doushen4719 2018-01-09 08:05
浏览 84

如何验证JWT?

I'm unsure of the examples in Google's documentation. How do I verify a JWT produced by Firebase, in a Google App engine flexible service?

main.go:

// ...

func main () {
    InitializeAppWithServiceAccount()
    go lib.GetStockData()
    http.HandleFunc("/_ah/someendPoint", SomeHandler)
}

func InitializeAppWithServiceAccount() *firebase.App {
    // [START initialize_app_service_account]
    opt := option.WithCredentialsFile("keystore/someapp-firebase-adminsdk-1ts1k-1fbbbad63f.json")
    app, err := firebase.NewApp(context.Background(), nil, opt)
    if err != nil {
        log.Fatalf("error initializing app: %v
", err)
    }
    return app
}


func someHandler(w http.ResponseWriter, r *http.Request) {
    // Set content type:
    w.Header().Set("Content-Type", "application/json")

    if r.Header != nil {
        ReqToken := r.Header.Get("Authorization")
        splitToken := strings.Split(ReqToken, "Bearer")
        ReqToken = splitToken[1]
        fmt.Println(ReqToken) // Correctly prints the JWT
        // Verify JWT
        // If it's invalid, return?
        // verifyIDToken(??, reqToken)

        enc := json.NewEncoder(w)
        err := enc.Encode(somedata)
        fmt.Println("request made")
        if err != nil {
            http.Error(w, err.Error(), http.StatusInternalServerError)
            return
        }
    }
    http.Error(w, "Unauthorized", http.StatusUnauthorized)
}

According to their documentation, you can use the following function to verify an ID token? But what do I pass in as app? The documentation doesn't really say.

func verifyIDToken(app *firebase.App, idToken string) *auth.Token {
    // [START verify_id_token]
    client, err := app.Auth(context.Background())
    if err != nil {
        log.Fatalf("error getting Auth client: %v
", err)
    }

    token, err := client.VerifyIDToken(idToken)
    if err != nil {
        log.Fatalf("error verifying ID token: %v
", err)
    }

    log.Printf("Verified ID token: %v
", token)
    // [END verify_id_token]

    return token
}

Obviously, idToken is my token from the handler. But what is app *firebase.App and how would I pass it in to the function from the handler itself?

  • 写回答

1条回答 默认 最新

  • dou2347 2018-02-16 22:45
    关注

    You're already initializing a firebase.App in your InitializeAppWithServiceAccount() function. You just need to pass the return value into your handler.

    conf := firebase.Config{
    ProjectID: "my-project-id",
}
app, err := firebase.NewApp(context.Background(), &conf)
if err != nil {
    log.Fatalln(err)
}
handler := func(w http.ResponseWriter, r *http.Request) {
    client, err := app.Auth(context.Background())
    if err != nil {
        http.Error(w, err.Error(), http.StatusInternalServerError)
    }

    token := getTokenFromReq(r)
    t, err := client.VerifyIDToken(token)
    if err != nil {
        http.Error(w, err.Error(), http.StatusInternalServerError)
    }
    w.Write([]byte("token verified"))
}

    In this example I'm not using a service account (which is probably what you want as well). And since this is on GAE, make sure to pass the GAE context instead of the background context.

    评论

报告相同问题?

悬赏问题

  • ¥15 不同尺寸货物如何寻找合适的包装箱型谱
  • ¥15 求解 yolo算法问题
  • ¥15 虚拟机打包apk出现错误
  • ¥30 最小化遗憾贪心算法上界
  • ¥15 用visual studi code完成html页面
  • ¥15 聚类分析或者python进行数据分析
  • ¥15 三菱伺服电机按启动按钮有使能但不动作
  • ¥15 js,页面2返回页面1时定位进入的设备
  • ¥50 导入文件到网吧的电脑并且在重启之后不会被恢复
  • ¥15 (希望可以解决问题)ma和mb文件无法正常打开,打开后是空白,但是有正常内存占用,但可以在打开Maya应用程序后打开场景ma和mb格式。