search

firebase / flutterfire

🔥 A collection of Firebase plugins for Flutter apps.
https://firebase.google.com/docs/flutter/setup
BSD 3-Clause "New" or "Revised" License
8.63k stars 3.95k forks source link

🐛 [firebase_auth] Cannot use OIDC OAuth with restricted Firebase API keys #11564

Open Rexios80 opened 1 year ago

Rexios80 commented 1 year ago

Bug report

Describe the bug Cannot sign in with OIDC OAuth when the firebase credentials are restricted to specific application ids

Steps to reproduce

Steps to reproduce the behavior:

  1. Restrict firebase credentials in the GCP console to specific bundle ids
  2. OIDC OAuth doesn't work

Expected behavior

It works

Sample project

This requires too much external setup to be feasible

Additional context

The error:

{"error":{"code":403,"message":"Requests from this iOS client application <empty> are blocked.","errors":[{"message":"Requests from this iOS client application <empty> are blocked.","domain":"global","reason":"forbidden"}],"status":"PERMISSION_DENIED","details":[{"@type":"type.googleapis.com/google.rpc.ErrorInfo","reason":"API_KEY_IOS_APP_BLOCKED","domain":"googleapis.com","metadata":{"consumer":"projects/REDACTED","service":"identitytoolkit.googleapis.com"}}]}}

I thought this might be related to the transition to pigeon, so I tried firebase_auth 4.6.3 and got the same result.

I triple checked the OAuth url and the correct application id and bundle id are there, so I don't have any idea what the issue could be. This is easily reproducible on both iOS and Android.

darshankawar commented 1 year ago

There was an old issue probably talking about same issue as this but it was closed due to inactivity. I am not sure about the configuration, so based on the report, I'll keep this issue open for team's attention.

/cc @Lyokone