我想在验证电子邮件后允许新的注册用户。
因此,从“注册”屏幕中,按如下所示调用firebase REST API。
POST https://www.googleapis.com/identitytoolkit/v3/relyingparty/signupNewUser?key=xxxx
Content-Type: application/json;charset=UTF-8
Accept: application/json
{"email":"sungyong@humminglab.io","password":"123qwe!@#","returnSecureToken":true}
它的响应如下。
{“ kind”:“ identitytoolkit#SignupNewUserResponse”,“ idToken”: “eyJhbGciOiJSUzI1NiIsImtpZCI6ImZmMWRmNWExNWI1Y2Y1ODJiNjFhMjEzODVjMGNmYWVkZmRiNmE3NDgiLCJ0eXAiOiJKV1QifQ.eyJpc3MiOiJodHRwczovL3NlY3VyZXRva2VuLmdvb2dsZS5jb20vc2hhcnAtaW1wcmludC0yMzQ2MDYiLCJhdWQiOiJzaGFycC1pbXByaW50LTIzNDYwNiIsImF1dGhfdGltZSI6MTU1NDExNjE3OCwidXNlcl9pZCI6IjFIQWVNd0I1dWlocG14UkwyWWZ0STRlZTl6WTIiLCJzdWIiOiIxSEFlTXdCNXVpaHBteFJMMllmdEk0ZWU5elkyIiwiaWF0IjoxNTU0MTE2MTc4LCJleHAiOjE1NTQxMTk3NzgsImVtYWlsIjoic3VuZ3lvbmdAaHVtbWluZ2xhYi5pbyIsImVtYWlsX3ZlcmlmaWVkIjpmYWxzZSwiZmlyZWJhc2UiOnsiaWRlbnRpdGllcyI6eyJlbWFpbCI6WyJzdW5neW9uZ0BodW1taW5nbGFiLmlvIl19LCJzaWduX2luX3Byb3ZpZGVyIjoicGFzc3dvcmQifX0.L98zHgGAQh1ezPDyqxO9k7RXfLXjU7Zad5Xf-uscitTRNMQJOon2SSUwfKcrf48rFoa2y9c7Gb7DsscUSBxwfRi_C6-ObLwF1uoh0xuoQl68gsQqLfqJfeudGaY5IquW-UWfiBAN8DeClTms1K842FXLI6fEoYFplPIg39jUpwYtCnqfevXuWFeI_Y3taO5NWwEnO1VjsURgt_mmGGTKosoJKTTcKgv3hjgm7nb7whyYUylGimxtxoUtsTCHnYKQHrxkOiW7-rdTpfPo39tWB8uYRcPBVmYUozAi2NDlfpnlJ-Sb9noEv7eRIoC3Vk1oyzwctaU2VhNj67IRHFhufQ” “ email”:“ sungyong@humminglab.io”,“ refreshToken”: “AEu4IL1WfTJX3yXu_iW9gWJYjI6cz-YN6h1AUNDT7h1Hc1KcbebmCUa9SFOjn1uMvME4HVU9IbKWnY0YJSgSSt4fhpdYxipo9yebSe_cQc-w_UNZ9W4EuIpQh3zOBIG7Ys6oB284JTMiH5oCuzE9MMm_tqoib5iLcC7hvP0_YUhcbDOhhEECh2cV1jv3iIy_F7fMTHyt-jEhdOa057oQuxCYaOI9LL9dX6snXIFAEIhhllhIrIIgqcc” “ expiresIn”:“ 3600”,“ localId”:“ 1HAeMwB5uihpmxRL2YftI4ee9zY2”}
由于signupNewUser未发送验证电子邮件,因此我手动拨打了getOobConfirmationCode,如下所示。
https://www.googleapis.com/identitytoolkit/v3/relyingparty/getOobConfirmationCode?key=xxx
Content-Type: application/json;charset=UTF-8
Accept: application/json
{
"requestType":"VERIFY_EMAIL",
"idToken":"eyJhbGciOiJSUzI1NiIsImtpZCI6ImZmMWRmNWExNWI1Y2Y1ODJiNjFhMjEzODVjMGNmYWVkZmRiNmE3NDgiLCJ0eXAiOiJKV1QifQ.eyJpc3MiOiJodHRwczovL3NlY3VyZXRva2VuLmdvb2dsZS5jb20vc2hhcnAtaW1wcmludC0yMzQ2MDYiLCJhdWQiOiJzaGFycC1pbXByaW50LTIzNDYwNiIsImF1dGhfdGltZSI6MTU1NDExNjE3OCwidXNlcl9pZCI6IjFIQWVNd0I1dWlocG14UkwyWWZ0STRlZTl6WTIiLCJzdWIiOiIxSEFlTXdCNXVpaHBteFJMMllmdEk0ZWU5elkyIiwiaWF0IjoxNTU0MTE2MTc4LCJleHAiOjE1NTQxMTk3NzgsImVtYWlsIjoic3VuZ3lvbmdAaHVtbWluZ2xhYi5pbyIsImVtYWlsX3ZlcmlmaWVkIjpmYWxzZSwiZmlyZWJhc2UiOnsiaWRlbnRpdGllcyI6eyJlbWFpbCI6WyJzdW5neW9uZ0BodW1taW5nbGFiLmlvIl19LCJzaWduX2luX3Byb3ZpZGVyIjoicGFzc3dvcmQifX0.L98zHgGAQh1ezPDyqxO9k7RXfLXjU7Zad5Xf-uscitTRNMQJOon2SSUwfKcrf48rFoa2y9c7Gb7DsscUSBxwfRi_C6-ObLwF1uoh0xuoQl68gsQqLfqJfeudGaY5IquW-UWfiBAN8DeClTms1K842FXLI6fEoYFplPIg39jUpwYtCnqfevXuWFeI_Y3taO5NWwEnO1VjsURgt_mmGGTKosoJKTTcKgv3hjgm7nb7whyYUylGimxtxoUtsTCHnYKQHrxkOiW7-rdTpfPo39tWB8uYRcPBVmYUozAi2NDlfpnlJ-Sb9noEv7eRIoC3Vk1oyzwctaU2VhNj67IRHFhufQ"
}
但是它的状态码为400。
那是一个错误。您的客户发布了格式错误或非法的 请求。这就是我们所知道的
我不知道为什么失败。我再次检查了注册API收到的idToken。
我做错了什么?