在服务器上使用Firebase Java库而不进行身份验证过程 [英] Using firebase Java library on server without authentication process
问题描述
我正在使用的服务器用于生成Firebase令牌以及从firebase读取和写入值,我使用的REST API具有不同类型的令牌,令牌具有不同的UID前缀.
The server I am operating is being used to generate Firebase tokens and to read and write values from firebase, I use REST APIs with a different type of token which has different UID prefix.
但是,由于服务器中已添加了许多功能,因此我决定使用Firebase Java库,现在迁移以前为REST API编写的代码.
However, since many features have been added to the server, I decided to use Firebase java library and now migrating the previous code that was written for REST APIs.
问题是,如何使用带令牌的Firebase Java库忽略身份验证过程?
身份验证过程异步运行,因此可以将其应用于客户端应用程序,但不能应用于服务器.
Authentication process runs asynchronously so it can be applied to client application but not to server.
如果验证失败,该怎么办?还是要花太多时间呢?
What if it fails authentication? or what if it takes too much time?
之前的代码仅对每个请求使用auth令牌,如下所示:
The previous code just used auth token for every request like this:
https://abcd.firebaseio.com/ns/blahblah/event?auth =令牌
因此它不需要任何身份验证过程.
So it doesn't need any authentication process.
希望您能理解我的英语不好.谢谢!
Hope you understand my poor English. Thanks!
推荐答案
According to the Firebase documentation for authentication server-side processes, there are three ways to authenticate:
- 使用Firebase应用程序密码
- 使用安全的JWT,并将可选的admin声明设置为true
- 使用安全的JWT,该JWT设计为仅允许访问服务器需要触摸的数据片段.
您当前正在从身份验证服务器获取安全的JWT,因此您正在使用选项2或3.
You are currently getting a secure JWT from your authentication server, so you are using option 2 or 3.
替代方法是使用Firebase应用程序的所谓应用程序密码.您可以在应用程序的仪表板中找到该值,并且该值可以替代当前令牌.
The alternative is to use the so-called app secret of you Firebase application. You can find this value in the Dashboard of the application and it can serve as a drop-in replacement for the current token.
但是我强烈建议不要使用这种方法.珍妮(Jenny)在这里写下了反对它的详尽原因清单: https://stackoverflow.com/a/29240941
However I highly recommend against this approach. Jenny wrote up a pretty exhaustive list of reasons against it here: https://stackoverflow.com/a/29240941
这篇关于在服务器上使用Firebase Java库而不进行身份验证过程的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
