Firebase aab 中的身份验证失败，但 APK 中的身份验证失败（React-Native）

Question

每当我在封闭式测试中测试我的应用程序时，我都会遇到登录问题。

我的应用程序使用 Firebase 进行身份验证，我为我的 React Native 项目（开发、演示、生产）设置了三个变体，并且可以确认我的脚本，我运行以构建应用程序，指向正确的环境变量并且应用程序指向在调试模式下构建时正确的数据库和 api。 当我生成一个发布 APK 并将文件发送给测试人员时，他们通常不会遇到登录问题。（这是在我打开 google play 帐户之前）但是，每当我上传 aab（使用./gradlew bundleRelease ）对于封闭测试，有时用户可以通过登录屏幕，有时则不能。

我可以确认该版本已正确签名。 我能够在本地调试应用程序，并成功生成一个版本。 在本地，在发布和调试模式下，身份验证、API 调用都是正确的。 每当我生成应用程序包并将其上传到 Google Play 控制台时，就会失败。 我尝试了谷歌的帮助台，他们建议我在封闭测试中每个应用程序只使用一个轨道。 因此，除了一个（alpha），我关闭了所有，仍然有这个问题。

这些是我搜索的问题Link Link Link

我正在考虑将 SHA-1 证书指纹添加到每个 firebase 项目中，但我不知道这是否是解决此问题的最准确方法。

反应本机 0.67.3 节点 16.13.1 NPM 8.1.4

这是我的 bundle.gradle

apply plugin: "com.android.application"
apply plugin: "com.apollographql.apollo"
import com.android.build.OutputFile
apply plugin: 'com.google.gms.google-services'
/**
 * The react.gradle file registers a task for each build variant (e.g. bundleDebugJsAndAssets
 * and bundleReleaseJsAndAssets).
 * These basically call `react-native bundle` with the correct arguments during the Android build
 * cycle. By default, bundleDebugJsAndAssets is skipped, as in debug/dev mode we prefer to load the
 * bundle directly from the development server. Below you can see all the possible configurations
 * and their defaults. If you decide to add a configuration block, make sure to add it before the
 * `apply from: "../../node_modules/react-native/react.gradle"` line.
 *
 * project.ext.react = [
 *   // the name of the generated asset file containing your JS bundle
 *   bundleAssetName: "index.android.bundle",
 *
 *   // the entry file for bundle generation. If none specified and
 *   // "index.android.js" exists, it will be used. Otherwise "index.js" is
 *   // default. Can be overridden with ENTRY_FILE environment variable.
 *   entryFile: "index.android.js",
 *
 *   // https://reactnative.dev/docs/performance#enable-the-ram-format
 *   bundleCommand: "ram-bundle",
 *
 *   // whether to bundle JS and assets in debug mode
 *   bundleInDebug: false,
 *
 *   // whether to bundle JS and assets in release mode
 *   bundleInRelease: true,
 *
 *   // whether to bundle JS and assets in another build variant (if configured).
 *   // See http://tools.android.com/tech-docs/new-build-system/user-guide#TOC-Build-Variants
 *   // The configuration property can be in the following formats
 *   //         'bundleIn${productFlavor}${buildType}'
 *   //         'bundleIn${buildType}'
 *   // bundleInFreeDebug: true,
 *   // bundleInPaidRelease: true,
 *   // bundleInBeta: true,
 *
 *   // whether to disable dev mode in custom build variants (by default only disabled in release)
 *   // for example: to disable dev mode in the staging build type (if configured)
 *   devDisabledInStaging: true,
 *   // The configuration property can be in the following formats
 *   //         'devDisabledIn${productFlavor}${buildType}'
 *   //         'devDisabledIn${buildType}'
 *
 *   // the root of your project, i.e. where "package.json" lives
 *   root: "../../",
 *
 *   // where to put the JS bundle asset in debug mode
 *   jsBundleDirDebug: "$buildDir/intermediates/assets/debug",
 *
 *   // where to put the JS bundle asset in release mode
 *   jsBundleDirRelease: "$buildDir/intermediates/assets/release",
 *
 *   // where to put drawable resources / React Native assets, e.g. the ones you use via
 *   // require('./image.png')), in debug mode
 *   resourcesDirDebug: "$buildDir/intermediates/res/merged/debug",
 *
 *   // where to put drawable resources / React Native assets, e.g. the ones you use via
 *   // require('./image.png')), in release mode
 *   resourcesDirRelease: "$buildDir/intermediates/res/merged/release",
 *
 *   // by default the gradle tasks are skipped if none of the JS files or assets change; this means
 *   // that we don't look at files in android/ or ios/ to determine whether the tasks are up to
 *   // date; if you have any other folders that you want to ignore for performance reasons (gradle
 *   // indexes the entire tree), add them here. Alternatively, if you have JS files in android/
 *   // for example, you might want to remove it from here.
 *   inputExcludes: ["android/**", "ios/**"],
 *
 *   // override which node gets called and with what additional arguments
 *   nodeExecutableAndArgs: ["node"],
 *
 *   // supply additional arguments to the packager
 *   extraPackagerArgs: []
 * ]
 */

project.ext.react = [
    enableHermes: false,  // clean and rebuild if changing
]

apply from: "../../node_modules/react-native/react.gradle"


project.ext.envConfigFiles = [
   productionrelease: ".env.production",
   productiondebug: ".env.production",
   developmentrelease: ".env",
   developmentdebug: ".env",
   demorelease: ".env.demo",
   demodebug: ".env.demo",
]
apply from: project(':react-native-config').projectDir.getPath() + "/dotenv.gradle"
/**
 * Set this to true to create two separate APKs instead of one:
 *   - An APK that only works on ARM devices
 *   - An APK that only works on x86 devices
 * The advantage is the size of the APK is reduced by about 4MB.
 * Upload all the APKs to the Play Store and people will download
 * the correct one based on the CPU architecture of their device.
 */
def enableSeparateBuildPerCPUArchitecture = false

/**
 * Run Proguard to shrink the Java bytecode in release builds.
 */
def enableProguardInReleaseBuilds = false

/**
 * The preferred build flavor of JavaScriptCore.
 *
 * For example, to use the international variant, you can use:
 * `def jscFlavor = 'org.webkit:android-jsc-intl:+'`
 *
 * The international variant includes ICU i18n library and necessary data
 * allowing to use e.g. `Date.toLocaleString` and `String.localeCompare` that
 * give correct results when using with locales other than en-US.  Note that
 * this variant is about 6MiB larger per architecture than default.
 */
def jscFlavor = 'org.webkit:android-jsc:+'

/**
 * Whether to enable the Hermes VM.
 *
 * This should be set on project.ext.react and that value will be read here. If it is not set
 * on project.ext.react, JavaScript will not be compiled to Hermes Bytecode
 * and the benefits of using Hermes will therefore be sharply reduced.
 */
def enableHermes = project.ext.react.get("enableHermes", false);

/**
 * Architectures to build native code for in debug.
 */
def nativeArchitectures = project.getProperties().get("reactNativeDebugArchitectures")

android {
    compileSdkVersion rootProject.ext.compileSdkVersion

    defaultConfig {
        applicationId "com.work"
        minSdkVersion rootProject.ext.minSdkVersion
        targetSdkVersion rootProject.ext.targetSdkVersion
        versionCode 15
        versionName "2.6"
    }
    splits {
        abi {
            reset()
            enable enableSeparateBuildPerCPUArchitecture
            universalApk false  // If true, also generate a universal APK
            include "armeabi-v7a", "x86", "arm64-v8a", "x86_64"
        }
    }
    signingConfigs {
        debug {
            storeFile file('debug.keystore')
            storePassword 'android'
            keyAlias 'androiddebugkey'
            keyPassword 'android'
        }
         release {
            if (project.hasProperty('MYAPP_UPLOAD_STORE_FILE')) {
                storeFile file(MYAPP_UPLOAD_STORE_FILE)
                storePassword MYAPP_UPLOAD_STORE_PASSWORD
                keyAlias MYAPP_UPLOAD_KEY_ALIAS
                keyPassword MYAPP_UPLOAD_KEY_PASSWORD
            }
        }
    }

    buildTypes {
        debug {
            signingConfig signingConfigs.debug
            // Specifies a sorted list of build types that the plugin should try to use when a direct variant match with a local module dependency is not possible.
            matchingFallbacks = ['debug', 'release']
            if (nativeArchitectures) {
                ndk {
                    abiFilters nativeArchitectures.split(',')
                }
            }
        }
        release {
            // Caution! In production, you need to generate your own keystore file.
            // see https://reactnative.dev/docs/signed-apk-android.
            signingConfig signingConfigs.release
            minifyEnabled enableProguardInReleaseBuilds
            proguardFiles getDefaultProguardFile("proguard-android.txt"), "proguard-rules.pro"
        }
    }
flavorDimensions "default"
  productFlavors {
    production {
        resValue "string",  "app_name", "work"
    }
    demo {
        resValue "string",  "app_name", "work_demo"
    }
    development {
        resValue "string",  "app_name", "work_dev"
    }
  }
    // applicationVariants are e.g. debug, release
    applicationVariants.all { variant ->
        variant.outputs.each { output ->
            // For each separate APK per architecture, set a unique version code as described here:
            // https://developer.android.com/studio/build/configure-apk-splits.html
            // Example: versionCode 1 will generate 1001 for armeabi-v7a, 1002 for x86, etc.
            def versionCodes = ["armeabi-v7a": 1, "x86": 2, "arm64-v8a": 3, "x86_64": 4]
            def abi = output.getFilter(OutputFile.ABI)
            if (abi != null) {  // null for the universal-debug, universal-release variants
                output.versionCodeOverride =
                        defaultConfig.versionCode * 1000 + versionCodes.get(abi)
            }

        }
    }
}

dependencies {

    //noinspection GradleDynamicVersion
    implementation project(":react-native-webview")
    implementation "com.facebook.react:react-native:+"  // From node_modules
    implementation "com.android.support:appcompat-v7:27.1.1"
    implementation "androidx.swiperefreshlayout:swiperefreshlayout:1.0.0"
    implementation fileTree(dir: "libs", include: ["*.jar"])
  // Apollo core
    implementation "com.apollographql.apollo:apollo-runtime:2.4.6"
  // firebase
  implementation platform('com.google.firebase:firebase-bom:29.0.4')
  //analytics
  implementation "com.google.firebase:firebase-analytics"
  //auth
  implementation "com.google.firebase:firebase-auth"
    //analytics
  implementation "com.google.firebase:firebase-analytics"
    debugImplementation("com.facebook.flipper:flipper:${FLIPPER_VERSION}") {
        exclude group:'com.facebook.fbjni'
    }

    debugImplementation("com.facebook.flipper:flipper-network-plugin:${FLIPPER_VERSION}") {
        exclude group:'com.facebook.flipper'
        exclude group:'com.squareup.okhttp3', module:'okhttp'
    }

    debugImplementation("com.facebook.flipper:flipper-fresco-plugin:${FLIPPER_VERSION}") {
        exclude group:'com.facebook.flipper'
    }

    if (enableHermes) {
        def hermesPath = "../../node_modules/hermes-engine/android/";
        debugImplementation files(hermesPath + "hermes-debug.aar")
        releaseImplementation files(hermesPath + "hermes-release.aar")
    } else {
        implementation jscFlavor
    }
}

// Run this once to be able to run the application with BUCK
// puts all compile dependencies into folder libs for BUCK to use
task copyDownloadableDepsToLibs(type: Copy) {
    from configurations.implementation
    into 'libs'
}

apply from: file("../../node_modules/@react-native-community/cli-platform-android/native_modules.gradle"); applyNativeModulesAppBuildGradle(project)

试图尽可能彻底。 感谢您抽出宝贵时间，如果我可以提供任何帮助让您更轻松地进行此操作，请告诉我。

Answer 1

就像猜测一样，当您将 AAB 发送给谷歌时，它会为您将其重新打包到每个设备配置文件的 APK 中，并使用不同的密钥对这些 APK 进行签名，您需要下载该密钥并将其配置为 Firebase 的有效密钥——很多人都这样做忘记做。 那会是你的问题吗？

讨论它是如何工作的： https://developer.android.com/guide/app-bundle/faq#app-signing

指向从何处获取 Play 应用签名密钥的 SHA 的指针： https://developers.google.com/android/guides/client-auth#using_play_app_signing