如何从 Lambda AWS oAuth Google API? [英] How to oAuth Google API from Lambda AWS?
问题描述
我正在为 Google 日历构建 Alexa Skill.客户端代码在本地机器上按预期工作,因为我可以使用链接对本地机器进行身份验证.但是,当我在 AWS Lambda 上部署代码时,我无法进行身份验证,因为我无法通过 AWS 控制台输入代码.
I am building Alexa Skill for Google calendar. The client side code works as expected on local machine because I can authenticate the local machine using the link. But, when I deploy the code on AWS Lambda there is no way that I can authenticate as I cannot input code via AWS console.
我在设置 Google Calendar API 身份验证时遇到问题在 AWS lambda 上部署时.
I am getting trouble in setting up authentication of Google Calendar API when deployed on AWS lambda.
这个文档对我没有多大帮助Google 实施服务器端身份验证
This documentation doesn't help much to me Google Implementing Server Side Authentication
推荐答案
您应该创建一个服务帐户.这些是专为服务器到服务器通信而设计的.可在此处找到文档:https://developers.google.com/identity/protocols/OAuth2ServiceAccount
You should create a service account. Those are designed especially for server-to-server communication. Documentation can be found here: https://developers.google.com/identity/protocols/OAuth2ServiceAccount
其他答案的解决方案存在的问题是:
The problems with the solutions from other answers are:
- API 密钥不安全
- 访问令牌(例如通过 CLI 命令
gcloud auth print-access-token获得)过期.由于 Lambda 是无状态的,因此无法临时存储令牌并在它到期时刷新它.
- API keys are insecure
- Access tokens (e.g. obtained by the CLI command
gcloud auth print-access-token) expire. Since Lambdas are stateless, there's no way to store a token temporarily and refresh it when it's expired.
这篇关于如何从 Lambda AWS oAuth Google API?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
