Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to allow anonymous uploads to cloud storage

Tags:

java

python

google-app-engine

google-cloud-storage

I need my users to upload files to my Google Cloud Storage without having to authenticate with Google. These are primarily Windows desktop/laptop users running my application. After reading through the different authentication mechanisms, I see that resumable uploads could be the one I'm looking for. The above page has the REST APIs on how to accomplish this. I have couple questions:

  1. Is this the right method for a third party to upload data into my account without logging into any Google account?

  2. Is there a Python or Java sample which contains the resumable upload related code?

Thanks for your help.

like image 929
user3787910 Avatar asked Aug 06 '14 10:08

user3787910

1 Answers

You have three major options:

  1. Use a signed URL. Basically, you would provide a server that could dispense "signed URLs" to applications using whatever authentication scheme you like. The application would then contact Google Cloud Storage using its XML API and upload the content using the signed URL. This is the most recommended way. http://developers.google.com/storage/docs/accesscontrol#Signed-URLs

  2. Initiate a resumable upload on the server, and pass the URL to the application. When a resumable session is started, a URL will be produced that is contacted by the uploader to upload the actual data. That URL contains an upload_id parameter that works as its own authentication for that one upload, and so that URL is all that is needed by the client (note: this is why it is important to keep that upload URL secure). https://developers.google.com/storage/docs/json_api/v1/how-tos/upload#resumable

  3. Create a bucket with permissions set such that anonymous users can write arbitrary objects into it. This is a bad idea. Write permission on a bucket means that anonymous users could delete any file in that bucket, upload objects of any size (you'd be responsible for the resulting storage charges), set the ACL on the objects that they upload (for example, they could use your bucket as a place to dump movies and share the URL with their friends). Don't go with this method.

like image 125
Brandon Yarbrough Avatar answered Sep 30 '22 07:09

Brandon Yarbrough
Sign in to Comment

Related questions

Different rounding with println and printf
Configure Windows to use 32-bit JRE instead of 64-bit JRE
Slick 2.0.0-M3 table definition - clarification on the tag attribute
jOOQ not generating DAOs with <daos> flag set to true
Intercept JAX-RS Request: Register a ContainerRequestFilter with tomcat
How to set a frequency for the fm radio in android?
Java 8: Duplicate method name&signature lambda
How to make a runnable jar for an application that uses JavaFX without native installers
Why Java StringReader throws IOException?
Java - Sort Strings like Windows Explorer
Handle Exception with Mockito
Which hashing algorithms are available in Android?
When to use java.util.concurrent.Semaphore's acquire() and acquireUninterruptibly() method?
HttpClient: What is the difference between ServiceUnavailableRetryStrategy and HttpRequestRetryHandler?
Jersey and Java 8 (Lambda expression)
How do you get the mantissa of a float in java?
Spring Unit test JPA repository
Gson deserialize into map
Compiler options missing in Android Studio >= 0.8.2
How to disable http port in play framework?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!