Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Firebase and Google Maps API keys result in a wrong configuration
See original GitHub issueDescription
I think the plugin extracts wrong API keys (google_api_key and google_crash_reporting_api_key) from the google-services.json file during the Android app build in a certain scenario. Possibly, the issue is partially caused by a wrong JSON file being generated by Firebase in the first place.
My Android app uses both Firebase Crashlytics and Google Maps. When I was adding the Google Maps integration, I followed the recommendations and I created dedicated API keys for Google Maps in Google APIs Console and I restricted them only to some of the app flavors by specifying the package name and SHA-1 restriction (also restricted to the “Maps SDK for Android” and “Places API”). In Firebase, both “staging” and “production” flavors are configured as separate apps in the same Firebase project, but they differ in package names and SHA-1 fingerprints.
Configuration
com.google.gms:google-services version: 4.3.3
com.google.firebase:firebase-analytics-ktx version: 17.5.0
com.google.firebase:firebase-crashlytics-ktx version: 17.2.1
com.google.firebase:firebase-crashlytics-gradle version: 2.2.1
Google APIs Console
Google APIs Console - Google Maps key 1
Google APIs Console - Google Maps key 2
Firebase - staging app
Firebase - production app
The JSON file I get from Firebase:
{
"project_info": {
"project_number": "922450535496",
"firebase_url": "https://[confidential].firebaseio.com",
"project_id": "[confidential]",
"storage_bucket": "[confidential].appspot.com"
},
"client": [
{
"client_info": {
"mobilesdk_app_id": "1:922450535496:android:d7670fa2636a5081",
"android_client_info": {
"package_name": "[confidential].prod"
}
},
"oauth_client": [
{
"client_id": "922450535496-ls60[confidential]",
"client_type": 1,
"android_info": {
"package_name": "[confidential].prod",
"certificate_hash": "ba61e96fd3ddd4c56e359df0a3e8bc689cae4a69"
}
},
{
"client_id": "922450535496-mrti[confidential]",
"client_type": 1,
"android_info": {
"package_name": "[confidential].prod",
"certificate_hash": "5e014ddba1571358998ab939a934cae353640a2d"
}
},
{
"client_id": "922450535496-obbg[confidential]",
"client_type": 1,
"android_info": {
"package_name": "[confidential].prod",
"certificate_hash": "133e5c7fc7e7ff068b7227a20684c659bfd5a4ca"
}
},
{
"client_id": "922450535496-d585[confidential]",
"client_type": 3
}
],
"api_key": [
{
"current_key": "AIzaSyCkOh[confidential]SSVSVSAz00"
},
{
"current_key": "AIzaSyAdVW[confidential]1dzU9qvu3k"
}
],
"services": {
"appinvite_service": {
"other_platform_oauth_client": [
{
"client_id": "922450535496-d585[confidential]",
"client_type": 3
}
]
}
}
},
{
"client_info": {
"mobilesdk_app_id": "1:922450535496:android:02f104bc77b0e115",
"android_client_info": {
"package_name": "[confidential].stage"
}
},
"oauth_client": [
{
"client_id": "922450535496-ufah[confidential]",
"client_type": 1,
"android_info": {
"package_name": "[confidential].stage",
"certificate_hash": "b3645599ddfb1957a011c79dc5706d78e90f6ea0"
}
},
{
"client_id": "922450535496-ha7n[confidential]",
"client_type": 1,
"android_info": {
"package_name": "[confidential].stage",
"certificate_hash": "a26044bd4dbfe67e0f6fa052ca553a6b70d6e37e"
}
},
{
"client_id": "922450535496-vi8b[confidential]",
"client_type": 1,
"android_info": {
"package_name": "[confidential].stage",
"certificate_hash": "133e5c7fc7e7ff068b7227a20684c659bfd5a4ca"
}
},
{
"client_id": "922450535496-d585[confidential]",
"client_type": 3
}
],
"api_key": [
{
"current_key": "AIzaSyCkOh[confidential]SSVSVSAz00"
},
{
"current_key": "AIzaSyAdVW[confidential]1dzU9qvu3k"
}
],
"services": {
"appinvite_service": {
"other_platform_oauth_client": [
{
"client_id": "922450535496-d585[confidential]",
"client_type": 3
}
]
}
}
}
],
"configuration_version": "1"
}
As you can see, the API keys in the api_key array are only the Google Maps keys and there is no Android key (auto created by Firebase) key.
Before I added Google Maps API keys in Google APIs Console, that part of the google-services.json file was different as it contained the Android key (auto created by Firebase) key.
"api_key": [
{
"current_key": "AIzaSyBtnw[confidential]le0_4ek0GM"
}
],
Generated resource
Now, when I build the app, it generates the resource file app/build/generated/res/google-services/stage/debug/values/values.xml with the following content:
<?xml version="1.0" encoding="utf-8"?>
<resources>
<string name="default_web_client_id" translatable="false">922450535496-d585[confidential]</string>
<string name="firebase_database_url" translatable="false">https://[confidential].firebaseio.com</string>
<string name="gcm_defaultSenderId" translatable="false">922450535496</string>
<string name="google_api_key" translatable="false">AIzaSyCkOh[confidential]SSVSVSAz00</string>
<string name="google_app_id" translatable="false">1:922450535496:android:02f104bc77b0e115</string>
<string name="google_crash_reporting_api_key" translatable="false">AIzaSyCkOh[confidential]SSVSVSAz00</string>
<string name="google_storage_bucket" translatable="false">[confidential].appspot.com</string>
<string name="project_id" translatable="false">[confidential]</string>
</resources>
As you can see, one of the API keys I created just for Google Maps APIs (AIzaSyCkOh[confidential]SSVSVSAz00) is used in both google_api_key and google_crash_reporting_api_key.
Moreover, that API key is restricted to a different package name and SHA-1 than I just built, which seems even worse 🤦
Authorization issue When I run the app, I see the following warnings and errors in the logcat:
09-11 11:14:00.743 5210-5247/[confidential].stage W/Firebase-Installations: Error when communicating with the Firebase Installations server API. HTTP response: [403 Forbidden: {
"error": {
"code": 403,
"message": "Requests from this Android client application [confidential].stage are blocked.",
"status": "PERMISSION_DENIED",
"details": [
{
"@type": "type.googleapis.com/google.rpc.Help",
"links": [
{
"description": "Google developer console API key",
"url": "https://console.developers.google.com/project/922450535496/apiui/credential"
}
]
}
]
}
}
]
09-11 11:14:00.743 5210-5247/[confidential].stage W/Firebase-Installations: Firebase options used while communicating with Firebase server APIs: AIzaSyCkOh[confidential]SSVSVSAz00, [confidential], 1:922450535496:android:02f104bc77b0e115
09-11 11:14:00.743 5210-5247/[confidential].stage E/Firebase-Installations: Firebase Installations can not communicate with Firebase server APIs due to invalid configuration. Please update your Firebase initialization process and set valid Firebase options (API key, Project ID, Application ID) when initializing Firebase.
Surprisingly, crash reporting seems to work nonetheless as I can see a crash I induced myself in the dashboard, but I have no clue why it works, especially considering the logs above.
Issue Analytics
- State:
- Created 3 years ago
- Reactions:15
- Comments:8
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
@dwidc Then the API key linking between Google and Firebase is broke on your project like it is on ours and I think they will have hard times to fix it (based on my gut feeling when I was reading their answers on my request). You might be able to fix it yourself by re-creating the Firebase project or following the quote I did above (which didn’t work for me). The issue was fixed on Mar 11 for new projects, thus new links between Google and Firebase.
If you can, I recommend you to just not deal with this issue. Grab your json/plist and fix the API keys within it by hand and never look back. This is what I did in the peaceful mind that it will never happen for new Firebase projects, again.
@martin-braun It’s a relatively new Firebase and Google Maps project, created about 2-3 months ago.
Thanks for info, I’ll file report to Firebase later.