Cordova oAuth (android) - "internal error" with google

[dvcroft]

Thanks so much for all the work to get an oAuth solution on Cordova!

I have done my best to follow and check all the setup, but seem to be missing something. My problems on Android and iOS are different, so I'll focus on Android here.

Login with Facebook is working correctly for me on Android!

Login with Google switches to the browser with the PROJECTID.firebaseapp.com url, then returns to the app without ever displaying the google login/accounts screen. When it returns to the app, it displays a tiny popup with the error, "An internal error has occurred. Dismiss" In the console log it shows: [firebaseui] signInWithRedirect: auth/internal-error firebaseui.js:158

I haven't been able to find any other log information.

[bojeil-google]

Hey @dvcroft it seems strange it would work for Facebook but not for Google. Internally they use the same mechanism. For android we use FDL to redirect back to the app. This depends on this plugin: cordova plugin add cordova-universal-links-plugin --save

You will need to configure this in your config.xml:

<universal-links>
    <host name="abc123.app.goo.gl" scheme="https" />
    <host name="my-app.firebaseapp.com" scheme="https">
        <path url="/__/auth/callback"/>
    </host>
</universal-links>

abc123.app.goo.gl is your FDL domain my-app.firebaseapp.com is your PROJECTID.firebaseapp.com

[dvcroft]

Thanks for the quick response. This is from my config.xml

In android the redirect back to the app seems to work (facebook) but the google login screen never opens. Is there a firebase configuration that could be wrong for that not to open?

[dvcroft]

<universal-links>
        <host name="grc46.app.goo.gl" scheme="https" />
        <host name="read-with-me-kids.firebaseapp.com" scheme="https">
            <path url="/__/auth/callback" />
        </host>
    </universal-links>

[bojeil-google]

I don't see why one would work but not the other. There could be something specific to your Google configuration and not Cordova related. Can you pass the following parameters for the Google provider in signInOptions to require the google sign in screen to show:

      customParameters: {
        // Forces account selection even when one account
        // is available.
        prompt: 'select_account'
      }

Just in case there are no issues with your Google set up, can you try rendering FirebaseUI from a web page and test Sign in with google works? This would help confirm there is no problem from that end. Would narrow it down to your Cordova setup.

[dvcroft]

I put in the custom parameters and it looked there was a little flash in the center of the screen for the google login, but it never came up and gave the same "internal error" Yes I'll try from a web page. I suspect on Android it is a problem with the firebase/google setup and not cordova, but I'm not sure where it is. Maybe it will be easier to debug from the web.

[dvcroft]

I printed the received URL on Android with google and got this. https://read-with-me-kids.firebaseapp.com/__/auth/callback?fdlDomain=grc46.app.goo.gl&platform=android&appIdentifier=com.qualint.ReadWithMeKids&authDomain=read-with-me-kids.firebaseapp.com&link=https://read-with-me-kids.firebaseapp.com/__/auth/callback?firebaseError=%7B%22code%22%3A%22auth%2Finternal-error%22%2C%22message%22%3A%22An%20internal%20error%20has%20occurred.%22%7D&appName=Read+With+Me+Kids

Note that due to a mistake early on the app id in ios is com.qualint.readWithMeKids and in android it is com.qualint.ReadWithMeKids

[bojeil-google]

I can't tell. Seems like some error is occurring before the redirect to accounts.google.com occurs. Try to get it to work in a web app first. Let's see if that helps us isolate the cause of this.

[jek-bao-choo]

Hi @dvcroft Do you happen to have a demo app to share for personal reference? More specifically, looking for a working ionic 3 demo app as discussed here https://github.com/firebase/firebaseui-web/issues/168.

[dvcroft]

I don't have a demo. Also I'm using cordova without ionic. If I get something I'll make it available.

[dvcroft]

I cobbled together a web page using my cordova code. Once again Facebook login seems to work, but Google login does not. The gui just shows internal error. The console shows:

Uncaught DOMException: Blocked a frame with origin "https://read-with-me-kids.firebaseapp.com" from accessing a cross-origin frame.
    at <anonymous>:1:15
(anonymous) @ VM755:1

Any thoughts from this?

[bojeil-google]

Seems strange. The web flow is agnostic of provider used. There is no reason why one would work and not the other. Can you provide your code or something I can reproduce. I am forced to speculate. Are you enforcing some content security policy?

[dvcroft]

I'm not intentionally enforcing a content security policy. Here is the code http://test.readwithmekids.com/firebaseTest/index2.html

[bojeil-google]

Cool, I can work with this. You are triple including firebase libraries:

<script src="https://www.gstatic.com/firebasejs/4.1.2/firebase.js"></script>
<script src="https://www.gstatic.com/firebasejs/4.1.2/firebase-app.js"></script>
 <script src="https://www.gstatic.com/firebasejs/4.1.2/firebase-auth.js"></script>
<script src="https://www.gstatic.com/firebasejs/4.1.2/firebase.js"></script>

firebase.js = firebase-app.js + firebase-auth.js + firebase-database.js + firebase-messaging.js Either include firebase.js or firebase-app.js + firebase-auth.js Please make the change and let's see if it helps.

[dvcroft]

Thanks, that change is up. Same result.

[bojeil-google]

I think there is some problem with your Google OAuth client set up. Did you make any modification in the Google Cloud Console? Did you modify your automatically created browser API key?

[dvcroft]

It is possible I removed one. I don't think I've modified one, but I messed around with all of this awhile ago, and was even doing some direct google authentication (not through firebase) until google stopped it working in a web view, so it is entirely possible there is something messed up with it.

The key that I'm using says it was created in February and is unrestricted.

[bojeil-google]

There is definitely a problem with it. It is causing the authorization URL construction for Google OAuth flow to break. I will need to relay this information to the relevant folks on my end who are more familiar with this issue.

[dvcroft]

OK. I think that I already had a web api key and a client id key that were auto created from before and I probably changed them before and they weren't recreated, so they are not at defaults.

[bojeil-google]

No Google client ID is being detected for your project. I don't know how you removed it. Anyway, you need to create a new Google OAuth client ID or if you already have one, make sure you input it into the Firebase Console in the Google provider settings. (it is usually udner the option "Web SDK configuration", you need to provide the web client ID and secret for the new Google OAuth client.

[dvcroft]

Sheepish look. I think I deleted it last night hoping Firebase would recreate it with the correct defaults. The Web SDK section in firebase was not filled out before, so that may be have been the problem all along.

What should the Authorized Origins and Authorized URI's be set to on the google console side?

[dvcroft]

It worked on the web version! I'll check the cordova version later tonight. Thanks so much for your patient and detailed help. I'm sure I made it worse messing around trying to solve it, but I think the original problem was that Firebase somehow chose an old client ID instead of creating a new one and the old one was not set up correctly for it....

And to answer my question above, I left authorize origins blank and put authorized redirect URI to https://PROJECT_NAME.firebaseapp.com/__/auth/handler

[bojeil-google]

Glad it worked in the web version. I expect it to work in the Cordova version. The authorized origin looks right.

[dvcroft]

In my cordova test, it gets a lot further now. The google sign in comes up. When I complete sign in, the app is restarted rather than continuing where it was. The firebase account isn't created either.

[dvcroft]

I think I've got it now. In config.xml I had to add:

<preference name="AndroidLaunchMode" value="singleTask" />