我在一个应用程序中有一个API方法(用Java编写),该应用程序被部署为一组在Google Cloud上运行的端点。该API正在使用OpenAPI,并使用ESP(Extensible Service Proxy)中继来自该API的请求并中介任何身份验证。
我创建了一个新的API方法,如下所示:
@ApiMethod(path="my/path/{param}",httpMethod = "get")
public Object[] GetSomethingUsingFirebaseAuthentication(@Named("param") String param) throws UnauthorizedException,BadRequestException,NotFoundException
{
// implementation
}
当我使用“调试方式> App Engine”进行调试时,可以在本地运行时使用“调试方式”> App Engine进行调试,并且可以使用Postman如下调用该方法。我使用的邮递员设置如下(请注意,我在Authorization标头的“ bearer”中传递了身份验证令牌):
该方法被成功调用并返回成功响应,这证明我在正确调用该方法并且它是有效的。如果我随后添加一个参数来接受Firebase用户,则该方法将失败:
@ApiMethod(path="my/path/{param}",httpMethod = "get")
public Object[] GetSomethingUsingFirebaseAuthentication(@Named("param") String param, User user) throws UnauthorizedException,BadRequestException,NotFoundException
{
// some auth code based on the Firebase 'user'
}
现在,我已经添加了User参数,因此调用了该方法,与使用Postman之前的方法完全一样,现在出现了http 503错误:
method_info is not set
这实际上是http JSON响应:
{
"error": {
"errors": [
{
"domain": "global",
"reason": "backendError",
"message": "backend error"
}
],
"code": 503,
"message": "backend error"
}
}
问题与此非常相似:
Google Cloud Endpoints + Firebase Auth: method_info is not set
与我的问题的区别在于,当我将端点API部署到生产环境时,仍然遇到问题。
我还有其他非常相似的API方法可以接受Firebase用户,并且它们都在生产环境中工作。当我在本地调试它时,一种类似的API方法也可以使用,因此不需要更改配置。
以上问题的可接受答案(修改web.xml中的映射以使应该注入method_info的过滤器起作用)对我不起作用。无论如何,这都是我自己的问题,因为其他API方法似乎可以在本地和生产环境中使用。
这应该如何工作的一些解释-ESP(可扩展服务代理)是一种Google Cloud产品,是端点API的包装,它可以使用Firebase令牌为用户中介身份验证(在我的情况下,令牌在“授权”标头的承载中传递)。然后,应将经过身份验证的Firebase用户作为user
参数传递。
这是完整的堆栈跟踪
WARNING: exception occurred while invoking backend method
java.lang.IllegalStateException: method_info is not set in the request
at com.google.api.server.spi.auth.EspAuthenticator.authenticate(EspAuthenticator.java:67)
at com.google.api.server.spi.request.Auth.authenticate(Auth.java:101)
at com.google.api.server.spi.request.ServletRequestParamReader.getUser(ServletRequestParamReader.java:205)
at com.google.api.server.spi.request.ServletRequestParamReader.deserializeParams(ServletRequestParamReader.java:141)
at com.google.api.server.spi.request.RestServletRequestParamReader.read(RestServletRequestParamReader.java:135)
at com.google.api.server.spi.SystemService.invokeServiceMethod(SystemService.java:349)
at com.google.api.server.spi.handlers.EndpointsMethodHandler$RestHandler.handle(EndpointsMethodHandler.java:119)
at com.google.api.server.spi.handlers.EndpointsMethodHandler$RestHandler.handle(EndpointsMethodHandler.java:102)
at com.google.api.server.spi.dispatcher.PathDispatcher.dispatch(PathDispatcher.java:50)
at com.google.api.server.spi.EndpointsServlet.service(EndpointsServlet.java:72)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
at com.google.inject.servlet.ServletDefinition.doServiceImpl(ServletDefinition.java:287)
at com.google.inject.servlet.ServletDefinition.doService(ServletDefinition.java:277)
at com.google.inject.servlet.ServletDefinition.service(ServletDefinition.java:182)
at com.google.inject.servlet.ManagedServletPipeline.service(ManagedServletPipeline.java:91)
at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:85)
at com.google.api.control.ControlFilter.doFilter(ControlFilter.java:229)
at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82)
at com.google.api.control.ConfigFilter.doFilter(ConfigFilter.java:120)
at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82)
at com.google.inject.servlet.ManagedFilterPipeline.dispatch(ManagedFilterPipeline.java:119)
at com.google.inject.servlet.GuiceFilter$1.call(GuiceFilter.java:133)
at com.google.inject.servlet.GuiceFilter$1.call(GuiceFilter.java:130)
at com.google.inject.servlet.GuiceFilter$Context.call(GuiceFilter.java:203)
at com.google.inject.servlet.GuiceFilter.doFilter(GuiceFilter.java:130)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642)
at com.google.appengine.tools.development.ResponseRewriterFilter.doFilter(ResponseRewriterFilter.java:134)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642)
at com.google.appengine.tools.development.HeaderVerificationFilter.doFilter(HeaderVerificationFilter.java:34)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642)
at com.google.appengine.api.blobstore.dev.ServeBlobFilter.doFilter(ServeBlobFilter.java:63)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642)
at com.google.apphosting.utils.servlet.TransactionCleanupFilter.doFilter(TransactionCleanupFilter.java:48)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642)
at com.google.appengine.tools.development.jetty9.StaticFileFilter.doFilter(StaticFileFilter.java:123)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642)
at com.google.appengine.tools.development.DevAppServerModulesFilter.doDirectRequest(DevAppServerModulesFilter.java:366)
at com.google.appengine.tools.development.DevAppServerModulesFilter.doDirectModuleRequest(DevAppServerModulesFilter.java:349)
at com.google.appengine.tools.development.DevAppServerModulesFilter.doFilter(DevAppServerModulesFilter.java:116)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642)
at com.google.appengine.tools.development.DevAppServerRequestLogFilter.doFilter(DevAppServerRequestLogFilter.java:44)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1634)
at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:533)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:146)
at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:524)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132)
at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:257)
at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1595)
at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:255)
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1340)
at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:203)
at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:473)
at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1564)
at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:201)
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1242)
at com.google.appengine.tools.development.jetty9.DevAppEngineWebAppContext.doScope(DevAppEngineWebAppContext.java:94)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:144)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132)
at com.google.appengine.tools.development.jetty9.JettyContainerService$ApiProxyHandler.handle(JettyContainerService.java:595)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132)
at org.eclipse.jetty.server.Server.handle(Server.java:503)
at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:364)
at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:260)
at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:305)
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:103)
at org.eclipse.jetty.io.ChannelEndPoint$2.run(ChannelEndPoint.java:118)
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:765)
at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:683)
at java.lang.Thread.run(Unknown Source)
调试时我在Eclipse中收到的唯一警告是
WARNING: No file found for: /_ah/start
关于什么可能导致此问题或我可以看什么的任何想法?非常感谢您提供有关如何调试或诊断问题的建议:)
答案 0 :(得分:0)
需要重新生成终结点API的OpenAPI文件,并将其部署到生产 Google Cloud终结点,以使身份验证在本地调试时起作用。
$ mvn clean package endpoints-framework:openApiDocs -DskipTests
$ gcloud endpoints services deploy target/openapi-docs/openapi.json
$ mvn appengine:run
终结点API的本地版本引用了仅生产的Firebase身份验证服务,该服务又必须从生产终结点API中的openapi.json
获取其终结点API引用。
来自Google OpenAPI Overview:
OpenAPI文档描述了REST API的表面,并且 定义以下信息:
API的名称和描述。各个端点(路径) 在API中。呼叫者如何进行身份验证。