3rd party Cookies (NID) are blocked on Chrome private browser

[randi2993]

{"error":"idpiframe_initialization_failed","details":"Cookies are not enabled in current environment."}

[issue-label-bot[bot]]

Issue-Label Bot is automatically applying the label bug to this issue, with a confidence of 0.94. Please mark this comment with :thumbsup: or :thumbsdown: to give our bot feedback!

Links: app homepage, dashboard and code for this bot.

[jaibatrik]

The message says cookies are blocked. Have you tried enabling them?

[randi2993]

Thanks for your reply. Yes, I did. But the error only happens with google provider... and when the browser is in incognito mode. Tested on chrome last version.

[jaibatrik]

Not sure, it might be an issue with Google's sign-in library; I did find this - https://developers.google.com/identity/sign-in/web/troubleshooting#chrome_on_ios_in_incognito_mode

[jaibatrik]

Looks like other libraries have also faced this, but nobody found a solution apparently. Need to check on if we have the same problem in any of Google's example pages.

[gauriz]

I have the same issue with both google and facebook login; and in the normal chrome browser (not incognito) (Using Ng 10)

[stale[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[jaibatrik]

Keeping this alive for now.

[IgorKurkov]

For my case, an error sometimes appears in the common tab and incognito tab only for google provider. Cache clearing can't help. Any updates with this idpiframe_initialization_failed?

[penfold]

Also how the problem in WebView on Android 10, which also seems to block 3rd party cookies.

[agiratech-jayasurya]

Yes, I'm also Facing same issues. Google login not working in chrome private browser(incognito mode). But when i enable "Allow all cookies" in browser. then it's working fine.

As well i play with some other site like linked-in, quora, glassdoor, etc.. It's working fine with when "Block third-party cookies" in browser. In other words it's working fine if " third-party cookies" is enable or not.

My question is How is working google login in private window when Block third-party cookies in browser in such a site linked-in, quora, glassdoor.

[tabish-ahmed]

idpiframe_initialization_failed, because third party cookies are blocked in private window, Any solution for this issue.

[tabish-ahmed]

Yes, I'm also Facing same issues. Google login not working in chrome private browser(incognito mode). But when i enable "Allow all cookies" in browser. then it's working fine.

As well i play with some other site like linked-in, quora, glassdoor, etc.. It's working fine with when "Block third-party cookies" in browser. In other words it's working fine if " third-party cookies" is enable or not.

My question is How is working google login in private window when Block third-party cookies in browser in such a site linked-in, quora, glassdoor.

I think this issues is in this library and not in google social login sdk

[jaibatrik]

Could anyone facing this issue give me the URL where I can see the problem? Is everyone using https?

[jaibatrik]

Check this out - https://github.com/googleworkspace/browser-samples/issues/6#issuecomment-381998260

I think we need to support the redirect method of social login, if we want to bypass this. That seems considerable effort though.

I don't know how many users are facing this - based on that we can take a call whether we want to explore the redirect / server-side flow. That would fix the issue with PWAs as well.

[agiratech-jayasurya]

Yes, I think, most of our plugin user face this issues. I checkout demo on stackblitz in private window. it's also have same issues. https://stackblitz.com/edit/angularx-social-login

[jaibatrik]

Based on https://developers.google.com/identity/sign-in/web/troubleshooting#third-party_cookies_and_data_blocked, this is a known issue. At current stage, my suggestion would be to handle the error and ask user to enable third-party cookies if they want to sign-in.

However, I think we need to explore the OAuth flow at some point.

[stale[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[IgorKurkov]

Up

[avialonn]

Would love to see it fixed!

[AdamAnsari]

I am still facing the same issue for chrome incognito mode. Any new updates for the above mentioned bug

[bttb]

I'm facing the same issue. A workaround might be to display a warning if 3rd party cookies are blocked. Is there a way to check this?

EDIT; I found out how to do it: socialAuthService.signIn returns a promise, so I now show a message when rejected.

[krishnanprasad]

Any update on this thread, Still we are facing the issue.

[jinxymon]

I'm facing the same issue. A workaround might be to display a warning if 3rd party cookies are blocked. Is there a way to check this?

EDIT; I found out how to do it: socialAuthService.signIn returns a promise, so I now show a message when rejected.

Can you show a code snippet on how you catch the promise when rejected - would be great.

Ultimately would be better to have it just working rather than having users needing to change their block 3rd party cookie settings.

[bttb]

It's just a workaround, but it looks like this:

    this.socialAuthService.signIn(GoogleLoginProvider.PROVIDER_ID)
      .then(x => {
        //console.log('success', x)
      }, err => {
        this.dialogs.openMessageDialog(
          'Google Login Failed',
          'The Google Login failed. Please make sure that 3rd party cookies have not been blocked.');
        console.log('rejected', err);
      });

[RepentAndBelieveTheGospel]

I've encountered this issue on Brave with Shields up and Cross-site cookies blocked. The big problem in my case is that I don't receive anything in the authState subscription and signIn promise. It seems to silently crash somewhere and I am left with no clue as to what's going on.

[jinxymon]

It's just a workaround, but it looks like this:

    this.socialAuthService.signIn(GoogleLoginProvider.PROVIDER_ID)
      .then(x => {
        //console.log('success', x)
      }, err => {
        this.dialogs.openMessageDialog(
          'Google Login Failed',
          'The Google Login failed. Please make sure that 3rd party cookies have not been blocked.');
        console.log('rejected', err);
      });

Thanks for the example - great help for me.

[jaibatrik]

I've encountered this issue on Brave with Shields up and Cross-site cookies blocked. The big problem in my case is that I don't receive anything in the authState subscription and signIn promise. It seems to silently crash somewhere and I am left with no clue as to what's going on.

Could you try the onError callback that can be passed as part of SocialAuthServiceConfig?

[RepentAndBelieveTheGospel]

@jaibatrik I've tried that too, forgot to mention it. It doesn't work.

[ErikPhilips]

Up

[quedicesebas]

I'm getting this always on Incogmnito (private) mode on chrome:

core.mjs:6485 ERROR Error: Uncaught (in promise): TypeError: Cannot read properties of undefined (reading 'signIn')
TypeError: Cannot read properties of undefined (reading 'signIn')
    at :4200/vendor.js:18927:51
    at new ZoneAwarePromise (:4200/polyfills.js:4528:29)
    at GoogleLoginProvider.signIn (:4200/vendor.js:18925:12)
    at :4200/vendor.js:19118:26
...

[mahaboobkhan29]

So displaying is the only solution?

this.dialogs.openMessageDialog( 'Google Login Failed', 'The Google Login failed. Please make sure that 3rd party cookies have not been blocked.'); console.log('rejected', err); });

[anhle1476]

In the BaseLoginProvider.loadScript() function we don't listen to the onerror event of the script element =>when I loaded both Facebook and Google providers in Microsoft Edge private browser, the Facebook SDK was blocked by Edge Tracking Prevention on load script => the try catch block of FacebookLoginProvider.initialize() can not catch the load script error, and the onload callback was never been called because it's failed => the Promise of initialize() never finished so the service init state will always false

I think we should add an onerror callback on the BaseLoginProvider.loadScript() to properly reject the promise.

Also when a provider initialize was rejected, the Promise.all in SocialAuthService.initialize() will fail and the provider.changeUser will not be subscribed. Maybe we should move that to the finally block and keep an initState$ for each child provider