Recupera token di autorizzazione
Mantieni tutto organizzato con le raccolte
Salva e classifica i contenuti in base alle tue preferenze.
Che cos'è un token?
Fleet Engine richiede l'utilizzo di token web JSON (JWT) per le chiamate ai metodi API
da ambienti a bassa attendibilità: smartphone e browser.
Un JWT ha origine sul tuo server, viene firmato, criptato e trasmesso al client
per le successive interazioni con il server fino alla scadenza o alla perdita di validità.
Dettagli chiave
Per saperne di più sui token web JSON, consulta la sezione Token web JSON in
Fleet Engine Essentials.
Come ottengono i token i client?
Una volta che un autista o un consumatore accede alla tua app utilizzando le credenziali di autenticazione appropriate, tutti gli aggiornamenti emessi da quel dispositivo devono utilizzare token di autorizzazione appropriati, che comunicano a Fleet Engine le autorizzazioni per l'app.
In qualità di sviluppatore, l'implementazione del client deve fornire la possibilità di
fare quanto segue:
- Recupera un token web JSON dal tuo server.
- Riutilizza il token fino alla scadenza per ridurre al minimo gli aggiornamenti del token.
- Aggiorna il token quando scade.
Il protocollo GMTDAuthorization recupera i token web JSON al momento dell'aggiornamento della posizione
in base all'oggetto GMTD AuthorizationContext. L'SDK
deve includere i token con le informazioni di aggiornamento da inviare a Fleet Engine.
Assicurati che l'implementazione lato server possa emettere token prima di inizializzare l'SDK.
Per i dettagli sui token previsti da Fleet Engine, consulta la sezione
Emettere token web JSON per Fleet Engine.
L'ID fornitore corrisponde all'ID progetto del tuo progetto Google Cloud. Per informazioni sulla configurazione del progetto Google Cloud, vedi
Creare il progetto Fleet Engine.
Esempio di un recuperatore di token di autenticazione
L'esempio seguente mostra un'implementazione del protocollo GMTDAuthorization.
Swift
import GoogleRidesharingDriver
private let providerURL = "INSERT_YOUR_TOKEN_PROVIDER_URL"
class SampleAccessTokenProvider: NSObject, GMTDAuthorization {
private struct AuthToken {
// The cached vehicle token.
let token: String
// Keep track of when the token expires for caching.
let expiration: TimeInterval
// Keep track of the vehicle ID the cached token is for.
let vehicleID: String
}
enum AccessTokenError: Error {
case missingAuthorizationContext
case missingData
}
private var authToken: AuthToken?
func fetchToken(
with authorizationContext: GMTDAuthorizationContext?,
completion: @escaping GMTDAuthTokenFetchCompletionHandler
) {
// Get the vehicle ID from the authorizationContext. This is set by the Driver SDK.
guard let authorizationContext = authorizationContext else {
completion(nil, AccessTokenError.missingAuthorizationContext)
return
}
let vehicleID = authorizationContext.vehicleID
// If appropriate, use the cached token.
if let authToken = authToken,
authToken.expiration > Date.now.timeIntervalSince1970 && authToken.vehicleID == vehicleID
{
completion(authToken.token, nil)
return
}
// Otherwise, try to fetch a new token from your server.
let request = URLRequest(url: URL(string: providerURL))
let task = URLSession.shared.dataTask(with: request) { [weak self] data, _, error in
guard let strongSelf = self else { return }
guard error == nil else {
completion(nil, error)
return
}
// Replace the following key values with the appropriate keys based on your
// server's expected response.
let vehicleTokenKey = "VEHICLE_TOKEN_KEY"
let tokenExpirationKey = "TOKEN_EXPIRATION"
guard let data = data,
let fetchData = try? JSONSerialization.jsonObject(with: data) as? [String: Any],
let token = fetchData[vehicleTokenKey] as? String,
let expiration = fetchData[tokenExpirationKey] as? Double
else {
completion(nil, AccessTokenError.missingData)
return
}
strongSelf.authToken = AuthToken(
token: token, expiration: expiration, vehicleID: vehicleID)
completion(token, nil)
}
task.resume()
}
}
Objective-C
#import "SampleAccessTokenProvider.h"
#import <GoogleRidesharingDriver/GoogleRidesharingDriver.h>
// SampleAccessTokenProvider.h
@interface SampleAccessTokenProvider : NSObject<GMTDAuthorization>
@end
static NSString *const PROVIDER_URL = @"INSERT_YOUR_TOKEN_PROVIDER_URL";
// SampleAccessTokenProvider.m
@implementation SampleAccessTokenProvider{
// The cached vehicle token.
NSString *_cachedVehicleToken;
// Keep track of the vehicle ID the cached token is for.
NSString *_lastKnownVehicleID;
// Keep track of when tokens expire for caching.
NSTimeInterval _tokenExpiration;
}
- (void)fetchTokenWithContext:(nullable GMTDAuthorizationContext *)authorizationContext
completion:(nonnull GMTDAuthTokenFetchCompletionHandler)completion {
if (!completion) {
NSAssert(NO, @"%s encountered an unexpected nil completion.", __PRETTY_FUNCTION__);
return;
}
// Get the vehicle ID from the authorizationContext. This is set by the Driver SDK.
NSString *vehicleID = authorizationContext.vehicleID;
if (!vehicleID) {
NSAssert(NO, @"Vehicle ID is missing from authorizationContext.");
return;
}
// Clear cached vehicle token if vehicle ID has changed.
if (![_lastKnownVehicleID isEqual:vehicleID]) {
_tokenExpiration = 0.0;
_cachedVehicleToken = nil;
}
_lastKnownVehicleID = vehicleID;
// Clear cached vehicletoken if it has expired.
if ([[NSDate date] timeIntervalSince1970] > _tokenExpiration) {
_cachedVehicleToken = nil;
}
// If appropriate, use the cached token.
if (_cachedVehicleToken) {
completion(_cachedVehicleToken, nil);
return;
}
// Otherwise, try to fetch a new token from your server.
NSURL *requestURL = [NSURL URLWithString:PROVIDER_URL];
NSMutableURLRequest *request =
[[NSMutableURLRequest alloc] initWithURL:requestURL];
request.HTTPMethod = @"GET";
// Replace the following key values with the appropriate keys based on your
// server's expected response.
NSString *vehicleTokenKey = @"VEHICLE_TOKEN_KEY";
NSString *tokenExpirationKey = @"TOKEN_EXPIRATION";
__weak typeof(self) weakSelf = self;
void (^handler)(NSData *_Nullable data, NSURLResponse *_Nullable response,
NSError *_Nullable error) =
^(NSData *_Nullable data, NSURLResponse *_Nullable response, NSError *_Nullable error) {
typeof(self) strongSelf = weakSelf;
if (error) {
completion(nil, error);
return;
}
NSError *JSONError;
NSMutableDictionary *JSONResponse =
[NSJSONSerialization JSONObjectWithData:data options:kNilOptions error:&JSONError];
if (JSONError) {
completion(nil, JSONError);
return;
} else {
// Sample code only. No validation logic.
id expirationData = JSONResponse[tokenExpirationKey];
if ([expirationData isKindOfClass:[NSNumber class]]) {
NSTimeInterval expirationTime = ((NSNumber *)expirationData).doubleValue;
strongSelf->_tokenExpiration = [[NSDate date] timeIntervalSince1970] + expirationTime;
}
strongSelf->_cachedVehicleToken = JSONResponse[vehicleTokenKey];
completion(JSONResponse[vehicleTokenKey], nil);
}
};
NSURLSessionConfiguration *config = [NSURLSessionConfiguration defaultSessionConfiguration];
NSURLSession *mainQueueURLSession =
[NSURLSession sessionWithConfiguration:config delegate:nil
delegateQueue:[NSOperationQueue mainQueue]];
NSURLSessionDataTask *task = [mainQueueURLSession dataTaskWithRequest:request completionHandler:handler];
[task resume];
}
@end
Passaggi successivi
Inizializza il Driver SDK
Salvo quando diversamente specificato, i contenuti di questa pagina sono concessi in base alla licenza Creative Commons Attribution 4.0, mentre gli esempi di codice sono concessi in base alla licenza Apache 2.0. Per ulteriori dettagli, consulta le norme del sito di Google Developers. Java è un marchio registrato di Oracle e/o delle sue consociate.
Ultimo aggiornamento 2025-08-31 UTC.
[null,null,["Ultimo aggiornamento 2025-08-31 UTC."],[[["\u003cp\u003eFleet Engine utilizes JSON Web Tokens (JWTs) for API method calls originating from low-trust environments like smartphones and browsers, ensuring secure communication.\u003c/p\u003e\n"],["\u003cp\u003eYour backend server, a trusted environment, is responsible for authenticating against Fleet Engine using Application Default Credentials and signing JWTs with a service account.\u003c/p\u003e\n"],["\u003cp\u003eClient applications should implement functionality to fetch, reuse, and refresh JWTs from your server, minimizing the need for frequent token requests.\u003c/p\u003e\n"],["\u003cp\u003eThe provided code examples demonstrate how to create an authentication token fetcher to obtain and manage JWTs for use with the Fleet Engine Driver SDK.\u003c/p\u003e\n"]]],[],null,["# Get authorization tokens\n\nWhat is a token?\n----------------\n\nFleet Engine requires the use of **JSON Web Tokens** (JWTs) for API method calls\nfrom **low-trust environments**: smartphones and browsers.\n\nA JWT originates on your server, is signed, encrypted, and passed to the client\nfor subsequent server interactions until it expires or is no longer valid.\n\n**Key details**\n\n- Use [Application Default Credentials](https://google.aip.dev/auth/4110) to authenticate and authorize against Fleet Engine.\n- Use an appropriate service account to sign JWTs. See [Fleet Engine serviceaccount](/maps/documentation/mobility/fleet-engine/essentials/set-up-fleet/service-accounts#fleet_engine_service_account_roles) roles in **Fleet Engine Basics**.\n\nFor more information about JSON Web Tokens, see [JSON Web Tokens](/maps/documentation/mobility/fleet-engine/essentials/set-up-fleet/jwt) in\n**Fleet Engine Essentials**.\n\nHow clients get tokens?\n-----------------------\n\nOnce a driver or consumer logs in to your app using the appropriate\nauthentication credentials, any updates issued from that device must use\nappropriate authorization tokens, which communicates to Fleet Engine the\npermissions for the app.\n\nAs the developer, your client implementation should provide the ability to\ndo the following:\n\n- Fetch a JSON Web Token from your server.\n- Reuse the token until it expires to minimize token refreshes.\n- Refresh the token when it expires.\n\nThe `GMTDAuthorization` protocol fetches JSON Web tokens at location update time\nbased on the `GMTD AuthorizationContext` object. The SDK\nmust package the tokens with the update information to send to Fleet Engine.\nMake sure that your server-side implementation can issue tokens before\ninitializing the SDK.\n\nFor details of the tokens expected by Fleet Engine, see\n[Issue JSON Web Tokens](/maps/documentation/mobility/fleet-engine/essentials/set-up-fleet/issue-jwt) for Fleet Engine.\n\nThe providerID is the same as the **Project ID** of your Google Cloud\nProject. For information on setting up the Google Cloud Project, see\n[Create your Fleet Engine project](/maps/documentation/mobility/fleet-engine/essentials/set-up-fleet/create-project).\n\nExample of an authentication token fetcher\n------------------------------------------\n\nThe following example shows an implementation of the `GMTDAuthorization`\nprotocol. \n\n### Swift\n\n import GoogleRidesharingDriver\n\n private let providerURL = \"INSERT_YOUR_TOKEN_PROVIDER_URL\"\n\n class SampleAccessTokenProvider: NSObject, GMTDAuthorization {\n private struct AuthToken {\n // The cached vehicle token.\n let token: String\n // Keep track of when the token expires for caching.\n let expiration: TimeInterval\n // Keep track of the vehicle ID the cached token is for.\n let vehicleID: String\n }\n\n enum AccessTokenError: Error {\n case missingAuthorizationContext\n case missingData\n }\n\n private var authToken: AuthToken?\n\n func fetchToken(\n with authorizationContext: GMTDAuthorizationContext?,\n completion: @escaping GMTDAuthTokenFetchCompletionHandler\n ) {\n // Get the vehicle ID from the authorizationContext. This is set by the Driver SDK.\n guard let authorizationContext = authorizationContext else {\n completion(nil, AccessTokenError.missingAuthorizationContext)\n return\n }\n let vehicleID = authorizationContext.vehicleID\n\n // If appropriate, use the cached token.\n if let authToken = authToken,\n authToken.expiration \u003e Date.now.timeIntervalSince1970 && authToken.vehicleID == vehicleID\n {\n completion(authToken.token, nil)\n return\n }\n\n // Otherwise, try to fetch a new token from your server.\n let request = URLRequest(url: URL(string: providerURL))\n let task = URLSession.shared.dataTask(with: request) { [weak self] data, _, error in\n guard let strongSelf = self else { return }\n guard error == nil else {\n completion(nil, error)\n return\n }\n\n // Replace the following key values with the appropriate keys based on your\n // server's expected response.\n let vehicleTokenKey = \"VEHICLE_TOKEN_KEY\"\n let tokenExpirationKey = \"TOKEN_EXPIRATION\"\n guard let data = data,\n let fetchData = try? JSONSerialization.jsonObject(with: data) as? [String: Any],\n let token = fetchData[vehicleTokenKey] as? String,\n let expiration = fetchData[tokenExpirationKey] as? Double\n else {\n completion(nil, AccessTokenError.missingData)\n return\n }\n\n strongSelf.authToken = AuthToken(\n token: token, expiration: expiration, vehicleID: vehicleID)\n completion(token, nil)\n }\n task.resume()\n }\n }\n\n### Objective-C\n\n #import \"SampleAccessTokenProvider.h\"\n #import \u003cGoogleRidesharingDriver/GoogleRidesharingDriver.h\u003e\n\n // SampleAccessTokenProvider.h\n @interface SampleAccessTokenProvider : NSObject\u003cGMTDAuthorization\u003e\n @end\n\n static NSString *const PROVIDER_URL = @\"INSERT_YOUR_TOKEN_PROVIDER_URL\";\n\n // SampleAccessTokenProvider.m\n @implementation SampleAccessTokenProvider{\n // The cached vehicle token.\n NSString *_cachedVehicleToken;\n // Keep track of the vehicle ID the cached token is for.\n NSString *_lastKnownVehicleID;\n // Keep track of when tokens expire for caching.\n NSTimeInterval _tokenExpiration;\n }\n\n - (void)fetchTokenWithContext:(nullable GMTDAuthorizationContext *)authorizationContext\n completion:(nonnull GMTDAuthTokenFetchCompletionHandler)completion {\n\n if (!completion) {\n NSAssert(NO, @\"%s encountered an unexpected nil completion.\", __PRETTY_FUNCTION__);\n return;\n }\n\n // Get the vehicle ID from the authorizationContext. This is set by the Driver SDK.\n NSString *vehicleID = authorizationContext.vehicleID;\n if (!vehicleID) {\n NSAssert(NO, @\"Vehicle ID is missing from authorizationContext.\");\n return;\n }\n\n // Clear cached vehicle token if vehicle ID has changed.\n if (![_lastKnownVehicleID isEqual:vehicleID]) {\n _tokenExpiration = 0.0;\n _cachedVehicleToken = nil;\n }\n _lastKnownVehicleID = vehicleID;\n\n // Clear cached vehicletoken if it has expired.\n if ([[NSDate date] timeIntervalSince1970] \u003e _tokenExpiration) {\n _cachedVehicleToken = nil;\n }\n\n // If appropriate, use the cached token.\n if (_cachedVehicleToken) {\n completion(_cachedVehicleToken, nil);\n return;\n }\n // Otherwise, try to fetch a new token from your server.\n NSURL *requestURL = [NSURL URLWithString:PROVIDER_URL];\n NSMutableURLRequest *request =\n [[NSMutableURLRequest alloc] initWithURL:requestURL];\n request.HTTPMethod = @\"GET\";\n // Replace the following key values with the appropriate keys based on your\n // server's expected response.\n NSString *vehicleTokenKey = @\"VEHICLE_TOKEN_KEY\";\n NSString *tokenExpirationKey = @\"TOKEN_EXPIRATION\";\n __weak typeof(self) weakSelf = self;\n void (^handler)(NSData *_Nullable data, NSURLResponse *_Nullable response,\n NSError *_Nullable error) =\n ^(NSData *_Nullable data, NSURLResponse *_Nullable response, NSError *_Nullable error) {\n typeof(self) strongSelf = weakSelf;\n if (error) {\n completion(nil, error);\n return;\n }\n\n NSError *JSONError;\n NSMutableDictionary *JSONResponse =\n [NSJSONSerialization JSONObjectWithData:data options:kNilOptions error:&JSONError];\n\n if (JSONError) {\n completion(nil, JSONError);\n return;\n } else {\n // Sample code only. No validation logic.\n id expirationData = JSONResponse[tokenExpirationKey];\n if ([expirationData isKindOfClass:[NSNumber class]]) {\n NSTimeInterval expirationTime = ((NSNumber *)expirationData).doubleValue;\n strongSelf-\u003e_tokenExpiration = [[NSDate date] timeIntervalSince1970] + expirationTime;\n }\n strongSelf-\u003e_cachedVehicleToken = JSONResponse[vehicleTokenKey];\n completion(JSONResponse[vehicleTokenKey], nil);\n }\n };\n NSURLSessionConfiguration *config = [NSURLSessionConfiguration defaultSessionConfiguration];\n NSURLSession *mainQueueURLSession =\n [NSURLSession sessionWithConfiguration:config delegate:nil\n delegateQueue:[NSOperationQueue mainQueue]];\n NSURLSessionDataTask *task = [mainQueueURLSession dataTaskWithRequest:request completionHandler:handler];\n [task resume];\n }\n\n @end\n\nWhat's next\n-----------\n\n[Initialize the Driver SDK](/maps/documentation/mobility/driver-sdk/scheduled/ios/initialize-sdk)"]]
