带有ID令牌的REST API Firestore身份验证 [英] REST API Firestore authentication with ID Token

问题描述

我有一个Firestore数据库和一个用户.在用户通过REST请求登录后，我能够为该用户检索ID令牌.

I have a Firestore DB and one user. I am able to retrieve an ID Token for the user after they sign-in via a request with REST.

我将ID令牌用于从数据库读取/写入的请求.

I am to use the ID Token with requests to read/write from the DB.

以这种方式通过Python请求打开安全规则(任何人都可以读/写)时，我能够读写Firestore:

I am able to read and write to the Firestore when the security rules are open (anyone can read/write) in this manner, with Python requests:

headers = {
    'Content-Type': 'application/json',
}

url = 'https://firestore.googleapis.com/v1beta1/projects/[PROJECT_NAME]/databases/(default)/documents/[COLLECTION]/[DOCUMENT]'

r = requests.get(url, headers=headers)

文字相似，因此省略.

尝试按照这些实时数据库文档的说明附加ID令牌给出错误消息""Invalid JSON payload received. Unknown name \"auth\""...

Attempting to append the ID Token as indicated by these docs for Realtime Database gives the error message ""Invalid JSON payload received. Unknown name \"auth\""...

我的问题是如何通过REST为Firestore授权用户ID令牌?

My question is how to authorise a user ID Token for Firestore via REST?

推荐答案

根据

获取Firebase ID令牌或Google身份OAuth之后 2.0令牌，将其作为设置为Bearer {YOUR_TOKEN}的Authorization标头传递到Cloud Firestore端点.

After you obtain either a Firebase ID token or a Google Identity OAuth 2.0 token, pass it to the Cloud Firestore endpoints as an Authorization header set to Bearer {YOUR_TOKEN}.

因此您的请求应包含标题

So your request should include the header

'Authorization': `Bearer ${YOUR_TOKEN}`

这篇关于带有ID令牌的REST API Firestore身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！