search

react-native-google-signin / google-signin

Google Sign-in for your React Native applications
https://react-native-google-signin.github.io/
MIT License
3.13k stars 876 forks source link

Is it mandatory to use webClientId without firebase? Got warning from Google on using webClientId #1152

Closed tragicmj closed 1 year ago

tragicmj commented 1 year ago

Steps to Reproduce

Google Auth is working properly for me but few days back received this email. Are they asking to remove the webClientId?? I tried removing and turned off the offline access but in doing so, I am no longer receiving the server auth code on which the whole logic is made. What shall I do?

Screenshot 2023-03-30 at 5 16 06 PM

My Google Sign In code configuration is mentioned below:

 GoogleSignin.configure({
                scopes: ['https://www.googleapis.com/auth/userinfo.email'], // android only
                webClientId: '',
                offlineAccess: false,
                hostedDomain: '',
                forceConsentPrompt: true, // [Android] if you want to show the authorization prompt at each login
                accountName: '', // [Android] specifies an account name on the device that should be used
                androidClientId: '*****', // play store release
                iosClientId: '*****'
        });

Environment

Please provide

thespacemanatee commented 1 year ago

@tragicmj do you happen to have a web app that uses the same webClientId? It could be that a user opened your app in a WebView and tried to log in there which will trigger the disallowed_useragent error

tragicmj commented 1 year ago

The webClientId is only used in the mobile app, but I did notice one thing when the permission screen opens up for selecting email to login with, the url at the top can be copied and pasted in the browser.

mishkeTz commented 1 year ago

Same here

aldo025 commented 1 year ago

Is there any solution to not use webClientId for Android user in react native ? I had this warning too for my apps

vonovak commented 1 year ago

Hello and thanks for reporting,

but I did notice one thing when the permission screen opens up for selecting email to login with, the url at the top can be copied and pasted in the browser.

that probably means you're using an embedded webview. This library however, does not use it this way. Without having a reproduction, it's hard to say for sure what is wrong.

Thank you 🙂