FirebaseAuth - Requests from this Android client application <empty> are blocked

Question

https://firebase.google.com/docs/auth/android/apple

We have developed Sign in with Apple on Android and confirmed that it is working properly.

But, if API key restricted to Android in the Google Cloud Console, it does not work with the following error.

com.firebase.ui.auth.FirebaseUiException: An internal error has occurred. [ Requests from this Android client application <empty> are blocked. ]
        at com.google.firebase.auth.api.internal.zzdv.zza(com.google.firebase:firebase-auth@@19.2.0:18)
        at com.google.firebase.auth.internal.zzal.onReceive(com.google.firebase:firebase-auth@@19.2.0:32)
        at androidx.localbroadcastmanager.content.LocalBroadcastManager.executePendingBroadcasts(LocalBroadcastManager.java:313)
        at androidx.localbroadcastmanager.content.LocalBroadcastManager$1.handleMessage(LocalBroadcastManager.java:121)
        at android.os.Handler.dispatchMessage(Handler.java:107)
        at android.os.Looper.loop(Looper.java:237)
        at android.app.ActivityThread.main(ActivityThread.java:7770)
        at java.lang.reflect.Method.invoke(Native Method)
        at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:493)
        at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1047)

An internal error has occurred. [ Requests from this Android client application <empty> are blocked. ]

If the API key is set to none, everything works properly.

Should API key restrictions be lifted to apply OAuth authentication such as Apple?

Or is there something else I missed?

For your information, I found 403 error in the Identitytoolkit.getProjects API.

Firebase Auth: Requests from this Android client application com.xxx are blocked

I've seen above discussion many times. But it's not a solution because adding or deleting signature makes it API Key restrictions are lifted automatically.

I don't think it's not SHA-1 signature problem because other APIs that use the same API Key do not have problems.

And I tested it with a demo project at https://github.com/firebase/FirebaseUI-Android, but the same problem happens.

I have no idea how to get authenticate using Apple to work properly when API Key is restricted to Android

Answer 1

If you are using Google Play App Signing, just login into Firebase go into "project settings"->"integration" and press a button to link Google Play with firebase, SHA-1 will be added automatically. Download and change your new google-services.json

If you keep having problems, go to Google Cloud Console API, click on the hamburger icon on the top left -> APIs and Services -> Credentials. Choose the API Key that you're using. Under restrictions, select "None".

Answer 2

According to https://github.com/firebase/firebase-android-sdk/issues/1757#issuecomment-655777739 Apple Sign In on Android requires a web flow, which means restricting the API Key to Android breaks that process.

The suggestion is to disable API key restrictions on Android if Apple Sign In functionality is required. Also according to the thread the API key restrictions offer only fairly limited protection anyway, so disabling isn't a huge loss.

Answer 3

If you keep having problems, go to Google Cloud API, click on the hamburger icon on the top left -> APIs and Services -> Credentials. Choose the API Key that you're using. If restrictions are defined for android app there then you have to add SHA key and after that this issue will be fixed.