9

I have integrated firebase phone authentication in my android app. It was working fine for almost 2 months and suddenly from 2-3 days back I am observing different behavior.

Capcha screen started appearing. Earlier I had not enabled safetynet device check API. Looking at firebase documentation I treid enabling safetynet device check.

As the steps are not clear, I am not sure if I did it right. I am also not clear how firebase and google cloud are linked. How firebase will know which google cloud project to link to..

Earlier the flow was ... Phone authentication->receive SMS->auto verify SMS and user is logged in. Now the flow is ... Phone authentication-> Captcha screen appears (kind of web page is loaded)... -> after sometime the captcha screen closes on its own -> SMS received -> login with OTP verification.

Let me know how to avoid the captcha screen. I am sure I will lose many users if capcha screen comes in between.

Anajaleena Oliver
  • 121
  • 1
  • 1
  • 5

3 Answers3

11

Step 1:Go to your Google cloud console with this link ,enable Android Device Verification for your project.

Step 2: add SHA-256 fingerprint in your firebase.do so from the Settings Page of the Firebase console.Download and replace the latest google-services.json file

gowtham6672
  • 999
  • 1
  • 10
  • 22
  • Thanks. I was able to integrate Android device Verification. Not so good part is after integrating Android device verification auto retrieval of SMS has stopped working. Earlier it used to work. Let me know if you have found a solution for this. – Anajaleena Oliver Nov 05 '20 at 10:24
  • @AnajaleenaOliver Hi there! react-native-firebase maintainer here, we have a report of this here https://github.com/invertase/react-native-firebase/issues/4540 - I'm unaware of an upstream issue in https://github.com/firebase/firebase-android-sdk/issues yet but I/we are investigating. If you are an interested party please collaborate :-), thank you – Mike Hardy Nov 12 '20 at 16:38
  • As per information shared at https://github.com/invertase/react-native-firebase/issues/4540 it looks like it is an issue introduced in firebase library version 26.0.0. It was working in library version 25.13.0 – Anajaleena Oliver Nov 25 '20 at 05:54
  • This still doesn't solve my problem here, enabled Android Device Verification, is there more configuration? – johnrao07 Dec 17 '20 at 17:19
  • I'm also facing the same problem. Even after enable device check API, it still take me to browser for reCAPTCHA flow. I'm using firebase-bom:26.2.0. – Chan Myae Aung Jan 01 '21 at 13:06
  • did you replace the new google-services.json file @ChanMyaeAung – gowtham6672 Jan 01 '21 at 15:38
  • @gowtham6672 Can anyone please help me understand, after enabling google device verification, how does the google console know to connect to the same project in firebase? Do I need to insert a google API key to the project too? – Itay Feldman Jan 03 '21 at 10:40
  • @ItayFeldman did you found any answer to the question? I am also stuck with the same question. – Braj Feb 05 '21 at 14:44
  • @gowtham6672 Yap, it should show you the firebase project automatically in the google console's projects list and then you can enable the API in your project. No need for adding any additional API keys. – Itay Feldman Feb 05 '21 at 20:26
  • Apparently it is important that the SHA-256 (i.e. not the SHA-1) fingerprint is used! I had the SHA-1 already added to the Firebase project settings and that was not enough – Vince Mar 21 '21 at 01:41
  • Thanks @gowtham6672, I forgot to replace the google-services.json after adding SHA-256 fingerprint to firebase. – Sumit Monapara Apr 07 '21 at 14:10
6

As per firebase the reCAPTCHA flow will only be triggered:

a. When SafetyNet is unavailable.

b. If the user does not have Google Play Services support.

c. When you are testing your app on an emulator.

d. Your device does not pass suspicion checks (if your device bootloader is unlocked or device is rooted )

To enable SafetyNet follow below steps or you can also visit Firebase Auth for more info.

  1. Go to google cloud console , select your project .

  2. Click on navigation menu and select APis & services and then select Dashboard .

  3. Click on enable api and services and enable api " Android Device Verification".

  4. Add SHA 256 in firebase project settings.(debug and release both)

  5. Download and replace the latest google-services.json file in your project.

Himanshi Thakur
  • 2,077
  • 14
  • 32
2

  1. Go to Google cloud console select your project and enable Android Device Verification google cloud console

  2. Go to your project dir and paste this

cd android && ./gradlew signingReport

  1. Copy SHA256 and SHA1 from Task :app:signingReport only

  2. Go to firebase console go to your poject -> Project settings -> Select your app -> Click on Add fingerprint and paste your SHA256 and then SHA1

Sehrish Waheed
  • 1,230
  • 14
  • 17