CODEWITHSUNDEEP
javaandroidfirebaseflutterauthentication
user13864571
user13864571

Reputation: 111

Error while geting Firebase Phone Auth OTP

I am trying to implement Firebase Phone Verification. I have enabled phone verification on firebase console. I have generated keystore and added the SHA signatures to the console.

dependencies:

dependencies {
    def multidex_version = "2.0.1"
    implementation platform('com.google.firebase:firebase-bom:26.0.0')
    implementation "org.jetbrains.kotlin:kotlin-stdlib-jdk7:$kotlin_version"
    implementation 'com.google.firebase:firebase-analytics'
    implementation "androidx.multidex:multidex:$multidex_version"
    implementation 'com.google.firebase:firebase-auth'
    implementation 'com.google.firebase:firebase-core'
    implementation 'com.google.firebase:firebase-analytics'
    implementation 'com.google.guava:listenablefuture:9999.0-empty-to-avoid-conflict-with-guava'

}

phone_verification.dart

                await FirebaseAuth.instance.verifyPhoneNumber(
                  phoneNumber: '+1234567890',

                  verificationCompleted: (PhoneAuthCredential credential) {
                    print('verificationCompleted');
                    
                  },
                  verificationFailed: (FirebaseAuthException e) {
                    print('verificationFailed');
                    if (e.code == 'invalid-phone-number') {
                      print('The provided phone number is not valid.');
                    }
                    else {
                      print('Some error occoured: $e');
                    }
                  },
                  codeSent: (String verificationId, int resendToken) async {
                    print('codeSent');

                    // Update the UI - wait for the user to enter the SMS code
                    String smsCode = '123456';

                    // Create a PhoneAuthCredential with the code
                    PhoneAuthCredential phoneAuthCredential = PhoneAuthProvider.credential(verificationId: verificationId, smsCode: smsCode);
                  
                  },
                  timeout: const Duration(seconds: 60),
                  codeAutoRetrievalTimeout: (String verificationId) {
                    print("Timeout: $verificationId");
                  },
                );

When the above block is executed following error is received. Console Output:

E/FirebaseAuth: [GetAuthDomainTask] Error getting project config. Failed with {
      "error": {
        "code": 400,
        "message": "INVALID_CERT_HASH",
        "errors": [
          {
            "message": "INVALID_CERT_HASH",
            "domain": "global",
            "reason": "invalid"
          }
        ]
      }
    }
     400
V/FA: Recording user engagement, ms: 1165
E/zza: Failed to get reCAPTCHA token - calling backend without app verification

Upvotes: 11

Views: 24551

Answers (7)

Yevhenii Kamenskyi
Yevhenii Kamenskyi

Reputation: 69

Image from above comment

for Release mode:

keytool -list -v -keystore {keystore_name} -alias {alias_name}

SHA-1 fingerprint of keystore certificate

Upvotes: 0

marcolaz
marcolaz

Reputation: 1

I'm checking back to this thread and the mentioned issue, since today I had the same error coming from a Flutter Android application while debugging on my physical device. Since the solution is the same, because the output is the same kind of Android application and they rely on the same foundation, I wanted to share my solution.

After looking this thread and reading all the previous answers, I understood there are two steps to follow, in order to settle the 400 INVALID_CERT_HASH answer from Firebase and that the previous answers gave good hints but they were not complete (or at least, not anymore).

The first step is to generate the SHA-256 fingerprint as in the previous answers. Executing (on Windows)

gradlew signingReport

you can generate it.

The second step is to allow calls from your app to your firebase project, and the app must be verified on Play Integrity for that. You have to open your Firebase project to find the App Check feature on the left sidebar, then select the App tab (the URL is https://console.firebase.google.com/project/<project_name>/appcheck/apps).There you can register you app for Play Integrity (choose freely the ttl of the token Firebase generates) so that you don't need to integrate it into your app but you can basically tell Google that your app is safe.

Click on the Register button corresponding to your Android application and choose App Integrity (the latter is deprecated). If you already added the SHA fingerprints, the corresponding field will be autofilled, else paste the SHA-256 fingerprint. Confirm the terms of service if required and save, and you're good to go. More information is included here.

These are all the steps I followed and that solved my issue. Hope this answer can help people that are starting using Android with Firebase in 2024.

Upvotes: 0

Sajid Zeb
Sajid Zeb

Reputation: 1978

This problem related to SHA1 and SHA256 keys. You have to add them to authenticate your certs.

Goto

  • Firebase Console of your project
  • Authentication
  • Project Setting (From Setting button near Project Overview)
  • Add fingerprint
  • Add SHA-1 and SHA-256 values of your keystore.

You can get keystores from gradle like this.

./gradlew signingReport

Read this for more information: https://firebase.google.com/docs/auth/android/phone-auth#enable-app-verification

Upvotes: 14

praveensmedia
praveensmedia

Reputation: 1

We need to add one extra step to @Anat Bharti Answer: Enable GCS Device Verification API on Your Project

Enable GCS Device Verification API on Your Project. That solves Everything, You not even asked to Verify capcha on your Physical device.

Upvotes: 0

Anant Bharti
Anant Bharti

Reputation: 51

Error 400 means bad request, it can be due to any of the following three reasons:-

  1. Check if phone authentication option is enabled in firebase console or not. Enable it.
  2. Check if Android Device Check API is enabled in Google cloud console or not. Enable it.
  3. Check if SHA-1 and SHA-256 are added to your firebase project or not. Add it as follows:

Open your project in firebase console -> Go to project setting -> Click on add fingerprint (at the bottom of the page) -> Add the SHA-1 and SHA-256 values there.

Image for reference

You can get the SHA values of your android studio project as follows:-

Click on gradle on top right side -> task -> android -> signingReport -> Get the SHA values at the bottom after running signingReort Image for reference

Follow the documentation if issue in not resolved.

Upvotes: 5

Taio
Taio

Reputation: 3734

I have been stuck here for a week only to find a key I was using was restricted to another app and was therefore failing when trying to use it in my app. So I first removed the restriction in the credentials tab in Android device verification and everything went back to normal

Upvotes: 0

Ishaan Ohri
Ishaan Ohri

Reputation: 267

Enable Phone option in the Firebase Console under Authentication

Upvotes: 3

Related Questions