[英]How to integrate firebase authentication with google app engine endpoints
[英]Integrate firebase auth with google app engine cloud endpoints
有人可以指定(使用一些示例代碼)如何驗證google雲端點中的firebase令牌? 最近提出的問題根本沒有澄清( 如何將firebase身份驗證與Google應用引擎端點集成 )
端點中的Google身份驗證是通過將用戶參數添加到端點來自動完成的。 可以使用facebook圖api在雲端點驗證Facebook令牌,如下所示:
@ApiMethod(name = "endpoint.addUser", httpMethod = HttpMethod.POST)
public ResultObject addUser(HttpServletRequest request, User pUser) throws OAuthRequestException {
String token = request.getHeader("Authorization");
String graphUrl = "https://graph.facebook.com/v2.6/me?fields=id,name,email&access_token=" + token;
URL u = new URL(g);
URLConnection c = u.openConnection();
BufferedReader in = new BufferedReader(new InputStreamReader(c.getInputStream()));
String inputLine;
StringBuffer b = new StringBuffer();
while ((inputLine = in.readLine()) != null){
b.append(inputLine + "\n");
}
in.close();
graph = b.toString();
JSONObject json = new JSONObject(graph);
facebookId = json.getString("id");
email = json.getString("email");
//...
}
firebase令牌的驗證是否像facebook令牌一樣簡單? 是否可以從firebase令牌中檢索電子郵件?
據我所知,文檔似乎需要將用戶令牌添加到您的請求中,例如作為標題。 然后,您需要針對Firebase管理員sdk驗證此令牌,這樣您就可以獲得用戶ID。
@ApiMethod(name = "someApiCall", httpMethod = ApiMethod.HttpMethod.POST)
public YourResponse someApiCall(YourRequestObject body, HttpServletRequest httpRequest) {
String userToken = httpRequest.getHeader("USER_TOKEN_HEADER");
Task<FirebaseToken> authTask = FirebaseAuth.getInstance().verifyIdToken(userToken)
.addOnSuccessListener(new OnSuccessListener<FirebaseToken>() {
@Override
public void onSuccess(FirebaseToken firebaseToken) {
}
});
try {
Tasks.await(authTask);
} catch (ExecutionException e) {
} catch (InterruptedException e) {
}
FirebaseToken result = authTask.getResult();
String userId = result.getUid();
return new YourResponse();
}
我的代碼基於:
https://firebase.google.com/docs/auth/admin/verify-id-tokens
您可以使用CustomAuthenticator
:
public class CustomAuthenticator implements Authenticator {
private static final Logger LOG = Logger.getLogger(CustomAuthenticator.class.getName());
private static final String COOKIE_FIREBASE_TOKEN = "firebase_token";
static {
LOG.info("CustomAuthenticator: initializing");
InputStream serviceAccountResourceStream = CustomAuthenticator.class.getResourceAsStream("/serviceAccountKey.json");
FirebaseOptions options = new FirebaseOptions.Builder()
.setServiceAccount(serviceAccountResourceStream)
.build();
FirebaseApp.initializeApp(options);
LOG.info("CustomAuthenticator: initialized");
}
@Override
public User authenticate(HttpServletRequest httpServletRequest) {
User user = null;
if (httpServletRequest.getCookies() != null) {
for (Cookie cookie : httpServletRequest.getCookies()) {
if (cookie.getName().equals(COOKIE_FIREBASE_TOKEN)) {
FirebaseToken firebaseToken = FirebaseAuth.getInstance().verifyIdToken(cookie.getValue()).getResult();
user = new User(firebaseToken.getUid(), firebaseToken.getEmail());
}
}
}
return user;
}
}
在您的API實現中,不要忘記啟用自定義身份驗證器:
@Api(name = "exampleWithAuth",
version = "v1",
...
auth = @ApiAuth(allowCookieAuth = AnnotationBoolean.TRUE), // This is needed to process your cookie for the token
authenticators = {CustomAuthenticator.class} // Declare your custom authenticator
)
public class ExampleWithAuthEndpoint {
@ApiMethod(httpMethod = "GET", path = "example")
public Example getExample(User user /* Add User to enable API authentication */) {
if (user != null) {
// Do something
}
return null;
}
}
現在,當您調用API時,只需將cookie firebase_token
添加到您的請求中即可。
我希望這將有所幫助。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.