[英]How to pass sensitive data to Google Cloud Endpoints from Android app?
I am trying to create a simple minimal session management kind of system in Google Endpoints. 我正在尝试在Google Endpoints中创建一个简单的最小会话管理类型的系统。
I authenticate users on my Android app. 我在Android应用上验证用户身份。 For making authenticated Endpoint API calls, I plan to verify the user only once on the Endpoint server by passing the idToken
in the first call to Endpoints API from Android app. 为了进行经过身份验证的Endpoint API调用,我计划通过在Android应用程序的第一次调用Endpoints API中传递idToken
在Endpoint服务器上仅验证用户一次。
I would, then, assign a session_id
(say a number) to that user. 然后,我会为该用户分配一个session_id
(比如一个数字)。 This session_id
would be communicated back to that Android app. 此session_id
将传回该Android应用。 The Cloud Endpoint server would not verify the user for the next 24 hours. Cloud Endpoint服务器不会在接下来的24小时内验证用户。
When an Android app calls an endpoints API with that session_id
, I would perform the required operations assuming it to be from the authenticated user. 当Android应用程序使用该session_id
调用端点API时,我会执行所需的操作,假设它来自经过身份验证的用户。
CONCERNS 疑虑
If anyone sniffs the session_id
, he would be able to perform operations of an authenticated user. 如果有人嗅探session_id
,他将能够执行经过身份验证的用户的操作。
Q 1 Is it secure ( and correct way) to pass sensitive data (like session_id
) to Google Cloud Endpoints from Android app ? 问1从Android应用程序将敏感数据(如session_id
)传递到Google Cloud Endpoints是否安全(并且正确)?
Q 2 Is all communication between Android app and Cloud Endpoints done via HTTPS by default even though I do not have HTTPS enabled for my website ? 问2即使我没有为我的网站启用HTTPS,Android应用和云端点之间的所有通信都是默认通过HTTPS完成的吗? Official doc says : 官方文件说:
Important: Google Cloud Endpoints requires SSL. 重要提示:Google Cloud Endpoints需要SSL。 If you need to access your backend API in a system not supporting SSL, you'll need to either update the system to support SSL or use a proxy. 如果您需要在不支持SSL的系统中访问后端API,则需要更新系统以支持SSL或使用代理。
Another Official doc says: 另一位官方文件说:
In both method decorators, we supply the path to specify a location at which the method serves requests. 在两个方法装饰器中,我们提供路径来指定方法为请求提供服务的位置。 The value specified is appended to the API path, for example, if the value hellogreeting is specified, the path is https://your-app-id.appspot.com/_ah/api/helloworld/v1/hellogreeting . 指定的值将附加到API路径,例如,如果指定了值hellogreeting,则路径为https://your-app-id.appspot.com/_ah/api/helloworld/v1/hellogreeting 。 For greetings.getGreeting, the path is hellogreeting/{id} where {id} is required or else your API method won't receive the incoming request argument. 对于greetings.getGreeting,路径为hellogreeting / {id},其中{id}是必需的,否则您的API方法将不会收到传入的请求参数。
NOTE: I do not have SSL (HTTPS) enabled for my website. 注意:我没有为我的网站启用SSL(HTTPS)。 I use GAE Python on web and Android/Java. 我在网络和Android / Java上使用GAE Python。 I have website and an Android app which I am migrating from Google authentication to Google Identity Toolkit based multiple provider authentication (like Facebook, Google, others). 我有网站和Android应用程序,我正在从Google身份验证迁移到基于Google Identity Toolkit的多个提供商身份验证(如Facebook,Google,其他)。
Q1 . Q1 。 It can be assumed to be secure (from sniffing) if it's passed via HTTPS only, although I am not sure if it's the correct way which depends on your implementation. 如果它仅通过HTTPS传递,可以假设是安全的(从嗅探),虽然我不确定它是否是正确的方式取决于您的实现。 You mentioned it would be a number. 你提到它会是一个数字。 What kind of a number? 什么样的号码? Randomly generated? 随机生成? Sequential? 顺序?
Also, are you using Users API / webapp2? 另外,您使用的是用户API / webapp2吗? I like the built-in create_auth_token
function which can save you some time and replace the session_id
in your case, and then you could use get_by_auth_token
or validate_token
to get corresponding user or simply validate the token and delete_auth_token
to invalidate the token. 我喜欢内置create_auth_token
功能,可为您节省一些时间和更换session_id
你的情况,然后你可以使用get_by_auth_token
或validate_token
获得相应的用户或者干脆验证令牌和delete_auth_token
无效令牌。
If you are not using Users API / webapp2 it's still better if you don't use random or sequential numbers for tokens, instead something like token = HMAC('A_VERY_LONG_AND_SECRET_KEY', user_id + todays_date)
, which is unique, valid for 24 hours (from midnight, NOT since creation time) and is secret as long as the key is secret is a much better and safer option. 如果您没有使用用户API / webapp2,那么如果您不使用随机数或序号来代替令牌,那么更好的是token = HMAC('A_VERY_LONG_AND_SECRET_KEY', user_id + todays_date)
,这是唯一的,有效期为24小时(从午夜开始,不是自创建时间以来,只要密钥是秘密的,这是一个更好,更安全的选择。
Q2 . Q2 。 Even if your custom domain does not have an SSL certificate, your APPID.appspot.com does (try accessing your project via httpS://
and you'll see). 即使您的自定义域没有SSL证书,您的APPID.appspot.com也会这样做(尝试通过httpS://
访问您的项目,你会看到)。
Cloud Endpoints is ALWAYS serving the APIs via SSL (there's actually no way of changing it). Cloud Endpoints始终通过SSL提供API(实际上无法更改它)。
The warning Google gives you is about a possible situation when a CLIENT does not support SSL connections which won't be happening very often in real world. Google提供给您的警告是关于当客户端不支持SSL连接时可能出现的情况,这种连接在现实世界中不会经常发生。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.