如何在Firebase中刷新Google AccessToken? #AskFirebase [英] How to Refresh Google AccessToken in Firebase? #AskFirebase
问题描述
我正在尝试构建一个将与Google云端硬盘集成并安装到其中的网络应用程序。用户将能够创建和分享我们的应用程序的文件在他们的驱动器。我正在尝试使用Firebase编写代码,以便可以利用那里的许多优秀新功能。然而,我无法使这个认证在这两个平台上保持一致。
这是一个客户端应用(至少现在是这样),所以我可以不使用脱机身份验证和刷新令牌。
在Firebase身份验证之前,我会使用 Google Identity Toolkit with gapi 。这通常工作正常,虽然它使用不流动的友好弹出流量。
gapi.signin2.render(elementId ,{
longtitle:true,
width:230,
height:50,
theme:dark
});
var auth2 = gapi.auth2.init({
client_id:CLIENT_ID,$ b $ scope:SCOPES.join()
});
auth2.isSignedIn.listen(signinChanged);
auth2.currentUser.listen(userChanged);
Gapi有点笨拙,但是很有效。 访问令牌可以通过调用
gapi.auth2.getAuthInstance()。currentUser.get ().getAuthResponse(真));像往常一样,访问令牌只能持续一个小时左右,然后到期。 重要的是,我们可以调用 GoogleUser.reloadAuthResponse()来获取刷新的访问令牌。请注意,这是一个刷新的访问令牌,而不是一个刷新令牌!
因此,理论上,我可以使用该访问令牌来验证Firebase 这里描述了,而且必须与弹出流程一起生活,或者尝试破解。
所有这一切,谷歌表示,Identity Toolkit正在被Firebase身份验证取代,新的应用程序应该使用Firebase。 b $ b Google Identity Toolkit的最新版本已发布为
Firebase身份验证。它包括升级的客户端SDK,开源的
UI库,会话管理以及集成的电子邮件发送服务
,用于忘记密码流。
新项目应该使用Firebase身份验证。要将
现有项目从Identity Toolkit迁移到Firebase身份验证,请参阅
迁移指南。
Firebase拥有一个直接与Google进行身份验证的API。验证后,我可以获取并存储AccessToken。所以看来,我应该实施auth这种新的和改进的Firebase方式。另外,Firebase还提供了一个很好的重定向流程,可以在移动设备上使用。
这将获得访问令牌。
$ b $ pre $ firebase.auth()。getRedirectResult( ).then(function(result){
if(result.credential){
//这会给你一个Google Access令牌,你可以用它来访问Google API
var token = result.credential.accessToken;
// ...
}
//登录的用户信息
var user = result.user;
$ b
访问令牌可用,我可以使用它来读/写开车, ...一个小时。一旦该令牌到期,我不能再做任何事情。用户仍然登录到Firebase,因此我可以继续使用Firebase服务,但是我需要强制用户再次登录才能访问该驱动器。这是不行的!
我正在寻找相当于Firebase中的 GoogleUser.reloadAuthResponse()。
$ b
- 我怎样才能做到这一点?
- 建议访问Firebase服务和G套房?
- 有没有官方的例子?
p>您已经在使用gapi来获取访问令牌,并每小时刷新一次,以便与Google Drive API进行整合。坚持这一点。您需要做的是使用以下API通过Google凭据登录Firebase:
$ b var cred = firebase.auth.GoogleAuthProvider.credential (null,gapiAccessToken);
firebase.auth()。signInWithCredential(cred).then(function(user){
//您现在登录到Firebase,不需要再次重新登录
...
});
现在您将登录到Firebase,而您的访问令牌将通过gapi继续刷新。 Firebase会话无限期,因此您无需再次登录Firebase。
I am attempting to build a web app that will be integrated with and installed into Google Drive. The user will be able to create and share my app's files in their drive. I am trying to write it using Firebase so I can leverage many of the great new features there. However, I'm having trouble getting the auth to work consistently across these two platforms.
This is a client-side only app (at least for now) so I can't use offline auth and refresh tokens.
Before Firebase auth, I would use the Google Identity Toolkit with gapi. This generally works fine, although it uses a popup flow which isn't mobile-friendly.
gapi.signin2.render(elementId, {
longtitle: true,
width: 230,
height: 50,
theme: "dark"
});
var auth2 = gapi.auth2.init({
client_id: CLIENT_ID,
scope: SCOPES.join(" ")
});
auth2.isSignedIn.listen(signinChanged);
auth2.currentUser.listen(userChanged);
Gapi is a bit clumsy, but it works. The access token can be obtained by calling
gapi.auth2.getAuthInstance().currentUser.get().getAuthResponse(true));
As usual, the access token only lasts about an hour and then expires. The important thing is that we can just call GoogleUser.reloadAuthResponse() to get a refreshed access token. Note, that is a refreshed access token, not a refresh token!
So, in theory, I can just use that access token to authenticate with Firebase as described here, and have to just live with the popup flow, or try to hack around that.
All that said, Google says the Identity Toolkit is being replaced with Firebase Authentication and that new apps should use Firebase.
The newest version of Google Identity Toolkit has been released as
Firebase Authentication. It includes upgraded client SDKs, open source
UI libraries, session management and integrated email sending service
for forgotten password flows.
New projects should use Firebase Authentication. To migrate an
existing project from Identity Toolkit to Firebase Authentication, see
the migration guide.
Firebase has a straightforward API for auth with Google. I can get and store the AccessToken upon authentication. So it seems that is the way I should implement the auth, the new and improved Firebase way. Also, Firebase provides a nice redirect flow that works on mobile devices.
However, there is a huge problem...
This will get the Access Token.
firebase.auth().getRedirectResult().then(function(result) {
if (result.credential) {
// This gives you a Google Access Token. You can use it to access the Google API.
var token = result.credential.accessToken;
// ...
}
// The signed-in user info.
var user = result.user;
})
The access token is available and I can use it to read/write to the drive, ...for an hour. Once that token expires, I can no longer do anything. The user is still logged into Firebase, so I can continue to use the Firebase services, but I would need to force the user to sign in again to access the drive. This won't do!
I'm looking for the equivalent of GoogleUser.reloadAuthResponse() in Firebase.
- How can I do this?
- What is the recommended way to build a web app that accesses both Firebase services and G Suite?
- Are there any official examples?
解决方案 You are already using gapi to get the access token and refresh it every hour for your integration with google drive API. Stick to that. What you need to do is use the following API to sign to Firebase with the Google credential:
var cred = firebase.auth.GoogleAuthProvider.credential(null, gapiAccessToken);
firebase.auth().signInWithCredential(cred).then(function(user) {
// You are signed in to Firebase now and do not need to re-sign in again.
...
});
You will now be signed in to Firebase while your access token continues to be refreshed via gapi. Firebase sessions are indefinite so you don't need to sign in again to Firebase.
这篇关于如何在Firebase中刷新Google AccessToken? #AskFirebase的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
