Web Client ID text box which is what you will replace with the client ID from google as noted above.
In Firebase console under Project Settings/General beneath the Project ID field there is a Web API key :
Where is this used? I know that the Server key found under Project Settings/Cloud Messaging is used as Authorization key to make calls to the firebase console:
I have also noticed that in google-services.json ther is an "api_key" property that has a "current_key" value which is different from both keys that I have mentioned. What is that key?
From my answer here:
current key - nothing is explicitly stated anywhere in the docs where it is used, however, among the 3 services where the google-services.json was originally used for before Firebase (Google Sign-in, Analytics, GCM), I'm guessing it would be between Google Sign-in and Analytics. As also mentioned by #DiegoGiorgini here:
The api_key value in google-services.json is not used by FCM. (it is used by other Firebase libraries)
So it can be for a separate Google non-Firebase or Firebase service.
Web API Key - this one I haven't had a chance to use before. However, I've seen other posts wherein this specific API key is used often on Web apps related to Firebase (possibly also for Auth purposes?), but I'm not entirely sure.
Server Key - as per the docs:
A server key that authorizes your app server for access to Google services, including sending messages via Firebase Cloud Messaging.
current_key (as per the docs) is the Android key auto-created by Firebase when creating a Firebase Android App. It's NOT used to control access to backend resources. Instead, it's used to identify your Firebase project when interacting with Firebase/Google services. Specifically, it's used to associate API requests with your project for quota and billing.
Web API Key (as per the docs): can be used to authenticate users by passing its value to the key query parameter in several API endpoints, e.g., sign up or sign in using email & password, generate refresh token, etc.
Server Key (as per the docs): is a server key that authorizes your app server for access to Google services, including sending messages via the Firebase Cloud Messaging legacy protocols.
My server key is not displaying at my firebase Console. What configuration should I do?
This is a known issue and is being addressed. Usually you would get into this state when the API key automatically generated by the creation of the Firebase project is deleted from the Google Developer console. The Firebase console UI currently only shows the automatically generated server API key, and nothing if that key is deleted.
You can still use any valid server API key in the corresponding Google Developer project. So go to the Google Developer console and use one of the Server API keys there or create one if it does not exist.