英文:
Firebase Auth - Use Microsoft OAuth AccessToken to access Firebase Rest API
问题
I'm currently trying to use a Microsoft access token to access my Firebase API (and find out the user ID within Firebase Auth / Google Identity Platform). Calling https://identitytoolkit.googleapis.com/v1/accounts:signInWithIdp ends in a 400.
What have I done:
Get my access token by calling:
https://login.microsoftonline.com/[tenant]/oauth2/v2.0/token
This works well, and I get an access_token, refresh_token, and id_token in response.
After that, I try to authenticate to GIP by using this documented REST Call: https://cloud.google.com/identity-platform/docs/use-rest-api#section-sign-in-with-oauth-credential.
Unfortunately, there are only examples available for Google and Twitter. Calling it with this body fails:
{
"postBody": "idToken=[AuthTokenFromMsCall]&providerId=microsoft.com",
"requestUri": "http://localhost",
"returnIdpCredential": true,
"returnSecureToken": true,
"tenant": "[ms_tenant]" //tried without this as well
}
but get this response with code 400
{
"error": {
"code": 400,
"message": "INVALID_CREDENTIAL_OR_PROVIDER_ID : Invalid IdP response/credential: http://localhost?idToken=[AccessToken]&providerId=microsoft.com",
"errors": [
{
"message": "INVALID_CREDENTIAL_OR_PROVIDER_ID : Invalid IdP response/credential: http://localhost?[AccessToken]&providerId=microsoft.com",
"domain": "global",
"reason": "invalid"
}
]
}
}
Does anyone know how to configure my body parameters to get a 200 Response?
英文:
I'm currently trying to use a microsoft access token to access my firebase api (and find out the userid within firebase-auth / google identity platform. Calling https://identitytoolkit.googleapis.com/v1/accounts:signInWithIdp ends in a 400
What have I done:
Get my accesstoken by calling:
https://login.microsoftonline.com/[tenant]/oauth2/v2.0/token
This works well and I get a access_token, refresh_token and id_token in response.
After that I try to authenticate to GIP by using this documented REST Call: https://cloud.google.com/identity-platform/docs/use-rest-api#section-sign-in-with-oauth-credential
Unfortunately there are only examples available for google and twitter. Calling it with this body fails:
{
"postBody": "idToken=[AuthTokenFromMsCall]&providerId=microsoft.com",
"requestUri":"http://localhost",
"returnIdpCredential":true,
"returnSecureToken":true,
"tenant":"[ms_tenant]" //tried without this as well
}
but get this response with code 400
{
"error": {
"code": 400,
"message": "INVALID_CREDENTIAL_OR_PROVIDER_ID : Invalid IdP response/credential: http://localhost?idToken=[AccessToken]&providerId=microsoft.com",
"errors": [
{
"message": "INVALID_CREDENTIAL_OR_PROVIDER_ID : Invalid IdP response/credential: http://localhost?[AccessToken]&providerId=microsoft.com",
"domain": "global",
"reason": "invalid"
}
]
}
}
Does anyone know how to configure my body parameters to get a 200 Response
答案1
得分: 1
根据此文档,Firebase Auth目前不支持Microsoft身份验证。
与Firebase支持的其他OAuth提供程序(如Google、Facebook和Twitter)不同,可以直接使用OAuth访问令牌进行登录,Firebase Auth不支持使用Microsoft等提供程序的同样功能,因为Firebase Auth服务器无法验证Microsoft OAuth访问令牌的受众。
针对此问题已提出了一个仍然未关闭的问题,可能您可以在GitHub上添加您的关注。
英文:
As of this document seems, Firebase Auth doesn't currently support Microsoft authentication.
>Unlike other OAuth providers supported by Firebase such as Google, Facebook, and Twitter, where sign-in can directly be achieved with OAuth access token based credentials, Firebase Auth does not support the same capability for providers such as Microsoft due to the inability of the Firebase Auth server to verify the audience of Microsoft OAuth access tokens.
There is a bug raised for this at github which is still open,Maybe you can add your concern there.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论