我正在尝试使用firebase admin sdk验证我的java服务器上的android客户端应用程序发送的Id令牌。我跟着
FirebaseOptions options = new FirebaseOptions.Builder()
.setServiceAccount(sce.getServletContext().getResourceAsStream("/WEB-INF/serviceAccountKey.json"))
.setDatabaseUrl("https://[project-id].firebaseio.com/")
.build();
FirebaseApp.initializeApp(options);
FirebaseToken decodedToken = FirebaseAuth.getInstance().verifyIdTokenAsync(idToken).get();
String uid = decodedToken.getUid();
从Android客户端
中传输ID令牌mAuth.signInAnonymously()
.addOnCompleteListener(this, new OnCompleteListener<AuthResult>() {
@Override
public void onComplete(@NonNull Task<AuthResult> task) {
if (task.isSuccessful()) {
final FirebaseUser user = mAuth.getCurrentUser();
user.getIdToken(true).addOnCompleteListener(new OnCompleteListener<GetTokenResult>() {
@Override
public void onComplete(@NonNull Task<GetTokenResult> task) {
String token = task.getResult().getToken();
Log.e(TAG,"signInAnonymously:success : onComplete : "+token);
callApi(token);
}
});
} else {
// If sign in fails, display a message to the user.
Toast.makeText(SignIn.this, "Authentication failed.",
Toast.LENGTH_SHORT).show();
}
}
});
在服务器上获取异常
com.google.firebase.auth.FirebaseAuthException:Firebase ID令牌 未使用有效的公钥签名。请参阅https://firebase.google.com/docs/auth/admin/verify-id-tokens 有关如何检索ID令牌的详细信息。在 com.google.firebase.auth.internal.FirebaseTokenVerifier.verifyTokenAndSignature(FirebaseTokenVerifier.java:147) 在 com.google.firebase.auth.FirebaseAuth $ 2.call(FirebaseAuth.java:223) 在 com.google.firebase.auth.FirebaseAuth $ 2.call(FirebaseAuth.java:211) 在com.google.firebase.tasks.Tasks $ 1.run(Tasks.java:82)at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) 在 java.util.concurrent.ThreadPoolExecutor中的$ Worker.run(ThreadPoolExecutor.java:624) 在java.lang.Thread.run(Thread.java:748)