11

https://firebase.google.com/docs/auth/android/apple

We have developed Sign in with Apple on Android and confirmed that it is working properly.

But, if API key restricted to Android in the Google Cloud Console, it does not work with the following error.

com.firebase.ui.auth.FirebaseUiException: An internal error has occurred. [ Requests from this Android client application <empty> are blocked. ]
        at com.google.firebase.auth.api.internal.zzdv.zza(com.google.firebase:firebase-auth@@19.2.0:18)
        at com.google.firebase.auth.internal.zzal.onReceive(com.google.firebase:firebase-auth@@19.2.0:32)
        at androidx.localbroadcastmanager.content.LocalBroadcastManager.executePendingBroadcasts(LocalBroadcastManager.java:313)
        at androidx.localbroadcastmanager.content.LocalBroadcastManager$1.handleMessage(LocalBroadcastManager.java:121)
        at android.os.Handler.dispatchMessage(Handler.java:107)
        at android.os.Looper.loop(Looper.java:237)
        at android.app.ActivityThread.main(ActivityThread.java:7770)
        at java.lang.reflect.Method.invoke(Native Method)
        at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:493)
        at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1047)

An internal error has occurred. [ Requests from this Android client application <empty> are blocked. ]

If the API key is set to none, everything works properly.

Should API key restrictions be lifted to apply OAuth authentication such as Apple?

Or is there something else I missed?

For your information, I found 403 error in the Identitytoolkit.getProjects API.

Firebase Auth: Requests from this Android client application com.xxx are blocked

I've seen above discussion many times. But it's not a solution because adding or deleting signature makes it API Key restrictions are lifted automatically.

I don't think it's not SHA-1 signature problem because other APIs that use the same API Key do not have problems.

And I tested it with a demo project at https://github.com/firebase/FirebaseUI-Android, but the same problem happens.

I have no idea how to get authenticate using Apple to work properly when API Key is restricted to Android

Leo
  • 111
  • 1
  • 5

3 Answers3

11

If you are using Google Play App Signing, just login into Firebase go into "project settings"->"integration" and press a button to link Google Play with firebase, SHA-1 will be added automatically. Download and change your new google-services.json

If you keep having problems, go to Google Cloud API, click on the hamburger icon on the top left -> APIs and Services -> Credentials. Choose the API Key that you're using. Under restrictions, select "None".

Ricardo
  • 2,086
  • 25
  • 35
  • My browser key had website restriction so I couldn't call create dynamic link from Cloud functions. After removing that restriction from Credentials in this post, it worked. – coolcool1994 Sep 08 '20 at 00:37
  • 5
    By selecting API key restrictions to None, It works for me but this is not a good solution. – Zeeshan Aug 11 '21 at 18:24
  • I don't have any restrictions but still getting the same message. Any other thing I can try? – moyo May 26 '22 at 11:40
1

According to https://github.com/firebase/firebase-android-sdk/issues/1757#issuecomment-655777739 Apple Sign In on Android requires a web flow, which means restricting the API Key to Android breaks that process.

The suggestion is to disable API key restrictions on Android if Apple Sign In functionality is required. Also according to the thread the API key restrictions offer only fairly limited protection anyway, so disabling isn't a huge loss.

Tiernan
  • 81
  • 1
  • 3
0

If you keep having problems, go to Google Cloud API, click on the hamburger icon on the top left -> APIs and Services -> Credentials. Choose the API Key that you're using. If restrictions are defined for android app there then you have to add SHA key and after that this issue will be fixed.

Raman Sharma
  • 159
  • 1
  • 5