问题描述

我当前在移动应用中使用Firebase身份验证.后端是一个Spring Boot应用程序.后端的REST API依靠从Firebase身份验证生成的令牌来检索用户的Firebase UID(verifyIDToken方法)以执行更多功能.当前，我注意到在Firebase Java API(基于服务器)中，无法为用户生成令牌，因此，我没有简单的方法可以在依赖用户身份验证的服务器上进行JUnit测试.有人知道如何执行此操作吗?

I am currently using Firebase Authentication in my mobile app. The back end is a Spring boot application. The REST APIs on the back end relies on a token generated from Firebase Authentication to retrieve the Firebase UID (verifyIDToken method) of a user to perform further functions.Currently, I notice that in Firebase Java API (server-based), there is no way of generating a token for a user, thus there is no easy way for me to do JUnit testing on the server that relies on user authentication. Anyone has clues on how to do so?

这是无效的示例代码:

@RequestMapping(value = "/api/subscribeChannel/{channelid}", method = RequestMethod.GET, produces = "application/json")
public DeferredResult<Object> subscribeChannel(@PathVariable Long channelid,@RequestHeader(value=FIREBASETOKEN, required = true) String idToken) {


    DeferredResult<Object> result = new DeferredResult<Object>(DEFERREDTIMEOUT);

    // test it out with a locally generated token
    idToken = FirebaseAuth.getInstance().createCustomToken("valid Uid");

    Task<FirebaseToken> task = FirebaseAuth.getInstance().verifyIdToken(idToken)
            .addOnSuccessListener(new OnSuccessListener<FirebaseToken>() {
                @Override
                public void onSuccess(FirebaseToken decodedToken) {
                    String uid = decodedToken.getUid();
                    logger.info("Subscribe channel on success");

                        // do something

                        ret.setStatus("success");
                        ret.setMessage("channel id " + channelid + " subscribed");

                        result.setResult(ret);
                    } else {
                        result.setErrorResult(retStatus.getMessage());
                    }

                }
        }) .addOnFailureListener(new OnFailureListener() {

            @Override
            public void onFailure(Exception arg0) {
                Exception te = new TokenNotFoundException(idToken);
                logger.error("Token Not Found for " + idToken);
                result.setErrorResult(te);

            }

        });

    return result;

}

推荐答案

您获得的自定义令牌与您用于登录的ID令牌不同.要从自定义令牌中获取ID令牌，请执行以下操作:

The custom token you get is different from the ID token that you use to log on. To get an id token from a custom token, do this:

private static final String ID_TOOLKIT_URL =
	      "https://www.googleapis.com/identitytoolkit/v3/relyingparty/verifyCustomToken";
	  private static final JsonFactory jsonFactory = Utils.getDefaultJsonFactory();
	  private static final HttpTransport transport = Utils.getDefaultTransport();
    private static final String FIREBASE_API_KEY = "<your api key here>";

private String signInWithCustomToken(String customToken) throws IOException {
	    GenericUrl url = new GenericUrl(ID_TOOLKIT_URL + "?key="
	        + FIREBASE_API_KEY);
	    Map<String, Object> content = ImmutableMap.<String, Object>of(
	        "token", customToken, "returnSecureToken", true);
	    HttpRequest request = transport.createRequestFactory().buildPostRequest(url,
	        new JsonHttpContent(jsonFactory, content));
	    request.setParser(new JsonObjectParser(jsonFactory));
	    com.google.api.client.http.HttpResponse response = request.execute();
	    try {
	      GenericJson json = response.parseAs(GenericJson.class);
	      return json.get("idToken").toString();
	    } finally {
	      response.disconnect();
	    }
	  }

这篇关于如何在具有身份验证的Firebase Java上运行JUnit测试?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！