Firebase Admin SDK GO VerifyIDToken 不返回 App Engine 上下文错误
[英]Firebase Admin SDK GO VerifyIDToken returns not an App Engine context error
问题描述
I have a user authenticated with Firebase and what I want to do is to authenticate this user on the backend(Google cloud platform / Go) as well.
我有一个通过 Firebase 身份验证的用户,我想做的是在后端(Google 云平台/Go)上对该用户进行身份验证。 I followed along with the document on Firebase我跟着Firebase上的文档
I get the idToken on the front end and send the token on the header to the server running on my localhost with the following code.我在前端获取 idToken 并使用以下代码将标头上的令牌发送到在我的本地主机上运行的服务器。
idToken = firebase.auth().currentUser.getIdToken()
axios({
method: 'POST',
url: 'https://localhost:8080/users',
headers: {
'Authentication-Token': idToken
},
data: {
name: 'My name',
user_name: 'my_user_name',
email: 'example@example.com'
}
})
On the backend I want to verify the idToken.在后端,我想验证 idToken。 I first create the auth client with the following code.我首先使用以下代码创建身份验证客户端。
opt := option.WithCredentialsFile("firebase_credential.json")
app, err := firebase.NewApp(context.Background(), nil, opt)
client, err := app.Auth(context.Background())
With the client and the idToken from the frontend I tried the code below.使用客户端和前端的 idToken,我尝试了下面的代码。
t, err := client.VerifyIDToken(context.Background(), idToken)
How ever this throws an error of这怎么会抛出一个错误
{"message":"Get https://www.googleapis.com/robot/v1/metadata/x509/securetoken@system.gserviceaccount.com: oauth2: cannot fetch token: Post https://accounts.google.com/o/oauth2/token: not an App Engine context"}
I also tried to curl the same request to the sever but the same error came out.我也试图curl到服务器相同的请求,但同样的错误就出来了。
curl -X POST -H "Authentication-Token:hogehogemytoken" -d '{"name":"My name","user_name":"my user name","email":"example@example.com"}' http://localhost:8080/users
I am quite sure that I'm sending the right token.我很确定我发送的是正确的令牌。 Any ideas?有任何想法吗?
2 个解决方案
解决方案1
1 2018-02-18 07:57:43
It seems that in appengine Standard enviroment I had to use似乎在 appengine Standard 环境中我不得不使用
ctx := appengine.NewContext(r)
rather than the而不是
ctx := context.Background()
In an appengine request context, more complex things have to be handled since they are the API request context.在 appengine 请求上下文中,必须处理更复杂的事情,因为它们是 API 请求上下文。 On the other hand the general context.Background() is for general uses and therefore is not associated with incoming Http requests.另一方面,一般context.Background()用于一般用途,因此与传入的 Http 请求无关。
So my solution here was to pass the appengine.NewContext(r) in the init.go like below.所以我的解决方案是在 init.go 中传递appengine.NewContext(r) ,如下所示。
r.POST("/users", func(c *gin.Context) { up.CreateUser(c, appengine.NewContext(c.Request)) })
pass around this appengine context to the verify token.将此 appengine 上下文传递给验证令牌。
func (c authClient) VerifyToken(ctx context.Context, token string) (IDToken, error) {
opt := option.WithCredentialsFile("firebasecredential.json")
app, err := firebase.NewApp(ctx, nil, opt)
if err != nil {
return nil, err
}
client, err := app.Auth(ctx)
if err != nil {
return nil, err
}
t, err := client.VerifyIDToken(ctx, token)
if err != nil {
return nil, err
}
return idToken{t}, nil
}
解决方案2
0 2018-02-22 08:00:22
VerifyIDToken doesn't support context, check documentation as of now: VerifyIDToken不支持上下文,请检查目前的文档:
func (c *Client) VerifyIDToken(idToken string) (*Token, error)
The link in your comment points to the Future Request (FR), which means it's yet to be implemented, so it is not a bug.您评论中的链接指向未来请求 (FR),这意味着它尚未实施,因此它不是错误。
You can use VerifyIDTokenAndCheckRevoked does:你可以使用VerifyIDTokenAndCheckRevoked做:
func (c *Client) VerifyIDTokenAndCheckRevoked(ctx context.Context, idToken string) (*Token, error)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.