有人可以指定(使用一些示例代码)如何验证Google云端点中的firebase令牌吗?最近提出的问题根本没有澄清(How to integrate firebase authentication with google app engine endpoints)
端点中的Google身份验证是通过将用户参数添加到端点来自动完成的。 可以使用facebook图api在云端点验证Facebook令牌:
@ApiMethod(name = "endpoint.addUser", httpMethod = HttpMethod.POST)
public ResultObject addUser(HttpServletRequest request, User pUser) throws OAuthRequestException {
String token = request.getHeader("Authorization");
String graphUrl = "https://graph.facebook.com/v2.6/me?fields=id,name,email&access_token=" + token;
URL u = new URL(g);
URLConnection c = u.openConnection();
BufferedReader in = new BufferedReader(new InputStreamReader(c.getInputStream()));
String inputLine;
StringBuffer b = new StringBuffer();
while ((inputLine = in.readLine()) != null){
b.append(inputLine + "\n");
}
in.close();
graph = b.toString();
JSONObject json = new JSONObject(graph);
facebookId = json.getString("id");
email = json.getString("email");
//...
}
firebase令牌的验证是否像facebook令牌一样简单?是否可以从firebase令牌中检索电子邮件?
答案 0 :(得分:2)
据我了解文档,您似乎需要在请求中添加用户令牌,例如标题。然后,您需要针对Firebase管理员sdk验证此令牌,这样您就可以获得用户ID。
@ApiMethod(name = "someApiCall", httpMethod = ApiMethod.HttpMethod.POST)
public YourResponse someApiCall(YourRequestObject body, HttpServletRequest httpRequest) {
String userToken = httpRequest.getHeader("USER_TOKEN_HEADER");
Task<FirebaseToken> authTask = FirebaseAuth.getInstance().verifyIdToken(userToken)
.addOnSuccessListener(new OnSuccessListener<FirebaseToken>() {
@Override
public void onSuccess(FirebaseToken firebaseToken) {
}
});
try {
Tasks.await(authTask);
} catch (ExecutionException e) {
} catch (InterruptedException e) {
}
FirebaseToken result = authTask.getResult();
String userId = result.getUid();
return new YourResponse();
}
我的代码基于:
https://firebase.google.com/docs/auth/admin/verify-id-tokens
How do I secure my Google Cloud Endpoints APIs with Firebase token verification?
答案 1 :(得分:1)
您可以使用CustomAuthenticator:
public class CustomAuthenticator implements Authenticator {
private static final Logger LOG = Logger.getLogger(CustomAuthenticator.class.getName());
private static final String COOKIE_FIREBASE_TOKEN = "firebase_token";
static {
LOG.info("CustomAuthenticator: initializing");
InputStream serviceAccountResourceStream = CustomAuthenticator.class.getResourceAsStream("/serviceAccountKey.json");
FirebaseOptions options = new FirebaseOptions.Builder()
.setServiceAccount(serviceAccountResourceStream)
.build();
FirebaseApp.initializeApp(options);
LOG.info("CustomAuthenticator: initialized");
}
@Override
public User authenticate(HttpServletRequest httpServletRequest) {
User user = null;
if (httpServletRequest.getCookies() != null) {
for (Cookie cookie : httpServletRequest.getCookies()) {
if (cookie.getName().equals(COOKIE_FIREBASE_TOKEN)) {
FirebaseToken firebaseToken = FirebaseAuth.getInstance().verifyIdToken(cookie.getValue()).getResult();
user = new User(firebaseToken.getUid(), firebaseToken.getEmail());
}
}
}
return user;
}
}
在您的API实施中,不要忘记启用自定义身份验证器:
@Api(name = "exampleWithAuth",
version = "v1",
...
auth = @ApiAuth(allowCookieAuth = AnnotationBoolean.TRUE), // This is needed to process your cookie for the token
authenticators = {CustomAuthenticator.class} // Declare your custom authenticator
)
public class ExampleWithAuthEndpoint {
@ApiMethod(httpMethod = "GET", path = "example")
public Example getExample(User user /* Add User to enable API authentication */) {
if (user != null) {
// Do something
}
return null;
}
}
现在,当您致电API时,只需将Cookie firebase_token添加到您的请求中即可。
我希望这会有所帮助。