如何对具有共享链接的用户隐藏Google合作实验室中的秘密密钥? [英] How to hide secret keys in Google Colaboratory from users having the sharing link?

问题描述

我编写了一个脚本，该脚本从API提取一些数据并构建一个Excel文件.我不是开发人员，这是我编写的第一个真实程序.我将代码托管在Google Colab上.

I written a script that extract some data from an API and build an Excel file. I'm not a dev, it is my first real program ever writted. I hosted the code on Google Colab.

有明确的API密钥.我想通过Google云端硬盘共享链接共享该链接，以链接到需要生成Excel文件的人们，以便他们可以执行该文件.但是，我希望不要明确包含API秘密密钥，以免在企业外部意外共享.

There is API secret keys in clear. I want to share it with a Google Drive sharing link to people needing to generate the Excel file so that they can execute it. However I would prefer not to include API secret keys in clear in order to avoid accidental sharings outside of the entreprise.

我想知道如何隐藏它...或如何为用户提供另一种在不知道密码的情况下执行文件的方法.我无法访问企业内部的共享Web服务器.

I'm wondering how to hide this... Or how to provide users an alternative methode to execute the file without knowing the passwords. I don't have access to a shared webserver internally to the entreprise.

致谢

CLIENT_KEY = u'*****'
CLIENT_SECRET = u'*****'
BASE_URL = u'*****'

access_token_key = '*****'
access_token_secret = '*****'


print ('Getting user profile...',)
oauth = OAuth(CLIENT_KEY, client_secret=CLIENT_SECRET, resource_owner_key=access_token_key,
              resource_owner_secret=access_token_secret)
r = requests.get(url=BASE_URL + '1/user/me/profile', auth=oauth)
print (json.dumps(r.json(), sort_keys=True, indent=4, separators=(',', ': ')))

...

推荐答案

要扩展@Korakot Chaovavanich的答案，请按以下步骤逐步解决该问题:

To expand on @Korakot Chaovavanich's answer, here is the step by step of that solution:

1. 创建一个文件，并用键将其保存到Google驱动器.它应该看起来像这样:

[default]
aws_access_key_id=AKIAIOSFODNN7EXAMPLE
aws_secret_access_key=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY

1. 安装pydrive

!pip install -U -q PyDrive

1. 对Google云端硬盘进行身份验证，然后下载&解析证书文件

(某些代码来自@wenkesj在

(Some of this code comes from @wenkesj's answer on this question.)

# Imports
import os
from pydrive.auth import GoogleAuth
from pydrive.drive import GoogleDrive
from google.colab import auth
from oauth2client.client import GoogleCredentials

# Google drive authentication
auth.authenticate_user()
gauth = GoogleAuth()
gauth.credentials = GoogleCredentials.get_application_default()
drive = GoogleDrive(gauth)

# File params
local_save_dir = "/root/.aws"
filename = "credentials"
save_path = "{0}/{1}".format(local_save_dir, filename)

# Choose/create a local (colab) directory to store the data.
local_download_path = os.path.expanduser(local_save_dir)
try:
  os.makedirs(local_download_path)
except: pass

drive_list = drive.ListFile().GetList()
f = [x for x in drive_list if x["title"] == filename][0]

print('title: %s, id: %s' % (f['title'], f['id']))
fname = os.path.join(local_download_path, f['title'])
print('downloading to {}'.format(fname))
f_ = drive.CreateFile({'id': f['id']})
f_.GetContentFile(fname)

with open(save_path) as creds:
    for i, line in enumerate(creds):
        if i == 1:
            access_token_key = line.replace("aws_access_key_id=", "").replace("\n", "")
        if i == 2:
            access_token_secret = line.replace("aws_secret_access_key=", "").replace("\n", "")

现在，您的AWS密钥位于两个变量access_token_key&中. access_token_secret.

Now your AWS keys are in the two variables access_token_key & access_token_secret.

这篇关于如何对具有共享链接的用户隐藏Google合作实验室中的秘密密钥?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！