如何对具有共享链接的用户隐藏Google合作实验室中的秘密密钥?
我编写了一个脚本,该脚本从API提取一些数据并构建一个Excel文件.我不是开发人员,这是我编写的第一个真实程序.我将代码托管在Google Colab上.
I written a script that extract some data from an API and build an Excel file. I'm not a dev, it is my first real program ever writted. I hosted the code on Google Colab.
有明确的API密钥.我想通过Google云端硬盘共享链接共享该链接,以链接到需要生成Excel文件的人们,以便他们可以执行该文件.但是,我希望不要明确包含API秘密密钥,以免在企业外部意外共享.
There is API secret keys in clear. I want to share it with a Google Drive sharing link to people needing to generate the Excel file so that they can execute it. However I would prefer not to include API secret keys in clear in order to avoid accidental sharings outside of the entreprise.
我想知道如何隐藏它...或如何为用户提供另一种在不知道密码的情况下执行文件的方法.我无法访问企业内部的共享Web服务器.
I'm wondering how to hide this... Or how to provide users an alternative methode to execute the file without knowing the passwords. I don't have access to a shared webserver internally to the entreprise.
致谢
CLIENT_KEY = u'*****'
CLIENT_SECRET = u'*****'
BASE_URL = u'*****'
access_token_key = '*****'
access_token_secret = '*****'
print ('Getting user profile...',)
oauth = OAuth(CLIENT_KEY, client_secret=CLIENT_SECRET, resource_owner_key=access_token_key,
resource_owner_secret=access_token_secret)
r = requests.get(url=BASE_URL + '1/user/me/profile', auth=oauth)
print (json.dumps(r.json(), sort_keys=True, indent=4, separators=(',', ': ')))
...
要扩展@Korakot Chaovavanich的答案,请按以下步骤逐步解决该问题:
To expand on @Korakot Chaovavanich's answer, here is the step by step of that solution:
- 创建一个文件,并用键将其保存到Google驱动器.它应该看起来像这样:
[default]
aws_access_key_id=AKIAIOSFODNN7EXAMPLE
aws_secret_access_key=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
- 安装pydrive
!pip install -U -q PyDrive
- 对Google云端硬盘进行身份验证,然后下载&解析证书文件
(Some of this code comes from @wenkesj's answer on this question.)
# Imports
import os
from pydrive.auth import GoogleAuth
from pydrive.drive import GoogleDrive
from google.colab import auth
from oauth2client.client import GoogleCredentials
# Google drive authentication
auth.authenticate_user()
gauth = GoogleAuth()
gauth.credentials = GoogleCredentials.get_application_default()
drive = GoogleDrive(gauth)
# File params
local_save_dir = "/root/.aws"
filename = "credentials"
save_path = "{0}/{1}".format(local_save_dir, filename)
# Choose/create a local (colab) directory to store the data.
local_download_path = os.path.expanduser(local_save_dir)
try:
os.makedirs(local_download_path)
except: pass
drive_list = drive.ListFile().GetList()
f = [x for x in drive_list if x["title"] == filename][0]
print('title: %s, id: %s' % (f['title'], f['id']))
fname = os.path.join(local_download_path, f['title'])
print('downloading to {}'.format(fname))
f_ = drive.CreateFile({'id': f['id']})
f_.GetContentFile(fname)
with open(save_path) as creds:
for i, line in enumerate(creds):
if i == 1:
access_token_key = line.replace("aws_access_key_id=", "").replace("\n", "")
if i == 2:
access_token_secret = line.replace("aws_secret_access_key=", "").replace("\n", "")
现在,您的AWS密钥位于两个变量access_token_key&中. access_token_secret.
Now your AWS keys are in the two variables access_token_key & access_token_secret.