堆栈内存溢出
  简体   繁体   English

Google App Engine 在不同项目中访问 firebase

[英]Google App Engine access firebase in different project

 原文  2020-05-06 03:05:49       firebase/ google-app-engine/ google-cloud-platform

问题描述

I have setup app engine and firebase at PROJECT A , the app engine used default credentials, and able to access firebase at PROJECT A , however the app engine also need to call我在PROJECT A设置了应用程序引擎和 firebase ,应用程序引擎使用默认凭据,并且能够在PROJECT A访问 firebase ,但是应用程序引擎还需要调用

verifyIdToken()

to verify user in PROJECT B .PROJECT B中验证用户。

What would be the best approach to it?最好的方法是什么?

  1. I can download the firebase credentials from PROJECT B , and use firebase admin sdk to do so, but it seems overkill, because i only needs to verify use token.我可以从PROJECT B下载 firebase 凭据,并使用 firebase 管理员 sdk 这样做,但这似乎有点过头了,因为我只需要验证使用令牌。

  2. Setup firebase IAM permission in PROJECT B for app engine from PROJECT A , so it can access to firebase, theoretically, but in this case, how the app engine get the credentials from firebase in PROJECT B ?PROJECT B中为PROJECT A的应用引擎设置 firebase IAM 权限,因此理论上它可以访问 firebase,但在这种情况下,应用引擎如何从 ZBF12E1515C25C7D8C0352 中的 ZBF12E1515C25C7D8C0352 中获取凭据Definitely not default credentials, right?绝对不是默认凭据,对吧?

2 个解决方案

解决方案1
 0  2020-05-06 03:10:07

You can add the necessary roles from Project B to the service account used by Cloud Functions (it will be <project-a>@appspot.gserviceaccount.com ).您可以将项目 B 中的必要角色添加到 Cloud Functions 使用的服务帐户(它将是<project-a>@appspot.gserviceaccount.com )。 You would do this by visiting the Google Cloud IAM console in Project B and assigning the roles appropriately.为此,您可以访问项目 B 中的 Google Cloud IAM 控制台并适当地分配角色。

Once you do that, you should be able to use default credentials to authorize requests for Project B.完成此操作后,您应该能够使用默认凭据来授权对项目 B 的请求。

Note: There's some nuance here and I haven't directly tried this, but it should work in theory.注意:这里有一些细微差别,我没有直接尝试过,但它应该在理论上有效。

解决方案2
 0  2020-05-06 07:24:34

Found the solution找到了解决方案

using_a_service_account_id using_a_service_account_id

and

Answer from another post 另一个帖子的回答

After setup the IAM role and policy in project B with project A accouint, simply just do使用项目 A 帐户在项目 B 中设置 IAM 角色和策略后,只需执行

projectB_firebase = firebase_admin.initialize_app(options={
    "serviceAccountId": "firebase-adminsdk-xxxxxxx@[projectb].iam.gserviceaccount.com"
}, name="projectB")

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 从Firebase云功能访问Google App Engine端点 - Access Google App Engine endpoint from Firebase cloud function Google App Engine与Firebase - Google App Engine vs Firebase 来自项目 A 的 Google App Engine 无法使用来自项目 B 的 Firebase 云消息传递 - Google App Engine from project A cannot use Firebase Cloud Messaging from project B Flutter app根据用户所在位置访问不同的firebase项目 - Flutter app access different firebase project based on the location of the user 适用于Google App Engine Node.js应用中的Firebase项目的serviceAccountKey.json的安全路径 - secure path for serviceAccountKey.json for a Firebase project in Google App Engine Node.js app 具有Firebase和Google App引擎的Java服务器 - Java server with Firebase and Google App engine 在谷歌应用引擎上运行 firebase admin 和 firestore - Running firebase admin and firestore on google app engine Google App引擎中的Firebase管理员SDK设置 - Firebase admin SDK setup in Google App engine Google App Engine Firebase导入错误 - Google App engine Firebase import error 从Google App Engine调用Firebase数据库 - Call Firebase database from Google App Engine
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM