我有一个配置了Cloud Endpoints Framework的java 8项目 .
我按照这里的文档:https://cloud.google.com/endpoints/docs/frameworks/java/get-started-frameworks-java
我尝试使用API密钥保护API . 我按照这里的文档:https://cloud.google.com/endpoints/docs/frameworks/java/restricting-api-access-with-api-keys-frameworks
问题是我总是可以访问 endpoints ,无论我是否设置了API密钥 .
这是API:
@Api(
name = "myApi",
title = "My API",
version = "v1",
description = "My API description",
apiKeyRequired = AnnotationBoolean.TRUE
)
public class MyApiEndpoint {
@ApiMethod(httpMethod = GET, path = "list", apiKeyRequired = AnnotationBoolean.TRUE)
public ApiEntityList list() throws Exception {
return new ApiEntityList();
}
}
这是web.xml:
<?xml version="1.0" encoding="utf-8"?>
<web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee
http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd" version="3.1">
<filter>
<filter-name>endpoints-api-controller</filter-name>
<filter-class>com.google.api.control.extensions.appengine.GoogleAppEngineControlFilter</filter-class>
<init-param>
<param-name>endpoints.projectId</param-name>
<param-value>${app.deploy.project}</param-value>
</init-param>
<init-param>
<param-name>endpoints.serviceName</param-name>
<param-value>${app.deploy.project}.appspot.com</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>endpoints-api-controller</filter-name>
<servlet-name>EndpointsServlet</servlet-name>
</filter-mapping>
<filter>
<filter-name>endpoints-api-configuration</filter-name>
<filter-class>com.google.api.control.ServiceManagementConfigFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>endpoints-api-configuration</filter-name>
<servlet-name>EndpointsServlet</servlet-name>
</filter-mapping>
<servlet>
<servlet-name>EndpointsServlet</servlet-name>
<servlet-class>com.google.api.server.spi.EndpointsServlet</servlet-class>
<init-param>
<param-name>services</param-name>
<param-value>com.myproject.MyApiEndpoint</param-value>
</init-param>
</servlet>
<servlet-mapping>
<servlet-name>EndpointsServlet</servlet-name>
<url-pattern>/_ah/api/*</url-pattern>
</servlet-mapping>
appengine-web.xml:
<?xml version="1.0" encoding="utf-8"?>
<appengine-web-app xmlns="http://appengine.google.com/ns/1.0">
<runtime>java8</runtime>
<threadsafe>true</threadsafe>
<service>core</service>
<url-stream-handler>urlfetch</url-stream-handler>
<system-properties>
<property name="java.util.logging.config.file" value="WEB-INF/logging.properties"/>
</system-properties>
<env-variables>
<env-var name="ENDPOINTS_SERVICE_NAME" value="${app.deploy.project}.appspot.com" />
</env-variables>
</appengine-web-app>
我创建了API密钥作为Google Cloud Platform项目中的新凭据,没有任何限制 .
我可以在GCP上部署的openapi.json文件中看到以下行:
"/myApi/v1/list": {
"get": {
"operationId": "MyApiList",
"parameters": [ ],
"responses": {
"200": {
"description": "A successful response",
"schema": {
"$ref": "#/definitions/ApiEntityList"
}
}
},
"security": [
{
"api_key": [ ]
}
]
}
},
"securityDefinitions": {
"api_key": {
"type": "apiKey",
"name": "key",
"in": "query"
}
},
以下所有电话都不会被拒绝,但我希望它们是:
-
https://core-dot-gcp-project.appspot.com/_ah/api/myApi/v1/list
-
https://core-dot-gcp-project.appspot.com/_ah/api/myApi/v1/list?key=FAKE_API_KEY
来自API资源管理器的 -
调用未配置API密钥
看起来 apiKeyRequired 注释参数没有任何效果 .
我在这里想念一下吗?
2 回答
我只是测试它并通过添加除了api注释之外的openapi.json文件中的顶级安全指令使其工作 . 它应该看起来像这样:
之后我在部署中运行agiain
$ gcloud endpoints services deploy target/openapi-docs/openapi.json和$ mvn appengine:deploy您确定已启用API吗?我的意思是当您创建 Cloud endpoints 项目时,它还有效地将这些 endpoints 声明为“私有API” . 然后,您必须启用它才能使API密钥生效
在您的控制台中,输入'APIs & Services'
单击'+ Enable APIs & Services' || _228959_在侧边菜单中
单击侧面菜单中的'Private'以获取私有API
您应该(希望)能够看到您通过Cloud Endpoints创建的'API'
对于一些人来说,它似乎是自动完成的,但似乎有一个公平的数字,它没有 . 老实说我真的很无能为力 .
希望有所帮助!