使用 API 密钥访问 Google API。

huangapple go评论104阅读模式
英文:

Access Google API with API Key

问题

我正在创建一个服务器端应用程序,该应用程序能够访问(创建、编辑和删除文件)我 Google Drive 中的特定文件夹。我已经成功使用 OAuth 和服务帐号实现了这一点,但我希望像官方文档中所述那样,不使用 OAuth 或服务帐号来实现。当我尝试使用 API 密钥时,它会出现需要登录的错误。我该如何修复这个问题?

错误信息:
googleapi: Error 401: 需要登录, required

英文:

I'm creating a server side app which is able to access (Create, edit & delete files) specific folder in my google drive. I was able to achieve it with both OAuth and service account but I wanted do it without OAuth or service account like in official docs. When I tried use API Key It gives a login required error. How I fix it?

srv, err := drive.NewService(
	ctx,
	option.WithAPIKey(key),
	option.WithScopes(drive.DriveFileScope),
)

Error:
googleapi: Error 401: Login Required, required

答案1

得分: 1

首先,你需要理解私有数据和公共数据之间的区别。

公共数据是任何人都可以访问的不属于任何人的数据。例如,Google日历上的假期日历。如果用户将公共视频上传到YouTube,你也无需获得访问权限。我们使用公共API密钥来访问公共数据。

私有数据则不同。私有数据是属于用户的数据。为了让你的应用程序能够访问它,你需要获得数据所有者或有权访问数据的人的同意。用户在Google Drive上的文件和他们的Google Drive帐户属于私有用户数据。你需要获得访问权限,因为它们是私有用户数据。

你收到以下错误消息是因为:

googleapi: Error 401: 需要登录

如果你查看Files.create,你会注意到它告诉你需要获得访问权限。

要回答你的问题,你不能使用公共API密钥来访问用户的私有Google Drive帐户。你可以使用API密钥读取用户设置为公开的文件。然而,要在用户的私有Google Drive帐户上读取、写入和创建文件,你将无法创建和编辑文件。为此,你需要用户的许可。

OAuth2

如果你想访问用户的帐户,那么你需要切换到OAuth2,并请求他们的同意来访问他们的Drive帐户。一旦你获得了刷新令牌,你就可以从你的服务器系统访问他们的帐户。

服务帐户

如果你要访问你作为开发者控制的帐户,如果你不打算访问用户的帐户,那么你应该考虑使用服务帐户。如果有任何问题,请查看并提出新的问题。

安全性

授权不是为了给你添麻烦,而是为了确保你的数据和用户的数据安全。不要试图绕过安全性。要学会与之一起工作。

>就像在官方文档中一样。

官方文档中没有说明你可以使用公共API密钥访问私有用户数据。Go(不会/不能)改变Google对我们访问其系统所施加的底层安全性。也就是说,你需要用户同意才能访问私有用户数据。

英文:

The first thing you need to understand is the difference between private and public data.

Public data is data that is not owned by anyone that anyone can access. Holiday calendars on Google calendar. If a user uploads a public Videos to YouTube you also don't need permission to access. We use a Public API key to access public data.

Private data is something else. Private data is data that is owned by a user. For your application to be able to access it you need the consent of the owner of the data or someone who has access to it. A users files on Google drive and their google drive account are private user data. You do need permission to access because they are private user data.

You are getting the following error message because

googleapi: Error 401: Login Required, required

If you check Files.create you will notice that it tells you that you need permission to access it.

使用 API 密钥访问 Google API。

To answer your question you can not use a public api key to access a users private google drive account. You could read a file that they had set to public using an api key. However to read, write and create files on a users private google drive account. You are not going to be able to create and edit files. For that you would need the users permission.

Oauth2

If you are trying to access the accounts of your users then you need to switch to Oauth2 and request their consent to access their drive account. Once you have a refresh token you will be able to access their account from your server system.

service account

If you are accessing an account that you the developer control. If you are not going to be accessing the accounts of your users then what you should be doing is looking into using a service account. Have a look and open a new question if you have any issues.

security

Authorization is not there to bother you. It is there to ensure that your data and the data of your users is secure. Don't try to find ways to circumnavigate security. Learn to work with it.

>like in official docs.

There is nothing in the official docs that stats that you can access private user data with a public api key. Go (isn't going to / cant) change the underling security imposed upon us by Google to access their systems. That being you need user consent to access private user data.

huangapple
  • 本文由 发表于 2022年3月22日 16:17:08
  • 转载请务必保留本文链接:https://go.coder-hub.com/71568800.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定