验证我的“应用程序"到 Google Cloud Endpoints 不是“用户" [英] Authenticate my "app" to Google Cloud Endpoints not a "user"
问题描述
我要做的是向 Google Cloud Endpoint 验证我的 Android 应用程序.基本上端点应该只允许我的 Android 应用程序访问方法而不是其他任何东西.
What I'm trying to do is to authenticate my Android app to the Google Cloud Endpoint. Basically the endpoints should only allow my Android app to access the methods and nothing else.
我已经做了这些事情-
在 Google Cloud Console 的 Eclipse 中使用我的 SHA1 值创建客户端 ID.
Create a client id using my SHA1 value in Eclipse in the Google Cloud Console.
在 Google Cloud Console 中为我的端点项目创建网络客户端 ID.
Create a web client id in the Google Cloud Console for my endpoint project.
在每个端点提到的@Api"中添加这两个客户端 ID.
Add both these client id's in the "@Api" mentioned on each endpoint.
在端点方法中添加一个额外的用户"参数.
Add an extra "user" parameter in the endpoint methods.
重新生成后端并将其部署到云中.
Regenerate and deploy the backend to the cloud.
但是当我运行它时,用户"总是以空"的形式出现.我正在竭尽全力寻找合适的工作方法来完成所有这些工作.
But when I'm running this the "user" is always coming as "null". I'm at my wits end trying to find a proper working method for doing all this.
我搜索了很多论坛,但在任何地方都没有正确的答案.
I've searched many forums but no proper answers anywhere.
这是另一个类似的帖子 限制对谷歌云端点的访问安卓应用
Here's another similar post Restrict access to google cloud endpoints to Android app
这是我正在使用的参考-https://developers.google.com/appengine/docs/java/endpoints/验证
This is the reference I'm using - https://developers.google.com/appengine/docs/java/endpoints/auth
这里有人做过吗?出于明显的安全原因,我的主要目标是不允许未经身份验证的应用程序和外部世界访问端点.我不想使用基于最终用户的身份验证,因为我想让我的应用程序非常简单.
Has anyone here done this before? My main goal is to not allow unauthenticated apps and outside world to access the endpoints, for obvious security reasons. I don't want to use end-user based authentication since I want to keep my app very simple.
推荐答案
这对我有用:
假设您拥有以下密钥:
static final String WEB_CLIENT_ID = "somekeyfor webclientid.apps.googleusercontent.com";
static final String ANDROID_CLIENT_ID = "somekeyfor androidclientid.apps.googleusercontent.com";静态最终字符串 ANDROID_AUDIENCE = WEB_CLIENT_ID;
static final String ANDROID_CLIENT_ID = "somekeyfor androidclientid.apps.googleusercontent.com"; static final String ANDROID_AUDIENCE = WEB_CLIENT_ID;
您的 Api 注释应如下所示:
Your Api anotation should look like this :
@Api(
name = "yourapiname",
clientIds = {CloudEndpoint.WEB_CLIENT_ID,CloudEndpoint.ANDROID_CLIENT_ID},
audiences = {CloudEndpoint.ANDROID_AUDIENCE},
version = "v1",
namespace = @ApiNamespace(
ownerDomain = "myapp.app.com",
ownerName = "myapp.app.com",
packagePath = ""
)
)
在下面的注释中,注意您的受众是变量 --> ANDROID_AUDIENCE,它等于 WEB_CLIENT_ID.
In the annotation below, notice how your audience is the variable --> ANDROID_AUDIENCE which is equal to WEB_CLIENT_ID.
现在在您的应用程序端,当您创建 googleAccountCredential 对象时,您应该像这样传入 Web 客户端 ID:
Now in your app side, when you create the googleAccountCredential object, you should pass in the Web Client Id like this :
mAccountCredentials = GoogleAccountCredential.usingAudience(getApplicationContext(),"server:client_id:" + "yourwebclientID");
请注意,即使正确完成此操作,如果您在 mAccountCredentials.setSelectedAccountName("accontname") 中传递的帐户名称在设备中不存在,则端点中的用户对象可能仍会显示为 Null.因此,通过转到 --> (Settings/Accounts)
Note that even if this is properly done, your user object in the endpoint might still coming out as Null if the account name you pass in mAccountCredentials.setSelectedAccountName("accontname") does not exist in the device. Therefore make sure the account name you pass does exist in the Android device by going to --> (Settings/Accounts)
这篇关于验证我的“应用程序"到 Google Cloud Endpoints 不是“用户"的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
