Android Google Sign In: App Release Build Always Got "Error: 12500", While Debug Build Isn't

Question

So, as the title said, I always failed at sign in with error code "12500" every time I'm using release apk, but always successfully signed in when on debug apk. Already updated Google Play Services to the latest version, also re-downloaded the google-services.json. Still failed sign in by error code "12500" on release apk.

My Activity:

public class ActivityLogin extends AppCompatActivity {

    @BindView(R.id.iv_google)ImageView ivGPlus;

    private GoogleSignInClient mGoogleSignInClient;
    private final int RC_SIGN_IN = 123;
    private Context context;

    @Override
    protected void onCreate(@Nullable Bundle savedInstanceState) {
        super.onCreate(savedInstanceState);
        setContentView(R.layout.activity_login);
        ButterKnife.bind(this);

        prepareGoogle();
        initUI();
    }

    @Override
    protected void onActivityResult(int requestCode, int resultCode, Intent data) {
        super.onActivityResult(requestCode, resultCode, data);
        if (requestCode == RC_SIGN_IN) {
            Task<GoogleSignInAccount> task = GoogleSignIn.getSignedInAccountFromIntent(data);
            try {
                GoogleSignInAccount account = task.getResult(ApiException.class);
            } catch (ApiException e) {
                e.printStackTrace();
            }
        }
    }

    private void initUI(){
        ivGPlus.setOnClickListener(new View.OnClickListener() {
            @Override
            public void onClick(View v) {
                signInGoogle();
            }
        });
    }

    //login google
    private void prepareGoogle(){
        mAuth = FirebaseAuth.getInstance();
        GoogleSignInOptions gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
                .requestIdToken(getResources().getString(R.string.default_web_client_id))
                .requestServerAuthCode(getResources().getString(R.string.default_web_client_id))
                .requestEmail()
                .build();
        mGoogleSignInClient = GoogleSignIn.getClient(this, gso);
    }

    private void signInGoogle() {
        Intent signInIntent = mGoogleSignInClient.getSignInIntent();
        startActivityForResult(signInIntent, RC_SIGN_IN);
    }
}

I also already disabled the proguard:

android {
    compileSdkVersion 27
    buildToolsVersion '28.0.2'
    defaultConfig {
        applicationId "com.example.app"
        minSdkVersion 19
        targetSdkVersion 27
        versionCode 17
        versionName "1.1.9.1"
        testInstrumentationRunner "android.support.test.runner.AndroidJUnitRunner"
        multiDexEnabled true
    }
    buildTypes {
        release {
            minifyEnabled false
            useProguard false
            proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro'
        }
        debug {
            minifyEnabled false
            useProguard false
            proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro'
        }
    }
    dexOptions {
        jumboMode = true
    }
}

score 2 · Accepted Answer · answered Oct 11 '18 at 10:24

Since it is working in your debug build, this error is mostly due to a SHA key or package name issue. You said you have the latest google-services.json, so I am assuming you have included the SHA fingerprint for the release keystore in your Firebase project?

If not, you will have to get the fingerprint as explained in this answer and then add it to your Firebase project, and update the google-services.json again.

If that has already been done, and you are facing the issue on an app released to the Google Play store, you should check if you have enrolled in Google App Signing, since it involves two distinct upload and signing keys.

You must include the signing key for it to work on user devices. If you are sideloading the app for testing, after creating a release apk with the upload key, then you will have to include that as well.

I can provide more details depending on your situation. Editing your question and including the relevant portion of logcat when the error is raised would make it easier to provide accurate advice.

In my case at first I've added only SHA-256 key, but login failed and I also had to add SHA-1 key. — Variag, Nov 15 '18 at 14:29
I've also faced the issue you mention, though I've not seen any documentation that indicates why it might be happening, or any other solution apart from using a SHA-1 certificate. It is possible that the SHA-256 cert is only being used in Dynamic Links, for which it is a mandatory requirement; Nothing official to back that claim up though. — TheGamer007, Nov 15 '18 at 15:53

score 2 · Answer 2 · answered Jan 16 '19 at 13:13

Accepted answer didn't help in my case. I've checked SHA keys everywhere and they matched. Local debug worked, local release worked, but after publishing app to Play store all versions were giving 12500 error with Google Sign In (alfa, beta, production).

So I asked Google a slightly different question and stumbled upon a thread on github about react native and google sign in. Answer by HadrienPierart helped me find and fix the problem.

Image with his post on github below:

I was missing the 2nd key, indeed! Thank you. – payne May 02 '19 at 19:23 — payne, May 02 '19 at 19:23

Android Google Sign In: App Release Build Always Got "Error: 12500", While Debug Build Isn't

2 Answers2