Firebase云消息推送 - 云构建部署应用的权限错误

9

我有一个Java Spring Boot后端应用程序,我正在尝试将其连接到Firebase云消息服务。

我有一个使用Firebase的Android应用程序,我正在尝试使用此后端推送通知。

我从Firebase控制台项目设置中生成了私钥,放置了JSON文件,并且以下内容在本地完美运行:

try {
  FirebaseOptions options = new FirebaseOptions.Builder()
    .setCredentials(GoogleCredentials.fromStream(new ClassPathResource("PATH_TO_GENERATED_JSON").
  getInputStream())).build();
  if (FirebaseApp.getApps().isEmpty()) {
    FirebaseApp.initializeApp(options);
    logger.info("Firebase application has been initialized");
  }
} catch (IOException e) {
  logger.error(e.getMessage());
}
...
response = FirebaseMessaging.getInstance().send(message);

我已经设置了 Google Cloud Build,可以从 GitHub 自动触发和构建。 但是我不能提交 json 凭据文件(对吗?),所以为了云部署,我已经更改了初始化部分:

if (FirebaseApp.getApps().isEmpty()) {
  FirebaseApp.initializeApp();
  logger.info("Firebase application has been initialized");
}

但我收到了有关项目 ID 未设置的错误信息,因此我已经内联编辑了云构建触发器 YAML:

--update-env-vars=GOOGLE_CLOUD_PROJECT=XXXXXXXXXXX

但现在当我尝试发送消息时,我收到以下错误:

com.google.firebase.messaging.FirebaseMessagingException: Permission 'cloudmessaging.messages.create' denied on resource '//cloudresourcemanager.googleapis.com/projects/XXXXXXXXXXX' (or it may not exist). (其中 XXXXXXXXXXX 是我的项目 ID)

我已经在https://console.cloud.google.com/iam-admin/iam?project=上给“Firebase Cloud Messaging Admin”角色赋予了权限,但这并没有帮助 :(

有人可以帮忙吗?

添加堆栈跟踪:

com.google.firebase.messaging.FirebaseMessagingException: Permission 'cloudmessaging.messages.create' denied on resource '//cloudresourcemanager.googleapis.com/projects/our-shield-329019' (or it may not exist).
    at com.google.firebase.messaging.FirebaseMessagingException.withMessagingErrorCode(FirebaseMessagingException.java:51)
    at com.google.firebase.messaging.FirebaseMessagingClientImpl$MessagingErrorHandler.createException(FirebaseMessagingClientImpl.java:293)
    at com.google.firebase.messaging.FirebaseMessagingClientImpl$MessagingErrorHandler.createException(FirebaseMessagingClientImpl.java:282)
    at com.google.firebase.internal.AbstractHttpErrorHandler.handleHttpResponseException(AbstractHttpErrorHandler.java:57)
    at com.google.firebase.internal.ErrorHandlingHttpClient.send(ErrorHandlingHttpClient.java:108)
    at com.google.firebase.internal.ErrorHandlingHttpClient.sendAndParse(ErrorHandlingHttpClient.java:72)
    at com.google.firebase.messaging.FirebaseMessagingClientImpl.sendSingleRequest(FirebaseMessagingClientImpl.java:127)
    at com.google.firebase.messaging.FirebaseMessagingClientImpl.send(FirebaseMessagingClientImpl.java:113)
    at com.google.firebase.messaging.FirebaseMessaging$1.execute(FirebaseMessaging.java:137)
    at com.google.firebase.messaging.FirebaseMessaging$1.execute(FirebaseMessaging.java:134)
    at com.google.firebase.internal.CallableOperation.call(CallableOperation.java:36)
    at com.google.firebase.messaging.FirebaseMessaging.send(FirebaseMessaging.java:104)
    at com.google.firebase.messaging.FirebaseMessaging.send(FirebaseMessaging.java:86)
    at com.miloszdobrowolski.investobotbackend.InvestobotAPIs.testNotification(InvestobotAPIs.java:120)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
    at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.base/java.lang.reflect.Method.invoke(Method.java:568)
    at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:205)
    at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:150)
    at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:117)
    at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:895)
    at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:808)
    at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:87)
    at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1067)
    at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:963)
    at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1006)
    at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:898)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:655)
    at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:883)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:764)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:227)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
    at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
    at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100)
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
    at org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93)
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
    at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201)
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:197)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97)
    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:540)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:135)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:357)
    at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:382)
    at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
    at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:893)
    at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1726)
    at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
    at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191)
    at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)
    at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
    at java.base/java.lang.Thread.run(Thread.java:833)
Caused by: com.google.api.client.http.HttpResponseException: 403 Forbidden
2个回答

15
根据了解角色文档,Firebase Cloud Messaging Admin没有cloudmessaging.messages.create权限。要添加此权限,请使用以下任一角色:
  1. Firebase Admin(roles/firebase.admin)
  2. Firebase Grow Admin(roles/firebase.growthAdmin)
  3. Firebase Admin SDK管理员服务代理(roles/firebase.sdkAdminServiceAgent)
  4. Firebase SDK配额管理服务代理(roles/firebase.sdkProvisioningServiceAgent)

我敢肯定我在文档中看到过该角色在管理员中的某处 :/ 当然,这解决了我的问题,谢谢! - Miłosz
1
谢谢。令人恼火的是,似乎无法通过权限搜索角色,至少不是在应用它们的地方。 - Synchro
刚刚花了一整天解决这个问题。谢谢! - giorgio79

0
你需要为你用来发送推送通知的Gmail账户分配一些Firebase角色。enter image description here

网页内容由stack overflow 提供, 点击上面的
可以查看英文原文,
原文链接