问题描述
作为解决方案的一部分,我们在每个客户站点部署了 FCM应用服务器".每个客户站点都需要生成自己的发件人 ID 和服务器 ID,以便与我们的应用一起使用.
As part of our solution, we deploy an FCM "app server" at each of our customer sites. Each customer site need to generate their own sender id and server id for use with our app.
默认的 FCM 实现将发件人 ID 和服务器密钥放在 plist (iOS)/json (Android) 中,该 plist (iOS)/json (Android) 在编译时集成到应用程序代码中.但是,由于我们有多个现有客户并将有新客户,因此我们的移动应用需要能够向客户应用服务器发出服务调用,检索发件人 ID 和服务器密钥,并在运行时将它们加载到 FCM 中.
The default FCM implementation places the Sender ID and Server Key in a plist (iOS) / json (Android) which is integrated into the app code at compile-time. However since we have multiple current customers and will have new customers, our mobile app needs to be able to make a service call to the customer App Server, retrieve the Sender ID and Server Key, and load those into FCM at runtime.
我们已经看到了一些关于 getToken 来完成注册多个sender,但我们只需要注册1个sender,完全绕过plist/json.
We've seen some documentation around getToken to accomplish registering with multiple senders, but we only need to register with 1 sender and completely bypass the plist/json.
问题:我们如何以编程方式加载发件人 ID 和服务器密钥,而不是使用 GoogleService-Info.plist (iOS)/google-services.json (Android).
Question: How can we programmatically load Sender ID and Server Key instead of using GoogleService-Info.plist (iOS) / google-services.json (Android).
有关更多上下文,这是我们最近相关的同一工作流的安全问题.
For more context, here is our recent related question about security for the same workflow.
推荐答案
您的客户端应用程序中没有包含服务器密钥的任何地方.顾名思义,Server Key 保存在 App Server 端.从 Firebase 控制台获取的 json/plist 文件中包含的唯一发件人 ID 是项目的发件人 ID.FCM 不使用 google-services.json 文件中的任何类型的 API 密钥(请参阅我的回答 此处).
There is nowhere in your client app that the Server Key is included. Like the name implies, the Server Key is kept on the App Server side. The only Sender ID that is included in the json/plist file you get from the Firebase Console is the Sender ID for your project. FCM doesn't use any kind of API key that is in the google-services.json file (see my answer here).
我们如何以编程方式加载发件人 ID 和服务器密钥,而不是使用 GoogleService-Info.plist (iOS)/google-services.json (Android).
注册新服务器时,您只需要发件人 ID.然后只需调用 getToken(authorizedEntity, scope)
.这可以通过实现一个函数来实现,该函数从您的应用服务器端获取有效发件人的列表,然后在客户端有一个副本,如果包含新的发件人,请让您的应用授权它作为一个有效的发件人.
When registering a new server, you would only need the Sender ID. Then simply call getToken(authorizedEntity, scope)
. This could be possible, by implementing a function that gets a list of valid senders from your App Server side and then have a copy on the client side, if there is a new Sender included, have your app authorize it as a valid sender.
这篇关于多个 FCM 发件人:在移动应用程序上以编程方式加载发件人 ID 和服务器密钥的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!