I have some issues with AUTH in Firebase using API REST and Android Flutter. In POSTMAN worked ok: https://identitytoolkit.googleapis.com/v1/accounts:signInWithPassword?key=AIzaSyCg8LuhQvn_CFZlNDV0ySK420xxxxxxx-U... and I have this JSON.
{
"kind": "identitytoolkit#VerifyPasswordResponse",
"localId": "3GNFGIOFgBUT8BbV5n0vQxxxxxxx",
"email": "[email protected]",
"displayName": "",
"idToken": "eyJhbGciOiJSUzI1NiIsImtpZCI6IjM1MDM0MmIwMjU1MDAyYWI3NWUwNTM0YzU4MmVjYzY2Y2YwZTE3ZDIiLCJ0eXAiOiJKV1QifQ.eyJpc3MiOiJodHRwczovL3NlY3VyZXRva2VuLmdvb2dsZS5jb20vZmx1dHRlci12YXJpb3MtYjg4NGEiLCJhdWQiOiJmbHV0dGVyLXZhcmlvcy1iODg0YSIsImF1dGhfdGltZSI6MTYzMzQ0NzQ2OSwidXNlcl9pZCI6IjNHTkZHSU9GZ0JVVDhCYlY1bjB2UXN1Q3d0RTMiLCJzdWIiOiIzR05GR0lPRmdCVVQ4QmJWNW4wdlFzdUN3dEUzIiwiaWF0IjoxNjMzNDQ3NDY5LCJleHAiOjE2MzM0NTEwNjksImVtYWlsIjoidGVzdEB0ZXN0LmNvbSIsImVtYWlsX3ZlcmlmaWVkIjpmYWxzZSwiZmlyZWJhc2UiOnsiaWRlbnRpdGllcyI6eyJlbWFpbCI6WyJ0ZXN0QHRlc3QuY29tIl19LCJzaWduX2luX3Byb3ZpZGVyIjoicGFzc3dvcmQifX0.GBDNfA7nzzJfK35rIf87fQhKtQFAPtyVltXQh0CcDzlbee-zvv-KEFAeNpS0LeQai3id2uJtY9QGEwssq0fYd_Jbob5F5E6ZLTqA7gVVShc7azP2Pu6xxCE6oWvTeW-kfeswNg1TUBGqP8jzlpLAhC__1HAI620s7bH6dqQJ2Ry2YDKUacZvBgFzJ-pMC7V7WcVYclzEEef5Q_c0l-duk8EJ1jhweo4YVJ4qma8WFxO-zWf_PbMLYytn2PjqDC4a9HIxsaiFQxXCwGxezYfBvpczS-c8_xYEp5LCFFI0dYwK4xWcNWgDCN46CjLQAH3uNewVuG97Hpe5O32mi9jM_Q",
"registered": true,
"refreshToken": "ACzBnCjCfLugjeNP92J7vqSwJp2jHyB68ztK_MoZBeSZPHzZ21RiH3S5u9hAdIa2E2qh0Z2FZE24b5J3bzTr0sVC9GCxFt-S-VRU4lk2lTpR8FeTcONDwx15IA9NFjr70n-8tG72IpvTNfuyUVyhiseI0xzpmyGv2kujA_gFI6n_P0PGQss3X6A15_582go7BNmCx12YDSEsLZR35YR4h6pQhClvRMvxPg",
"expiresIn": "3600"
}
And with the 'idToken' and use it with https://flutter-varios-xxxxxxxxxxxxxxxx.firebaseio.com/product/.json?auth=[idToken] in POSTMAN worked ok.
In Flutter using http: ^0.13.4 (dependencies), I could sing-in and I have the JSON but the [idToken] is smaller (in byte size) than the POST with POSTMAN. The size of the idToken is 921 vs 678 (Flutter http.post), I don't know why:
login(String email, String password) async {
final authData = {
"email": email,
"password": password,
"returnSecureToke": true
};
final resp = await http.post(
Uri.parse(
'https://identitytoolkit.googleapis.com/v1/accounts:signInWithPassword?key=$_firebaseToken'),
body: json.encode(authData));
Map<String, dynamic> decodeResp = json.decode(resp.body);
//print('Decode Resp: ${decodeResp}');
if (decodeResp.containsKey('idToken')) {
print('ID Token: ${decodeResp['idToken']}');
_prefs.token = decodeResp['idToken'];
return {'ok': true, 'token': decodeResp['idToken']};
} else {
return {'ok': false, 'msj': decodeResp['error']['message']};
}
}
In Firebase Realtime Database I use (without auth filter, all work ok of course)
{
"rules": {
".read": "auth != null",
".write": "auth != null"
}
}
So when uncorrect idToken I can't access to the DB. If you have any suggestion, please let me know and I will appreciate
CodePudding user response:
There is an error in your definition of the authData
object: You have a key returnSecureToke
(without n
) instead of returnSecureToken
.