Google Cloud Endpoints-仅在删除用户参数后成功调用API方法

时间:2019-03-04 03:38:36

标签: java firebase google-cloud-platform firebase-authentication openapi

我在一个应用程序中有一个API方法(用Java编写),该应用程序被部署为一组在Google Cloud上运行的端点。该API正在使用OpenAPI,并使用ESP(Extensible Service Proxy)中继来自该API的请求并中介任何身份验证。

我创建了一个新的API方法,如下所示:

@ApiMethod(path="my/path/{param}",httpMethod = "get")
public Object[] GetSomethingUsingFirebaseAuthentication(@Named("param") String param) throws UnauthorizedException,BadRequestException,NotFoundException
{
     // implementation
}

当我使用“调试方式> App Engine”进行调试时,可以在本地运行时使用“调试方式”> App Engine进行调试,并且可以使用Postman如下调用该方法。我使用的邮递员设置如下(请注意,我在Authorization标头的“ bearer”中传递了身份验证令牌):

enter image description here

该方法被成功调用并返回成功响应,这证明我在正确调用该方法并且它是有效的。如果我随后添加一个参数来接受Firebase用户,则该方法将失败:

@ApiMethod(path="my/path/{param}",httpMethod = "get")
public Object[] GetSomethingUsingFirebaseAuthentication(@Named("param") String param, User user) throws UnauthorizedException,BadRequestException,NotFoundException
{
     // some auth code based on the Firebase 'user'
}

现在,我已经添加了User参数,因此调用了该方法,与使用Postman之前的方法完全一样,现在出现了http 503错误:

method_info is not set

这实际上是http JSON响应:

{
    "error": {
        "errors": [
            {
                "domain": "global",
                "reason": "backendError",
                "message": "backend error"
            }
        ],
        "code": 503,
        "message": "backend error"
    }
}

问题与此非常相似:

Google Cloud Endpoints + Firebase Auth: method_info is not set

与我的问题的区别在于,当我将端点API部署到生产环境时,仍然遇到问题。

我还有其他非常相似的API方法可以接受Firebase用户,并且它们都在生产环境中工作。当我在本地调试它时,一种类似的API方法也可以使用,因此不需要更改配置。

以上问题的可接受答案(修改web.xml中的映射以使应该注入method_info的过滤器起作用)对我不起作用。无论如何,这都是我自己的问题,因为其他API方法似乎可以在本地和生产环境中使用。


这应该如何工作的一些解释-ESP(可扩展服务代理)是一种Google Cloud产品,是端点API的包装,它可以使用Firebase令牌为用户中介身份验证(在我的情况下,令牌在“授权”标头的承载中传递)。然后,应将经过身份验证的Firebase用户作为user参数传递。


这是完整的堆栈跟踪

WARNING: exception occurred while invoking backend method
java.lang.IllegalStateException: method_info is not set in the request
    at com.google.api.server.spi.auth.EspAuthenticator.authenticate(EspAuthenticator.java:67)
    at com.google.api.server.spi.request.Auth.authenticate(Auth.java:101)
    at com.google.api.server.spi.request.ServletRequestParamReader.getUser(ServletRequestParamReader.java:205)
    at com.google.api.server.spi.request.ServletRequestParamReader.deserializeParams(ServletRequestParamReader.java:141)
    at com.google.api.server.spi.request.RestServletRequestParamReader.read(RestServletRequestParamReader.java:135)
    at com.google.api.server.spi.SystemService.invokeServiceMethod(SystemService.java:349)
    at com.google.api.server.spi.handlers.EndpointsMethodHandler$RestHandler.handle(EndpointsMethodHandler.java:119)
    at com.google.api.server.spi.handlers.EndpointsMethodHandler$RestHandler.handle(EndpointsMethodHandler.java:102)
    at com.google.api.server.spi.dispatcher.PathDispatcher.dispatch(PathDispatcher.java:50)
    at com.google.api.server.spi.EndpointsServlet.service(EndpointsServlet.java:72)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
    at com.google.inject.servlet.ServletDefinition.doServiceImpl(ServletDefinition.java:287)
    at com.google.inject.servlet.ServletDefinition.doService(ServletDefinition.java:277)
    at com.google.inject.servlet.ServletDefinition.service(ServletDefinition.java:182)
    at com.google.inject.servlet.ManagedServletPipeline.service(ManagedServletPipeline.java:91)
    at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:85)
    at com.google.api.control.ControlFilter.doFilter(ControlFilter.java:229)
    at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82)
    at com.google.api.control.ConfigFilter.doFilter(ConfigFilter.java:120)
    at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82)
    at com.google.inject.servlet.ManagedFilterPipeline.dispatch(ManagedFilterPipeline.java:119)
    at com.google.inject.servlet.GuiceFilter$1.call(GuiceFilter.java:133)
    at com.google.inject.servlet.GuiceFilter$1.call(GuiceFilter.java:130)
    at com.google.inject.servlet.GuiceFilter$Context.call(GuiceFilter.java:203)
    at com.google.inject.servlet.GuiceFilter.doFilter(GuiceFilter.java:130)
    at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642)
    at com.google.appengine.tools.development.ResponseRewriterFilter.doFilter(ResponseRewriterFilter.java:134)
    at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642)
    at com.google.appengine.tools.development.HeaderVerificationFilter.doFilter(HeaderVerificationFilter.java:34)
    at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642)
    at com.google.appengine.api.blobstore.dev.ServeBlobFilter.doFilter(ServeBlobFilter.java:63)
    at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642)
    at com.google.apphosting.utils.servlet.TransactionCleanupFilter.doFilter(TransactionCleanupFilter.java:48)
    at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642)
    at com.google.appengine.tools.development.jetty9.StaticFileFilter.doFilter(StaticFileFilter.java:123)
    at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642)
    at com.google.appengine.tools.development.DevAppServerModulesFilter.doDirectRequest(DevAppServerModulesFilter.java:366)
    at com.google.appengine.tools.development.DevAppServerModulesFilter.doDirectModuleRequest(DevAppServerModulesFilter.java:349)
    at com.google.appengine.tools.development.DevAppServerModulesFilter.doFilter(DevAppServerModulesFilter.java:116)
    at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642)
    at com.google.appengine.tools.development.DevAppServerRequestLogFilter.doFilter(DevAppServerRequestLogFilter.java:44)
    at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1634)
    at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:533)
    at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:146)
    at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:524)
    at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132)
    at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:257)
    at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1595)
    at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:255)
    at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1340)
    at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:203)
    at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:473)
    at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1564)
    at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:201)
    at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1242)
    at com.google.appengine.tools.development.jetty9.DevAppEngineWebAppContext.doScope(DevAppEngineWebAppContext.java:94)
    at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:144)
    at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132)
    at com.google.appengine.tools.development.jetty9.JettyContainerService$ApiProxyHandler.handle(JettyContainerService.java:595)
    at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132)
    at org.eclipse.jetty.server.Server.handle(Server.java:503)
    at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:364)
    at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:260)
    at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:305)
    at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:103)
    at org.eclipse.jetty.io.ChannelEndPoint$2.run(ChannelEndPoint.java:118)
    at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:765)
    at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:683)
    at java.lang.Thread.run(Unknown Source)

调试时我在Eclipse中收到的唯一警告是

WARNING: No file found for: /_ah/start

关于什么可能导致此问题或我可以看什么的任何想法?非常感谢您提供有关如何调试或诊断问题的建议:)

1 个答案:

答案 0 :(得分:0)

需要重新生成终结点API的OpenAPI文件,并将其部署到生产 Google Cloud终结点,以使身份验证在本地调试时起作用。

$ mvn clean package endpoints-framework:openApiDocs -DskipTests
$ gcloud endpoints services deploy target/openapi-docs/openapi.json
$ mvn appengine:run

终结点API的本地版本引用了仅生产的Firebase身份验证服务,该服务又必须从生产终结点API中的openapi.json获取其终结点API引用。

来自Google OpenAPI Overview

  

OpenAPI文档描述了REST API的表面,并且   定义以下信息:

     

API的名称和描述。各个端点(路径)   在API中。呼叫者如何进行身份验证。