我正在尝试使用令牌了解Firebase自定义身份验证方法,但文档对我来说并不是那么清楚。在我尝试使用JWT生成器之前,我想检查是否有办法使用身份验证响应令牌通过javascript登录Web客户端:
1)首先,在Bash:
curl 'https://www.googleapis.com/identitytoolkit/v3/relyingparty/verifyPassword?key=[theapikey]' -H 'Content-Type: application/json' --data-binary '{"email":"[the-user-email]","password":"[the-user-valid-password]","returnSecureToken":true}'
2)回应:
{
"kind": "identitytoolkit#VerifyPasswordResponse",
"localId": "<theresponse-localid>",
"email": "<theresponse-user-email>",
"displayName": "<theresponse-displayname>",
"idToken": "<theresponse-idtoken-string>",
"registered": true,
"refreshToken": "<theresponse-refreshToken>",
"expiresIn": "3600"
}
3)所以我将结果复制到JavaScript对象中:
var token = {
"kind": "identitytoolkit#VerifyPasswordResponse",
"localId": "<localid-string>",
"email": "<user-email>",
"displayName": "<user-displayname>",
"idToken": "<idtoken-string>",
"registered": true,
"refreshToken": "<refreshtoken-string>",
"expiresIn": "3600"
};
4)我尝试过使用该令牌进行验证:
firebase.auth().signInWithCustomToken(token).catch(function(error) {
console.log("firebase.auth().signInWithCustomToken() Error: ");
console.log(error);
}
firebase.auth().signInWithCustomToken(JSON.stringify(token)).catch(function(error) {
console.log("firebase.auth().signInWithCustomToken() Error: ");
console.log(error);
}
firebase.auth().signInWithCustomToken(token.idToken).catch(function(error) {
console.log("firebase.auth().signInWithCustomToken() Error: ");
console.log(error);
}
5)对于每一个,我都会得到同样的错误:
"Object { code: "auth/invalid-custom-token", message: "The custom token format is incorrect", stack: "" }"
我显然是错的,但我读到的大多数文档都描述了创建自定义JWT令牌。我恐怕还不明白。