将对Google云端点的访问权限限制为Android应用
[英]Restrict access to google cloud endpoints to Android app
问题描述
I'm using Android Studio to generate Google Cloud Endpoints for an Android app. 
我正在使用Android Studio为Android应用生成Google Cloud Endpoints。 I've deployed the endpoints and they work ok. 我已经部署了端点,它们工作正常。
What I want to achieve is to enable access to the endpoints only to my app. 我想要实现的是只允许访问我的应用程序的端点。 All the documentation talks about how to enable authentication for users but I only need to restrict the access to the endpoints only from my app. 所有文档都讨论了如何为用户启用身份验证,但我只需要限制从我的应用程序访问端点。 I don't want to use user credentials because the api does not use that. 我不想使用用户凭据,因为api不使用它。
What I tried is creating a client ID for my app in the Google Console and adding to the APi annotation 我尝试的是在Google控制台中为我的应用创建客户端ID并添加到APi注释
@Api(name = "messageEndpoint", clientIds = {Ids.WEB_CLIENT_ID, Ids.ANDROID_CLIENT_ID, Ids.API_EXPLORER}, audiences = {Ids.ANDROID_AUDIENCE}}
And for each API method, I've added a User parameter and check if the user is null or not. 对于每个API方法,我添加了一个User参数并检查用户是否为null。 My understanding is that the user should be not null if the API is called from one of the client IDS. 我的理解是,如果从其中一个客户端IDS调用API,则用户不应为null。 But user is always null. 但是用户总是为空。
Am I missing something? 我错过了什么吗?
In my Android app I have 在我的Android应用程序中,我有
GoogleAccountCredential credential = GoogleAccountCredential.usingAudience(DelegateActivity.this, "server:client_id:" + Ids.ANDROID_AUDIENCE);
MessageEndpoint.Builder endpointBuilder = new MessageEndpoint.Builder(
AndroidHttp.newCompatibleTransport(), new JacksonFactory(),
credential);
And the exception I am getting is: 我得到的例外是:
java.lang.NullPointerException: [qi] accountName cannot be null.
E at android.os.Parcel.readException(Parcel.java:1431)
E at android.os.Parcel.readException(Parcel.java:1379)
E at com.google.android.gms.internal.a$a$a.a(Unknown Source)
E at com.google.android.gms.auth.GoogleAuthUtil.getToken(Unknown Source)
E at com.google.android.gms.auth.GoogleAuthUtil.getToken(Unknown Source)
E at com.google.api.client.googleapis.extensions.android.gms.auth.GoogleAccountCredential.getToken(GoogleAccountCredential.java:277)
E at com.google.api.client.googleapis.extensions.android.gms.auth.GoogleAccountCredential$RequestHandler.intercept(GoogleAccountCredential.java:301)
E at com.google.api.client.http.HttpRequest.execute(HttpRequest.java:854)
E at com.google.api.client.googleapis.services.AbstractGoogleClientRequest.executeUnparsed(AbstractGoogleClientRequest.java:410)
E at com.google.api.client.googleapis.services.AbstractGoogleClientRequest.executeUnparsed(AbstractGoogleClientRequest.java:343)
E at com.google.api.client.googleapis.services.AbstractGoogleClientRequest.execute(AbstractGoogleClientRequest.java:460)
1 个解决方案
解决方案1
0 2013-07-26 15:01:17
My understanding is that user will be null in the situation you described: authenticating the app and not the user. 我的理解是,在您描述的情况下,用户将为null:验证应用程序而不是用户。
If the app authentication fails then your endpoint won't even be called. 如果应用程序身份验证失败,则甚至不会调用您的端点。
I assume that the string "[qi] accountName cannot be null." 我假设字符串“[qi] accountName不能为空”。 is from your app? 来自你的应用程序?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.