admin管理员组

文章数量:1122832

I'm trying to restrict my API_KEY to only my app. In the Edit API key page I set to 'Android apps' and set the package name and Fingerprint. The package name is the same as in my AndroidManifest.xml:

<manifest xmlns:android=";
xmlns:tools=";
package="com.xxxxxx.yyyyyy">

I'm also passing the name in the code:

public YouTube getYouTubeService() throws GeneralSecurityException, IOException {
    return new YouTube.Builder(GoogleNetHttpTransport.newTrustedTransport(), JSON_FACTORY, null)
            .setApplicationName("com.xxxxxx.yyyyyy")
            .build();
}

The fingerprint is the debug one, recovered as the page explains:

keytool -list -v -keystore "%USERPROFILE%\.android\debug.keystore" -alias androiddebugkey -storepass android -keypass android

I also have a method to display the fingerprint just to confirm:

    public String getSHA1Fingerprint() {
    try {
        PackageInfo info = getPackageManager().getPackageInfo(getPackageName(), PackageManager.GET_SIGNATURES);
        for (Signature signature : info.signatures) {
            MessageDigest md = MessageDigest.getInstance("SHA-1");
            md.update(signature.toByteArray());
            byte[] digest = md.digest();

            // Convert to colon-separated hex
            StringBuilder hexString = new StringBuilder();
            for (int i = 0; i < digest.length; i++) {
                if (i > 0) {
                    hexString.append(":");
                }
                String hex = Integer.toHexString(0xFF & digest[i]);
                if (hex.length() == 1) {
                    hexString.append("0"); // Pad with leading zero
                }
                hexString.append(hex);
            }
            return hexString.toString().toUpperCase();
        }
    } catch (Exception e) {
        e.printStackTrace();
    }
    return null;
}

So I'm somewhat confident that the same info that is on the Edit Api key page is in my app. But when I apply the changes to the key, I get a 403 error. When I remove them I can list youtube videos (for example).

The 403 error:

GET ;key=yyyyyyyyyyyyyyyyyyyyyy&part=contentDetails
{
  "code": 403,
  "details": [
    {
      "@type": "type.googleapis/google.rpc.ErrorInfo",
      "reason": "API_KEY_ANDROID_APP_BLOCKED",
      "domain": "googleapis",
      "metadata": {
        "service": "youtube.googleapis",
        "consumer": "projects/1063253415806"
      }
    }
  ],
  "errors": [
    {
      "domain": "global",
      "message": "Requests from this Android client application <empty> are blocked.",
      "reason": "forbidden"
    }
  ],
  "message": "Requests from this Android client application <empty> are blocked.",
  "status": "PERMISSION_DENIED"
}

本文标签: javaRestrict Youtube APIKEY to only my android appStack Overflow

版权声明:本文标题:java - Restrict Youtube API_KEY to only my android app - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1736300448a1930817.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。