Firebase created for me an API key on Google API console. There I added a restriction to make it usable only by an Android app with a specific package name and fingerprint.
However I can still use the key with a different package name (I changed the application Id for Gradle). What could be wrong?
Firebase doesn't attempt to restrict usage of Realtime Database based on the host app's application ID or signing hash. When you create a new Android app in the console, you'll notice the following text under the text field for signing key:
Required for Dynamic Links, Invites, and Google Sign-In support in
Auth. Edit SHA-1s in Settings.
These are the only Firebase features that are affected by the application ID and signing hash. The reason an application ID is require is to help the Gradle plugin match a google-services.json file to the app it was built for. It's not a security measure.
If you change your application ID in build.gradle but don't create a new app and download a new google-services.json file, your build should fail with this message:
No matching client found for package name 'your.new.package.name'
Related
The docs for setting up FCM via APNs state that you should copy the bundle identifier from your application (under the "Registering an App Identifier") section, but when I do that I get the following error when trying to register my new app id:
An attribute in the provided entity has invalid value
An App ID with Identifier '<my app id copied from xcode>' is not
available. Please enter a different string.
The error message does make sense because that app id is already taken (by my app).
Are the Firebase docs wrong or am I missing something?
I think you can check the followings.
make sure if you have already checked an option for push notification on app store. go to developer.apple.com/account/resources/identifiers/list, choose your identifier in the list.
open your project in Xcode. and check like the below screenshot
I have added "com.google.android.gms:play-services-auth:20.1.0" in my application. We are using Firebase App distribution for sharing app internally for testing. The app auto sms fetch functionality works fine when we create and APK and upload to FirebaseAppDistribution but when we upload AppBundle .aab than it never works. If i download the aab file from FirebaseAppDistribution and install it using bundletool.jar the SMS auto fetch functionality works. Initially it was showing a message something like this is signed with test certificate. Please add key to 3rd party services. I forgot to copy those keys and that message disappeared now and i cant find any certificate keys in firebase. what could be the reason or How can i fix it ? any help plz.
I've added my project to firestore and I'm doing firestore google auth just fine.
My problem is firebase firestore.
It just doesn't work and I have no idea why.
I'm trying to do a simple add before doing the actual process for my app and it doesn't work.
here I implemented a simple function to add a user and then called it, doing it all in build function.
I get this in my console:
p.s.
"adding user" is printed on console.
p.s.
I do have the firebase_options.dart file.
These thing are you sure that the correct:
1.Using correct google_services.json file
2.Edit Fire store rules if you are not using authorization
You have to manually whitelist your existing Google OAuth 2.0 client IDs in the Firebase console before using it with the new Auth APIs.
In order to do so, follow these steps:
Go to the Credentials section in the Google API Console.
Select from the top right corner the project where you had previously configured Google Sign-In.
Go to the OAuth 2.0 client IDs section
If you are using Google Sign-In on Android or iOS applications:
Take note of the Client ID string corresponding to all the entries registered for your applications.
Input these Client IDs into your Firebase project’s configuration:
Go to the Firebase console at https://console.firebase.google.com
Open the Auth section
Under Sign-In methods, open the Google configuration, and add there all you client IDs, to the whitelist of client IDs from external projects.
If you are using Google Sign-In on a web application:
Click to open your web client ID and take note of both the client ID and secret.
Input this Client ID into your Firebase project’s configuration:
Go to the Firebase console at https://console.firebase.google.com
Open the Auth section
Under Sign-In methods, open the Google configuration, and add the values under the Web SDK configuration section.
Let's assume we have a Firebase project A and it has Firebase profile file for appId App_A.
If another app with appId App_B decoded the info from App_A and took the Firebase profile file and tried to use it within App_B will it be able to get fetch remote config from Firebase project A?
Setting up API Key Restrictions https://cloud.google.com/docs/authentication/api-keys#api_key_restrictions should help with this.
I have created/forked a lil Google Apps Script Library to manage Firebase Firestore and Firebase Remote Config called FirebaseGoogleAppsScript. The goal is to simply manage the contents of your collections in an apps script as well as update your remote config.
My issue is I can't get the a service account to do both.
Firebase creates two service accounts upon creating a project:
The first is listed in the Firebase Console -> Project Settings -> Service Accounts. This one I use within my cloud functions to retrieve the Remote Config just fine. However in the Apps Script Project it is unable to retrieve any data from firestore. I tried adding all kinds of roles including Owner and Editor yet no firestore data, but I still can get the RemoteConfig.
The second is only visible in the GCP service accounts and has the title: Firebase Admin SDK Service Agent with the roles Firebase Admin SDK Administrator Service Agent and Service Account Token Creator. This one is able to retrieve all the data from firestore within an Apps Script Project. However in the apps script project I can't get it to retrieve the RemoteConfig even if I add the role Firebase Remote Config Admin.
I have also made my own service account which was able to get the Remote config and just about everything else from Firebase except the Firestore data. Seems only the one service account created by Firebase is able to get any data.
To recreate the issue simply deploy my lil FirebaseGoogleAppsScript project and associate it to the same GCP project Firebase is connected to. There is a test file in it which can recreate the issue assuming you have some data in RemoteConfig and a collection called posts with some docs.
What the heck is going on here? Why can't I make a service account who can access Firestore and RemoteConfig? Any ideas on what to do to create a proper role to do both? Do I really have to use two separate service accounts?