Google Cloud Endpoints 限制......任何建议的解决方案? [英] Google Cloud Endpoints limitations... any proposed solutions?

问题描述

我是否认为 Cloud Endpoints 的优点有以下限制:

Am I correct in thinking that the goodness of Cloud Endpoints comes with the following limitations:

1. REST Api 无法部署到自定义域(它将保留在 appspot.com 上).
2. 唯一支持的身份验证是针对 Google 帐户的 OAuth.

1. The REST Api cannot be deployed to a custom domain (it'll remain on appspot.com).
2. The only authentication supported is OAuth against Google accounts.

1. 推论:目前无法创建与 Google 帐户无关的用户登录/会话跟踪机制(例如，使用电子邮件作为用户名和密码).

是否有计划取消这些限制?如果有，ETA 是什么?

Is there any plan to do away with these limitations and if so, what is the ETA?

推荐答案

逐项处理:

1. 目前，是的，情况仍然如此.请记住，我们的初始版本针对的是同一方 用例，其中您提供服务的域基本上无关紧要(它不是面向用户/开发人员的).如果您想使用您的 API 来驱动网站，您可以使用您的自定义域来拥有面向用户的内容，并且仍然使用 CORS 向您的 appspot 域发出请求.如果您正在构建移动应用，则根本没人会看到该域.
2. 内置支持(即使用 User 对象)仅限于 Google 帐户，但您可以通过检查 OAuth 标头(或电子邮件/密码，如果您必须...)
3. (来自评论，关于 GA 状态).Endpoints 现已正式发布.
4. (来自关于公共 API 的评论).您的 API 必须是公开的，但您可以限制可以发出请求的客户端.如果你想制作一个秘密的 API，即 API 的存在本身必须受到保护，目前不支持.我很想知道这个请求有多受欢迎，但我怀疑这对大多数人来说并不是一个障碍.

1. Currently, yes this is still the case. Keep in mind, our initial release is targeted at a same-party use-case, where the domain you're serving from basically doesn't matter (it's not user/developer-facing). If you want to use your API to drive a website, you can use your custom domain to have your user-facing content, and still make requests to your appspot domain using CORS. If you're building a mobile app, no one sees the domain at all.
2. Built-in support (i.e. using the User object) is limited to Google accounts, but you're free to build your own authentication scheme by checking the OAuth headers (or email/password if you must...)
3. (From the comments, regarding GA status). Endpoints is now GA.
4. (From the comments, regarding public APIs). Your APIs must be public, but you can limit the clients that can make requests. If you want to make a secret API, i.e. the existence of the API must itself be protected, that's not currently supported. I'd be curious to hear how popular a request this is, but I suspect it's not a blocker for most people.

这篇关于Google Cloud Endpoints 限制......任何建议的解决方案?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！