在Android中限制使用Google API密钥 [英] Using Google API Key with restriction in Android
问题描述
在创建Google Maps API密钥时,我们可以应用四个限制:-
While creating Google Maps API key there are four restrictions we can apply:-
- IP地址(Web服务器,cron作业等).
- HTTP Referer(JavaScript)
- Andoid(对于SDK)
- ios(对于SDK)
现在,如果我们将按键用于各自的位置,则一切正常.
Now everything works fine if we use the keys to their respective places.
当我们想使用REST从移动设备(android/ios)访问某些API时出现问题,例如获取附近的位置以供用户输入.现在,哪种限制在这种情况下会起作用,以及如何处理呢?
The problem comes when we want to access some API from mobile(android/ios) using REST for eg fetching nearby places for user input. Now which restriction will work in this case and how to handle that?
我已经尝试了所有限制,但无法正常工作.
I have tried all the restrictions and it won't work.
谢谢.
推荐答案
如果我理解正确,则希望从移动应用程序使用Places API Web服务.通常,应该从后端服务器调用Google Maps API Web服务,并且它们仅支持IP地址限制.
If I understand correctly, you want to use Places API web service from your mobile app. Typically Google Maps APIs web services are supposed to be called from backend servers and they support only IP address restrictions.
我建议您看一下以下有关可以为不同API设置的限制的文章
I would suggest having a look at the following article regarding restrictions that can be set for different APIs
https://developers.google.com/maps/faq#keysystem
如您所见,Places API Web服务只能使用IP地址限制.直接从移动设备发送Places API请求没有多大意义,因为每个设备都有自己的IP地址,而且您不知道用户设备的IP地址.因此,为了保护API密钥,唯一可行的解决方法是创建中间后端服务器.
As you can see, Places API web service can use only IP address restriction. It doesn't make much sense sending Places API requests directly from mobile devices, because each device has its own IP address and you don't know IP addresses of users' devices. So, the only feasible workaround in order to protect an API key is creation of the intermediate backend server.
应用应将请求发送到您的中间服务器,中间后端服务器应将Google地方信息API请求发送到Google,且受保护的API密钥仅限于您服务器的IP地址,并将代理结果返回给您的应用.
The app should send request to your intermediate server, the intermediate backend server should send Places API request to Google with protected API key restricted to IP address of your server and proxy results back to your app.
在这种情况下,您需要两个API密钥.一个用于具有Android应用程序限制的Google Maps Android SDK,另一个用于具有IP地址限制的Places API Web服务.
In this scenario you need two API keys. One for Google Maps Android SDK with Android app restriction and another one for Places API web service with IP address restriction.
我希望这会有所帮助!
这篇关于在Android中限制使用Google API密钥的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
