2

since 28-03-2020 all my HTTP cloud functions are in error. Before my last update, they were working fine. I changed only few things and after the last deploy I got this error:

<html>

<head>
    <meta http-equiv="content-type" content="text/html;charset=utf-8">
    <title>403 Forbidden</title>
</head>

<body text=#000000 bgcolor=#ffffff>
    <h1>Error: Forbidden</h1>
    <h2>Your client does not have permission to get URL <code>/api/v0/.../</code> from this server. 
</h2>
    <h2></h2>
</body>

</html>

All the changes I did doesn't refer to the HTTP function implementation only in the BI. Is there someone else with the same error? From the Firebase Status Console, it seems that firebase is not experiencing any error https://status.firebase.google.com/

EDIT: added an extract on how I initialize the HTTP cloud functions.

'use strict';

// node import
const cors = require('cors')({ origin: true });
const functions = require('firebase-functions');
const admin = require('firebase-admin');

// Setting timeout and memory for the deploy
const runtimeOpts = {
  timeoutSeconds: 540,
  memory: '2GB'
}


admin.initializeApp(); 

exports.exportMultipleDataToCSV = functions
  .runWith(runtimeOpts)
  .https.onRequest((request, response) => {

    cors(request, response, () => {

      if (request.method === 'PUT')   response.status(403).send('Forbidden!');
      if (request.method === 'DELETE') response.status(403).send('Forbidden!');
      if (request.method === 'POST') response.status(403).send('Forbidden!');

      // BI
      let data = MY-BI;


      response.status(200).set('Access-Control-Allow-Origin', '*').send(data);
    });
});

I'm using the library "request" that I just saw that has been deprecated 2 months ago. It could be the problem? https://www.npmjs.com/package/request

Improve this question
7
  • You should contact Firebase support directly if this isn't working the way you expect. support.google.com/firebase/contact/support Commented Mar 30, 2020 at 7:10
  • I did and for them is something related to me. But until the 28 they were working fine.. and we are talking about 36 functions, I did some change only in one function and then I redeployed all. Commented Mar 30, 2020 at 7:15
  • Please can we see the code for instantiating the cloud functions? Commented Mar 30, 2020 at 7:19
  • I put a code extract on how I initialize HTTP cloud functions.. this is for the API without authentication. Commented Mar 30, 2020 at 7:33
  • Experiencing the same thing, everything was working fine a couple weeks ago. Billing account is configured, serviceAccount is installed correctly. Will update if I find anything. Commented Mar 30, 2020 at 11:03

1 Answer 1

Reset to default
7

Cloud Functions recently changed their default IAM policies for new functions to be restricted to project owners (previously it was allUsers, which allows for public access).

To prepare for this change, [email protected] added an IAM policy update on function creation that adds allUsers permissions. If you are using an older version of the CLI, new functions might be deployed in a restricted mode.

Importantly, however, this change should only apply to the creation of new functions -- if a function already exists and was only updated, no IAM changes should occur. If you're experiencing something else when updating functions, please file a detailed issue including debug logs with firebase-tools.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

First of all, thank you for your help! I solved the problem using this command from the GCP console: gcloud functions add-iam-policy-binding "function name" --member="allUsers" --role="roles/cloudfunctions.invoker". But it is not possible that Google does a change like this without saying nothing to his customer.
@Paolo Is this still the only way of doing this? This feels a bit "hacky". Why does this even happen, I cant remember any of my other functions having this issue

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.