firebase-server-sdk验证令牌服务器端java.lang.IllegalStateException:任务尚未完成
[英]firebase-server-sdk verify token server side java.lang.IllegalStateException: Task is not yet complete
问题描述
I'm having trouble using the firebase-server-sdk with java, and verifying tokens server side. 
我在将firebase-server-sdk与java结合使用并验证令牌服务器端时遇到问题。 I have a rest controller setup to take a token from a client, then I run the following code. 我有一个休息控制器设置,可以从客户端获取令牌,然后运行以下代码。
FirebaseAuthVerifier.java FirebaseAuthVerifier.java
@Service
public class FirebaseAuthVerifier implements AuthVerifier {
Logger logger = LoggerFactory.getLogger(this.getClass());
public boolean verify(AuthToken token) throws GeneralSecurityException, IOException {
Task<FirebaseToken> fbTask = FirebaseAuth.getInstance().verifyIdToken(token.getTokenId());
fbTask.getResult();
return fbTask.isSuccessful();
}
}
FirebaseAuthController FirebaseAuthController
@RestController
@RequestMapping("/api/firebase/auth")
public class FirebaseAuthController {
@Autowired
private FirebaseAuthVerifier glAuthVerifier;
@ResponseBody
@CrossOrigin(origins = "http://localhost:3000")
@RequestMapping(value = "/verify", method = RequestMethod.POST, headers = "Content-Type=application/json", consumes = "application/json", produces = "application/json")
public ResponseEntity<AuthTokenVerification> verify(@RequestBody GoogleAuthToken glAuthToken) throws GeneralSecurityException, IOException {
// init return
AuthTokenVerification glAuthTokenVerification = new GoogleAuthTokenVerification();
// verify token
boolean isVerified = this.glAuthVerifier.verify(glAuthToken);
glAuthTokenVerification.setIsVerified(isVerified);
// return json response
ResponseEntity<AuthTokenVerification> response = new ResponseEntity<>(glAuthTokenVerification, HttpStatus.OK);
return response;
}
}
but I receive an exception 但我收到一个例外
java.lang.IllegalStateException: Task is not yet complete
I'm trying to do something simple here, but I'm not sure how to have java wait for completion here. 我试图在这里做一些简单的事情,但是我不确定如何在这里等待java等待完成。
1 个解决方案
解决方案1
0 2016-08-30 21:16:24
Using custom jwt id token validation. 使用自定义的jwt id令牌验证。
@Service
public class FirebaseAuthVerifier implements AuthVerifier {
private static final Logger logger = LoggerFactory.getLogger(FirebaseAuthVerifier.class);
private static final String pubKeyUrl = "https://www.googleapis.com/robot/v1/metadata/x509/securetoken@system.gserviceaccount.com";
/**
*
* @param token
* @return
* @throws GeneralSecurityException
* @throws IOException
*/
public boolean verify(AuthToken token) throws GeneralSecurityException, IOException {
// get public keys
JsonObject publicKeys = getPublicKeysJson();
// verify count
int size = publicKeys.entrySet().size();
int count = 0;
// get json object as map
// loop map of keys finding one that verifies
for (Map.Entry<String, JsonElement> entry: publicKeys.entrySet()) {
// log
logger.info("attempting jwt id token validation with: ");
try {
// trying next key
count++;
// get public key
PublicKey publicKey = getPublicKey(entry);
// validate claim set
Jwts.parser().setSigningKey(publicKey).parse(token.getTokenId());
// success, we can return
return true;
} catch(Exception e) {
// log
logger.info("Firebase id token verification error: ");
logger.info(e.getMessage());
// claims may have been tampered with
// if this is the last key, return false
if (count == size) {
return false;
}
}
}
// no jwt exceptions
return true;
}
/**
*
* @param entry
* @return
* @throws GeneralSecurityException
*/
private PublicKey getPublicKey(Map.Entry<String, JsonElement> entry) throws GeneralSecurityException, IOException {
String publicKeyPem = entry.getValue().getAsString()
.replaceAll("-----BEGIN (.*)-----", "")
.replaceAll("-----END (.*)----", "")
.replaceAll("\r\n", "")
.replaceAll("\n", "")
.trim();
logger.info(publicKeyPem);
// generate x509 cert
InputStream inputStream = new ByteArrayInputStream(entry.getValue().getAsString().getBytes("UTF-8"));
CertificateFactory cf = CertificateFactory.getInstance("X.509");
X509Certificate cert = (X509Certificate)cf.generateCertificate(inputStream);
return cert.getPublicKey();
}
/**
*
* @return
* @throws IOException
*/
private JsonObject getPublicKeysJson() throws IOException {
// get public keys
URI uri = URI.create(pubKeyUrl);
GenericUrl url = new GenericUrl(uri);
HttpTransport http = new NetHttpTransport();
HttpResponse response = http.createRequestFactory().buildGetRequest(url).execute();
// store json from request
String json = response.parseAsString();
// disconnect
response.disconnect();
// parse json to object
JsonObject jsonObject = new JsonParser().parse(json).getAsJsonObject();
return jsonObject;
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
java.lang.IllegalStateException:没有服务器 ALPNProcessors - WireMock - java.lang.IllegalStateException: No Server ALPNProcessors - WireMock
java.lang.IllegalStateException:尚未连接GoogleApiClient - java.lang.IllegalStateException: GoogleApiClient is not connected yet
java.lang.IllegalStateException:GoogleApiClient尚未连接 - java.lang.IllegalStateException: GoogleApiClient is not connected yet
如何解决java.lang.IllegalStateException:服务器处于错误状态异常 - How to solve java.lang.IllegalStateException: server in wrong state Exception
如何使服务器返回json而不是字符串(java.lang.IllegalStateException) - how to make server return json not string (java.lang.IllegalStateException)
具有java.lang.illegalstateexception state == header的WebSphere服务器和Jetty客户端 - WebSphere server and Jetty client with java.lang.illegalstateexception state==header
无法启动网络服务器; 嵌套异常是 java.lang.IllegalStateException - Unable to start web server; nested exception is java.lang.IllegalStateException
java.lang.IllegalStateException - java.lang.IllegalStateException
致命异常:java.lang.IllegalStateException尚未连接GoogleApiClient - Fatal Exception: java.lang.IllegalStateException GoogleApiClient is not connected yet
引起:java.lang.IllegalStateException:GoogleApiClient 尚未连接 - Caused by: java.lang.IllegalStateException: GoogleApiClient is not connected yet
相关标签