仅限我的Android应用程序限制对Google Web Services API的访问
[英]Restricting access to Google Web Services API for my Android application only
问题描述
This is a follow-up for another question on StackOverflow . 
这是有关StackOverflow的另一个问题的后续文章。
Is there any way to restrict access to Google Web Services API (in my case Places API Web Service ) for my Android application only? 有什么方法只能限制我的Android应用程序对Google Web Services API(在我的情况下为Places API Web Service )的访问吗? I want to get the "address_components" field from place details and I cannot use Android API function because that field is absent in the returned object . 我想从地方详细信息中获取“ address_components”字段,并且我无法使用Android API函数,因为返回的对象中不存在该字段。
I've selected Android app key restriction and entered my app details (package name + SHA-1 certificate fingerprint) in Google Developer Console. 我选择了Android应用程序密钥限制,并在Google Developer Console中输入了我的应用程序详细信息(程序包名称+ SHA-1证书指纹)。 I'm receiving "There is a per-IP or per-Referer restriction configured on your API key ..." error message, that is expected. 我收到“您的API密钥上配置了每个IP或每个引用的限制...”错误消息,这是预期的。
I've tried to fill "X-Android-Package" and "X-Android-Cert" headers, but noting changed. 我尝试填充“ X-Android-Package”和“ X-Android-Cert”标头,但注意已更改。 Is there any way? 有什么办法吗?
1 个解决方案
解决方案1
0 2017-04-27 08:19:31
The Android application restriction only works if you're using the key with the Android API, alas (the docs could be more clear about this). 仅当您将密钥与Android API配合使用时,Android应用程序限制才有效(a,文档对此可能会更加清楚 )。
If you're planning to call the web service from your mobile app, then the preferred approach is to proxy mobile calls through a service so that the API key isn't embedded in the mobile app. 如果您打算从移动应用程序调用Web服务,则首选方法是通过服务代理移动电话,以便API密钥不嵌入在移动应用程序中。 There's more on this approach in this blog post , which links to this video . 在此博客文章中 ,有关此方法的更多信息 ,该文章链接至此视频 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.