从 Android 访问云存储
我一直找不到任何关于如何从 Android 应用程序使用 Cloud Storage 的具体文档.
I've been unable to find any concrete documentation on how to use Cloud Storage from an Android application.
我确实从 Google Cloud SDK 中发现了这个客户端库,但是遇到了很多很多问题,还没有让它工作.
I did come across this client library from the Google Cloud SDK, however have run into many, many issues and have yet to get it working.
我按照上面链接中的建议添加了以下代码:
I added the following code as recommended in the above link:
build.gradle:
compile group: 'com.google.cloud', name: 'google-cloud-storage', version: '0.9.3-beta'
然后我添加了一些简单的代码,尽管这与这个问题并不真正相关,因为我还没有能够运行我的应用程序并添加了上述依赖项:
I then added some simple code, though this isn't really relevant to this question as I have yet been able to run my application with the above dependency added:
在活动中:
Storage storage = StorageOptions.getDefaultInstance().getService();
Page<Bucket> buckets = storage.list();
Iterator<Bucket> bucketIterator = buckets.iterateAll();
while (bucketIterator.hasNext()) {
Bucket bucket = bucketIterator.next();
Log.d(TAG, "Bucket name: " + bucket.getName());
}
在解决了无数的依赖问题(与 Joda、Netty、DuplicateFileException
's from gradle 等的冲突)之后,我能够构建项目,尽管出现以下错误:
After solving a myriad of dependency issues (Conflicts with Joda, Netty, DuplicateFileException
's from gradle, etc.) I was able to build the project, albeit with the below errors:
Warning:WARNING: 依赖 org.apache.httpcomponents:httpclient:4.0.1 在调试时被忽略,因为它可能与 Android 提供的内部版本冲突.
Warning:WARNING: 依赖 org.json:json:20151123 被忽略以进行调试,因为它可能与 Android 提供的内部版本冲突.
然后我可以尝试运行,它会失败并出现数百个错误,其中大部分看起来如下所示:
I can then try running, which will fail with a few hundred errors, most of which look something like the following:
Error:warning: Ignoring InnerClasses attribute for an anonymous inner class
Error:(com.google.inject.internal.cglib.reflect.$FastClassEmitter$3) that doesn't come with an
Error:associated EnclosingMethod attribute. This class was probably produced by a
Error:compiler that did not target the modern .class file format. The recommended
Error:solution is to recompile the class from source, using an up-to-date compiler
Error:and without specifying any "-target" type options. The consequence of ignoring
Error:this warning is that reflective operations on this class will incorrectly
Error:indicate that it is *not* an inner class.
经过相当多的这些,具有不同的类名,错误的结尾包含以下内容:
After quite a few of those, with varying classnames, the end of the error contains this:
处理javax/transaction/HeuristicCommitException.class"的问题:
trouble processing "javax/transaction/HeuristicCommitException.class":
在以下情况下对核心类(java.* 或 javax.*)的不明智或错误使用不构建核心库.
Ill-advised or mistaken usage of a core class (java.* or javax.*) when not building a core library.
这通常是由于无意中包含了核心库文件您的应用程序的项目,当使用 IDE(例如 Eclipse)时.如果你确定你不是故意定义一个核心类,那么这个是对正在发生的事情的最可能的解释.
This is often due to inadvertently including a core library file in your application's project, when using an IDE (such as Eclipse). If you are sure you're not intentionally defining a core class, then this is the most likely explanation of what's going on.
但是,您实际上可能正在尝试在核心中定义一个类命名空间,您可能已经获取了它的来源,例如,从非安卓虚拟机项目.这肯定不会工作.至少,它会危害您的应用程序与平台的未来版本.它也经常是有问题的合法性.
However, you might actually be trying to define a class in a core namespace, the source of which you may have taken, for example, from a non-Android virtual machine project. This will most assuredly not work. At a minimum, it jeopardizes the compatibility of your app with future versions of the platform. It is also often of questionable legality.
如果你真的打算建立一个核心库——这只是适合作为创建完整虚拟机分发的一部分,而不是编译应用程序 - 然后使用--core-library"选项来禁止显示此错误消息.
If you really intend to build a core library -- which is only appropriate as part of creating a full virtual machine distribution, as opposed to compiling an application -- then use the "--core-library" option to suppress this error message.
如果您继续使用--core-library",但实际上是在构建一个应用程序,然后预先警告您的应用程序仍然会失败在某个时候构建或运行.请为愤怒的顾客做好准备例如,他们发现您的应用程序停止运行一次他们升级他们的操作系统.你将为此负责问题.
If you go ahead and use "--core-library" but are in fact building an application, then be forewarned that your application will still fail to build or run, at some point. Please be prepared for angry customers who find, for example, that your application ceases to function once they upgrade their operating system. You will be to blame for this problem.
如果您合法地使用某些恰好位于核心中的代码包装,那么您拥有的最简单安全的替代方法是重新包装那个代码.也就是说,将有问题的类移动到您自己的包中命名空间.这意味着它们永远不会与核心冲突系统类.JarJar 是一个可以帮助您完成这项工作的工具.如果你发现你不能做到这一点,那么这表明你你所走的道路最终会导致痛苦、苦难、悲伤,和悲叹.
If you are legitimately using some code that happens to be in a core package, then the easiest safe alternative you have is to repackage that code. That is, move the classes in question into your own package namespace. This means that they will never be in conflict with core system classes. JarJar is a tool that may help you in this endeavor. If you find that you cannot do this, then that is an indication that the path you are on will ultimately lead to pain, suffering, grief, and lamentation.
几个问题:
- 这个客户端库是从我的 Android 应用程序访问我的 Google Cloud Storage 的正确方法吗?
- 我是否有理由不尝试从移动应用程序访问 Cloud Storage?例如,更好的架构是对我的 App Engine 应用程序(使用 Cloud Enpoints)进行 REST API 调用并将媒体对象传递给它,然后让 App Engine 应用程序访问并将媒体存储在 Cloud Storage 中,最后返回结果到移动应用?
- 如果我使用上述客户端库正确访问 Cloud Storage,这些错误是什么意思,以及解决方法是什么?
推荐答案
您不应该从您的安全令牌无法信任的客户端应用程序直接写入 Cloud Storage.听起来您不打算直接以用户身份进行身份验证,而是通常使用您自己的项目进行身份验证.
You shouldn't write directly to Cloud Storage from client applications that can't be trusted with your security tokens. It sounds like you are not planning on authenticating directly as the user, but rather generally with your own project.
如果您不打算执行基于用户的 OAuth2 流程(用户必须已经拥有自己的 Cloud Console 项目并启用了存储),那么您正在寻找通过您自己的后端(例如 App Engine)代理请求.
If you are not planning on doing a user-based OAuth2 flow (user must have their own Cloud Console project already with Storage enabled), then you're looking instead at proxying the requests through your own backend such as App Engine.
这种方法可将您的存储凭据安全地存储在服务器端,而不是客户端应用的 APK 中,后者可能会被拆除、提取,然后恶意行为者可以使用这些凭据以他们选择的任何方式写入您的存储桶.哦,存储桶和存储是一种计费资源,因此暴露这些凭据可能会让您付出代价.
This approach keeps your storage credentials stored safely on the server side rather than in the client app's APK, which could be torn down, extracted, and then malicious actors could use those credentials to write to your buckets in whatever manner they chose. Oh and buckets and storage are a billable resource so exposing those credentials could cost you.
这是许多移动云服务的常见模式,您希望通过自己的后端或 API 路由请求.
This is a common pattern for many cloud services from mobile that you're going to want to instead route requests through your own backend or API.
相关文章