Smi*_*ngM 9 google-app-engine android firebase google-cloud-endpoints firebase-authentication
有人可以指定(使用一些示例代码)如何验证google云端点中的firebase令牌?最近提出的问题根本没有澄清(如何将firebase身份验证与Google应用引擎端点集成)
端点中的Google身份验证是通过将用户参数添加到端点来自动完成的.可以使用facebook图api在云端点验证Facebook令牌,如下所示:
@ApiMethod(name = "endpoint.addUser", httpMethod = HttpMethod.POST)
public ResultObject addUser(HttpServletRequest request, User pUser) throws OAuthRequestException {
String token = request.getHeader("Authorization");
String graphUrl = "https://graph.facebook.com/v2.6/me?fields=id,name,email&access_token=" + token;
URL u = new URL(g);
URLConnection c = u.openConnection();
BufferedReader in = new BufferedReader(new InputStreamReader(c.getInputStream()));
String inputLine;
StringBuffer b = new StringBuffer();
while ((inputLine = in.readLine()) != null){
b.append(inputLine + "\n");
}
in.close();
graph = b.toString();
JSONObject json = new JSONObject(graph);
facebookId = json.getString("id");
email = json.getString("email");
//...
}
firebase令牌的验证是否像facebook令牌一样简单?是否可以从firebase令牌中检索电子邮件?
据我了解文档,您似乎需要将用户令牌添加到您的请求中,例如作为标头。然后您需要根据 Firebase admin sdk 验证此令牌,这样您就可以获得用户 ID。
@ApiMethod(name = "someApiCall", httpMethod = ApiMethod.HttpMethod.POST)
public YourResponse someApiCall(YourRequestObject body, HttpServletRequest httpRequest) {
String userToken = httpRequest.getHeader("USER_TOKEN_HEADER");
Task<FirebaseToken> authTask = FirebaseAuth.getInstance().verifyIdToken(userToken)
.addOnSuccessListener(new OnSuccessListener<FirebaseToken>() {
@Override
public void onSuccess(FirebaseToken firebaseToken) {
}
});
try {
Tasks.await(authTask);
} catch (ExecutionException e) {
} catch (InterruptedException e) {
}
FirebaseToken result = authTask.getResult();
String userId = result.getUid();
return new YourResponse();
}
我的代码基于:
https://firebase.google.com/docs/auth/admin/verify-id-tokens
如何通过 Firebase 令牌验证来保护我的 Google Cloud Endpoints API?
| 归档时间: |
|
| 查看次数: |
1418 次 |
| 最近记录: |