Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Connection to emulator fails with UNAUTHENTICATED #452

Closed
octylFractal opened this issue Jul 10, 2020 · 4 comments · Fixed by googleapis/java-firestore#296
Closed

Connection to emulator fails with UNAUTHENTICATED #452

octylFractal opened this issue Jul 10, 2020 · 4 comments · Fixed by googleapis/java-firestore#296
Assignees
@hiranya911 @schmidt-sebastian @yuchenshi
Labels
api: firestore

Comments

@octylFractal
Copy link

  • Operating System version: Arch Linux, kernel is based off of Linux 5.7.7
  • Firebase SDK version: 6.14.0
  • Library version: Not sure what this means, also 6.14.0?
  • Firebase Product: Firestore

When using FIRESTORE_EMULATOR_HOST to connect to the emulator instead of the live database, this exception occurs:

Stacktrace 
Exception in thread "main" java.util.concurrent.ExecutionException: com.google.api.gax.rpc.UnauthenticatedException: io.grpc.StatusRuntimeException: UNAUTHENTICATED: Credentials require channel with PRIVACY_AND_INTEGRITY security level. Observed security level: NONE
	at com.google.common.util.concurrent.AbstractFuture.getDoneValue(AbstractFuture.java:564)
	at com.google.common.util.concurrent.AbstractFuture.get(AbstractFuture.java:545)
	at com.google.common.util.concurrent.FluentFuture$TrustedFuture.get(FluentFuture.java:86)
	at com.google.common.util.concurrent.ForwardingFuture.get(ForwardingFuture.java:62)
	at net.octyl.firebase.emulator.App.main(App.java:25)
Caused by: com.google.api.gax.rpc.UnauthenticatedException: io.grpc.StatusRuntimeException: UNAUTHENTICATED: Credentials require channel with PRIVACY_AND_INTEGRITY security level. Observed security level: NONE
	at com.google.api.gax.rpc.ApiExceptionFactory.createException(ApiExceptionFactory.java:73)
	at com.google.api.gax.grpc.GrpcApiExceptionFactory.create(GrpcApiExceptionFactory.java:72)
	at com.google.api.gax.grpc.GrpcApiExceptionFactory.create(GrpcApiExceptionFactory.java:60)
	at com.google.api.gax.grpc.ExceptionResponseObserver.onErrorImpl(ExceptionResponseObserver.java:82)
	at com.google.api.gax.rpc.StateCheckingResponseObserver.onError(StateCheckingResponseObserver.java:86)
	at com.google.api.gax.grpc.GrpcDirectStreamController$ResponseObserverAdapter.onClose(GrpcDirectStreamController.java:149)
	at io.grpc.internal.ClientCallImpl.closeObserver(ClientCallImpl.java:426)
	at io.grpc.internal.ClientCallImpl.access$500(ClientCallImpl.java:66)
	at io.grpc.internal.ClientCallImpl$ClientStreamListenerImpl.close(ClientCallImpl.java:689)
	at io.grpc.internal.ClientCallImpl$ClientStreamListenerImpl.access$900(ClientCallImpl.java:577)
	at io.grpc.internal.ClientCallImpl$ClientStreamListenerImpl$1StreamClosed.runInternal(ClientCallImpl.java:751)
	at io.grpc.internal.ClientCallImpl$ClientStreamListenerImpl$1StreamClosed.runInContext(ClientCallImpl.java:740)
	at io.grpc.internal.ContextRunnable.run(ContextRunnable.java:37)
	at io.grpc.internal.SerializingExecutor.run(SerializingExecutor.java:123)
	at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515)
	at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
	at java.base/java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:304)
	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1130)
	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:630)
	at java.base/java.lang.Thread.run(Thread.java:832)
Caused by: io.grpc.StatusRuntimeException: UNAUTHENTICATED: Credentials require channel with PRIVACY_AND_INTEGRITY security level. Observed security level: NONE
	at io.grpc.Status.asRuntimeException(Status.java:533)
	... 15 more

This can be reproduced using the code at https://github.com/octylFractal/firebase-admin-sdk-emulator-connection.
@google-oss-bot
Copy link

I found a few problems with this issue:

  • I couldn't figure out how to label this issue, so I've labeled it for a human to triage. Hang tight.
  • This issue does not seem to follow the issue template. Make sure you provide all the required information.

@yuchenshi
Copy link
Member

@octylFractal Does this still happen if you drop setCredentials? Also, just to confirm, what is the actual value and format of the FIRESTORE_EMULATOR_HOST env var?

@schmidt-sebastian
Copy link
Contributor

schmidt-sebastian commented Jul 14, 2020
edited

I was able to narrow down where this is happening (no need for further research on your end). Thanks for your repro.

firebase-admin-java/src/main/java/com/google/firebase/cloud/FirestoreClient.java

Line 47 in 8927640

.setCredentialsProvider(
likely needs to be updated to not overwrite the credentials if FakeCredentials are used (or if any explicit form of credentials is provided).

@schmidt-sebastian schmidt-sebastian mentioned this issue Jul 15, 2020
Merged
@hiranya911
Copy link
Contributor

@schmidt-sebastian can this be closed now?

@mitschwimmer mitschwimmer mentioned this issue Jan 25, 2022
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@hiranya911 hiranya911

@schmidt-sebastian schmidt-sebastian

@yuchenshi yuchenshi

Labels
api: firestore
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix: use test credentials when connecting to the Emulator from Admin SDK googleapis/java-firestore
5 participants
@octylFractal @hiranya911 @schmidt-sebastian @yuchenshi @google-oss-bot