You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When I sign into google on Android, everything was working flawlessly until about an hour into testing. The google sign in keeps returning an invalid ID token which makes it impossible to validate on my backend server
hungqd, HassanGhazy, chandujr, HazyFish, prossion and 2 more
Have the same problem, looks like auth token is expired and if attempted to log back in it uses the expired token. Attempting to logout before logging in doesn't seem to do the trick. Is there a way to refresh auth token for Android devices?
I read that Firebase 4.4.2 resolved auth token refresh issue, but updating to 4.4.2 doesn't seem to have resolved the problem. Anyone has any ideas?
still facing same issue, since there is no reply, i am thinking of implementing client auth token based solution, may be that approach might work as it is a one time auth token for client,
Facing same issue. In fact looking at code comment -- it seems like it doesn't support refreshing of the token on android. Not sure why though.
Future<GoogleSignInAuthentication> get authentication async {
if (_googleSignIn.currentUser != this) {
throw StateError('User is no longer signed in.');
}
final GoogleSignInTokenData response =
await GoogleSignInPlatform.instance.getTokens(
email: email,
shouldRecoverAuth: true,
);
// On Android, there isn't an API for refreshing the idToken, so re-use
// the one we obtained on login.
if (response.idToken == null) {
response.idToken = _idToken;
}
return GoogleSignInAuthentication._(response);
}
Looking at comment, it seems like there is no native getTokens on android so it returns null and replaced by existing token.
I tested on iOS - it works as expected. On Android - it keep returning the same idToken.
If that is the case, what's workaround? There must be because this is a showstopper and one of the fundamental plugins in flutter ecosystem. Am I missing something?
Thanks
vbabaria, pavan-kalyan, akshatj599, chandujr, w441813542 and 1 more
I suppose that it is some kind of wrong google console, client id's and stuff setup.
I also encountered the same issue when I was using wrong bundle id in my app. As for now I am totally sure that each time I login silently I receive a new JWT ID token
By default, access tokens have a validity of 1 hour, which appears to be sufficient for authorizing the retrieval of a signed-in user's data. Once the token has been verified with the backend server, it is imperative to establish a session for the user on the backend. There is no necessity to repeatedly fetch the access token each time a user enters the application after logging in. The primary purpose of the access token is to validate the user with the Google server.
Activity
Corestax commentedon Feb 27, 2018
Have the same problem, looks like auth token is expired and if attempted to log back in it uses the expired token. Attempting to logout before logging in doesn't seem to do the trick. Is there a way to refresh auth token for Android devices?
I read that Firebase 4.4.2 resolved auth token refresh issue, but updating to 4.4.2 doesn't seem to have resolved the problem. Anyone has any ideas?
akoidan commentedon Apr 5, 2018
It's been almost a year. And I get an expired token as well. Is anybody alive here?
Here's payload example:
HashirLabs commentedon Dec 19, 2019
still facing same issue, since there is no reply, i am thinking of implementing client auth token based solution, may be that approach might work as it is a one time auth token for client,
skotadia commentedon Jan 10, 2021
Facing same issue. In fact looking at code comment -- it seems like it doesn't support refreshing of the token on android. Not sure why though.
Looking at comment, it seems like there is no native getTokens on android so it returns null and replaced by existing token.
I tested on iOS - it works as expected. On Android - it keep returning the same idToken.
If that is the case, what's workaround? There must be because this is a showstopper and one of the fundamental plugins in flutter ecosystem. Am I missing something?
Thanks
vbabaria commentedon Jan 10, 2021
same problem here - refreshing idToken on android doesn't seem to work and would love to hear any update on this issue - thanks
HassanGhazy commentedon Sep 12, 2021
same problem here, and we still waiting for an update.
pldilley commentedon Jun 18, 2022
Same problem here, please do fix it!
vietmobilefolk commentedon Apr 10, 2023
Same problem for April 2023 on Android: silent signin after an hour can't generate new valid token but keep return old token.
UmarBhatPlaystrom commentedon Sep 20, 2023
I suppose that it is some kind of wrong google console, client id's and stuff setup.
I also encountered the same issue when I was using wrong bundle id in my app. As for now I am totally sure that each time I login silently I receive a new JWT ID token
AshwinN796 commentedon Dec 30, 2023
By default, access tokens have a validity of 1 hour, which appears to be sufficient for authorizing the retrieval of a signed-in user's data. Once the token has been verified with the backend server, it is imperative to establish a session for the user on the backend. There is no necessity to repeatedly fetch the access token each time a user enters the application after logging in. The primary purpose of the access token is to validate the user with the Google server.
mickey35vn commentedon Nov 15, 2024
still waiting for an update, please