我正在使用Google App Engine标准环境(Python)和带有Firebase的Cloud Endpoints开发移动应用程序的后端进行身份验证 . 此后端需要连接到使用Unity创建的前端 .
I am having trouble with Cloud Endpoints reading the authentication token being sent from the Unity frontend after logging in to Firebase. 每次尝试发送经过身份验证的请求时,App Engine都会记录状态"No auth token is attached to the request" .
以下是Cloud Endpoints声明,其中包含Firebase作为我的主Python文件中的颁发者:
@endpoints.api(name='connected',
version='v4.4.0',
allowed_client_ids=["32366828803-g14dan8j9m1dhises6namb5vpebopgpd.apps.googleusercontent.com "],
issuers={'firebase': endpoints.Issuer('https://securetoken.google.com/fleet-fortress-211105',
'https://www.googleapis.com/service_accounts/v1/metadata/x509/securetoken@system.gserviceaccount.com')})
以下是具有安全性定义的swagger.yaml文件的结尾:
securityDefinitions:
firebase:
authorizationUrl: ''
flow: implicit
type: oauth2
x-google-issuer: 'https://securetoken.google.com/fleet-fortress-211105'
x-google-jwks_uri: 'https://www.googleapis.com/service_accounts/v1/metadata/x509/securetoken@system.gserviceaccount.com'
x-google-audiences: "32366828803-g14dan8j9m1dhises6namb5vpebopgpd.apps.googleusercontent.com"
security:
- firebase: []
我将从Firebase收到的身份验证令牌发送到授权标头中的我的Cloud Endpoints API(例如授权:承载{令牌}) .
正在发送的 Headers :request headers
解码后的JWT作为承载在授权标头中发送:
{
"iss": "https://securetoken.google.com/fleet-fortress-211105",
"aud": "fleet-fortress-211105",
"auth_time": 1533831541,
"user_id": "8VdGVw9cF8V9QtfIZpgnD4DHKsY2",
"sub": "8VdGVw9cF8V9QtfIZpgnD4DHKsY2",
"iat": 1533831566,
"exp": 1533835166,
"email": "XXXX@gmail.com",
"email_verified": false,
"firebase": {
"identities": {
"email": [
"XXXX@gmail.com"
]
},
"sign_in_provider": "password"
}
}
Any help in getting my GAE Cloud Endpoints backend to read the authorization header for a JWT is greatly appreciated.
1 回答
我不知道为什么会记录这个错误;授权头正确包含一个Bearer令牌,这是必需的 .
但是,该错误消息实际上不应该停止身份验证 . (Python框架中的身份验证系统有点混乱,并且有两个并行的主要工作实现 . )
相反,您需要在每个要保护的方法中调用
endpoints.get_current_user()
.