无法让 AppCheck(在模拟器上调试)在 Flutter 应用程序上运行
acs*_*001 13 firebase-realtime-database flutter firebase-app-check
我有一个flutter应用程序,添加AppCheck并使用Android模拟器进行测试和调试。我正在测试实时数据库的访问。从我的 Firebase 控制台,AppCheck 显示我的所有访问都属于以下类型:未验证:无效请求。我已经关注了: https: //firebase.google.com/docs/app-check/android/debug-provider。
我的应用程序/build.gradle
dependencies {
...
//implementation 'com.google.firebase:firebase-appcheck-safetynet:16.0.0-beta02'
implementation 'com.google.firebase:firebase-appcheck-debug:16.0.0-beta03'
...
}
在我的 main.dart 中
void main() async {
WidgetsFlutterBinding.ensureInitialized();
await Firebase.initializeApp();
// Initialize AppCheck
await FirebaseAppCheck.instance.activate();
...
在 MainActivity.kt 中,我有以下内容:
import io.flutter.embedding.android.FlutterActivity
import android.os.Bundle
import android.util.Log
import com.google.firebase.FirebaseApp
import com.google.firebase.appcheck.FirebaseAppCheck
import com.google.firebase.appcheck.debug.DebugAppCheckProviderFactory
//import com.google.firebase.appcheck.safetynet.SafetyNetAppCheckProviderFactory
class MainActivity: FlutterActivity() {
// For Debug Only. Do not do this for Production
override fun onCreate(savedInstanceState: Bundle?) {
FirebaseApp.initializeApp(this)
Log.e("MainActivity", "onCreate")
val firebaseAppCheck = FirebaseAppCheck.getInstance()
firebaseAppCheck.installAppCheckProviderFactory(DebugAppCheckProviderFactory.getInstance())
super.onCreate(savedInstanceState)
}
}
从logcat中,我可以看到以下日志
com.google.firebase.appcheck.debug.internal.DebugAppCheckProvider: Enter this debug secret into the allow list in the Firebase Console for your project: xxxxxxxxxxxxx
基于令牌,我使用托管调试令牌并将其设置为调试令牌。
使用应用检查
我期待看到经过验证的请求出现。
我还使用 Android Studio profiler 来监控网络,我可以看到一个请求
POST https://firebaseappcheck.googleapis.com/v1beta/projects/<app>/apps/<appid>:exchangeSafetyNetToken?key=<key>
有效负载中是一个 JSON 安全网令牌。
我收到 403 的响应。
请注意,我还没有打开实时数据库的强制执行。
我对 AppCheck 缺少什么?我应该使用模拟器还是仅在真实的物理设备(发布模式)上看到经过验证的请求?
我尝试过onCreate但无法让它工作。
使用MethodChannel工作代替:
// main.dart
void main() async {
// ...
await Firebase.initializeApp();
await FirebaseAppCheck.instance.activate();
// FirebaseAppCheck when enforced would block incoming requests from Android emulator and iOS simulator too.
// This kDebugMode check gets a debug token from FirebaseAppCheck which can then be added on the Firebase
// console so that the emulator and simulator can be allowed to access to Firestore.
if (kDebugMode) {
try {
const MethodChannel methodChannel = MethodChannel("method-channel");
await methodChannel.invokeMethod("getFirebaseAppCheckDebugToken");
} catch (e) {
print("FirebaseAppCheck debug token error: $e");
}
}
// ...
}
// MainActivity.kt
package com.yourname.applicationname
import android.util.Log
import androidx.annotation.NonNull
import com.google.firebase.FirebaseApp
import com.google.firebase.appcheck.FirebaseAppCheck
import com.google.firebase.appcheck.debug.DebugAppCheckProviderFactory
import io.flutter.embedding.android.FlutterActivity
import io.flutter.embedding.engine.FlutterEngine
import io.flutter.plugin.common.MethodChannel
class MainActivity : FlutterActivity() {
override fun configureFlutterEngine(@NonNull flutterEngine: FlutterEngine) {
super.configureFlutterEngine(flutterEngine)
MethodChannel(flutterEngine.dartExecutor.binaryMessenger, "method-channel").setMethodCallHandler { call, result ->
if (call.method == "getFirebaseAppCheckDebugToken") {
FirebaseApp.initializeApp(this)
Log.d("configureFlutterEngine", "FirebaseApp.initializeApp")
val firebaseAppCheck = FirebaseAppCheck.getInstance()
Log.d("configureFlutterEngine", "firebaseAppCheck")
firebaseAppCheck.installAppCheckProviderFactory(DebugAppCheckProviderFactory.getInstance())
Log.d("configureFlutterEngine", "installAppCheckProviderFactory")
result.success("Yay!")
}
}
}
}
在 Flutter 调试模式下在 Android 模拟器上启动每个应用程序的结果:
| 归档时间: |
|
| 查看次数: |
2127 次 |
| 最近记录: |