有人可以指定(使用一些示例代码)如何验证google Cloud endpoints 中的firebase令牌?最近提出的问题根本没有澄清(How to integrate firebase authentication with google app engine endpoints)
endpoints 中的Google身份验证通过将用户参数添加到 endpoints 来自动完成 . 可以使用Facebook图形api在 Cloud endpoints 验证Facebook令牌,如下所示:
@ApiMethod(name = "endpoint.addUser", httpMethod = HttpMethod.POST)
public ResultObject addUser(HttpServletRequest request, User pUser) throws OAuthRequestException {
String token = request.getHeader("Authorization");
String graphUrl = "https://graph.facebook.com/v2.6/me?fields=id,name,email&access_token=" + token;
URL u = new URL(g);
URLConnection c = u.openConnection();
BufferedReader in = new BufferedReader(new InputStreamReader(c.getInputStream()));
String inputLine;
StringBuffer b = new StringBuffer();
while ((inputLine = in.readLine()) != null){
b.append(inputLine + "\n");
}
in.close();
graph = b.toString();
JSONObject json = new JSONObject(graph);
facebookId = json.getString("id");
email = json.getString("email");
//...
}
firebase令牌的验证是否像facebook令牌一样简单?是否可以从firebase令牌中检索电子邮件?
2 回答
据我了解文档,您似乎需要在请求中添加用户令牌,例如作为 Headers . 然后,您需要针对Firebase管理员sdk验证此令牌,这样您就可以获得用户ID .
我的代码基于:
https://firebase.google.com/docs/auth/admin/verify-id-tokens
How do I secure my Google Cloud Endpoints APIs with Firebase token verification?
您可以使用
CustomAuthenticator
:在您的API实现中,不要忘记启用自定义身份验证器:
现在,当您调用API时,只需将Cookie
firebase_token
添加到您的请求中即可 .我希望这将有所帮助 .