I'm using Google for authenticating, like following:
let credential = Credential.google(token: "<SOME-HASH-HERE>.apps.googleusercontent.com")
SyncUser.authenticate(with: credential, server: serverURL, timeout: 60) { [weak self] user, error in
guard nil == error else {
print("error while authenticating: \(error!)")
return
}
…
}
It gives an error 400. After some debugging I found more info about the problem, but still not sure what is wrong with that. So response looks like this:
{
"invalid_params":[
{
"name":"provider",
"reason":"Unknown provider!"
}
],
"status":400,
"type":"https://realm.io/docs/object-server/problems/invalid-parameters",
"title":"Your request parameters did not validate!",
"code":601
}
Here is request body:
{
"provider":"google",
"app_id":"com.blabla.bla-bla-bla",
"data":"<SOME-HASH-HERE>.apps.googleusercontent.com"
}
I took auth code from example from official documentation, and I'm using latest Realm framework.
I also checked authentication using Facebook, but it gives same error.
I checked configuration.yml file on server, and did uncomment google and facebook, put required details, and restart system. Not helping.
Does anyone experience same problem?
PS: configuration.yml(only part with providers):
# Realm Object Server Configuration
#
# For each possible setting, the commented out values are the default values
# unless another default is mentioned explicitly.
#
# Paths specified in this file can be either absolute or relative.
# Relative paths are relative to the current working directory.
providers:
## Providers of authentication tokens. Each provider has a configuration
## object associated with it. If a provider is included here and its
## configuration is valid, it will be enabled.
## Possible providers: cloudkit, debug, facebook, realm, password
## Providers 'realm' and 'password' are always enabled:
## - The 'realm' provider is used to derive access tokens from a refresh token.
## - The 'password' provider is required for the dashboard to work. It supports
## authentication through username/password and uses a PBKDF2 implementation.
## This enables authentication via a Google Sign-In access token for a
## specific app.
google:
## The client ID as retrieved when setting up the app in the Google
## Developer Console.
clientId: '<SOME-HASH-HERE>.apps.googleusercontent.com'
## This enables authentication via a Facebook access token for a specific app.
## This provider needs no configuration (uncommenting the next line enables it).
facebook: {}
After I made changes in that file I called
sudo service realm-object-server restart
And just to be sure I also reboot system.
Unfortunately, there is a bug in the sample configuration.yml file shipped with Realm Object Server which I suspect you're hitting. The providers: section in the configuration file should live under the auth: section (instead of inside the network: section where it lives in the shipped file). The fix is to simply move the relevant providers configuration to live under the auth: key.
We have a fix ready for this bug which will be part of the next release of Realm Object Server.
Here's a sample snippet showing the complete auth: section with the fix:
# Realm Object Server Configuration
#
# For each possible setting, the commented out values are the default values
# unless another default is mentioned explicitly.
#
# Paths specified in this file can be either absolute or relative.
# Relative paths are relative to the current working directory.
auth:
## The path to the public and private keys (in PEM format) that will be used
## to validate identity tokens sent by clients.
## These configuration options are MANDATORY.
public_key_path: /etc/realm/token-signature.pub
private_key_path: /etc/realm/token-signature.key
providers:
## Providers of authentication tokens. Each provider has a configuration
## object associated with it. If a provider is included here and its
## configuration is valid, it will be enabled.
## Possible providers: cloudkit, debug, facebook, realm, password
## Providers 'realm' and 'password' are always enabled:
## - The 'realm' provider is used to derive access tokens from a refresh token.
## - The 'password' provider is required for the dashboard to work. It supports
## authentication through username/password and uses a PBKDF2 implementation.
## This enables authentication via a Google Sign-In access token for a
## specific app.
google:
## The client ID as retrieved when setting up the app in the Google
## Developer Console.
clientId: '<SOME-HASH-HERE>.apps.googleusercontent.com'
## This enables authentication via a Facebook access token for a specific app.
## This provider needs no configuration (uncommenting the next line enables it).
facebook: {}
来源:https://stackoverflow.com/questions/39978769/realm-syncuser-authenticate-failed-with-googles-clientid-and-facebook