11

I'm working on a react-native application and I want to give my users the ability to login with google. But, when I make the request to the google API, it returns WRONG SIGNIN Error: DEVELOPER_ERROR.

I am using AWS Cognito and want to integrate the Google login with it. I saw some questions that said to generate a SHA-1 blueprint of my "webClientId", but all of them use firebase. On Cognito, there's no field to add the respective SHA-1 blueprint.

My code is the follow:

  componentWillMount() {
        GoogleSignin.configure({
          webClientId: googleConfig.clientId
        });
    }

...

  googleSignIn() {
      GoogleSignin.signIn()
      .then((user) => {
        console.log(user);
        this.setState({user: user});
      })
      .catch((err) => {
        console.log('WRONG SIGNIN', err);
      })
      .done();
  }

...

<GoogleSigninButton
              style={{ height: 48 }}
              size={GoogleSigninButton.Size.Standard}
              color={GoogleSigninButton.Color.Light}
              onPress={this.googleSignIn.bind(this)}/>

Thanks in advance for the help.

Lucas Bordignon
  • 113
  • 5
  • Have you looked through this example (react-native-cognito-login-example), seems to cover all the bases: https://github.com/patw0929/react-native-cognito-login-example/blob/master/app/app.js – Matt D Oct 25 '18 at 14:31

2 Answers2

1

This is configuration mismatch. Make sure that your android/app/google-services.json is correct.

You may need to add your SHA certificate fingerprint to your Firebase config. Find your SHA1 fingerprint by following the instructions on this post: SHA-1 fingerprint of keystore certificate. Then, go to https://console.firebase.google.com/, select your app, and add the SHA1 value under Project Settings (gear icon in the upper left) -> Your Apps -> SHA certificate fingerprints

If you're passing webClientId in configuration object to GoogleSignin.configure() make sure it's correct. You can get your webClientId from Google Developer Console. They're listed under "OAuth 2.0 client IDs".

If you're running your app in debug mode and not using webClientId or you're sure it's correct the problem might be signature (SHA-1 or SHA-256) mismatch. You need to add the following to android/app/build.gradle:

signingConfigs {
    debug {
        if (project.hasProperty('MYAPP_RELEASE_STORE_FILE')) {
            storeFile file(MYAPP_RELEASE_STORE_FILE)
            storePassword MYAPP_RELEASE_STORE_PASSWORD
            keyAlias MYAPP_RELEASE_KEY_ALIAS
            keyPassword MYAPP_RELEASE_KEY_PASSWORD
        }
    }
    release {
        if (project.hasProperty('MYAPP_RELEASE_STORE_FILE')) {
            storeFile file(MYAPP_RELEASE_STORE_FILE)
            storePassword MYAPP_RELEASE_STORE_PASSWORD
            keyAlias MYAPP_RELEASE_KEY_ALIAS
            keyPassword MYAPP_RELEASE_KEY_PASSWORD
        }
    }
}

That's from here.

I also found this working example on github.

Matt D
  • 2,764
  • 1
  • 10
  • 24
0
  1. Go to AWS Console > IAM > Identity Providers > Create Provider > Provider Type = OpenID Connect > Provider URL = https://accounts.google.com > Audience = "The Google Client ID you created in the Google Developer Console"
  2. Go to AWS Console > Cognito > Federated Identity Pools. Select your Identity Pool, go to "Edit Identity Pool", then navigate to the OpenID tab. You should see a checkbox titled "accounts.google.com", check it.
  3. In your code, use the "Google WebApp Client ID" you generated in the Google Developer Console when you build the scopes string used to call GoogleAuthUtil.GetTokenGoogleAuthUtil.GetToken(this, googleAccount, scopes). That is scopes = "audience:server:client_id:" + "webClientId"
eclipsis
  • 1,461
  • 2
  • 19
  • 55