如何使用Firebase的refreshToken进行重新验证? [英] How to use the Firebase refreshToken to reauthenticate?
问题描述
我使用JS库调用 firebase.auth()。signInWithEmailAndPassword(email,password)并取回 User 对象。 User 对象包含 refreshToken 。
我使用 curl'https:// docs -examples.firebaseio.com/rest/saving-data/auth-example.json?auth=TOKEN'来调用Firebase。
令牌最终会过期。为了使它看起来像应用程序( iOS 和 macOS )具有持久登录,我想要刷新令牌如何使用 REST 或 JS 库来做到这一点?我无法在文档中找到允许使用 refreshToken 来获取新的标记的任何调用。
目前我发现这样做的唯一方法是: 您必须发出一个HTTP请求: 哪里您可以在 Google开发者控制台中找到 确保请求正文的格式如下:
https://developers.google.com/identity/toolkit/reference/securetoken/rest/v1/token
POST https://securetoken.googleapis.com/v1/token?key=YOUR_KEY
YOUR_KEY > API管理器>证书。它位于 API键部分。
$ b $ grant_type = refresh_token& refresh_token = REFRESH_TOKEN
其中 REFRESH_TOKEN 是Firebase用户对象登录时的刷新令牌。
$ b
POST call会返回一个新的 access_token 。
更新,现在也在Firebase REST文档中记录了交换ID令牌部分的刷新令牌:
https://firebase.google.com/docs/reference/rest/auth/
I use the JS library call firebase.auth().signInWithEmailAndPassword(email, password) and get back a User object. The User object contains a refreshToken.
I use curl 'https://docs-examples.firebaseio.com/rest/saving-data/auth-example.json?auth=TOKEN' to make calls to Firebase.
The token will eventually expire. In order to make it look like the application (iOS and macOS) has persistent login, I want to refresh the token, how do I do that with using either the REST or JS library? I can't find any calls in the documentation that allow me to use the refreshToken to get a new token.
Currently the only way I found to do this is here: https://developers.google.com/identity/toolkit/reference/securetoken/rest/v1/token
You must make an HTTP request:
POST https://securetoken.googleapis.com/v1/token?key=YOUR_KEY
Where YOUR_KEY can be found in the Google developers console > API Manager > Credentials. It's under the API Keys section.
Make sure request body is structured in the following format:
grant_type=refresh_token&refresh_token=REFRESH_TOKEN
Where REFRESH_TOKEN is the refresh token from Firebase user object when they signed in.
The POST call will return a new access_token.
Update, this is also now documented in Firebase REST docs under Exchange a refresh token for an ID token section:
https://firebase.google.com/docs/reference/rest/auth/
这篇关于如何使用Firebase的refreshToken进行重新验证?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
