I need my users to upload files to my Google Cloud Storage without having to authenticate with Google. These are primarily Windows desktop/laptop users running my application. After reading through the different authentication mechanisms, I see that resumable uploads could be the one I'm looking for. The above page has the REST APIs on how to accomplish this. I have couple questions:
Is this the right method for a third party to upload data into my account without logging into any Google account?
Is there a Python or Java sample which contains the resumable upload related code?
Thanks for your help.
You have three major options:
Use a signed URL. Basically, you would provide a server that could dispense "signed URLs" to applications using whatever authentication scheme you like. The application would then contact Google Cloud Storage using its XML API and upload the content using the signed URL. This is the most recommended way. http://developers.google.com/storage/docs/accesscontrol#Signed-URLs
Initiate a resumable upload on the server, and pass the URL to the application. When a resumable session is started, a URL will be produced that is contacted by the uploader to upload the actual data. That URL contains an upload_id parameter that works as its own authentication for that one upload, and so that URL is all that is needed by the client (note: this is why it is important to keep that upload URL secure). https://developers.google.com/storage/docs/json_api/v1/how-tos/upload#resumable
Create a bucket with permissions set such that anonymous users can write arbitrary objects into it. This is a bad idea. Write permission on a bucket means that anonymous users could delete any file in that bucket, upload objects of any size (you'd be responsible for the resulting storage charges), set the ACL on the objects that they upload (for example, they could use your bucket as a place to dump movies and share the URL with their friends). Don't go with this method.