如何使用 Firebase refreshToken 重新进行身份验证? [英] How to use the Firebase refreshToken to reauthenticate?
问题描述
我使用 JS 库调用 firebase.auth().signInWithEmailAndPassword(email, password)
并返回一个 User
对象.User
对象包含一个 refreshToken
.
I use the JS library call firebase.auth().signInWithEmailAndPassword(email, password)
and get back a User
object. The User
object contains a refreshToken
.
我使用 curl 'https://docs-examples.firebaseio.com/rest/saving-data/auth-example.json?auth=TOKEN'
调用 Firebase.
I use curl 'https://docs-examples.firebaseio.com/rest/saving-data/auth-example.json?auth=TOKEN'
to make calls to Firebase.
令牌最终会过期.为了使它看起来像应用程序(iOS
和 macOS
)具有持久登录,我想刷新令牌,我如何使用 >REST
还是 JS
库?我在文档中找不到任何允许我使用 refreshToken
获取新的 token
的调用.
The token will eventually expire. In order to make it look like the application (iOS
and macOS
) has persistent login, I want to refresh the token, how do I do that with using either the REST
or JS
library? I can't find any calls in the documentation that allow me to use the refreshToken
to get a new token
.
推荐答案
** UPDATE ** 现在也记录在 Firebase REST 文档中的 Exchange a refresh token for an ID token
部分:
** UPDATE ** this is also now documented in Firebase REST docs under Exchange a refresh token for an ID token
section:
https://firebase.google.com/docs/reference/rest/auth/#section-refresh-token
目前我发现的唯一方法是在这里:https://developers.google.com/identity/toolkit/reference/securetoken/rest/v1/token
Currently the only way I found to do this is here: https://developers.google.com/identity/toolkit/reference/securetoken/rest/v1/token
您必须发出 HTTP 请求:
You must make an HTTP request:
POST
https://securetoken.googleapis.com/v1/token?key=YOUR_KEY
可以在 Google 开发者控制台中找到 YOUR_KEY
的位置 >API 管理器凭据.它位于 API Keys
部分下.
Where YOUR_KEY
can be found in the Google developers console > API Manager > Credentials. It's under the API Keys
section.
确保请求正文的结构如下:
Make sure request body is structured in the following format:
grant_type=refresh_token&refresh_token=REFRESH_TOKEN
其中 REFRESH_TOKEN
是 Firebase 用户对象登录时的刷新令牌.
Where REFRESH_TOKEN
is the refresh token from Firebase user object when they signed in.
您必须设置标题 Content-Type: application/x-www-form-urlencoded
否则您将收到错误(例如MISSING_GRANT_TYPE").
You must set the header Content-Type: application/x-www-form-urlencoded
or you will get errors (e.g. "MISSING_GRANT_TYPE").
POST
调用将返回一个新的 idToken
(以前称为 access_token
)
The POST
call will return a new idToken
(used to be called access_token
)
这篇关于如何使用 Firebase refreshToken 重新进行身份验证?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!