在 Google Cloud 上设置 reCAPTCHA Enterprise

在 Google Cloud 上设置 reCAPTCHA Enterprise

本快速入门指导您在 Google Cloud 上设置 reCAPTCHA Enterprise。如需在 Google Cloud 上设置 reCAPTCHA Enterprise,您需要启用 reCAPTCHA Enterprise API,创建服务账号,并为后端身份验证配置服务账号。本文档同时适用于 PaaS 选项(如 App Engine)和 IaaS 选项(如 Compute Engine 中的虚拟机)。

须知事项

In the Google Cloud console, on the project selector page, select or create a Google Cloud project.

Go to project selector

控制台

  1. 在 Google Cloud 控制台中,转到 reCAPTCHA Enterprise API 页面。

    转到 reCAPTCHA Enterprise API

  2. 验证项目名称是否显示在页面顶部的项目选择器中。

    如果您没有看到项目名称,请点击项目选择器,然后选择您的项目。

  3. 点击启用

gcloud

  1. In the Google Cloud console, activate Cloud Shell.

    Activate Cloud Shell

    At the bottom of the Google Cloud console, a Cloud Shell session starts and displays a command-line prompt. Cloud Shell is a shell environment with the Google Cloud CLI already installed and with values already set for your current project. It can take a few seconds for the session to initialize.

  2. 如需在 gcloud 会话中设置 Google Cloud 项目,请运行 gcloud config set project 命令。将 PROJECT_ID 替换为您的 Google Cloud 项目 ID。 
           gcloud config set project PROJECT_ID
  3. 如需启用 reCAPTCHA Enterprise API,请运行 gcloud services enable 命令:
             gcloud services enable recaptchaenterprise.googleapis.com
  4. 如需验证 reCAPTCHA Enterprise API 是否已启用,请运行 gcloud services list 命令:
             gcloud services list --enabled

    验证 reCAPTCHA Enterprise API 是否在已启用的 API 列表中列出。

配置服务帐号以进行后端身份验证

您在 Google Cloud 环境中为后端身份验证配置服务账号的方式取决于您使用的产品,例如 App Engine、Compute Engine 和 Google Kubernetes Engine (GKE)。

App Engine

对于 App Engine,您可以使用 reCAPTCHA Enterprise 客户端库对服务账号进行身份验证。

  1. Provide authentication credentials to your application code by setting the environment variable GOOGLE_APPLICATION_CREDENTIALS. This variable applies only to your current shell session. If you want the variable to apply to future shell sessions, set the variable in your shell startup file, for example in the ~/.bashrc or ~/.profile file.

    Linux 或 macOS

    export GOOGLE_APPLICATION_CREDENTIALS="KEY_PATH"

    Replace KEY_PATH with the path of the JSON file that contains your credentials.

    For example:

    export GOOGLE_APPLICATION_CREDENTIALS="/home/user/Downloads/service-account-file.json"

    Windows

    For PowerShell:

    $env:GOOGLE_APPLICATION_CREDENTIALS="KEY_PATH"

    Replace KEY_PATH with the path of the JSON file that contains your credentials.

    For example:

    $env:GOOGLE_APPLICATION_CREDENTIALS="C:\Users\username\Downloads\service-account-file.json"

    For command prompt:

    set GOOGLE_APPLICATION_CREDENTIALS=KEY_PATH

    Replace KEY_PATH with the path of the JSON file that contains your credentials.

  2. 安装客户端库。

    C#

    如需了解详情,请参阅设置 C# 开发环境
    Install-Package Google.Cloud.RecaptchaEnterprise.V1

    Go

    如需了解详情,请参阅设置 Go 开发环境
    go get cloud.google.com/go/recaptchaenterprise/apiv1

    Java

    如需了解详情,请参阅设置 Java 开发环境

    If you are using Maven, add the following to your pom.xml file. For more information about BOMs, see The Google Cloud Platform Libraries BOM.

    <dependencyManagement>
  <dependencies>
    <dependency>
      <groupId>com.google.cloud</groupId>
      <artifactId>libraries-bom</artifactId>
      <version>26.47.0</version>
      <type>pom</type>
      <scope>import</scope>
    </dependency>
  </dependencies>
</dependencyManagement>

<dependencies>
  <dependency>
    <groupId>com.google.cloud</groupId>
    <artifactId>google-cloud-recaptchaenterprise</artifactId>
  </dependency>
</dependencies>

    If you are using Gradle, add the following to your dependencies:

    implementation 'com.google.cloud:google-cloud-recaptchaenterprise:3.48.0'

    If you are using sbt, add the following to your dependencies:

    libraryDependencies += "com.google.cloud" % "google-cloud-recaptchaenterprise" % "3.48.0"

    If you're using Visual Studio Code, IntelliJ, or Eclipse, you can add client libraries to your project using the following IDE plugins:

    The plugins provide additional functionality, such as key management for service accounts. Refer to each plugin's documentation for details.

    Node.js

    如需了解详情,请参阅设置 Node.js 开发环境
    npm install --save @google-cloud/recaptcha-enterprise

    PHP

    如需了解详情,请参阅在 Google Cloud 上使用 PHP。将该库作为依赖项添加到您的 composer.json 文件中:
    composer require google/cloud-recaptcha-enterprise
     或者,您也可以在本地下载软件包。

    Python

    如需了解详情,请参阅设置 Python 开发环境
    pip install --upgrade google-cloud-recaptcha-enterprise

    Ruby

    如需了解详情,请参阅设置 Ruby 开发环境
    gem install google-cloud-recaptcha_enterprise

现在,您创建的服务账号可以用于后端身份验证。创建评估时,您可以使用 reCAPTCHA Enterprise 客户端库对服务账号进行身份验证。

Compute Engine

您可以使用 reCAPTCHA Enterprise 客户端库或 Google Cloud CLI 配置您为后端身份验证创建的新服务帐号。

reCAPTCHA Enterprise 客户端库

  1. Provide authentication credentials to your application code by setting the environment variable GOOGLE_APPLICATION_CREDENTIALS. This variable applies only to your current shell session. If you want the variable to apply to future shell sessions, set the variable in your shell startup file, for example in the ~/.bashrc or ~/.profile file.

    Linux 或 macOS

    export GOOGLE_APPLICATION_CREDENTIALS="KEY_PATH"

    Replace KEY_PATH with the path of the JSON file that contains your credentials.

    For example:

    export GOOGLE_APPLICATION_CREDENTIALS="/home/user/Downloads/service-account-file.json"

    Windows

    For PowerShell:

    $env:GOOGLE_APPLICATION_CREDENTIALS="KEY_PATH"

    Replace KEY_PATH with the path of the JSON file that contains your credentials.

    For example:

    $env:GOOGLE_APPLICATION_CREDENTIALS="C:\Users\username\Downloads\service-account-file.json"

    For command prompt:

    set GOOGLE_APPLICATION_CREDENTIALS=KEY_PATH

    Replace KEY_PATH with the path of the JSON file that contains your credentials.

  2. 安装客户端库。

    C#

    如需了解详情,请参阅设置 C# 开发环境
    Install-Package Google.Cloud.RecaptchaEnterprise.V1

    Go

    如需了解详情,请参阅设置 Go 开发环境
    go get cloud.google.com/go/recaptchaenterprise/apiv1

    Java

    如需了解详情,请参阅设置 Java 开发环境

    If you are using Maven, add the following to your pom.xml file. For more information about BOMs, see The Google Cloud Platform Libraries BOM.

    <dependencyManagement>
  <dependencies>
    <dependency>
      <groupId>com.google.cloud</groupId>
      <artifactId>libraries-bom</artifactId>
      <version>26.47.0</version>
      <type>pom</type>
      <scope>import</scope>
    </dependency>
  </dependencies>
</dependencyManagement>

<dependencies>
  <dependency>
    <groupId>com.google.cloud</groupId>
    <artifactId>google-cloud-recaptchaenterprise</artifactId>
  </dependency>
</dependencies>

    If you are using Gradle, add the following to your dependencies:

    implementation 'com.google.cloud:google-cloud-recaptchaenterprise:3.48.0'

    If you are using sbt, add the following to your dependencies:

    libraryDependencies += "com.google.cloud" % "google-cloud-recaptchaenterprise" % "3.48.0"

    If you're using Visual Studio Code, IntelliJ, or Eclipse, you can add client libraries to your project using the following IDE plugins:

    The plugins provide additional functionality, such as key management for service accounts. Refer to each plugin's documentation for details.

    Node.js

    如需了解详情,请参阅设置 Node.js 开发环境
    npm install --save @google-cloud/recaptcha-enterprise

    PHP

    如需了解详情,请参阅在 Google Cloud 上使用 PHP。将该库作为依赖项添加到您的 composer.json 文件中:
    composer require google/cloud-recaptcha-enterprise
     或者,您也可以在本地下载软件包。

    Python

    如需了解详情,请参阅设置 Python 开发环境
    pip install --upgrade google-cloud-recaptcha-enterprise

    Ruby

    如需了解详情,请参阅设置 Ruby 开发环境
    gem install google-cloud-recaptcha_enterprise

现在,您创建的服务账号可以用于后端身份验证。创建评估时,您可以使用 reCAPTCHA Enterprise 客户端库对服务账号进行身份验证。

gcloud 命令行

  1. Install the Google Cloud CLI, then initialize it by running the following command: 

    gcloud init

  2. Provide authentication credentials to your application code by setting the environment variable GOOGLE_APPLICATION_CREDENTIALS. This variable applies only to your current shell session. If you want the variable to apply to future shell sessions, set the variable in your shell startup file, for example in the ~/.bashrc or ~/.profile file.

    Linux 或 macOS

    export GOOGLE_APPLICATION_CREDENTIALS="KEY_PATH"

    Replace KEY_PATH with the path of the JSON file that contains your credentials.

    For example:

    export GOOGLE_APPLICATION_CREDENTIALS="/home/user/Downloads/service-account-file.json"

    Windows

    For PowerShell:

    $env:GOOGLE_APPLICATION_CREDENTIALS="KEY_PATH"

    Replace KEY_PATH with the path of the JSON file that contains your credentials.

    For example:

    $env:GOOGLE_APPLICATION_CREDENTIALS="C:\Users\username\Downloads\service-account-file.json"

    For command prompt:

    set GOOGLE_APPLICATION_CREDENTIALS=KEY_PATH

    Replace KEY_PATH with the path of the JSON file that contains your credentials.

现在,您创建的服务账号可以用于后端身份验证。创建评估时,您可以使用 gcloud CLI 对服务帐号进行身份验证。

GKE

  1. Workload Identity 与服务账号结合使用,以便从 GKE 内运行的应用访问 Google Cloud 服务。

    如需详细了解如何创建服务账号,请参阅为后端身份验证创建服务账号

  2. 使用 Workload Identity 向 Google Cloud 进行身份验证

后续步骤

  1. 确定要使用的 reCAPTCHA(网站)密钥的类型创建 reCAPTCHA 密钥

  2. 在网页上安装基于得分的网站密钥或复选框网站密钥。

    将 reCAPTCHA Enterprise 与 Android 应用iOS 应用集成。

  3. 创建评估

  4. 解读评估,并根据得分对您的网站采取适当的措施。