Google SignIn API Exception 10

Question

Approaching to the final stage of the authentification, but something is going wrong in handleSignInResult method. It returns Exception code 10 (Developer error) in logs. Google provides comprehensive description:

The application is misconfigured. This error is not recoverable and will be treated as fatal. The developer is an idiot...

What should I do to handle this (get an account) and finally retrive values from account?
Thank you in advance for your help!!!

MainActivity:

package ru.podgorny.carcall;

import ...

public class MainActivity extends AppCompatActivity {

        SignInButton signInButton;
        public static final int RC_SIGN_IN = 07;
        public static final String TAG = "MainActivity";
        TextView tw1;
        TextView tw2;


        GoogleSignInOptions gso;
        GoogleSignInClient mGSC;


        @Override
        protected void onCreate (Bundle savedInstanceState){
        super.onCreate(savedInstanceState);
        setContentView(R.layout.activity_main);
        Log.d(TAG, "Activity Works");
        findViews();

            gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
                    .requestEmail()
                    //.requestProfile()
                    .build();

            mGSC = GoogleSignIn.getClient(this, gso); //smth with mGSC variable....

             View.OnClickListener onClickListener = new View.OnClickListener() {
                @Override
                public void onClick(View v) {
                    onClick2(v);
                }
            };
             signInButton.setOnClickListener(onClickListener);




    }

    private void findViews() {
            Log.d (TAG, "findViews started");
        signInButton = findViewById(R.id.idButtonGoogle);

        tw1 = findViewById(R.id.textView1);
        tw1 = findViewById(R.id.textView2);

        Log.d(TAG, "Views finded");


    }

    public void onClick2(View view) {
            Log.d(TAG, "onClick started");
        switch (view.getId()) {
            case R.id.idButtonGoogle:
                signIn();
                break;
        }
        Log.d(TAG, "OnClick Started");
    }

    public void signIn() {

        Intent signInIntent = mGSC.getSignInIntent();
        startActivityForResult(signInIntent, RC_SIGN_IN);
        Log.d(TAG, "startActivityForResult works");

    }

    @Override
    public void onActivityResult(int requestCode, int resultCode, Intent data) {
        super.onActivityResult(requestCode, resultCode, data);
        Log.d(TAG, "OnActivityResult started");
        // Result returned from launching the Intent from GoogleSignInClient.getSignInIntent(...);
        if (requestCode == RC_SIGN_IN) {
            // The Task returned from this call is always completed, no need to attach
            // a listener.
            Log.d(TAG, "TASK started");
            Task<GoogleSignInAccount> task = GoogleSignIn.getSignedInAccountFromIntent(data);
            handleSignInResult(task);
            Log.d(TAG, "OnActivityResult returned");
        }
    }

    private void handleSignInResult(Task<GoogleSignInAccount> completedTask) {
        try {
            GoogleSignInAccount account = completedTask.getResult(ApiException.class);//ERROR -- Code 10
            Log.d(TAG, "Account received");


            updateUI(account);
            Log.d(TAG, "updateUI Launched");
        } catch (ApiException e) {

            Log.w(TAG, "signInResult:failed code=" + e.getStatusCode());
            updateUI(null);
        }
    }

    private void updateUI(GoogleSignInAccount account) {
            if (account!=null) {
                tw1.setText("OK");
                tw2.setText("Name: " + account.getGivenName() + ", Family name: " + account.getFamilyName() + ", Email: " + account.getEmail() /*+ " image: " +
                        account.getPhotoUrl()*/);
            }else {
                tw1.setText("SMTH wrong");
            }

        }

}

Answer 1

This error might happen if you are not using same project at console.developers.google and console.firebase.google.com. If project is same at both console make sure you have add your SHA1 Key properly. Get SHA1 from Android studio.

1. Open Android Studio
2. Open your Project
3. Click on Gradle (From Right Side Panel, you will see Gradle Bar)
4. Click on Refresh (Click on Refresh from Gradle Bar, you will see List Gradle scripts of your Project)
5. Click on Your Project (Your Project Name form List (root))
6. Click on Tasks
7. Click on Android
8. Double Click on signingReport (You will get SHA1 and MD5 in Run Bar(Sometimes it will be in Gradle Console))
9. Select app module from module selection dropdown to run or debug your application 
 You also need to get google-services.json from firebase console and put into your project.

Answer 2

I landed into the same problem and wasted hours. On digging deeper into OAuth and OpenId, I figured out the reason. We are doing a conceptual error here.

For android or any other platform (except web), you need to create at least two types of client id in the same project of google API console. These Client ID types are:

1. Web Application
2. Android

You can create them in any order. While creating Android type Client Id, you need to give package name and SHA1. While creating Web Application Id, you just need to give a name.

You don't need to do anything with any of these id's further until you want to verify the user at your backend. In other words, if you want your backend server to ask google server about this user's information, then only you would need Web Application Id. The conceptual flow is as follows:

1. First send Web Application Client Id from Android App to Google Sign-in Server as an additional option using requestIdToken(your_web_app_client_id).
2. You will get back a token in Android app upon user's sign in.
3. Send this token to your backend.
4. Now your backend can exchange this token with Google Servers to get user's information

Send this Web Appplication Client Id from Android App to backend server.

Use this Web Application Id if you want to verify user at your backend.

Answer 3

The answer for me was that you actually need to combine the two main answers given here:

1. Make sure that you created Google OAuth client ids for Android (one for Debug and one for release) and then assure that they have assigned the right SHA1 as described in the accepted answer.

2. Then you also need to create an OAuth client ID for Web and use that one for the actual SignIn:

   GoogleSignInOptions gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
       .requestIdToken(WEB_CLIENT_ID)
       .requestEmail()
       .build();               
   

Answer 4

Another source of this error is adding applicationIdSuffix to your Build Variants (Flavors) in the gradle file. If you had everything working and suddenly when adding flavors the Google Sign In broke, check this configuration variable.

The applicationIdSuffix parameter might require a unique certificate for each suffix. I simply removed it because I didn't need to deploy different products or releases yet. Also, you can set the same configuration for each flavor programmatically.

Configure certificates build types: Force to use same certificate to sign different "buildTypes" that are configured for a particular "productFlavor"?

Answer 5

I've found another source of the problem.

In my case the keys were alright, but applicationId field in build.gradle script differed from app's package name.

Small research showed that applicationId field value takes some kind of "precedence" before app's package name conserning Google autentication.

After commenting applicationId line in build.gradle, app autenticates itself in Google by package name.

Answer 6

I fixed this problem this way

 GoogleSignInOptions gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
                .requestIdToken(getString(R.string.AUTH_ID))
                .requestEmail()
                .build();

where my AUTH_ID is

Answer 7

I would like to add Supplemental Information as to Why @Patrick R answer (above works/marked as correct). To execute your project/practice, Google Console needs to ID your app via SHA-1 key when its distributed on Google Play Market, However, when your are simply experimenting with Login confirmation and Proof Of Concept, then it associates the debug SHA-1 key (your app automatically generates this) for this exact purpose, keeping your testing and production changes modular.

Answer 8

Add your debug.keystore's SHA1 and SHA256 fingerprint to your Firebase project.

1. Obtain the debug.keystore's fingerprints: Linux/Mac - keytool -list -v -alias androiddebugkey -keystore ~/.android/debug.keystore, Windows - keytool -list -v -alias androiddebugkey -keystore %USERPROFILE%\.android\debug.keystore
2. Add these fingerprint's to your Firebases project's Android app section: https://support.google.com/firebase/answer/9137403?hl=en

Answer 9

Option: then keep in mind that google also signs the app with the another certificate. So, you need to add the 2nd fingerprints as well. Otherwise, you will receive this error.

Answer 10

Try adding .requestIdToken(getString(R.string.default_web_client_id)).

    GoogleSignInOptions gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
            .requestIdToken(getString(R.string.default_web_client_id)) //add this line
            .requestEmail()
            .build();               

Answer 11

This Problem can be solved by using WebApplication ID and android Client ID

When ever you configure the project to generate id for android app , it generates 2 types of ids 1 Android 2 WebApplication ,

We need to use 2nd one and not the 1st one , it will be resolving your issue

Answer 12

Had same issue. Code 10 in signed apk. I put all the four keys from Google Play Console (Setup -> App integrity -> Play App Signing) to Firebase project and pasted new Google-services.json in app folder in Android Studio and then after generating Signed Apk, Google sign in worked.

Answer 13

I paste the release keystore sha1 to google console, but forget add debug config !!