与Auth0集成的谷歌端点

Question

我尝试在auth0集成中使用谷歌端点身份验证。

我不知道如何才能做到这一点，我使用端点文档，但这并不是真正的完整。当我部署它时，它不起作用。

谢谢你的帮助

这是我的swagger文件：

swagger: "2.0"
info:
  description: "A simple Google Cloud Endpoints API example."
  title: "Endpoints Example"
  version: "1.0.0"
host: "xxx.appspot.com"
basePath: "/"
consumes:
- "application/json"
produces:
- "application/json"
schemes:
- "https"
paths:
  "/echo":
    get:
      description: "Echo back a given message."
      operationId: "echo"
      produces:
      - "application/json"
      responses:
        200:
          description: "Echo"
          schema:
            $ref: "#/definitions/echoMessage"
      security:
        - auth0_jwk: []
definitions:
  echoMessage:
    properties:
      message:
        type: "string"
  authInfoResponse:
    properties:
      id:
        type: "string"
      email:
        type: "string"
# This section requires all requests to any path to require an API key.
security:
- auth0_jwk: []
securityDefinitions:
  # This section configures basic authentication with an API key.
  api_key:
    type: "apiKey"
    name: "key"
    in: "query"
  # This section configures authentication using Google API Service Accounts
  # to sign a json web token. This is mostly used for server-to-server
  # communication.
  auth0_jwk:
    # Update YOUR-ACCOUNT-NAME with your Auth0 account name.
    authorizationUrl: "https://xxx.auth0.com/authorize"
    flow: "implicit"
    type: "oauth2"
    x-issuer: "https://xxx.auth0.com/"
    # Update this with your service account's email address.
    x-jwks_uri: "https://xxx.auth0.com/.well-known/jwks.json"

Answer 1

您需要使用"x-security“而不是"security”。另外，为auth0-jwk指定受众，它可以是任何字符串(您的JWT令牌受众字符串必须与这里定义的"YOUR_AUDIENCE“匹配)。例如,

    x-security:
      - auth0-jwk:
          audiences:
          - "YOUR_AUDIENCE"

您可以在https://github.com/GoogleCloudPlatform/python-docs-samples/blob/master/appengine/flexible/endpoints/swagger.yaml上找到一个swagger配置示例。

Answer 2

我在做“谷歌云端点”和"Auth0“之间的集成时遇到了一些障碍。目前，文档还不是很清楚如何让它工作，但经过一些努力，我已经实现了它。你可以阅读我在Google Groups上的主题，其中我问了一个关于错误的问题。我认为它可能会对你有帮助，因为它详细地描述了基本设置。看一看here