如何验证来自appEngine灵活的可恢复上传,类似于golang中的SignedURL
how to authenticate resumable uploads from appEngine flexible,similar as SignedURL in golang
我得到了这个代码来获得一个 signedURL:
import (
"net/http"
"time"
"cloud.google.com/go/storage"
"google.golang.org/appengine"
)
//Don´t worry about the errors, I´m handling them
func CreatSignedURL(r *http.Request) (string, error) {
ctx := appengine.NewContext(r)
acc, _ := appengine.ServiceAccount(ctx)
filename := "fileName"
bucket := "bucketName"
expires := time.Now().Add(time.Hour * 2)
url, _ := storage.SignedURL(bucket, filename, &storage.SignedURLOptions{
GoogleAccessID: acc,
SignBytes: func(b []byte) ([]byte, error) {
_, signedBytes, err2 := appengine.SignBytes(ctx, b)
return signedBytes, err2
},
Method: "PUT",
Expires: expires,
})
return url, nil
}
但是,我想像上面的代码一样通过可恢复上传进行身份验证
import (
"fmt"
"net/http"
)
func ResumeUploadURL(nameBucket, nombreObjeto string) string {
url := "https://www.googleapis.com/upload/storage/v1/b/" + nameBucket + "/o?uploadType=resumable&name=" + nombreObjeto
client := &http.Client{}
r, _ := http.NewRequest("POST", url, nil) // URL-encoded payload
r.Header.Add("Authorization", "auth_token=??????????") // What should I use instead?
r.Header.Add("Content-Length", "0")
resp, _ := client.Do(r)
.....
}
但我需要 auth_token,其中 auth_token 我需要像这里描述的那样得到它 https://cloud.google.com/storage/docs/json_api/v1/how-tos/authorizing 但我想避免这种情况,因为这对我来说似乎很愚蠢如果我可以使用 signedURL 轻松进行身份验证并且无法通过简历上传进行身份验证,则以这种方式进行身份验证
好吧,我想避免使用 auth2,因为没有很好的文档,在阅读了大量文档并尝试了许多失败示例之后,我终于开始工作了,这些是制作令牌的步骤json api
简历上传承载
从 console.cloud.google 下载 JSON 凭证。com/apis/credentials
1.1)Select"Creat Credentials"
1.2)Select"Service account key"
1.3)Select 您的账户
1.4) Select JSON->创建
1.4)它会下载一个JSON你需要的信息
创建一个oauth2/jwt tokenSource
进口(
"context"
"net/http"
"golang.org/x/oauth2/jwt"
)
变量配置 = &jwt.Config{
电子邮件:"someEmail@something.com",
PrivateKey: []byte("-----BEGIN PRIVATE KEY-----\nbablablablablablabalabal\nbablablablablablabalabalas=\n-----END PRIVATE KEY-----\n"),
私钥ID:"somethingVeryPrivate",
范围:[]string{"https://www.googleapis.com/auth/devstorage.read_write"}, //you can change/add scopes if you want https://cloud.google.com/storage/docs/json_api/v1/how-tos/authorizing
TokenURL: "https://accounts.google.com/o/oauth2/token",
}
token, err := config.TokenSource(context.Background()).Token()//处理错误
3)现在你有了要使用的id,它在方法token.AccessToken
中
获得url的所有过程,我把它放在这里:https://github.com/johnbalvin/google-cloud-go/blob/master/storage/resumableUpload.go
我得到了这个代码来获得一个 signedURL:
import (
"net/http"
"time"
"cloud.google.com/go/storage"
"google.golang.org/appengine"
)
//Don´t worry about the errors, I´m handling them
func CreatSignedURL(r *http.Request) (string, error) {
ctx := appengine.NewContext(r)
acc, _ := appengine.ServiceAccount(ctx)
filename := "fileName"
bucket := "bucketName"
expires := time.Now().Add(time.Hour * 2)
url, _ := storage.SignedURL(bucket, filename, &storage.SignedURLOptions{
GoogleAccessID: acc,
SignBytes: func(b []byte) ([]byte, error) {
_, signedBytes, err2 := appengine.SignBytes(ctx, b)
return signedBytes, err2
},
Method: "PUT",
Expires: expires,
})
return url, nil
}
但是,我想像上面的代码一样通过可恢复上传进行身份验证
import (
"fmt"
"net/http"
)
func ResumeUploadURL(nameBucket, nombreObjeto string) string {
url := "https://www.googleapis.com/upload/storage/v1/b/" + nameBucket + "/o?uploadType=resumable&name=" + nombreObjeto
client := &http.Client{}
r, _ := http.NewRequest("POST", url, nil) // URL-encoded payload
r.Header.Add("Authorization", "auth_token=??????????") // What should I use instead?
r.Header.Add("Content-Length", "0")
resp, _ := client.Do(r)
.....
}
但我需要 auth_token,其中 auth_token 我需要像这里描述的那样得到它 https://cloud.google.com/storage/docs/json_api/v1/how-tos/authorizing 但我想避免这种情况,因为这对我来说似乎很愚蠢如果我可以使用 signedURL 轻松进行身份验证并且无法通过简历上传进行身份验证,则以这种方式进行身份验证
好吧,我想避免使用 auth2,因为没有很好的文档,在阅读了大量文档并尝试了许多失败示例之后,我终于开始工作了,这些是制作令牌的步骤json api
简历上传承载从 console.cloud.google 下载 JSON 凭证。com/apis/credentials
1.1)Select"Creat Credentials" 1.2)Select"Service account key" 1.3)Select 您的账户 1.4) Select JSON->创建 1.4)它会下载一个JSON你需要的信息
创建一个oauth2/jwt tokenSource
进口( "context" "net/http" "golang.org/x/oauth2/jwt" ) 变量配置 = &jwt.Config{ 电子邮件:"someEmail@something.com", PrivateKey: []byte("-----BEGIN PRIVATE KEY-----\nbablablablablablabalabal\nbablablablablablabalabalas=\n-----END PRIVATE KEY-----\n"), 私钥ID:"somethingVeryPrivate", 范围:[]string{"https://www.googleapis.com/auth/devstorage.read_write"}, //you can change/add scopes if you want https://cloud.google.com/storage/docs/json_api/v1/how-tos/authorizing TokenURL: "https://accounts.google.com/o/oauth2/token", } token, err := config.TokenSource(context.Background()).Token()//处理错误
3)现在你有了要使用的id,它在方法token.AccessToken
中获得url的所有过程,我把它放在这里:https://github.com/johnbalvin/google-cloud-go/blob/master/storage/resumableUpload.go