配置有 API 密钥的 KRL 模块
我正在为 API 编写 KRL 模块。 API 需要访问密钥,并且需要由调用我的模块的规则集提供。我的模块包含模块内测试规则使用的访问密钥。
使用我的模块的规则集提供如下访问密钥:
use module a421x99 alias SuperModule with access_key = "01234567";
1 - 如何编写我的模块,以便访问密钥不会泄漏到生成的 Javascript 中?
2 - 假设调用规则集不提供 access_key。如何保护我放入模块中进行测试的访问密钥?
I'm writing a KRL module for an API. The API requires an access key, and that needs to be provided by the ruleset that calls my module. My module includes my access key that is used by the in-module test rules.
The ruleset that uses my module provides the access key like this:
use module a421x99 alias SuperModule with access_key = "01234567";
1 - How do I write my module so that the access key doesn't leak into the generated Javascript?
2 - Suppose the calling ruleset doesn't provide an access_key. How do I protect my own access key that I put in the module for testing?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
首先,您应该在
meta中使用key块包含 API 密钥,如下所示:这比存储或传递密钥更好在普通字符串中。
第二,您的模块需要在
元中使用configure using行(我假设您已经有一个)。传递空哈希作为默认值将阻止调用该模块的规则集使用模块中的硬编码密钥。最后,在全局块中执行如下操作:
这告诉 KRL 使用调用规则集传入的
s3keys或s3如果您的模块正在被自身使用,则模块自己的meta块中的 code> 键。即使有人使用您的模块,他们也永远不会获得您的keys:s3(),因为您在configure using行中设置了默认值。有了
usekeys后,您就可以pick()取出您需要的部分:Sam 的 Twilio 模块 是一个参考示例的好地方。
First of all, you ought to be including API keys using a
keyblock in themeta, like this:That's better than storing or passing keys in plain strings.
Second, your module needs a
configure usingline in themeta(I'm assuming you already have one). Passing an empty hash as the default value will prevent your hard-coded key in the module from being used by a ruleset calling the module.Finally, in the global block do something like this:
This tells KRL to use either the
s3keysthat was passed in by the calling ruleset or else thes3key from the module's ownmetablock if your module is being used by itself. Even if someone uses your module, they will never get yourkeys:s3()because of the default value you set in theconfigure usingline.Once you have
usekeys, you canpick()out the pieces you need:Sam's Twilio module is a great place to refer for examples.