为什么Google Translate API在JSON请求正文中不接受API-Key? [英] Why Google Translate API doesn't accept API-Key in JSON request body?

查看:275
本文介绍了为什么Google Translate API在JSON请求正文中不接受API-Key?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我是新来使用Google Could Platform的人.

I'm new to use Google Could Platform.

我尝试了Translation API的教程.由于某种原因,我想使用API​​密钥进行身份验证.但是API尽管在HTTP查询参数中接受了相同的密钥,但是在JSON请求中却不接受密钥.

I tried Translation API's tutorial. By some reason I want to use API-Key for its authentication. but API doesn't accept key in JSON Request, though it accepts same key in HTTP query parameter.

这是Google Translation API的限制吗?还是我有任何错误?

Is this a restriction of Google Translation API? or do I have any mistake?

以下是我尝试过的操作:

Following is what I tried:

在将API密钥作为查询参数传递时起作用

$ curl -H 'Content-Type: application/json' 'https://translation.googleapis.com/language/translate/v2?key=xxxxxxxxxx' --data-binary @test.json

与我的test.json是:

with my test.json is:

{
  "q": "The quick brown fox jumped over the lazy dog.",
  "source": "en",
  "target": "es",
  "format": "text"
}

结果为:

{
  "data": {
    "translations": [
      {
        "translatedText": "El rpido zorro marrn salt sobre el perro perezoso."
      }
    ]
  }
}

但是出于安全原因,我不想通过查询字符串传递此API密钥.

But for some security reason, I don't want to pass this API-key by query string.

为什么我不想使用查询字符串

带有敏感参数的URI是不安全的,因为它经常被记录或在某些情况下显示,而HTTP Header或HTTP正文则不是.

An URI with sensitive parameter is not safe, for it is often logged or is shown in some situation, while HTTP Header or HTTP body aren't.

当然,使用更强的身份验证方法(服务帐户)可以提高安全性,但是对于某些用例(例如嵌入到遗留系统中),API密钥也是不错的解决方案.

Of course using stronger authentication method (Service Account) is better for security, but API-key is also a good solution for some use cases like embedding in legacy-system, or so.

在JSON请求中传递Api-key时不起作用

我在请求JSON中设置了关键"项目,但该项目无效.导致授权错误.

I set "key" item in my request JSON, and it didn't work. It caused authorization error.

curl -H 'Content-Type: application/json' 'https://translation.googleapis.com/language/translate/v2' --data-binary @test.json

with test.json:

with test.json:

{
  "key": "xxxxxxxxxx",
  "q": "The quick brown fox jumped over the lazy dog.",
  "source": "en",
  "target": "es",
  "format": "text"
}

结果:

{
  "error": {
    "code": 403,
    "message": "The request is missing a valid API key.",
    "errors": [
      {
        "message": "The request is missing a valid API key.",
        "domain": "global",
        "reason": "forbidden"
      }
    ],
    "status": "PERMISSION_DENIED"
  }
}

推荐答案

我能找到的唯一有效示例是:

The only working example I could find was:

在网址中添加密钥,例如:

Append the key in the URL, e.g.:

https://translation.googleapis.com/language/translate/v2 ?key = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

其余的都在POST中完成.

Do the rest in POST.

这篇关于为什么Google Translate API在JSON请求正文中不接受API-Key?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆