androidfirebasefirebase-authentication

Firebase Auth: Requests from this Android client application com.xxx are blocked


I'm implementing the standard tutorial for Firebase AuthUI in my android app. However, when testing I try to sign-in using Google sign-in from within the app and get the following exception:

com.google.firebase.FirebaseException: An internal error has occurred. 
[ Requests from this Android client application com.xxx are blocked. ]

The app displays the "Google SmartLock" banner as if it's signing me in, but then disappears and in the logcat I see the error above.

I verified that my SHA-1 certificate fingerprints for both debug and release are in the Firebase console. I've been using them for some time in this app so I know they are correct.

I have enabled both Google sign-in and email sign-in on the Firebase Auth Console. I've tried both email/google sign-in and both processes begin but fail with the same exception. I have also downloaded and used a new google-services.json file -- no change.

The application name is correct. Why are they blocking me? Has anyone had any luck contacting firebase support?

Here's a snippet from build.gradle:

api 'com.android.support:support-v4:27.1.1'
api 'com.android.support:appcompat-v7:27.1.1'
api 'com.android.support.constraint:constraint-layout:1.1.2'
api 'com.google.firebase:firebase-storage:16.0.1'
api 'com.google.firebase:firebase-core:16.0.1'
api 'com.google.android.gms:play-services-maps:15.0.1'
api 'com.google.android.gms:play-services-location:15.0.1'
api 'com.google.android.gms:play-services-ads:15.0.1'
api 'com.google.code.findbugs:jsr305:3.0.2'
api 'com.google.apis:google-api-services-storage:v1-rev68-1.21.0'
implementation 'com.firebaseui:firebase-ui-storage:0.6.0'
implementation 'com.firebaseui:firebase-ui-auth:4.0.0'
testImplementation 'junit:junit:4.12'

Logcat:

/com.x.x W/BiChannelGoogleApi: [FirebaseAuth: ] getGoogleApiForMethod() returned Gms: com.google.firebase.auth.api.internal.zzal@13ca6fd
/com.x.x D/FA: Logging event (FE): user_engagement(_e), Bundle[{firebase_event_origin(_o)=auto, engagement_time_msec(_et)=12629, firebase_screen_class(_sc)=PhotoActivity, firebase_screen_id(_si)=-1316627329056180637}]
/com.x.x D/FA: Logging event (FE): screen_view(_vs), Bundle[{firebase_event_origin(_o)=auto, firebase_previous_class(_pc)=PhotoActivity, firebase_previous_id(_pi)=-1316627329056180637, firebase_screen_class(_sc)=KickoffActivity, firebase_screen_id(_si)=-1316627329056180636}]
/com.x.x D/FA: Connected to remote service
/com.x.x D/FA: Logging event (FE): user_engagement(_e), Bundle[{firebase_event_origin(_o)=auto, engagement_time_msec(_et)=1312, firebase_screen_class(_sc)=KickoffActivity, firebase_screen_id(_si)=-1316627329056180636}]
/com.x.x D/FA: Logging event (FE): screen_view(_vs), Bundle[{firebase_event_origin(_o)=auto, firebase_previous_class(_pc)=KickoffActivity, firebase_previous_id(_pi)=-1316627329056180636, firebase_screen_class(_sc)=SingleSignInActivity, firebase_screen_id(_si)=-1316627329056180635}]
/com.x.x D/FA: Logging event (FE): screen_view(_vs), Bundle[{firebase_event_origin(_o)=auto, firebase_previous_class(_pc)=SingleSignInActivity, firebase_previous_id(_pi)=-1316627329056180635, firebase_screen_class(_sc)=SignInHubActivity, firebase_screen_id(_si)=-1316627329056180634}]
/com.x.x W/BiChannelGoogleApi: [FirebaseAuth: ] getGoogleApiForMethod() returned Gms: com.google.firebase.auth.api.internal.zzal@13ca6fd
/com.x.x D/FA: Logging event (FE): screen_view(_vs), Bundle[{firebase_event_origin(_o)=auto, firebase_previous_class(_pc)=SignInHubActivity, firebase_previous_id(_pi)=-1316627329056180634, firebase_screen_class(_sc)=SingleSignInActivity, firebase_screen_id(_si)=-1316627329056180635}]
E/Volley: [23564] BasicNetwork.performRequest: Unexpected response code 403 for https://www.googleapis.com/identitytoolkit/v3/relyingparty/verifyAssertion?alt=proto&key=[key]
E/Volley: [23564] BasicNetwork.performRequest: Unexpected response code 403 for https://www.googleapis.com/identitytoolkit/v3/relyingparty/verifyAssertion?alt=proto&key=[key]
I/AuthChimeraService: Error description received from server: Requests from this Android client application com.x.x are blocked.

/com.x.x E/AuthUI: A sign-in error occurred.
com.google.firebase.FirebaseException: An internal error has occurred. [ Requests from this Android client application com.x.x are blocked. ]

Solution

  • The Google Cloud API key I was using was restricted to android with my package name, but only the production SHA-1 certificate fingerprint was given, not the debug key. I added the debug key's SHA-1 certificate along with the package name so that both production and debug certificates appear in the "Application Restrictions" for the key and it worked. Apparently being "blocked" by firebase means your API key may be restricted improperly.