安装 Firebase CLI 并登录后，我可以创建这样的 JavaScript 文件，该文件从 Firestore 检索数据并直接从本地命令行执行：

script.js:

const admin = require('firebase-admin');

(async () => {
  admin.initializeApp({ projectId: 'my-project-id' });

  const widget = await admin
    .firestore()
    .doc('widgets/someid')
    .get();

  console.log(widget.data());
})();

命令：node script.js

在我尝试从 Firebase 的身份验证中检索用户之前，它运行良好。然后我遇到了 403 错误。这是脚本：

const admin = require('firebase-admin');

(async () => {
  admin.initializeApp({ projectId: 'my-project-id' });

  const user = await admin
    .auth()
    .getUser('some-uid');

  console.log(user);
})();

错误信息如下：

{
    "error": {
        "code": 403,"message": "Your application has authenticated using end user credentials from the Google Cloud SDK or Google Cloud Shell which are not supported by the identitytoolkit.googleapis.com.We recommend configuring the billing / quota_project setting in gcloud or using a service account through the auth / impersonate_service_account setting.For more information about service accounts and how to use them in your application,see https: //cloud.google.com/docs/authentication/.","errors": [{
            "message": "Your application has authenticated using end user credentials from the Google Cloud SDK or Google Cloud Shell which are not supported by the identitytoolkit.googleapis.com. We recommend configuring the billing/quota_project setting in gcloud or using a service account through the auth/impersonate_service_account setting. For more information about service accounts and how to use them in your application,see https://cloud.google.com/docs/authentication/.","domain": "usageLimits","reason": "accessNotConfigured","extendedHelp": "https://console.developers.google.com"
        }],"status": "PERMISSION_DENIED"
    }
}

这很奇怪，因为我以 GCP 项目的管理员身份登录。上面的代码在云函数内部运行时也能很好地工作（它只有我所做的权限的一个子集）。如何更改权限和配置以使上述脚本正常工作？

解决方法

set GOOGLE_APPLICATION_CREDENTIALS=./path/service-account.json

$env:GOOGLE_APPLICATION_CREDENTIALS = './path/service-account.json'

node script.js