Google Cloud Functions and API key not working

[Juan Pablo Sánchez]

HI, 

I had past my last 8 hours, checking why api key restringion is not working at all.  I will try to describe 

Google Cloud function with a X per second proxy service with   node-fetch . ( below the code)

API credential, One API KEY configure it with API restricted configured.

I had wait for more 1 hour in order to test it and don´t know why the restriction isn´t working. I had remove the API key from the Function endpoint and is working as there is no restriction. All traffic is accepted.

( yes and i still have the restriction configuration ) more info: In API key i had select to use this API key to Google Cloud Functions also.

So any help will be great! . Thanks a lot in advance

const fetch = require('node-fetch')

let lastRequestTimestamp = 0

// Proxy Service Function (main)

exports.proxyService = async (request, response) => {

  // block non POST requests

  if (request.method !== 'POST') {

    return respondWithForbidden(response)

  }

  // restrict requests when throttling directive is not meet

  if (hasExceededThrottling()) {

    return respondWithTooManyRequests(response)

  }

  // save current timestamp (value used by throttling mechanism)

  lastRequestTimestamp = Date.now()

  // deliver payload to target host

  let targetResponse

  try {

    targetResponse = await fetch(process.env.TARGET_HOST, {

      port: process.env.TARGET_HOST_PORT,

      method: 'POST',

      headers: { 'Content-Type': 'application/json' },

      body: JSON.stringify(request.body)

    })

  } catch (error) {

    // catch unexpected errors : connection aborted errors, invalid payloads ...

    return respondWithTooManyRequests(response)

  }

  // If error ocurred while delivering request to target host, return fail code

  if (targetResponse.status !== 200) {

    return respondWithTooManyRequests(response)

  }

  // payload delivered to target host! Close source connection with OK status

  return respondWithOk(response)

}

/******************************************************************************

 *

 * HELPER FUNCTIONS

 *

 *****************************************************************************/

// End connection with a 200 status

function respondWithOk(response) {

  response.status(200).send({ data: 'Enviado!' })

  //response.writeHead(200)

  //response.end()

}

// End connection with a Forbidden status

function respondWithForbidden(response) {

  response.writeHead(403)

  response.end()

}

// End connection with a Too many requests status

function respondWithTooManyRequests(response) {

  response.writeHead(429, {'Retry-After': 2})

  response.end()

}

// Check is throttling directive is meet

function hasExceededThrottling() {

  const throttlingInMillis = 1000 / 10 // process.env.REQUESTS_PER_SECONDS

  const timeSinceLastRequestInMillis = Date.now() - lastRequestTimestamp

  return timeSinceLastRequestInMillis < throttlingInMillis ? true : false

}

[qiwz...@google.com]

Hi,  what component are you using to enforce api-key restriction features?  How did you config and deploy it?  

[Juan Pablo Sánchez]

Hi Wayne! 

API KEY AND SERVICES, 

Resctriction to Google Cloud Functions. 

Deploy it with API KEY and Services ( please see screen shot)

thanks for take a look!

JP

[Wayne Zhang]

Per my understanding, you need to setup a Cloud endpoint proxy (ESP) to enforce the api-key restriction.  And your client request needs to carry the api-key in the HTTP request.

There is a good article about how this works.

Here is the cloud endpoint documentation on how to use api-key

--
You received this message because you are subscribed to a topic in the Google Groups "Google Cloud Endpoints" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/google-cloud-endpoints/M5QDd5wNKxk/unsubscribe.
To unsubscribe from this group and all its topics, send an email to google-cloud-endp...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/google-cloud-endpoints/d6e3b633-1cc3-41ea-898a-6c0f2e9bb3b5%40googlegroups.com.