My Firebase Realtime Database is Structured root{users{$uid{...}}} so that I can use the following Firebase Security Rules.
{
"rules": {
"users":{
"$uid":{
// Allow only authenticated content owners access to their data
".read": "auth.uid == $uid",
".write": "auth.uid == $uid"
}
}
}
}
I am posting data using the REST API and I obtained the uid using Sign in with OAuth Credential https://firebase.google.com/docs/reference/rest/auth#section-sign-in-with-oauth-credential
The Problem
- In a Google Script, using my developer account, which is also the owner of the Firebase Realtime Database, the following code works.
let database = FirebaseApp.getDatabaseByUrl('https://[app-id].firebaseio.com/users/[hardcoded-uid]',ScriptApp.getOAuthToken());
console.log(database.getData(""));
where FirebaseApp is a connected library whose source code can be found here https://sites.google.com/site/scriptsexamples/new-connectors-to-google-services/firebase/source. And actually, using the developer account, it doesn't even matter if the part of the database I try to access follows the security rules.
However, when I test it using my personal account, with that account's uid hardcoded in, I get the following error.
Error: Unauthorized request.
FirebaseApp_._sendAllRequests @ Code.gs:647
FirebaseApp_._buildAllRequests @ Code.gs:520
baseClass_.getData @ Code.gs:224
Question: How can I access Firebase data for accounts that are not the database owner, ideally using ScriptApp.getOAuthToken()
?
- Even if I could solve question 1, I do not know how to get the database uid in the Google Scripts environment. I would like the use
SpriptApp.getOAuthToken()
for the access token. When I try obtaining the uid using the same REST API call as above (Sign in with OAuth Credential), I get the error
"INVALID_IDP_RESPONSE : Invalid Idp Response: access_token audience is not for this project"
let body = {requestUri:"https://app-settings.fitbitdevelopercontent.com/simple-redirect.html", postBody:"access_token="+ScriptApp.getOAuthToken()+'&providerId=google.com', returnSecureToken:true, returnIdpCredential:true};
let response = UrlFetchApp.fetch("https://identitytoolkit.googleapis.com/v1/accounts:signInWithIdp?key=[key]", {
'method': 'POST',
// headers: {
'contentType': 'application/json',
// }
payload: JSON.stringify(body),
})
Question: How can I get a Firebase database uid in Google Scripts, using ScriptApp.getOAuthToken()
?
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…