Search Unity

  1. Megacity Metro Demo now available. Download now.
    Dismiss Notice
  2. Unity support for visionOS is now available. Learn more in our blog post.
    Dismiss Notice

Can't sign in to Google Play Games Services through Unity builds

Discussion in 'Android' started by LesBloom, Dec 23, 2020.

  1. LesBloom

    LesBloom

    Joined:
    Feb 2, 2017
    Posts:
    167
    Hi all,

    I don't understand how to properly set up my Unity build to work with Google Play Games Services.

    Builds that I make, upload, release, and then download through the Google Play store work properly. That is, I can sign in to Google Play Games Services with no issue.

    However, if I try to test that same build *before* uploading to the Google Play Console, then it will fail to sign in every time.

    Here is my setup:

    - Unity 2019.4.8f1
    - The "play games plugin for unity" v10.12
    - I made a keystore within the Unity editor that is being used to sign my builds
    - Google is managing my signing and upload keys via the Google Play Console
    - I am using the same phone and Google account to test with in both situations

    After lots of reading, it seems like it's an issue with my keystore that I created through the Unity editor. The SHA-1 fingerprint in that keystore is different then what the Google Play Console shows (Google Play Console -> App -> Setup -> App Signing).

    I tried copying the certificate(s) from the Google Play Console and importing them into my keystore. That didn't fix anything.

    I am quite confused what is actually wrong here.

    Any help would be greatly appreciated.
    Thank you for your time
    Les
     
    PokerAlicia likes this.
  2. Starbox

    Starbox

    Joined:
    Sep 17, 2014
    Posts:
    455
    I was going to say KEYSTORE right off the bat even before reading the post.
    I'm not a pro by any measure of it but have you actually uploaded your apk or aab with a development (debug) key?
    You must use a custom one and if you let Google manage its own keystore too, then the custom keystore you used is "reduced" to simply being an upload one, as the "real" keystore of your app on Google Play is the one Google Play creates (manages) for you. They're pushing for this involvement more and more, but by what you wrote it does not look like the issues lies here.

    Another problem might be that the SHA-1 key you should use is the one from the API console and related to the 0Auth protocol. You could need to create an ID client in this console for your app, one that targets a specific platform, which will be used by Play Services for the connection. Usually you use the Play Services only on Android so you'll have a platform type of "Android" and that's it. Yes, it's complicated and intimidating for the first time, despite Google's efforts, the documentation is sometimes newbie-proof and you certainly do not want to make a mistake when creating or attributing API keys or other keys.
     
  3. LesBloom

    LesBloom

    Joined:
    Feb 2, 2017
    Posts:
    167
    Hi Starbox,

    Thank you for the reply.

    I am just learning this whole setup, and so it's very possible I got something wrong. However, I believe I have done the steps you described.

    - I did create a unique keystore via the Unity Editor to make builds
    - Google is managing my signing and upload keys for me
    - I created and setup the client ID, OAuth, and credential stuff so that Google Play Games Services would work with my Android app

    Is it expected that I can't test Google Play Games Services features without downloading my test build from the Google Play Store?

    Thank you again for your assistance
     
  4. Starbox

    Starbox

    Joined:
    Sep 17, 2014
    Posts:
    455
    It should not be obligatory but these days, with increased control and verification, it's very possible that some APIs will simply refuse to operate if the app does not seem provided by a legitimate source.
    The Play Console allows you to manage the app through various states of its development, including making it available "as if" on the store, but through a reduced group of declared users, before you push it into the final release phase (and pray it gets noticed in due time by millions of people).
    Usually, for the game itself, a simple APK build right onto devices would suffice (and this is when you can still use development debug keys), but for things like online functions interacting with third party tools (IAP, analytics, advertising, game services, etc.), especially those involving authentication where the service is provided by the store company, I would suggest doing it so as to mimic a public release, as if it were gold (but still is in beta actually). It's better to try to simulate real conditions after all.
     
  5. LesBloom

    LesBloom

    Joined:
    Feb 2, 2017
    Posts:
    167
    Hi Starbox,

    Thanks again for the information and the assistance.

    As a test, I tried using the Internal App Sharing feature. That just gave me the same results.

    I guess I just have to go through the entire flow in order to test out Google Play Games Services code.
     
  6. LesBloom

    LesBloom

    Joined:
    Feb 2, 2017
    Posts:
    167
    If, like me, you came here because you are having issues with long iteration time while testing Google Play Games Services code ....

    My issue involved:

    - Google Play Console controls my app signing key
    - Unity's keystore is applied to my Unity builds
    - Therefore I can't test Google Play Games Services code without fully uploading and publishing my builds through the Google Play Console

    This thread is how I finally got that fixed.

    https://github.com/playgameservices/play-games-plugin-for-unity/issues/2981
     
    PokerAlicia likes this.
  7. Starbox

    Starbox

    Joined:
    Sep 17, 2014
    Posts:
    455
    Yes, that's how this Unity specific key is understood by Google as the upload key, completely separate from the app signing key generated by Google Play, after they ask you if you want to allow Google to manage it for you (they are overall pushing for this so it's the way it's going to be from there on anyway).
     
    Last edited: Apr 28, 2021
  8. OWL7seven

    OWL7seven

    Joined:
    Apr 3, 2014
    Posts:
    6
    how did you get it fixed? you still not explaining and neither does the thread,

    i have the same issue, never had issues before, and my app has been working since then, but now however. the gpg login and stuff doesn't work at all, I've tried everything from reinstalling unity, reimporting. resolving... uploading new builds over 10 times to the play store and downloading it. never had i had this issue before and it shouldn't be giving this issue.
     
  9. PokerAlicia

    PokerAlicia

    Joined:
    Jul 5, 2017
    Posts:
    1
    I just fixed this issue too! It's confusing af but in essence, the steps used to upload to GPG from Unity requires you to create an upload certificate that has a particular SHA-1 fingerprint (known as the upload SHA-1). Fsr at some point in the publishing process, Google also creates another new certificate with a new SHA-1 (known as app-signing SHA-1). By default you only have one of those SHA-1 fingerprints active which means only either straight-from-nuity or published build (but not both) will be able to sign in. You can see both SHA-1 fingerprints by going to the App Integrity page on your Google console.

    Now go to Google Cloud Platform and look at your OAuth 2.0 Client ID section. In your case, there is probably only one to choose, so open that. In the SHA-1 field, input one of the 2 fingerprints you found in your Google Console to make that SHA-1 active. The App signing one would make signing in work for the published version, while the upload one would make signing in with your straight-from-unity one work. So you can flip-flop this way to change which one works.

    However, it's possible to have both SHA-1 fingerprints active at the same time. For this, a second OAuth 2.0 Client ID (and a second Play Games credential) needs to be created, so you'd have one OAuth ID housing the upload SHA-1 and another housing the app-signing SHA-1. Create a new OAuth ID via Google Cloud Platform and then a new Play Games credential that links to that OAuth ID via Google Console > Play Games Services > Setup and Management > Configuration. Publish that change. Once you have the 2 credentials, you can sign in with both versions of the game concurrently and you're good to rock n roll. Hope that helps your case too.
     
  10. Clevereen

    Clevereen

    Joined:
    Apr 22, 2018
    Posts:
    8

    Thank you So much!!!! Thanks to you it worked like a charm! I have been using GPG and Firebase without any issue for months, then because of some twiking it runed the whole Authentification. Your solution saved me!!
     
  11. yong2khoo

    yong2khoo

    Joined:
    Aug 17, 2020
    Posts:
    6
    Very clear explanation. you have my thanks =)