安卓系统中LinkedIn的OAuth2.0授权
安卓系统中LinkedIn的OAuth2.0授权
提问于 2014-02-27 07:43:58
尽管linkedIn (比如facebook和twitter )没有这样的安卓专用sdk,但使用OAuth1.0的.Setting up linkedIn授权仍然很容易使用:
但与Oauth2.0的授权情况不同。没有太多有用的库或特定于android的例子。我试过用这些:
我读过OAuth2.0比1.0更简单的实现。但我还是不能这样做。
在Android中为LinkedIn实现Oauth2.0有什么指示吗?
回答 4
Stack Overflow用户
回答已采纳
发布于 2014-03-06 08:51:10
LinkedIN的Oauth2.0身份验证。
步骤1:
- 通过跟踪linkedIn注册应用程序,并获取api_key和api_secret。
第2步:
MainActivity:
public class MainActivity extends Activity {
/*CONSTANT FOR THE AUTHORIZATION PROCESS*/
/****FILL THIS WITH YOUR INFORMATION*********/
//This is the public api key of our application
private static final String API_KEY = "YOUR_API_KEY";
//This is the private api key of our application
private static final String SECRET_KEY = "YOUR_API_SECRET";
//This is any string we want to use. This will be used for avoiding CSRF attacks. You can generate one here: http://strongpasswordgenerator.com/
private static final String STATE = "E3ZYKC1T6H2yP4z";
//This is the url that LinkedIn Auth process will redirect to. We can put whatever we want that starts with http:// or https:// .
//We use a made up url that we will intercept when redirecting. Avoid Uppercases.
private static final String REDIRECT_URI = "http://com.amalbit.redirecturl";
/*********************************************/
//These are constants used for build the urls
private static final String AUTHORIZATION_URL = "https://www.linkedin.com/uas/oauth2/authorization";
private static final String ACCESS_TOKEN_URL = "https://www.linkedin.com/uas/oauth2/accessToken";
private static final String SECRET_KEY_PARAM = "client_secret";
private static final String RESPONSE_TYPE_PARAM = "response_type";
private static final String GRANT_TYPE_PARAM = "grant_type";
private static final String GRANT_TYPE = "authorization_code";
private static final String RESPONSE_TYPE_VALUE ="code";
private static final String CLIENT_ID_PARAM = "client_id";
private static final String STATE_PARAM = "state";
private static final String REDIRECT_URI_PARAM = "redirect_uri";
/*---------------------------------------*/
private static final String QUESTION_MARK = "?";
private static final String AMPERSAND = "&";
private static final String EQUALS = "=";
private WebView webView;
private ProgressDialog pd;
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_main);
//get the webView from the layout
webView = (WebView) findViewById(R.id.main_activity_web_view);
//Request focus for the webview
webView.requestFocus(View.FOCUS_DOWN);
//Show a progress dialog to the user
pd = ProgressDialog.show(this, "", this.getString(R.string.loading),true);
//Set a custom web view client
webView.setWebViewClient(new WebViewClient(){
@Override
public void onPageFinished(WebView view, String url) {
//This method will be executed each time a page finished loading.
//The only we do is dismiss the progressDialog, in case we are showing any.
if(pd!=null && pd.isShowing()){
pd.dismiss();
}
}
@Override
public boolean shouldOverrideUrlLoading(WebView view, String authorizationUrl) {
//This method will be called when the Auth proccess redirect to our RedirectUri.
//We will check the url looking for our RedirectUri.
if(authorizationUrl.startsWith(REDIRECT_URI)){
Log.i("Authorize", "");
Uri uri = Uri.parse(authorizationUrl);
//We take from the url the authorizationToken and the state token. We have to check that the state token returned by the Service is the same we sent.
//If not, that means the request may be a result of CSRF and must be rejected.
String stateToken = uri.getQueryParameter(STATE_PARAM);
if(stateToken==null || !stateToken.equals(STATE)){
Log.e("Authorize", "State token doesn't match");
return true;
}
//If the user doesn't allow authorization to our application, the authorizationToken Will be null.
String authorizationToken = uri.getQueryParameter(RESPONSE_TYPE_VALUE);
if(authorizationToken==null){
Log.i("Authorize", "The user doesn't allow authorization.");
return true;
}
Log.i("Authorize", "Auth token received: "+authorizationToken);
//Generate URL for requesting Access Token
String accessTokenUrl = getAccessTokenUrl(authorizationToken);
//We make the request in a AsyncTask
new PostRequestAsyncTask().execute(accessTokenUrl);
}else{
//Default behaviour
Log.i("Authorize","Redirecting to: "+authorizationUrl);
webView.loadUrl(authorizationUrl);
}
return true;
}
});
//Get the authorization Url
String authUrl = getAuthorizationUrl();
Log.i("Authorize","Loading Auth Url: "+authUrl);
//Load the authorization URL into the webView
webView.loadUrl(authUrl);
}
/**
* Method that generates the url for get the access token from the Service
* @return Url
*/
private static String getAccessTokenUrl(String authorizationToken){
return ACCESS_TOKEN_URL
+QUESTION_MARK
+GRANT_TYPE_PARAM+EQUALS+GRANT_TYPE
+AMPERSAND
+RESPONSE_TYPE_VALUE+EQUALS+authorizationToken
+AMPERSAND
+CLIENT_ID_PARAM+EQUALS+API_KEY
+AMPERSAND
+REDIRECT_URI_PARAM+EQUALS+REDIRECT_URI
+AMPERSAND
+SECRET_KEY_PARAM+EQUALS+SECRET_KEY;
}
/**
* Method that generates the url for get the authorization token from the Service
* @return Url
*/
private static String getAuthorizationUrl(){
return AUTHORIZATION_URL
+QUESTION_MARK+RESPONSE_TYPE_PARAM+EQUALS+RESPONSE_TYPE_VALUE
+AMPERSAND+CLIENT_ID_PARAM+EQUALS+API_KEY
+AMPERSAND+STATE_PARAM+EQUALS+STATE
+AMPERSAND+REDIRECT_URI_PARAM+EQUALS+REDIRECT_URI;
}
@Override
public boolean onCreateOptionsMenu(Menu menu) {
// Inflate the menu; this adds items to the action bar if it is present.
getMenuInflater().inflate(R.menu.main, menu);
return true;
}
private class PostRequestAsyncTask extends AsyncTask<String, Void, Boolean>{
@Override
protected void onPreExecute(){
pd = ProgressDialog.show(MainActivity.this, "", MainActivity.this.getString(R.string.loading),true);
}
@Override
protected Boolean doInBackground(String... urls) {
if(urls.length>0){
String url = urls[0];
HttpClient httpClient = new DefaultHttpClient();
HttpPost httpost = new HttpPost(url);
try{
HttpResponse response = httpClient.execute(httpost);
if(response!=null){
//If status is OK 200
if(response.getStatusLine().getStatusCode()==200){
String result = EntityUtils.toString(response.getEntity());
//Convert the string result to a JSON Object
JSONObject resultJson = new JSONObject(result);
//Extract data from JSON Response
int expiresIn = resultJson.has("expires_in") ? resultJson.getInt("expires_in") : 0;
String accessToken = resultJson.has("access_token") ? resultJson.getString("access_token") : null;
Log.e("Tokenm", ""+accessToken);
if(expiresIn>0 && accessToken!=null){
Log.i("Authorize", "This is the access Token: "+accessToken+". It will expires in "+expiresIn+" secs");
//Calculate date of expiration
Calendar calendar = Calendar.getInstance();
calendar.add(Calendar.SECOND, expiresIn);
long expireDate = calendar.getTimeInMillis();
////Store both expires in and access token in shared preferences
SharedPreferences preferences = MainActivity.this.getSharedPreferences("user_info", 0);
SharedPreferences.Editor editor = preferences.edit();
editor.putLong("expires", expireDate);
editor.putString("accessToken", accessToken);
editor.commit();
return true;
}
}
}
}catch(IOException e){
Log.e("Authorize","Error Http response "+e.getLocalizedMessage());
}
catch (ParseException e) {
Log.e("Authorize","Error Parsing Http response "+e.getLocalizedMessage());
} catch (JSONException e) {
Log.e("Authorize","Error Parsing Http response "+e.getLocalizedMessage());
}
}
return false;
}
@Override
protected void onPostExecute(Boolean status){
if(pd!=null && pd.isShowing()){
pd.dismiss();
}
if(status){
//If everything went Ok, change to another activity.
Intent startProfileActivity = new Intent(MainActivity.this, ProfileActivity.class);
MainActivity.this.startActivity(startProfileActivity);
}
}
};
}与xmlLayout:
<LinearLayout xmlns:android="http://schemas.android.com/apk/res/android"
xmlns:tools="http://schemas.android.com/tools"
android:layout_width="match_parent"
android:layout_height="match_parent"
android:paddingBottom="@dimen/activity_vertical_margin"
android:paddingLeft="@dimen/activity_horizontal_margin"
android:paddingRight="@dimen/activity_horizontal_margin"
android:paddingTop="@dimen/activity_vertical_margin"
tools:context=".MainActivity" >
<WebView
android:id="@+id/main_activity_web_view"
android:layout_width="match_parent"
android:layout_height="match_parent" />
</LinearLayout>令牌保存在shared首选项文件中。
简单的安卓项目回购在github。
Stack Overflow用户
发布于 2014-03-03 01:06:23
我让它起作用了但它让我..。总有一天。
我跟踪LinkedIn认证来解决这个问题。
我仍然强烈建议继续阅读这个链接,因为我没有涵盖示例中的所有情况(错误、错误处理、最佳操作、参数使用、精确文档.)。
- 首先,您需要有您的LinkedIn API密钥和秘密密钥。如果没有,请在这里。上注册一个应用程序
- 其次,您需要应用程序中可以接收授权代码的活动。为此,需要在AndroidManifest.xml文件中将其设置为可浏览(从浏览器启动): 虽然不建议使用数据标记,但可以使用自定义方案检索URI:
- 之后,您需要使用特定的URL将用户重定向到LinkedIn的授权对话框:
type=code &client_id=YOUR_API_KEY &scope=SCOPE &state=STATE &redirect_uri=YOUR_REDIRECT_URI
您可以使用WebView在应用程序中直接显示它,或者让系统通过如下目的来处理它:
意图=新意图(Intent.ACTION_VIEW,Uri.parse(/*完整URL */));startActivity(意图);
这里唯一的问题是API不接受除http或https之外的其他方案,这意味着您不能仅仅将意图URI作为redirect_uri参数传递。
所以我在服务器上创建了一个登陆页面,唯一的目的是重定向到应用程序。我们可以想象(在丑陋的缩短PHP中) (意向参考):
标题(“位置:”)"intent:#Intent;component=your.package/.ResultActivity;S.code=“。得到“代码”。";S.state=“。得到“州”。“;结束”);
一切都准备好了!现在是
onCreate(Bundle)of ResultActivity: 意图= getIntent();字符串authorizationCode =intent.getStringExtra(“代码”); 如果前面使用了数据标记,这里还有另一种传递参数的方法。 - 就快到了!现在只需要对该URL执行一个简单的POST请求:
代码 &code=AUTHORIZATION_CODE &redirect_uri=YOUR_REDIRECT_URI &client_id=YOUR_API_KEY &client_secret=YOUR_SECRET_KEY
在成功时返回JSON对象:
{"expires_in":5184000,"access_token":"AQXdSP_W41_UPs5ioT_t8HESyODB4FqbkJ8LrV_5mff4gPODzOYR"}
等等!现在可以使用access_token进行API调用。别忘了在某个地方存起来,这样你就不会再经历这些步骤了。
我希望这不是太长的阅读时间,并希望它可以帮助一些人。:)
Stack Overflow用户
发布于 2014-03-04 14:44:46
OAuth 2.0比1.0简单得多,无需外部库的任何帮助即可完成。但是,如果您已经在使用,这将更加容易。
它的实现是直接的.您需要创建一个具有自定义WebView的WebViewClient,该WebViewClient捕获并重写回调URL的加载行为。因此,当WebView试图加载该URL时,您可以拦截该进程并提取一个验证器。验证器可以传递给抄写器-java以交换访问令牌。
要启动整个过程,只需告诉WebView加载授权URL即可。
我有托管这里的示例代码。该应用程序使用缓冲区的API进行身份验证,但大部分代码可以重用。您可能对片段感兴趣,它承载了我的自定义WebView和获取访问令牌的后台工作。
随时可以问我任何后续问题。
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/22062145
复制相关文章
相似问题
腾讯云开发者
