从浏览器访问Firebase存储的签名url时说“访问被拒绝" [英] Accessing the signed url of firebase storage from browser says " Access denied"

问题描述

我有一个云功能，它将为上传的图像生成签名的URL到Firebase存储中，并且能够生成签名的URL.

I have a cloud function which will generate signed url for the uploaded image into the firebase storage and was able to generate the signed url.

当我尝试通过浏览器从该URL访问图像时，以下是我收到的错误消息.

And when I tried to access the image from that url via browser, below is the error message i was getting.

url : https://storage.googleapis.com/mango-b715d.appspot.com/thumb_ESP_014033_1910_desktop.jpg?GoogleAccessId=firebase-adminsdk-lar4y@mango-b715d.iam.gserviceaccount.com

错误消息:

<Error>
<Code>AccessDenied</Code>
<Message>Access denied.</Message>
<Details>
Anonymous caller does not have storage.objects.get access to mango-b715d.appspot.com/thumb_ESP_014033_1910_desktop.jpg.
</Details>
</Error>

有人可以向我解释，如何解决此错误，我的主要目的是将该图像下载到android应用程序中并存储到外部卡上.

Somebody can explain me, how to solve this error and my main intention was to download that image into android app to external card.

有人可以指导我吗?

想要添加更多信息.

完整的已签名网址

https://storage.googleapis.com/mango-b715d.appspot.com/ESP_014033_1910_desktop.jpg?GoogleAccessId=firebase-adminsdk-lar4y@mango-b715d.iam.gserviceaccount.com&Expires=13575340800&Signature=ayF424C3Fd04XLF82GeREn72wvl0Cox9cB%2BrSPK6wohEP1taXb7yMeW%2Fe6QRirpn%2BSM3HaU2CGRhi6Ae5RmJL8lYKPa%2BGOUhiWG6MxVsInoE0SbvkZeW0fIVdsVyGFIcQkFQeeiaBBm5E239TfAPP8P%2F%2BemcVQ8oiOCKac8uOIb4S4aIQfFBhkuWHNf2U8g4%2B9VxWTrAkRbYN5wuVc78mZmmuKi6q%2BT1IMB5nWnO3z4x893%2FyalzBEtT3uWRibesBspKLEJkoBn1dU7bYi0XuyZ6GByJesJMmGjZvq99hcI%2FgQ7kutGHcLS5HJ%2Bw9UZwwgNqMFlF%2BoS7WQg7Eu68tQ%3D%3D

在网址上方访问时出现错误消息.

Error message when accessed above url.

<Error>
<Code>SignatureDoesNotMatch</Code>
<Message>
The request signature we calculated does not match the signature you provided. Check your Google secret key and signing method.
</Message>
<StringToSign>
GET 13575340800 /mango-b715d.appspot.com/ESP_014033_1910_desktop.jpg
</StringToSign>

推荐答案

您当前的存储规则有以下可能:

Chances are your current storage rules have this:

service firebase.storage {
  match /b/{bucket}/o {
    match /{allPaths=**} {
      allow read, write: if request.auth != null;
    }
  }
}

您可以在Firebase控制台的Storage > Rules.

You can look at them at your firebase console under Storage > Rules.

这意味着应该对您的用户进行身份验证才能在存储中进行读取或写入.

This means your users should be authenticated to read or write in the storage.

如果要允许每个人无需身份验证即可访问资源，可以在Authentication > Sign-In Method中启用此功能，然后启用Anonymous.

If you want to allow everyone access to resources without authentication you can enable this in Authentication > Sign-In Method and enable Anonymous.

在执行此操作之前，请考虑以下事项:

Before doing that, considering this:

"我的主要目的是将该图像下载到android应用中 外部卡."

"my main intention was to download that image into android app to external card."

也许您应该只使用Google登录方法并让您的用户在应用中进行身份验证.看 https://firebase.google.com/docs/auth/android/google-signin?hl = es-419

Maybe you should just use the Google sign-in method and make your users authenticate within the app. See https://firebase.google.com/docs/auth/android/google-signin?hl=es-419

这篇关于从浏览器访问Firebase存储的签名url时说“访问被拒绝"的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！