Google身份工具包-密码重置流程已中断 [英] Google Identity Toolkit - Password Reset flow is broken

问题描述

我已经在自己的网站上使用Google Identity Toolkit(用于网络)超过2年了.最近，我发现密码重置流程已损坏.当我尝试忘记密码"时，选中recapcha复选框，然后单击继续"，我收到一条错误消息请求失败.请重试."

I have been using Google Identity Toolkit (for web) on my site for more than 2 years. Recently I found that the password reset flow is broken. When I try to "Forgot Password", check the recaptcha checkbox and click Continue, I get an error "Request failed. Please try again."

在控制台中，我看到以下内容:

In the console I see this:

[ 28.949s] [identitytoolkit] Error: Invalid JSON string: Password reset email sent successfully.
     Gj @   gitkit.js:254
Ej.addLogRecord @   gitkit.js:254
Zi.log  @   gitkit.js:237
R   @   gitkit.js:254
(anonymous) @   gitkit.js:255
Yc  @   gitkit.js:44
g.dispatchEvent @   gitkit.js:42
tj  @   gitkit.js:247
lj.onReadyStateChangeEntryPoint_    @   gitkit.js:245
lj.onReadyStateChange_  @   gitkit.js:245
XMLHttpRequest.send (async)     
lj.send @   gitkit.js:242
Mj  @   gitkit.js:255
Lj.requestRpEndpoint    @   gitkit.js:256
g.requestRpEndpoint @   gitkit.js:259
(anonymous) @   gitkit.js:4
N   @   gitkit.js:190
Fh  @   gitkit.js:190
Sm  @   gitkit.js:334
(anonymous) @   gitkit.js:335
(anonymous) @   gitkit.js:80
(anonymous) @   gitkit.js:77
Yc  @   gitkit.js:44
g.dispatchEvent @   gitkit.js:42
fd  @   gitkit.js:47
ed.handleClick_ @   gitkit.js:47
Uc  @   gitkit.js:39
Rc  @   gitkit.js:41
Pc.b    @   gitkit.js:37

即使错误显示电子邮件发送成功"，也未发送.我不知道它已经被破解了多久了.我昨天才发现的.

Even though the error says "email sent successfully", it's not sent. I do not know how long it has been broken for. I only found it yesterday.

我正在使用此脚本:

https://www.gstatic.com/authtoolkit/js/gitkit.js在我的网站上.

我希望Gooogle Identity Toolkit团队的成员可以对此提供帮助.

I hope someone from the Gooogle Identity Toolkit team can help on this.

更新1:

服务器端代码:

OobResponse oobResponse = gitkitClient.getOobResponse(request);
OobAction oobAction = oobResponse.getOobAction();

// For DEBUG
logger.info("oobAction : " + oobAction);
String action = request.getParameter("action");
logger.info("action : " + action); // returns null
logger.info("response: " + request.getParameter("response")); // returns a long string
logger.info("responseBody : " + oobResponse.getResponseBody()); // returns {"error": "CAPTCHA_CHECK_FAILED" }
logger.info("email : " + oobResponse.getEmail()); // returns null

// If reset password
if (OobAction.RESET_PASSWORD.equals(oobAction)) {
    Optional<String> forgotPasswordLinkOpt = oobResponse.getOobUrl();               
    String passwordResetLink = forgotPasswordLinkOpt.get();

    sendMailService.sendPasswordResetEmail(oobResponse.getEmail(), passwordResetLink);

    return(oobResponse.getResponseBody());              
}   

oobAction即将成为null，因此未发送链接.但是action的值为resetPassword. "responseBody"正在返回 {"error": "CAPTCHA_CHECK_FAILED" }.我需要在最后对Recaptcha字符串进行一些配置吗?

The oobAction is coming out to be null and therefore the link is not being sent. But action has a value of resetPassword. 'responseBody' is returning {"error": "CAPTCHA_CHECK_FAILED" }. Do I need to do some configuration for the recaptcha string at my end?

我正在使用Maven存储库中的gitkitclient v1.2.7:

I'm using v1.2.7 of gitkitclient from the Maven repo:

https://mvnrepository.com/artifact/com.google.identitytoolkit/gitkitclient

推荐答案

该问题已由Google团队在后端解决，而我对此没有任何改变.有关详细信息，请参见原始问题的评论.

The issue was fixed by the Google team on the backend without any change from my end. See comments on the original issue for details.

这篇关于Google身份工具包-密码重置流程已中断的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！