谷歌云端点和用户的身份验证 [英] Google Cloud Endpoints and user's authentication

问题描述

我目前新进入AppEngine上的世界，并希望创建一个使用云终点，我正在开发一个移动应用程序后端。

I'm currently new into the AppEngine world, and wanting to create a backend using Cloud Endpoints for a mobile application that I'm developing.

我的一个问题，现在的问题是对用户的认证。我一直跟随Udacity的在App Engine MOOC，他们教会了我们如何进行身份验证使用一个谷歌帐户的API请求的用户。在后台方面，我们只需要一个用户参数添加到我们的方法，并检查用户是否登录。据我所知，生成该用户参数通过App Engine的基础上，批准我们的请求头。 （可能需要一些确认有的）

One of my problem right now is about the user's authentication. I've been following the Udacity's MOOC on App Engine, and they taught us how to authenticate the user for API request using a Google Accounts. On the backend side, we simply have to add a User parameter to our method, and check if the user is signed in. As far as I know, this user parameter is generated by App Engine, based on the Authorization header of our request. (might need some confirmation there)

现在，有一堆东西，我不知道，了解并没有那么好这个MOOC解释。

Now, there's a bunch of stuff I'm not sure to understand and that weren't that well explained on this MOOC.

现在，我想知道这是与其他的OAuth机制兼容，谷歌的旁边？所以，如果我想要实现Facebook的身份验证，将我只是通过Facebook的访问令牌？

Now, I'd like to know if this is compatible with other OAuth schemes, beside Google? So, if I want to implement Facebook authentication, will I simply pass the facebook access token?

这是我的搜索，使用Facebook SDK在Android将导致我能够生成一个用户访问令牌，其中确定我的用户的 Facebook的。发送到我的后台后，我会要检查它与Facebook的有效性，如果它是有效的，创建一个新的用户我的应用程序。现在，我也愿意要生成一个新的令牌识别用户的我的应用程序。什么我需要做这样做呢？

From what I searched, using the Facebook SDK on Android would lead me to be able to generate a User Access Token, which identifies my user to facebook. After sending it to my backend, I would want to check it's validity with Facebook, and if it's valid, create a new user to my application. Now, I'd also want to generate a new token that identify the user to my app. What would I need to do to do so?

推荐答案

您可以提供自己的身份验证到端点和注入的用户将与您的身份验证来获得 <一href="https://developers.google.com/appengine/docs/java/endpoints/javadoc/com/google/api/server/spi/config/Authenticator.html">https://developers.google.com/appengine/docs/java/endpoints/javadoc/com/google/api/server/spi/config/Authenticator.html.

You can supply your own authenticator to Endpoints and the injected User will be obtained with your authenticator https://developers.google.com/appengine/docs/java/endpoints/javadoc/com/google/api/server/spi/config/Authenticator.html.

的实凭证可以通过一个报头，例如，被发送Authorization头，它可以从后端通过HttpServletRequest的，它可以处理Authenticator.authenticate方法中，可以访问

The Facebook credentials can be sent via a header, e.g. Authorization header and it can be accessed from backend via HttpServletRequest, which you can handle inside Authenticator.authenticate method.

例如。

// Custom Authenticator class
public class MyAuthenticator implements Authenticator {
  @Override
  public User authenticate(HttpServletRequest request) {
    String token = request.getHeader("Authorization");
    if (token != null) {
      String user = authenticateFacebook(token);  // apply your Facebook auth.
      if (user != null) {
        return new User(user);
      }
    }
    return null;
  }
}

// Endpoints class.
@Api(name = "example", authenticators = {MyAuthenticator.class})
public class MyEndpoints {
  public Container getThing(User user) {
    Container c = new Container();
    if (user != null) {
      c.email = user.getEmail();
    }
    return c;
  }

  public class Container {
    public String email;
    public String extraData;
  }
}

这篇关于谷歌云端点和用户的身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！