火力休息與權威性查詢參數不是從瀏覽器工作

Question

// INIT FIREBASE 
    FirebaseOptions options = new FirebaseOptions.Builder() 
      .setServiceAccount(new FileInputStream("C:\\path\\testcustom-dff2147d3b14.json")) 
      .setDatabaseUrl("https://testcustom-a1a4d.firebaseio.com/") 
      .build(); 
     FirebaseApp.initializeApp(options); 
     isFireBaseInit = true; 

     // GENERATE TOKEN 
     String uid = "USER ID SOME RANDOM"; 
     HashMap<String, Object> additionalClaims = new HashMap<String, Object>(); 
     String token = FirebaseAuth.getInstance().createCustomToken(uid, additionalClaims); 

若我嘗試使用REST API我獲得以下錯誤來獲取數據

https://testcustom-a1a4d.firebaseio.com/1719126/1719130/1719121.json?auth=TOKEN GENERATOR IN JAVA CODE

：

{ 
    "error" : "Missing claim 'kid' in auth header." 
} 

什麼我做錯了嗎？

自定義令牌不能與rest api一起使用。 我需要使用firebase link，如果是的話如何添加額外的索賠呢？

PS：我使用

com.google.firebase 火力服務器-SDK 3.0.1

編輯 火力SDK版本：有一個在火力文件a不一致性

---

FIREBASE GUIDE DOCUMENTATION SAYS

The argument can either be your Firebase app's secret or an authentication token, as described in the "Users in Firebase Projects"

描述類型的認證是https://firebase.google.com/docs/auth/users#auth_tokens
注：自定義標記存在有

---

火力REFERENCE文檔說

The argument can either be your Firebase app's secret or an authentication token. See the REST authentication documentation for details.

---

所以指南和參考說法不同。

需要幫助，請

Answer 1

從火力支援團隊

Yes, creating custom tokens using FirebaseAuth.getInstance().createCustomToken(uid, additionalClaims) does not work with REST API. These tokens are designed to be used by client SDKs with signInWithCustomToken(token). Please note that "client to DB" REST requests are not supported right now due to changes in security model in the new Firebase (legacy Firebase supports it).

As you have pointed out, you need to follow this link in order to make an authenticated REST request. You should to use the access_token parameter, passing the token derived from the service account private key. This assumes you're scenario is "Server to DB" as you're using a service account.

To add custom claims using REST, you should use the auth_variable_override parameter. See here. Your request should now look like this with the added claim: {"uid":"6LiF16Dm0hNB9XO61UR1KM5Jeun2"}

$ curl " https://test-de98f.firebaseio.com/test.json?access_token= &auth_variable_override=%7B%22uid%22%3A%226LiF16Dm0hNB9XO61UR1KM5Jeun2%22%7D" {" 1213314":{"alanisawesome":"Alan Turing"}}

I do understand that the documentation you have pointed out needs to be improved and have raised this to our documentation team so that it could be prioritized appropriately. Though, I can't share any timelines as of the moment.

Hope this helps. Feel free to respond for any more issues or concerns.