Background
I work on 2 different apps with common shared code, both used on the same project (using productFlavors
in gradle file), but with different package names.
The problem
The apps are supposed to be able to login to Google account and fetch some information from it.
The first one works fine, but the second has issues logging-in, especially on release-variant.
Both are already published on the Play Store and have Firebase being used, so I can't perform operations that might damage how the apps work.
What I've found
I made the app write to logs to show the issue:
override fun onActivityResult(requestCode: Int, resultCode: Int, data: Intent?) {
val result = Auth.GoogleSignInApi.getSignInResultFromIntent(data)
if (result?.isSuccess == true) {
...
}
else {
Log.e("AppLog", "onActivityResult failure:${result?.status}")
}
And indeed this is what I got:
onActivityResult failure:Status{statusCode=DEVELOPER_ERROR, resolution=null}
Searching the Internet and here on StackOverflow, it showed that I need to add the SHA-1 to the project, of both release and debug:
https://console.firebase.google.com/u/0/project/.../settings/general/...
Adding the SHA-1 of debug-variant works fine (though for some reason during login it had multiple steps instead of just one or two), but when I try to add the SHA-1 of release-variant, it seems identical to the SHA-1 of the other app (which has a different package). It shows me this message (via "project settings"->"general"):
An OAuth2 client already exists for this package name and SHA-1 in another project. You can omit the SHA-1 for now and read more about this situation and how to resolve it.
So I followed the link, and I tried to do as was written there:
First, find your existing project's OAuth 2.0 client ID. To do this:
- Go to the Credentials page of the Google Cloud console. If the project containing the OAuth 2.0 client ID doesn't open automatically, select it from the drop down menu in the upper right corner of the page.
- Under the OAuth 2.0 client IDs section, locate the client name containing the SHA-1 and package name you used for your Firebase project. If you're unsure which one is correct, click the name of the client to see the details.
- When you have located the correct client name, copy the full value in the Client ID column.
Next, whitelist this client ID for Google as a sign in provider. To do this:
- Go to the Firebase console and select your project.
- Select Auth from the menu on the left.
- Select the Sign in method tab.
- On the Sign in method page, click on Google in the Sign in providers card.
- Expand the Whitelist client IDs from external projects option.
- Paste your client ID from the Cloud console into the text field and click Add.
So I pasted each of them (from "https://ift.tt/1sExpU1..." into "https://ift.tt/2WSPoH8" ) that I thought that should be there, and as it didn't work, I pasted even more, including of both apps.
Still didn't work.
I also tried to add SHA-256 instead, and even though it allowed me to do it, it didn't help either.
I tried to search for solutions on StackOverflow and on other places, but the questions don't seem to be related to the exact scenario I have, as here it's 2 different package names already (so there shouldn't be a problem), and the apps are already published (so I can't remove stuff from the websites).
The questions
The most important question is the first one. The rest are optional and only so that I could learn what's wrong and what's going on. I would really appreciate it to understand for next time how to handle it properly:
-
How can I solve it for the second app, without causing any issue to either apps? I don't want to remove the account/project on the website of any of those apps.
-
How come I can't add SHA-1 of an app of a different package name?
-
It said to copy the "client ID" on the instructions, but it didn't say of which app. I guess it means of the app that works fine, right?
-
Some solutions said that I could re-create the SHA-1 to have a new key, but I couldn't find how. How do I do this? Would it help? Wouldn't it affect the app that works fine, and I will have the same issue of same SHA-1 being used for both, again?
from How can I use the same SHA1 for an app that has different package-name, as another one?
No comments:
Post a Comment