How to run JUnit testing on Firebase Java with authentication?

问题

I am currently using Firebase Authentication in my mobile app. The back end is a Spring boot application. The REST APIs on the back end relies on a token generated from Firebase Authentication to retrieve the Firebase UID (verifyIDToken method) of a user to perform further functions. Currently, I notice that in Firebase Java API (server-based), there is no way of generating a token for a user, thus there is no easy way for me to do JUnit testing on the server that relies on user authentication. Anyone has clues on how to do so?

This is the sample code that does not work:

@RequestMapping(value = "/api/subscribeChannel/{channelid}", method = RequestMethod.GET, produces = "application/json")
public DeferredResult<Object> subscribeChannel(@PathVariable Long channelid,@RequestHeader(value=FIREBASETOKEN, required = true) String idToken) {


    DeferredResult<Object> result = new DeferredResult<Object>(DEFERREDTIMEOUT);       

    // test it out with a locally generated token
    idToken = FirebaseAuth.getInstance().createCustomToken("valid Uid"); 

    Task<FirebaseToken> task = FirebaseAuth.getInstance().verifyIdToken(idToken)
            .addOnSuccessListener(new OnSuccessListener<FirebaseToken>() {
                @Override
                public void onSuccess(FirebaseToken decodedToken) {
                    String uid = decodedToken.getUid();                     
                    logger.info("Subscribe channel on success");

                        // do something

                        ret.setStatus("success");
                        ret.setMessage("channel id " + channelid + " subscribed");

                        result.setResult(ret);                          
                    } else {
                        result.setErrorResult(retStatus.getMessage());
                    }

                }
        }) .addOnFailureListener(new OnFailureListener() {

            @Override
            public void onFailure(Exception arg0) {
                Exception te = new TokenNotFoundException(idToken);
                logger.error("Token Not Found for " + idToken);
                result.setErrorResult(te);

            }

        });     

    return result;      

}  

回答1:

The custom token you get is different from the ID token that you use to log on. To get an id token from a custom token, do this:

private static final String ID_TOOLKIT_URL =
	      "https://www.googleapis.com/identitytoolkit/v3/relyingparty/verifyCustomToken";
	  private static final JsonFactory jsonFactory = Utils.getDefaultJsonFactory();
	  private static final HttpTransport transport = Utils.getDefaultTransport();
    private static final String FIREBASE_API_KEY = "<your api key here>";

private String signInWithCustomToken(String customToken) throws IOException {
	    GenericUrl url = new GenericUrl(ID_TOOLKIT_URL + "?key="
	        + FIREBASE_API_KEY);
	    Map<String, Object> content = ImmutableMap.<String, Object>of(
	        "token", customToken, "returnSecureToken", true);
	    HttpRequest request = transport.createRequestFactory().buildPostRequest(url,
	        new JsonHttpContent(jsonFactory, content));
	    request.setParser(new JsonObjectParser(jsonFactory));
	    com.google.api.client.http.HttpResponse response = request.execute();
	    try {
	      GenericJson json = response.parseAs(GenericJson.class);
	      return json.get("idToken").toString();
	    } finally {
	      response.disconnect();
	    }
	  }

回答2:

The Java API to generate custom tokens is documented under Create custom tokens using the Firebase SDK.

From there:

String uid = "some-uid";
String customToken = FirebaseAuth.getInstance().createCustomToken(uid);

来源：https://stackoverflow.com/questions/39804524/how-to-run-junit-testing-on-firebase-java-with-authentication