Can someone specify (with some sample code) how to verify the firebase token in an google cloud endpoint? The recently asked question does not clarifiy it at all (How to integrate firebase authentication with google app engine endpoints)
有人可以指定(使用一些示例代码)如何验证google云端点中的firebase令牌?最近提出的问题根本没有澄清(如何将firebase身份验证与google app引擎端点集成)
Google Authentication in endpoint is done automatically by adding the User Parameter to an endpoint. Facebook Tokens can be verified in an cloud endpoint with the facebook graph api like this:
端点中的Google身份验证通过将用户参数添加到端点来自动完成。可以使用Facebook图形api在云端点验证Facebook令牌,如下所示:
@ApiMethod(name = "endpoint.addUser", httpMethod = HttpMethod.POST)
public ResultObject addUser(HttpServletRequest request, User pUser) throws OAuthRequestException {
String token = request.getHeader("Authorization");
String graphUrl = "https://graph.facebook.com/v2.6/me?fields=id,name,email&access_token=" + token;
URL u = new URL(g);
URLConnection c = u.openConnection();
BufferedReader in = new BufferedReader(new InputStreamReader(c.getInputStream()));
String inputLine;
StringBuffer b = new StringBuffer();
while ((inputLine = in.readLine()) != null){
b.append(inputLine + "\n");
}
in.close();
graph = b.toString();
JSONObject json = new JSONObject(graph);
facebookId = json.getString("id");
email = json.getString("email");
//...
}
Is the verification of the firebase token as easy as the facebook token? Is it possible to retrieve the email from an firebase token?
firebase令牌的验证是否像facebook令牌一样简单?是否可以从firebase令牌中检索电子邮件?
2 个解决方案
#1
2
As far as I understand the documentation it seems you need to add user token to your request, for example as a header. Then you need to verify this token against Firebase admin sdk, and this way you'd get user id.
据我了解文档,您似乎需要在请求中添加用户令牌,例如作为标题。然后,您需要针对Firebase管理员sdk验证此令牌,这样您就可以获得用户ID。
@ApiMethod(name = "someApiCall", httpMethod = ApiMethod.HttpMethod.POST)
public YourResponse someApiCall(YourRequestObject body, HttpServletRequest httpRequest) {
String userToken = httpRequest.getHeader("USER_TOKEN_HEADER");
Task<FirebaseToken> authTask = FirebaseAuth.getInstance().verifyIdToken(userToken)
.addOnSuccessListener(new OnSuccessListener<FirebaseToken>() {
@Override
public void onSuccess(FirebaseToken firebaseToken) {
}
});
try {
Tasks.await(authTask);
} catch (ExecutionException e) {
} catch (InterruptedException e) {
}
FirebaseToken result = authTask.getResult();
String userId = result.getUid();
return new YourResponse();
}
I based my code on:
我的代码基于:
https://firebase.google.com/docs/auth/admin/verify-id-tokens
https://firebase.google.com/docs/auth/admin/verify-id-tokens
How do I secure my Google Cloud Endpoints APIs with Firebase token verification?
如何使用Firebase令牌验证保护Google Cloud Endpoints API?
#2
1
You can use a CustomAuthenticator
:
您可以使用CustomAuthenticator:
public class CustomAuthenticator implements Authenticator {
private static final Logger LOG = Logger.getLogger(CustomAuthenticator.class.getName());
private static final String COOKIE_FIREBASE_TOKEN = "firebase_token";
static {
LOG.info("CustomAuthenticator: initializing");
InputStream serviceAccountResourceStream = CustomAuthenticator.class.getResourceAsStream("/serviceAccountKey.json");
FirebaseOptions options = new FirebaseOptions.Builder()
.setServiceAccount(serviceAccountResourceStream)
.build();
FirebaseApp.initializeApp(options);
LOG.info("CustomAuthenticator: initialized");
}
@Override
public User authenticate(HttpServletRequest httpServletRequest) {
User user = null;
if (httpServletRequest.getCookies() != null) {
for (Cookie cookie : httpServletRequest.getCookies()) {
if (cookie.getName().equals(COOKIE_FIREBASE_TOKEN)) {
FirebaseToken firebaseToken = FirebaseAuth.getInstance().verifyIdToken(cookie.getValue()).getResult();
user = new User(firebaseToken.getUid(), firebaseToken.getEmail());
}
}
}
return user;
}
}
In your API implementation, don't forget to enable your custom authenticator:
在您的API实现中,不要忘记启用自定义身份验证器:
@Api(name = "exampleWithAuth",
version = "v1",
...
auth = @ApiAuth(allowCookieAuth = AnnotationBoolean.TRUE), // This is needed to process your cookie for the token
authenticators = {CustomAuthenticator.class} // Declare your custom authenticator
)
public class ExampleWithAuthEndpoint {
@ApiMethod(httpMethod = "GET", path = "example")
public Example getExample(User user /* Add User to enable API authentication */) {
if (user != null) {
// Do something
}
return null;
}
}
Now when you call your API, just add the cookie firebase_token
to your request.
现在,当您调用API时,只需将cookie firebase_token添加到您的请求中即可。
I hope this will help.
我希望这将有所帮助。
#1
2
As far as I understand the documentation it seems you need to add user token to your request, for example as a header. Then you need to verify this token against Firebase admin sdk, and this way you'd get user id.
据我了解文档,您似乎需要在请求中添加用户令牌,例如作为标题。然后,您需要针对Firebase管理员sdk验证此令牌,这样您就可以获得用户ID。
@ApiMethod(name = "someApiCall", httpMethod = ApiMethod.HttpMethod.POST)
public YourResponse someApiCall(YourRequestObject body, HttpServletRequest httpRequest) {
String userToken = httpRequest.getHeader("USER_TOKEN_HEADER");
Task<FirebaseToken> authTask = FirebaseAuth.getInstance().verifyIdToken(userToken)
.addOnSuccessListener(new OnSuccessListener<FirebaseToken>() {
@Override
public void onSuccess(FirebaseToken firebaseToken) {
}
});
try {
Tasks.await(authTask);
} catch (ExecutionException e) {
} catch (InterruptedException e) {
}
FirebaseToken result = authTask.getResult();
String userId = result.getUid();
return new YourResponse();
}
I based my code on:
我的代码基于:
https://firebase.google.com/docs/auth/admin/verify-id-tokens
https://firebase.google.com/docs/auth/admin/verify-id-tokens
How do I secure my Google Cloud Endpoints APIs with Firebase token verification?
如何使用Firebase令牌验证保护Google Cloud Endpoints API?
#2
1
You can use a CustomAuthenticator
:
您可以使用CustomAuthenticator:
public class CustomAuthenticator implements Authenticator {
private static final Logger LOG = Logger.getLogger(CustomAuthenticator.class.getName());
private static final String COOKIE_FIREBASE_TOKEN = "firebase_token";
static {
LOG.info("CustomAuthenticator: initializing");
InputStream serviceAccountResourceStream = CustomAuthenticator.class.getResourceAsStream("/serviceAccountKey.json");
FirebaseOptions options = new FirebaseOptions.Builder()
.setServiceAccount(serviceAccountResourceStream)
.build();
FirebaseApp.initializeApp(options);
LOG.info("CustomAuthenticator: initialized");
}
@Override
public User authenticate(HttpServletRequest httpServletRequest) {
User user = null;
if (httpServletRequest.getCookies() != null) {
for (Cookie cookie : httpServletRequest.getCookies()) {
if (cookie.getName().equals(COOKIE_FIREBASE_TOKEN)) {
FirebaseToken firebaseToken = FirebaseAuth.getInstance().verifyIdToken(cookie.getValue()).getResult();
user = new User(firebaseToken.getUid(), firebaseToken.getEmail());
}
}
}
return user;
}
}
In your API implementation, don't forget to enable your custom authenticator:
在您的API实现中,不要忘记启用自定义身份验证器:
@Api(name = "exampleWithAuth",
version = "v1",
...
auth = @ApiAuth(allowCookieAuth = AnnotationBoolean.TRUE), // This is needed to process your cookie for the token
authenticators = {CustomAuthenticator.class} // Declare your custom authenticator
)
public class ExampleWithAuthEndpoint {
@ApiMethod(httpMethod = "GET", path = "example")
public Example getExample(User user /* Add User to enable API authentication */) {
if (user != null) {
// Do something
}
return null;
}
}
Now when you call your API, just add the cookie firebase_token
to your request.
现在,当您调用API时,只需将cookie firebase_token添加到您的请求中即可。
I hope this will help.
我希望这将有所帮助。