如何允许匿名上传到云存储 [英] How to allow anonymous uploads to cloud storage

问题描述

我需要我的用户将文件上传到我的Google云端存储，而无需通过Google进行身份验证。这些主要是Windows桌面/笔记本电脑用户运行我的应用程序阅读完不同的身份验证机制后，我发现可恢复的上传可能是我正在寻找的人。上面的页面有关于如何完成此操作的REST API。我有几个问题：

1. 这是第三方将数据上传到我的帐户而不登录任何Google的正确方法是否有包含可恢复上传相关代码的Python或Java示例？



>



感谢您的帮助。

解决方案

p>






1. 使用签名的网址。基本上，你会提供一个服务器，可以使用任何你喜欢的认证方案，将签名的URL分配给应用程序。然后，应用程序将使用其XML API与Google云端存储联系，并使用签名的URL上传内容。这是最推荐的方式。 http://developers.google.com/storage/docs/accesscontrol#Signed-URLs




2. 在服务器上启动可恢复的上传，并将URL传递给应用程序。当一个可恢复的会话开始时，会产生一个URL，上传者将联系上传实际数据。该URL包含一个upload_id参数，该参数作为该上传的自己的身份验证，因此该URL是客户端所需的全部内容（请注意：这就是为什么保持该上传URL安全非常重要）。 https://developers.google.com/storage/docs/json_api/v1/ how-tos / upload＃resumable




3. 创建一个具有权限设置的存储桶，以便匿名用户可以向其中写入任意对象。这是不好的主意。对存储桶的写入权限意味着匿名用户可以删除该存储桶中的任何文件，上传任意大小的对象（您将负责产生的存储费用），在他们上传的对象上设置ACL（例如，他们可以使用您的存储区作为转储电影的地方，并与朋友分享网址）。不要用这种方法。







I need my users to upload files to my Google Cloud Storage without having to authenticate with Google. These are primarily Windows desktop/laptop users running my application. After reading through the different authentication mechanisms, I see that resumable uploads could be the one I'm looking for. The above page has the REST APIs on how to accomplish this. I have couple questions:

1. Is this the right method for a third party to upload data into my account without logging into any Google account?

2. Is there a Python or Java sample which contains the resumable upload related code?

Thanks for your help.

解决方案

You have three major options:

1. Use a signed URL. Basically, you would provide a server that could dispense "signed URLs" to applications using whatever authentication scheme you like. The application would then contact Google Cloud Storage using its XML API and upload the content using the signed URL. This is the most recommended way. http://developers.google.com/storage/docs/accesscontrol#Signed-URLs

2. Initiate a resumable upload on the server, and pass the URL to the application. When a resumable session is started, a URL will be produced that is contacted by the uploader to upload the actual data. That URL contains an upload_id parameter that works as its own authentication for that one upload, and so that URL is all that is needed by the client (note: this is why it is important to keep that upload URL secure). https://developers.google.com/storage/docs/json_api/v1/how-tos/upload#resumable

3. Create a bucket with permissions set such that anonymous users can write arbitrary objects into it. This is a bad idea. Write permission on a bucket means that anonymous users could delete any file in that bucket, upload objects of any size (you'd be responsible for the resulting storage charges), set the ACL on the objects that they upload (for example, they could use your bucket as a place to dump movies and share the URL with their friends). Don't go with this method.

这篇关于如何允许匿名上传到云存储的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！