如何使用Firebase的refreshToken进行重新验证? [英] How to use the Firebase refreshToken to reauthenticate?
问题描述
我使用JS库调用 firebase.auth()。signInWithEmailAndPassword(email,password)
并取回 User
对象。 User
对象包含 refreshToken
。
我使用 curl'https:// docs -examples.firebaseio.com/rest/saving-data/auth-example.json?auth=TOKEN'
来调用Firebase。
令牌最终会过期。为了使它看起来像应用程序( iOS
和 macOS
)具有持久登录,我想要刷新令牌如何使用 REST
或 JS
库来做到这一点?我无法在文档中找到允许使用 refreshToken
来获取新的标记
的任何调用。
目前我发现这样做的唯一方法是: 您必须发出一个HTTP请求: 哪里您可以在 Google开发者控制台中找到 确保请求正文的格式如下:
https://developers.google.com/identity/toolkit/reference/securetoken/rest/v1/token
POST
https://securetoken.googleapis.com/v1/token?key=YOUR_KEY
YOUR_KEY
> API管理器>证书。它位于 API键
部分。
$ b $ grant_type = refresh_token& refresh_token = REFRESH_TOKEN
其中 REFRESH_TOKEN
是Firebase用户对象登录时的刷新令牌。
$ b
POST
call会返回一个新的 access_token
。
更新,现在也在Firebase REST文档中记录了交换ID令牌
部分的刷新令牌:
https://firebase.google.com/docs/reference/rest/auth/
I use the JS library call firebase.auth().signInWithEmailAndPassword(email, password)
and get back a User
object. The User
object contains a refreshToken
.
I use curl 'https://docs-examples.firebaseio.com/rest/saving-data/auth-example.json?auth=TOKEN'
to make calls to Firebase.
The token will eventually expire. In order to make it look like the application (iOS
and macOS
) has persistent login, I want to refresh the token, how do I do that with using either the REST
or JS
library? I can't find any calls in the documentation that allow me to use the refreshToken
to get a new token
.
Currently the only way I found to do this is here: https://developers.google.com/identity/toolkit/reference/securetoken/rest/v1/token
You must make an HTTP request:
POST
https://securetoken.googleapis.com/v1/token?key=YOUR_KEY
Where YOUR_KEY
can be found in the Google developers console > API Manager > Credentials. It's under the API Keys
section.
Make sure request body is structured in the following format:
grant_type=refresh_token&refresh_token=REFRESH_TOKEN
Where REFRESH_TOKEN
is the refresh token from Firebase user object when they signed in.
The POST
call will return a new access_token
.
Update, this is also now documented in Firebase REST docs under Exchange a refresh token for an ID token
section:
https://firebase.google.com/docs/reference/rest/auth/
这篇关于如何使用Firebase的refreshToken进行重新验证?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!