New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Google SignIn: Getting ID Token for Server-side Auth #16613

Closed
nevi-me opened this Issue Apr 16, 2018 · 12 comments

Comments

Projects
None yet
8 participants
@nevi-me

nevi-me commented Apr 16, 2018

Steps to Reproduce

I started using Firebase Auth after I already had a custom OAuth impl in place, so in my previous app, I would authenticate the user on Firebase, but also request an ID Token from Google Signin https://developers.google.com/identity/sign-in/android/offline-access.

Is there currently a way to do this on google_signin? On Android, I would do something like SignIn.requestServerAuthCode(serverClientId).

Logs

n/a

Flutter Doctor

[√] Flutter (Channel master, v0.2.12-pre.33, on Microsoft Windows [Version 10.0.14393], locale en-ZA)
    • Flutter version 0.2.12-pre.33 at C:\Users\<me>\flutter
    • Framework revision ea30c95dc9 (2 days ago), 2018-04-13 17:02:14 -0700
    • Engine revision 76cb311d9c
    • Dart version 2.0.0-dev.47.0.flutter-f76dad0adc

[√] Android toolchain - develop for Android devices (Android SDK 27.0.3)
    • Android SDK at C:\Users\<me>\AppData\Local\Android\sdk
    • Android NDK location not configured (optional; useful for native profiling support)
    • Platform android-27, build-tools 27.0.3
    • Java binary at: C:\Program Files\Android\Android Studio\jre\bin\java
    • Java version OpenJDK Runtime Environment (build 1.8.0_152-release-1024-b02)
    • All Android licenses accepted.

[√] Android Studio (version 3.1)
    • Android Studio at C:\Program Files\Android\Android Studio
    • Flutter plugin version 23.0.2
    • Dart plugin version 173.4700
    • Java version OpenJDK Runtime Environment (build 1.8.0_152-release-1024-b02)

[√] IntelliJ IDEA Community Edition (version 2017.3)
    • IntelliJ at C:\Program Files\JetBrains\IntelliJ IDEA Community Edition 2017.3.4
    • Flutter plugin version 23.0.2
    • Dart plugin version 173.4700

[√] IntelliJ IDEA Ultimate Edition (version 2018.1)
    • IntelliJ at C:\Program Files\JetBrains\IntelliJ IDEA 2018.1
    • Flutter plugin version 23.1.3
    • Dart plugin version 181.4203.498

[√] VS Code, 64-bit edition (version 1.22.1)
    • VS Code at C:\Program Files\Microsoft VS Code
    • Dart Code extension version 2.11.2

[√] Connected devices (1 available)
    • SM G610F • 5203f84b5378a381 • android-arm • Android 7.0 (API 24)

• No issues found!

@tvolkert tvolkert added the plugin label Apr 17, 2018

@tvolkert

This comment has been minimized.

Contributor

tvolkert commented Apr 17, 2018

@mravn-google

This comment has been minimized.

Contributor

mravn-google commented Apr 18, 2018

@nevi-me

This comment has been minimized.

nevi-me commented Apr 19, 2018

Hey @mravn-google, I believe that's a different thing. I need to get a token and secret from Google API directly, which I then send to my server when user signs in for the first time.

The

On the server, I use that pair to get a refresh token from Google.

The Firebase token allows me to verify a Firebase user, not necessarily interact with Google APIs on behalf of the user.

@zoechi

This comment has been minimized.

Contributor

zoechi commented Apr 19, 2018

The token returned from getIdToken() worked for me to access Google APIs using HTTP requests.
I don't fully understand your requirement though.

@calebisstupid

This comment has been minimized.

calebisstupid commented May 21, 2018

I believe I'm trying to solve a similar issue; was there any resolution to this?

We have a back-end server that uses Google Auth for users. I've started building out a flutter app, and used the google_sign_in plug-in but each authentication request returns a null idToken.

Every other thread on the topic I have found points me towards Firebase documentation, which is not what I need. I have found some posts saying that we need to use our back-end "web token", but for the life of me I cannot find any help on how to actually modify or change this using flutter or non-firebase techniques.

@nevi-me

This comment has been minimized.

nevi-me commented May 23, 2018

@calebisstupid it hasn't been resolved

@matthew5025

This comment has been minimized.

matthew5025 commented May 25, 2018

@nevi-me I've tested this, and it works for Android. I do not have a Mac so I can't really help with iOS stuff.

  1. Create a new Firebase project. It's ok to link the old Google Cloud Project.

  2. Select get started with android, and follow the instructions. The important parts are the google-services.json files, and the additional dependencies.

  3. You will now be able to retrieve an idToken.

@nevi-me

This comment has been minimized.

nevi-me commented May 25, 2018

@matthew5025 my Android device is in for repairs, but I'll try on the emulator and revert nack

@laertispappas

This comment has been minimized.

laertispappas commented Nov 13, 2018

@matthew5025 do you happen to know how to handle multiple clients ids? I have 1 client id generated in my firebase (from the debug keystroke) I added into the same project my production SHA1 to sign the app but when I release the app I cannot verify the token in the backend. Google API returns bad request: Invalid Value.

Since it is working in the emulators but not when I install the app in my mobile I assume that I need to add another client id in https://console.cloud.google.com/apis/credentials. Just assumptions any ideas?

UPDATE: It looks that it's working now. Maybe because when adding SHA certificate fingerprints in firebase it needs some time to synchronize.

UPDATE2: Still have problems on released APK. I think it should be some config settings as noted with SHA or something.

@zoechi

This comment has been minimized.

Contributor

zoechi commented Nov 14, 2018

Is this still an issue?

@senacand

This comment has been minimized.

senacand commented Nov 26, 2018

@laertispappas I'm having the same issue as yours. I can get the id token using the Firebase workaround, unfortunately I cannot verify the ID Token neither using the SDK nor Google's API.

UPDATE: Nvm. I tried debugPrinting the ID Token and use the output to validate to Google's API and get Invalid Value. Turns out the reason was as simple as the ID Token was cut by the log, therefore cutting in the middle of the signature part.

@no-response

This comment has been minimized.

no-response bot commented Dec 5, 2018

Without additional information, we are unfortunately not sure how to resolve this issue. We are therefore reluctantly going to close this bug for now. Please don't hesitate to comment on the bug if you have any more information for us; we will reopen it right away!
Thanks for your contribution.
cc @Hixie

@no-response no-response bot closed this Dec 5, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment