I implemented http://android-developers.blogspot.fi/2013/01/verifying-back-end-calls-from-android.html in my android application. I added a client id for the application in our development version of the google api project and made the android application ask for id_token
idToken = GoogleAuthUtil.getToken(AuthenticatorActivity.this, accountName, "audience:server:client_id:1234567890.apps.googleusercontent.com");
and all this worked quite near perfectly. Then I wanted to test if it works in production. I added a client id to the production version google api project, used it in code and rebuilt the production version app. Since then I have always gotten
GLS error: INVALID_AUDIENCE <Removed>#gmail.com audience:server:client_id:1234567890.apps.googleusercontent.com
as a response and a GoogleAuthException with the same message.
I have tried to remove and recreate the client id's one at a time (So I tested with just the development client_id and unmodified code from yesterday, same result.), I have checked that I really used correct SHA1's when creating the client id's and I have rebuilt both versions of the app and tested with multiple devices and google accounts.
Did I break the google api projects server by adding a client_id with the same android package name to both projects, or is there just something I have simply overlooked?
Edit: It seems I really broke something, as creating a new client id in a third project enables me to get the id_token again without changes to the code.
There was a bug (since fixed) with Google's handling of newly created client_ids (it didn't affect live apps, only apps just newly registered). Have you tried again in the last few days?
Related
I have an Android app in which I'm using Google Sign-in (via GoogleSignInClient).
Please note that my app does NOT use Firebase and has no Firebase configuration file or imports.
When I first set up this project, I went to Google Cloud Platform, I created a new project, I went to APIs & Services, I chose Credentials. I added a new OAuth client ID and chose "Web Application" as the application type (someone told me to do this, even though my client is an Android app). I got the client ID and put it into my app, and it worked.
Later, I needed to refactor my app and change the package name. Now Google Sign-In doesn't work anymore. It throws ApiException 10.
I don't understand how changing the package name could have broken this, since the package name was never used for generating the client ID to begin with.
Thanks,
Frank
I am developing an Android App using Firebase. I had everything running fine up to this morning. I went to Firebase, imported the project at their new console and then I tried to add Analytics to my app.
At this point I couldn't use Google login, and I guess it was because adding Analytics I skipped to add my SHA-1 key, so the newest information at Google was that I didn't have a SHA-1 key. I didn't see that I had to whitelist my Google app which was actually login in people in my app, and that was a big mistake. Trying to solve it I begun to change things, so many that I couldn't even list them here. A short version could be:
I updated the Android SKD Manager.
I changed the dependencies for Gradle. Still not working.
I saw that I could give my SHA-1 key to Firebase, but I had a alert saying that this key was already in use by another App (the one at Google API)
In order to solve it, I deleted the credentials of my Google API App -not so good idea-
Then I used my SHA-1 key at Firebase. Still not working.
I tried to put everything as it was at the beginning, but now I cannot delete my key from Firebase. What I've done is write a random key to be able to use it at Google API.
I went to Google API and created a new credential for the App that I was using and was working fine up to this morning.
I whitelisted the App ID at my Firebase Auth settings. Still not working
Surely I have done other stuff but I don't even remember.
Now I have the following error when I try to login with Google, but also with Facebook(?!), and I haven't tried with other providers. The error says:
FirebaseLoginError = PROVIDER_NOT_ENABLED: Make sure google login is enabled and configured in your Firebase. (FirebaseError: Invalid authentication credentials provided.)
There are so many things that could lead to a problem that I have been trying to fix it during all the morning and I am still completely lost.
What should I do to restore everything as it was?
I have followed the HelloEndpoints tutorial by Google where I've implemented the backend API in Java and an Android client, where I'm getting this error from. https://cloud.google.com/appengine/docs/java/endpoints/getstarted/clients/android/
I've deployed the Android app client on a physical device. When I launch the app and touch the "Sign in" button, a dialog is shown since I have two Google accounts on the phone. I choose one and then the correct email address is shown for a couple of seconds in the label before it disappears. Then I'm getting the authentication error.
Several suggested solutions are mentioned at Stackoverflow and other sites , but nothing I've tried so far has helped.
I have tried to:
Regenerate the client-id, they are the same on both client- and server side (web client id)
The android id have the correct package name at the end of the SHA1
Regenerate client libs
Update devserver (but the API is also deployed)
Shutdown on the web service from the Google Developer Console
I've set a project name and email at the so called Consent screen on the API console.
Checked so that I'm signing the app with the same debug.keystore that I used when I generated the SHA1. It is used when I build the release.
Kind regards,
Ramon
I finally solved the problem yesterday :)
On Google Developer Console, I realized that I had an Android key for Public API access, but no Android Client ID for OAuth. The only Client ID I had for OAuth was for web applications.
After I've created one for Android apps, the authentication exception were gone.
Thereafter I got another exception when I tried to invoke the method requiring the authentication. When I checked the log on Google Developer Console, the invocation wasn't even logged! Which made me think that the invocation of the method isn't correct.
When I tried to invoke the method from the web it worked. I then checked my terminal and there I saw the example#example.com mail address. So, the invocation from the Android client was sent to my local devserver even though I had the web service deployed (and the servers ip-address wasn't set in the Android code).
My next step was to shutdown the local devserver and then I re-deployed the backend API before I tested the Android client again.
Finally after these two changes I can invoke the authenticated method and get a correct response :)
I'm trying to implement Google Play Services following Google's documentation and I'm seeing the following when I try to connect my GameClient:
E/Volley: [4953] il.a: Unexpected response code 401 for https://www.googleapis.com/games/v1/players/me
E/Volley: [4953] il.a: Unexpected response code 401 for https://www.googleapis.com/games/v1/players/me
E/SignInIntentService: There is no linked app associated with this client ID.
I've checked that the SHA1 fingerprint of the certificate signing the APK, the SHA1 of the debug certificate, and the SHA1 given to the Google API do match up and they do. I've checked that the app id is declared in the manifest in the application item (I've taken in my case the 13 digit numerical id, not one that also includes a package). I've also checked that the test accounts I'm using are each listed in the Developer Console and they are; they're each #gmail.com too, and they include my developer address. They've each activated Google Plus.
I've tried this from an API 16 S3 device and an API 17 Google API simulator. The app's package name is correctly declared in the manifest, on the developer console and matches the API package name. The app is listed as a client of the game service, and is shown as 'ready for testing'.
In short I'm struggling to see what my mistake can be and what I've missed. I think I have everything from Google's troubleshooting addressed too. I've looked at the main questions here on StackOverflow, and they're covered. Whatever it is I'm missing is probably staring me full in the face. What can I be missing?
I got stuck on this problem for a long time until I realised that I had two strings in my app called "app_id". One from the Facebook SDK and one from Google. I renamed the Google app_id (and changed the corresponding manifest reference) and all was well.
It is POSSIBLE that you have a similar problem. If you can't see the error then I would try to write out the app_id to syslog to confirm that this is not the cause of the problem.
Incidentally, all my Google app_id s (client ids) are 12 bytes not 13, so perhaps you should start by checking that.
Good Luck !
Even after redoing everything, everything, I still encountered the same problem. However, I subsequently encountered a "This package is already in use" error message on Google API even though I had undeleted all projects and removed all clients before deleting these again.
This turned out to be a blessing: The solution to this was to recreate my debug key before adding the new fingerprint to Google API in another new client id.
And lo... my original problem went away.
I hade the same problem and for me it worked to re-link the app in Game services -> Linked apps -> Link another app.
You didn't explicitly state that the gmail accounts you're testing with are added as Google Plus users in a Google Plus community that is configured as the testing community for your app -OR- that you're using a google group as the testing community and those gmail accounts are part of that community.
If you have done those things, then it might be the issue stated here:
https://code.google.com/p/google-plus-platform/issues/detail?id=554
This answer might sound encouraging to solve your problem, but don't get your hopes up. I've done all that the original poster did, plus the things above, and I'm still stuck.
I've even followed all of the tips stated here:
Google Play Game Services - unable to sign in
And it would appear the depths of the chasm that Google lets you fall into regarding GPS is far deeper than the depths I've plumbed. Joy.
I had the same problem ,I am not sure that the following action is the one that resolved the problem but its worth the try,
Seems that I didnt had the Drive API enabled ,I had it in the enabled apis but i had to actually click the gear icon next to it and then click enable and provide the application name.
Just link the same package as many times as you have Client ID's in your Developer Console "Debug & Release Client ID's"
The thing is if you link your app to the Game Services with the wrong SHA1 fingerprint, Games Services will pick it up and associate it as the main Client ID.
Once you link the same app again to your Game Services, it will automatically pick up the other Client ID's
I had exactly the same problem, and in my case, I fixed it regenerating the API Key from the Google APIs Console. Go to Credentials, select your API key and then click on "Regenerate Key". You don't need to update anything in your code or link more apps, just regenerate and it starts working magically.
I created a Client ID for my Android App in the API Console specifying the package name (com.clc.mmm.free) and the Certificate fingerprint (SHA1).
Then I deleted the Client ID and the API Console project where the ID was created (it was a "test" API Console project).
Now I want to re-create the Client ID in a new API Console project but I am getting the message: This client ID is globally unique and is already in use.
However I cannot find a client ID for my package/key anywhere, I even un-deleted the initial project and checked, there is no Client ID for my package, but still getting the same error!
Without the Client ID I cannot publish my new release of the app with Google+ sign-in.
Please help!
http://code.google.com/p/google-plus-platform/issues/detail?id=554
I had the same issue. I solved it reading the last post on this thread.
I had the same issue. There was google project which i previously linked with my current the android package. I removed the OAuth 2.0 client IDs from the previous google project.
One can remove client ids from the credential tab under API manager.
After removing client ids all worked like a charm.
I had same issue. It was not any issue on google side.
First I have added fingerprint and package without any issues. I deleted it. Tried to add fingerprint with different package name. Then I got the error. I realized that the problem was not related incomplete deletion of my old entry.
The issue was that same pair of package and fingerprint was added by android dev in different project long before.
You can add same fingerprint with different package without any problems. That could be a hint when to troubleshoot what's going on.
I had same issue. It was NOT issue on google side.
After getting this error I spent 4 hours checking all my accounts, all projects in them and than checking it again. I have even asked all developers in my team if they had created any keys for our package name. Finally I have found a project hidden on "All projects" tab containing the client id I was searching for.