search

invertase / react-native-firebase

🔥 A well-tested feature-rich modular Firebase implementation for React Native. Supports both iOS & Android platforms for all Firebase services.
https://rnfirebase.io
Other
11.71k stars 2.22k forks source link

App Check - Too many attempts #6753

Closed chenop closed 1 year ago

chenop commented 1 year ago

Issue

Trying to use AppCheck with "Play Integrity" android Did the following:

  1. install react-native-firebase/app-check
  2. In Firebase Console --> App Check --> Apps --> Registered Successfully Play Integrity - inserting the SHA-256 generated from the app keystore file keytool -list -v -alias [alias] -keystore [keystore file path] -keypass [key password]
  3. invoking: 
    export const getAppCheckToken = async () => {
try {
    const { token } = await firebase.appCheck().getToken();
    return token;
} catch (err) {
    console.error(err);
    return err.toString();
}
};

Actual: [appCheck/token-error] com.google.firebase.FirebaseException: Too many attempts

Expected: Real token

Project Files

Javascript

Click To Expand

#### `package.json`: ```json "@react-native-firebase/analytics": "14.12.0", "@react-native-firebase/app": "14.12.0", "@react-native-firebase/app-check": "14.12.0", "@react-native-firebase/crashlytics": "14.12.0", "@react-native-firebase/dynamic-links": "14.12.0", "@react-native-firebase/perf": "14.12.0", ``` #### `firebase.json` for react-native-firebase v6: ```json # N/A ```

iOS

Click To Expand

#### `ios/Podfile`: - [ ] I'm not using Pods - [x] I'm using Pods and my Podfile looks like: ```ruby # N/A ``` #### `AppDelegate.m`: ```objc // N/A ```

Android

Click To Expand

#### Have you converted to AndroidX? - [ ] my application is an AndroidX application? - [ ] I am using `android/gradle.settings` `jetifier=true` for Android compatibility? - [ ] I am using the NPM package `jetifier` for react-native compatibility? #### `android/build.gradle`: ```groovy // N/A ``` #### `android/app/build.gradle`: ```groovy // N/A ``` #### `android/settings.gradle`: ```groovy // N/A ``` #### `MainApplication.java`: ```java // N/A ``` #### `AndroidManifest.xml`: ```xml ```

Environment

Click To Expand

**`react-native info` output:** ``` OUTPUT GOES HERE ``` - **Platform that you're experiencing the issue on**: - [ ] iOS - [x] Android - [ ] **iOS** but have not tested behavior on Android - [x] **Android** but have not tested behavior on iOS - [ ] Both - **`react-native-firebase` version you're using that has this issue:** - `e.g. 5.4.3` - **`Firebase` module(s) you're using that has the issue:** - `e.g. Instance ID` - **Are you using `TypeScript`?** - `Y/N` & `VERSION`

mikehardy commented 1 year ago 
    "@react-native-firebase/analytics": "14.12.0",
    "@react-native-firebase/app": "14.12.0",
    "@react-native-firebase/app-check": "14.12.0",
    "@react-native-firebase/crashlytics": "14.12.0",
    "@react-native-firebase/dynamic-links": "14.12.0",
    "@react-native-firebase/perf": "14.12.0",

Please only log issues against current stable versions. Update to current stable then report if you still reproduce

[appCheck/token-error] com.google.firebase.FirebaseException: Too many attempts

How many attempts were there :thinking: ? We test it in our CI all the time and it definitely works - I suspect something about your project config and/or timing of requests etc. You should watch adb logcat while testing.

chenop commented 1 year ago

Thank you @mikehardy for the quick response - will try to upgrade those packages

chenop commented 1 year ago

Hi @mikehardy - Updated to latest version:

    "@react-native-firebase/analytics": "16.4.6",
    "@react-native-firebase/app": "^16.4.6",
    "@react-native-firebase/app-check": "^16.4.6",
    "@react-native-firebase/crashlytics": "^16.4.6",
    "@react-native-firebase/dynamic-links": "^16.4.6",
    "@react-native-firebase/perf": "^16.4.6",
    "react-native": "0.66.4",

Still got "too many attempts"

adb logcat:

2022-12-04 16:41:34.186 7174-7358/? E/AppCheck: RNFB: Unknown error while fetching AppCheck token com.google.firebase.FirebaseException: No AppCheckProvider installed.
2022-12-04 16:41:34.187 7174-7280/? E/ReactNativeJS: [Error: [appCheck/token-error] com.google.firebase.FirebaseException: No AppCheckProvider installed.]
2022-12-04 16:41:34.233 7174-7281/? E/unknown:ReactNative: Error: [appCheck/token-error] com.google.firebase.FirebaseException: No AppCheckProvider installed., js engine: hermes, stack:
    getToken@1:1846223
    _callee$@1:1844795
    tryCatch@1:203176
    invoke@1:204180
    anonymous@1:203324
    tryCatch@1:203176
    invoke@1:203409
    anonymous@1:203848
    tryCallTwo@61:8
2022-12-04 16:41:37.488 7174-7358/? E/AppCheck: RNFB: Unknown error while fetching AppCheck token com.google.firebase.FirebaseException: Error returned from API. code: 403 body: App attestation failed.
2022-12-04 16:41:37.489 7174-7358/? E/AppCheck: RNFB: Unknown error while fetching AppCheck token com.google.firebase.FirebaseException: Too many attempts.
2022-12-04 16:41:37.490 7174-7280/? I/ReactNativeJS: { token: 'Error: [appCheck/token-error] com.google.firebase.FirebaseException: Error returned from API. code: 403 body: App attestation failed.' }
2022-12-04 16:41:37.519 7174-7280/? E/ReactNativeJS: [Error: [appCheck/token-error] com.google.firebase.FirebaseException: Error returned from API. code: 403 body: App attestation failed.]
2022-12-04 16:41:37.520 7174-7280/? E/ReactNativeJS: [Error: [appCheck/token-error] com.google.firebase.FirebaseException: Too many attempts.]
2022-12-04 16:41:37.526 7174-7281/? E/unknown:ReactNative: Error: [appCheck/token-error] com.google.firebase.FirebaseException: Error returned from API. code: 403 body: App attestation failed., js engine: hermes, stack:
    getToken@1:1846223
    _callee$@1:1844795
    tryCatch@1:203176
    invoke@1:204180
    anonymous@1:203324
    tryCatch@1:203176
    invoke@1:203409
    anonymous@1:203848
    tryCallTwo@61:8
2022-12-04 16:41:37.529 7174-7281/? E/unknown:ReactNative: Error: [appCheck/token-error] com.google.firebase.FirebaseException: Too many attempts., js engine: hermes, stack:
    getToken@1:1846223
    _callee$@1:1844795
    tryCatch@1:203176
    invoke@1:204180
    anonymous@1:203324
    tryCatch@1:203176
    invoke@1:203409
    anonymous@1:203848
    tryCallTwo@61:8
chenop commented 1 year ago

App Check on Android looks ok image

Took the SAH-256 from here: image

@mikehardy Is that ok?

mikehardy commented 1 year ago

Trying to use AppCheck with "Play Integrity" android

We don't support Play Integrity yet.

So I think this is essentially duplicate #6434

mptorz commented 1 year ago

Hey, I'm having exactly the same issues with latest react-native-firebase.

IncognitoGK9 commented 1 year ago

I also have similar issue: I have followed all steps, put the debug tokens where necessary. I want to use firebase emulator with real device. This works perfect with web but with mobile app on real device hitting the firebase emulator, has error: D/com.google.firebase.appcheck.debug.internal.DebugAppCheckProvider(25557): Enter this debug secret into the allow list in the Firebase Console for your project: 36c2eb3f-ed60-4d36-b2a8-137d45** W/LocalRequestInterceptor(25557): Error getting App Check token; using placeholder token instead. Error: com.google.firebase.FirebaseException: Too many attempts.

Note that the debug secret is already in the firebase as required.

Is there a clear step by step procedure for setting up firebase emulator with App check, I have failed to get this straight...

And with the live (non emulator, after configuring App check, App intergrity, My app stopped getting downloads. I have set the configuration to :

MEETS_BASIC_INTEGRITY (this is deselected) The app is running on a device that passes basic system integrity checks. Learn more

MEETS_STRONG_INTEGRITY (this is deselected) The app is running on an Android device powered by Google Play services. It has a strong guarantee of system integrity. Learn more

all the necessary configuration on the code side have been done, but Google play keeps showing the Safetynet warning, and still since this configuration, seems my app is no longer visible to users thus no more downloads.... on the Google Cloud part, I disabled or do not have any key restriction for firebase: Android key (auto created by Firebase) because such restrictions were affecting my app (but still, this app check integrity issues persists.... there is clearly a confusion on App check, App integrity, firebase emulator vs Firebase, web vs mobile use for firebase emulator/firebase live....

I wish someone will do a comprehensive guide on these set ups.

barath-dev commented 10 months ago

I am developing a flutter application and facing the exact same issue Error getting App Check token; using placeholder token instead. Error: com.google.firebase.FirebaseException: Error returned from API. code: 403 body: App attestation failed. I wish someone to help me resolve this error

VidojeMuric commented 9 months ago

I am developping Android application and having same issues. Could someone give his experience, how to resolve these issues?

Error getting App Check token; using placeholder token instead. Error: com.google.firebase.FirebaseException: Error returned from API. code: 403 body: App attestation failed.

Error getting App Check token; using placeholder token instead. Error: com.google.firebase.FirebaseException: Too many attempts.

barath-dev commented 9 months ago

Hey VidojeMuric, I haven't resolved this issue but, i de enforced in the Firebase app check.I dont think there is a exact solution for this, I have tried every way possible to completely resolve this issue. So ignoring this issue would be the best solution.