无法为Firebase自定义声明添加适当的规则

时间:2018-07-09 06:59:11

标签: ruby-on-rails firebase firebase-realtime-database jwt firebase-security-rules

我已经使用Firebase文档为ruby创建了一个身份验证令牌,但是当我尝试访问数据安全规则中的自定义声明时,它不起作用。

我的JWT创建代码看起来像这样

$service_account_email = "service-account@my-project-abc123.iam.gserviceaccount.com"
$private_key = OpenSSL::PKey::RSA.new "-----BEGIN PRIVATE KEY-----\n..."
  now_seconds = Time.now.to_i
  payload = {:iss => $service_account_email,
             :sub => $service_account_email,
             :aud => "https://identitytoolkit.googleapis.com/google.identity.identitytoolkit.v1.IdentityToolkit",
             :iat => now_seconds,
             :exp => now_seconds+(60*60), # Maximum expiration time is one hour
             :uid => uid,
             :claims => {:modify_vessels => true}}
 jwt_token = JWT.encode payload, private_key, "RS256"

render json: { :status => "ok", :email => usr, :jwt_token => jwt_token, :uid => uid } and return

我已经尝试过以下用于访问声明对象的规则,但是它们都不起作用

{
  "rules": {
    "vessels" : {
      "$uid" : {
        ".read":"auth.token.modify_vessels === true",
            ".write":"auth.token.modify_vessels === true"
      }
    }
  }
}

{
  "rules": {
    "vessels" : {
      "$uid" : {
        ".read":"auth.claims.modify_vessels === true",
            ".write":"auth.claims.modify_vessels === true"
      }
    }
  }
}

请注意:-我可以做auth.uid,它可以正常工作

对此的任何帮助都会有所帮助

0 个答案:

没有答案