google的要调用blogspot接口,需要先oauth2.0登陆,折腾半天连蒙带猜,终于蒙对了开头
这个是在线测试OAuth2.0的接口的developers.google.com/oauthplayground/
这个是OAuth2.0的文档开头developers.google.com/identity/protocols/OAuth2
看这意思,OAuth2.0用的是OpenID技术developers.google.com/identity/protocols /OpenIDConnect
左面的列表,一个一个挨着看,都是字母,看的眼都要花了。。。。。
这一串url的参数
| Parameter | Required | Description |
|---|---|---|
client_id | (Required) | The client ID string that you obtain from the API Console, as described in Obtain OAuth 2.0 credentials. |
response_type | (Required) | If the value is code, launches a Basic flow, requiring a POST to the token endpoint to obtain the tokens. If the value is token id_token or id_token token, launches an Implicit flow, requiring the use of Javascript at the redirect URI to retrieve tokens from the URI #fragment. |
scope | (Required) |
The scope value must begin with the string
openid and then include profile oremail or both.
If
profile is present, the ID token might (but is not guaranteed to) include aprofile claim.
If
email is present, the ID token includes email and email_verified claims.
In addition to these OpenID-specific scopes, your scope argument can also include other scope strings. All scope strings must be space-separated. For example, if you wanted per-file access to a user's Google Drive, your scope might be
openid profile email https://www.googleapis.com/auth/drive.file.
For information about available login scopes, see Login scopes. To see the available scopes for all Google APIs, visit the APIs Explorer.
|
redirect_uri | (Required) | Determines where the response is sent. The value of this parameter must exactly match one of the values that you set in the Google API Console (including the HTTP or HTTPS scheme, case, and trailing '/', if any). |
state | (Optional, but strongly recommended) |
An opaque string that is round-tripped in the protocol; that is to say, it is returned as a URI parameter in the Basic flow, and in the URI
#fragment in the Implicit flow.
The
state can be useful for correlating requests and responses. Because yourredirect_uri can be guessed, using a state value can increase your assurance that an incoming connection is the result of an authentication request. If yougenerate a random string or encode the hash of some client state (e.g., a cookie) in this state variable, you can validate the response to additionally ensure that the request and response originated in the same browser. This provides protection against attacks such as cross-site request forgery. |
prompt | (Optional) | A space-delimited list of string values that specifies whether the authorization server prompts the user for reauthentication and consent. The possible values are:
|
display | (Optional) | An ASCII string value for specifying how the authorization server displays the authentication and consent user interface pages. The following values are specified, and accepted by the Google servers, but do not have any effect on its behavior:page, popup, touch, and wap. |
login_hint | (Optional) | When your app knows which user it is trying to authenticate, it can provide this parameter as a hint to the authentication server. Passing this hint suppresses the account chooser and either pre-fill the email box on the sign-in form, or select the proper session (if the user is using multiple sign-in), which can help you avoid problems that occur if your app logs in the wrong user account. The value can be either an email address or the sub string, which is equivalent to the user's Google ID. |
access_type | (Optional) | The allowed values are offline and online. The effect is documented in Offline Access; if an access token is being requested, the client does not receive a refresh token unless offline is specified. |
include_granted_scopes | true or false | If this is provided with the value true, and the authorization request is granted, the authorization will include any previous authorizations granted to this user/application combination for other scopes; see Incremental Authorization.
Note that you cannot do incremental authorization with the Installed App flow.
|
openid. | (Optional) | openid. is a parameter from the OpenID 2.0 protocol, not from OAuth 2.0. It is used in OpenID 2.0 requests to signify the URL-space for which an authentication request is valid. Use openid. if you are migrating an existing application from OpenID 2.0 to OpenID Connect. For more details, see Migrating off of OpenID 2.0. |
hd | (Optional) |
The
hd (hosted domain) parameter streamlines the login process for Google Apps hosted accounts. By including the domain of the user (for example,mycollege.edu), you restrict sign-in to accounts at that domain. For Google Apps customers that have SAML set up with their own authentication infrastructure, the hdparameter automatically redirects to that user's SAML resource to log in.
To protect against client-side request modification, be sure to validate that thereturned ID token has a matching
hd claim (which is proof the account does belong to the hosted domain). |
。。。。在文档看起来吃力的情况下从0开始写难度有点大。。。。
shit
折腾一天
从最基本的http方式一直退到最弱智的sign in mode
无语。。。。
2016年08月15日20:57:14
好吧,折腾半天终于跑通一个示例developers.google.com/identity/sign-in/android/start
google为了推广android studio也是够了。。。。
连android sdk里的 google play service 都没了。。。。
找了一遭,原来变成这样的了。。。。
坑啊
不想跟google折腾,无奈用了android studio
android studio,一个注定要失败的东西
我屮
折腾了半天把那个google sign in搞好了。。。。
然后看blogger的api发现他是自带全套的鉴权api.....
而且示例还是基于eclipse的。。。。还是基于maven的。。。。。
最关键的是我还下载研究过。。。。。
坑啊github.com/google/google-api-java-client
本来是搭建的eclipse环境,然后发现示例所需要的多数都是android studio的,好不容易把android studio的环境都弄好,结果发现eclipse的环境才是现成的。。。。
暴击!!!
这都变成螺旋进行了
Credential credential = OAuth2Native.authorize(HTTP_TRANSPORT, JSON_FACTORY, new LocalServerReceiver(),一句里俩类找不到,OAuth2Native跟LocalServerReceiver
找半天。。。。。
好像是版本变化了吧。。。。。
哎
就这么几行示例代码到底挖了多少坑给用户啊。。。。
真TM的够了。。。。
明天还是找找怎么把oauth2.0跟blogger的接口对接吧,之前的blogger接口也是旧的。。。。
2016年08月17日19:13:16
fuck
好吧,折腾了几天,这乱七八糟的文档真够了。。。。。
google 这是要作死的节奏
屮
研究了半天别人写的sina weibo的oauth2.0的调用,终于搞明白OAUTH2.0的使用方法了
先是sina weibo的鉴权,地址为
先在应用里起个Activity,里面内置WebView,地址就是上面这个,然后自定义webView的client,监测webView地址 的变化,如果跳转到授权回调页或者取消授权回调页,关掉这个内置WebView的Activity,然后对这个地址进行解析,其中参数code就 是授权码
这样android app就可以拿着auth2.0的code去请求其他的信息了。
- private class WeiboWebViewClient extends WebViewClient {
- @Override
- public boolean shouldOverrideUrlLoading(WebView view, String url) {
- view.loadUrl(url);
- return true;
- }
- @Override
- public void onPageStarted(WebView view, String url, Bitmap favicon) {
- if (url.startsWith(redirect_uri)) {
- handleRedirectUrl(view, url);
- view.stopLoading();
- return;
- }
- super.onPageStarted(view, url, favicon);
- }
- @Override
- public void onReceivedError(WebView view, int errorCode, String description,
- String failingUrl) {
- super.onReceivedError(view, errorCode, description, failingUrl);
- new SinaWeiboErrorDialog().show(getSupportFragmentManager(), "");
- }
- @Override
- public void onPageFinished(WebView view, String url) {
- super.onPageFinished(view, url);
- if (!url.equals("about:blank")) {
- // completeRefresh();
- // refresh();
- Toast.makeText(TestAuthActivity.this, getString(R.string.app_name)+"刷新",
- Toast.LENGTH_SHORT).show();
- }
- }
- }
新浪的测试通过后然后搞google的OAUTH2.0授权,结果发现其实是一样的
在测试页测试,google给的地址
google会返回包含授权码的地址
然后发现google的这个请求也是没有token那种的,可以点按钮转换为token模式
当然,google oauth2.0 的 android app的redirect_url可以不是网址,我用之前不知道从哪找的应用调用也可以,可以直接启动到应用上
这个授权是blogger的授权
- // https://accounts.google.com/o/oauth2/v2/auth
- // ?redirect_uri=https://developers.google.com/oauthplayground
- // &prompt=consent
- // &response_type=code
- // &client_id=407408718192.apps.googleusercontent.com
- // &scope=https://www.googleapis.com/auth/blogger
- // &access_type=offline
然后拼android app里授权blogger管理的地址
网页测试,这个就变成请求blogger权限了,然后给了地址后又去请求dc.android.post:/oauth2redirec 这个应用的界面
当然也可以跟新浪一样,监听
上面那个地址好像没有啊,下面这个是对的!!!
不枉我这几天天天折腾这个,这几天用google提供的SDK各种找不到各种不能用,急火攻心,今天都发烧而且嗓子发炎上火说不出话了
哈哈,还是要自己搞啊,不能清新他们的SDK,挖的坑那么多,哈哈,哈哈,哈哈
2016年08月19日19:28:55
--
senRsl
2016年08月15日18:24:54
2016年08月15日18:24:54
没有评论 :
发表评论