如何调用使用GCP身份验证的REST服务? [英] How to call REST service which uses GCP authentication?

问题描述

我必须从我的应用程序中调用使用google身份验证的外部http服务.当我从浏览器中调用它时，它可以工作.我发现发生这种情况是因为我的Cookie包含

From my application I have to invoke external http service which uses google authentication. It works when I invoke it from browser. I found out that it happens because I have cookie which contains

GCP_IAAP_AUTH_TOKEN_<random_string>
GCP_IAP_UID 

所以我的cookie看起来像这样:

So my cookie look like this:

cookie:    GCP_IAP_UID=111111111111; GCP_IAAP_AUTH_TOKEN_1234567891234567890B=verylongstringhere"

我试图直接在restTemplate中设置此cookie，它可以正常工作，但是我希望我必须基于某种凭证来获得令牌.

I tried to set this cookie directly in my restTemplate and it works properly but I expect that I have to get token based on some kind of credentials.

webClient.post()
         .uri(uploadUrl)                    
         .header("cookie", "GCP_IAP_UID=12345678901234567890; GCP_IAAP_AUTH_TOKEN_12345678907645456546B=verylongstringhere")

能否请您提供正确使用GCP身份验证的示例?如何更新令牌?基于什么?

Could you please provide example of correct usage GCP auth ? How to update token? Based on what?

推荐答案

Google API使用OAuth 2.0协议进行身份验证和授权

Google APIs use the OAuth 2.0 protocol for authentication and authorization

您可以从Google API控制台获取OAuth 2.0客户端凭据.然后，您的客户端应用程序从Google授权服务器请求访问令牌，从响应中提取令牌，然后将该令牌发送到您要访问的Google API.

You can obtain OAuth 2.0 client credentials from the Google API Console. Then your client application requests an access token from the Google Authorization Server, extracts a token from the response, and sends the token to the Google API that you want to access.

在您的应用程序可以使用Google API访问私有数据之前，它必须获得授予该API访问权限的访问令牌.

Before your application can access private data using a Google API, it must obtain an access token that grants access to that API.

有几种方法可以发出此请求，并且这些方法根据您所构建的应用程序的类型而有所不同.例如，JavaScript应用程序可能会使用浏览器重定向到Google来请求访问令牌，而安装在没有浏览器的设备上的应用程序会使用网络服务请求.

There are several ways to make this request, and they vary based on the type of application you are building. For example, a JavaScript application might request an access token using a browser redirect to Google, while an application installed on a device that has no browser uses web service requests.

我建议您仔细阅读使用OAuth 2.0访问Google API的文章最适合您的应用程序的方法，有一些记录在案的场景可以解释GCP如何使用应用程序身份验证

I recommend you to go trough OAuth 2.0 to Access Google APIs article to choose the best method for your application, there are a couple of documented scenarios to explain how GCP uses application authentication

这篇关于如何调用使用GCP身份验证的REST服务?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！