我尝试遵循JOAuth(基于Java的OAuth1(最终)和OAuth2(草稿10)库)上的说明。如何使用?为了获取Facebook访问令牌,但没有成功。
我做了以下事情:
将这些行添加到WEB-INF / web.xml
<servlet> <description>An OAuth Servlet Controller</description> <display-name>OAuthServlet</display-name> <servlet-name>OAuthServlet</servlet-name> <servlet-class>com.neurologic.oauth.servlet.OAuthServlet</servlet-class> <init-param> <param-name>config</param-name> <param-value>/WEB-INF/oauth-config.xml</param-value> </init-param> <load-on-startup>3</load-on-startup> </servlet> <servlet-mapping> <servlet-name>OAuthServlet</servlet-name> <url-pattern>/oauth/*</url-pattern> </servlet-mapping>
创建WEB-INF / OAuth的config.xml中与下面的行:(重命名的应用程序密钥和秘密<APP_KEY>和<APP_SECRET>)
<APP_KEY>
<APP_SECRET>
<?xml version="1.0" encoding="UTF-8"?> <oauth-config> <oauth name="facebook" version="2"> <consumer key="<APP_KEY>" secret="<APP_SECRET>" /> <provider authorizationUrl="https://graph.facebook.com/oauth/authorize" accessTokenUrl="https://graph.facebook.com/oauth/access_token" /> </oauth> <service path="/oauth_redirect" class="com.facebook.FacebookOAuthService" oauth="facebook"> <success path="/start.jsp" /> </service> </oauth-config>
我的com.facebook.FacebookOAuthService类(OAuth服务):
package com.xpogames.facebook; import java.util.Map; import javax.servlet.http.HttpServletRequest; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import net.oauth.enums.GrantType; import net.oauth.exception.OAuthException; import net.oauth.parameters.OAuth2Parameters; import com.neurologic.oauth.service.impl.OAuth2Service; import com.neurologic.oauth.util.Globals; /** * @author The Elite Gentleman * @since 05 December 2010 * */ public class FacebookOAuthService extends OAuth2Service { private static final String REDIRECT_URL = "http://127.0.0.1:5080/Red5FacebookAuth/oauth/oauth_redirect"; /* (non-Javadoc) * @see com.neurologic.oauth.service.impl.OAuth2Service#processReceivedAuthorization(javax.servlet. http.HttpServletRequest, java.lang.String, java.util.Map) */ @Override protected String processReceivedAuthorization(HttpServletRequest request, String code, Map<String, String> additionalParameters) throws OAuthException { // TODO Auto-generated method stub OAuth2Parameters parameters = new OAuth2Parameters(); parameters.setCode(code); parameters.setRedirectUri(REDIRECT_URL); Map<String, String> responseMap = getConsumer().requestAcessToken(GrantType.AUTHORIZATION_CODE, parameters, null, (String[])null); if (responseMap == null) { //This usually should never been thrown, but we just do anyway.... throw new OAuthException("No OAuth response retrieved."); } if (responseMap.containsKey("error")) { throwOAuthErrorException(responseMap); } if (responseMap.containsKey(OAuth2Parameters.ACCESS_TOKEN)) { String accessToken = responseMap.remove(OAuth2Parameters.ACCESS_TOKEN); request.getSession().setAttribute(Globals.SESSION_OAUTH2_ACCESS_TOKEN, accessToken); processAdditionalReceivedAccessTokenParameters(request, responseMap); } return null; } /* (non-Javadoc) * @see com.neurologic.oauth.service.impl.OAuth2Service#processAdditionalReceivedAccessTokenParamet ers(javax.servlet.http.HttpServletRequest, java.util.Map) */ @Override protected void processAdditionalReceivedAccessTokenParameters(HttpServletRequest request, Map<String, String> additionalParameters) throws OAuthException { // TODO Auto-generated method stub } }
最后是成功转发给用户的start.jsp文件。
<%@page import="com.neurologic.oauth.util.Globals"%> <% String accessToken = (String)request.getSession().getAttribute(Globals.SESSION_OAUTH2_ACCESS_TOKEN); //For OAuth 2 access token. %> <%= accessToken %>
当我尝试通过将浏览器转发到http://127.0.0.1:5080/Red5FacebookAuth/oauth/oauth_redirect对其进行测试时,我得到的输出即null表示该属性不存在
null
没有错误,但我仍然没有正确的令牌。
我是tomcat和servlet配置的新手,所以我可能错过了一些东西。
我想念什么?
非常感谢!
好的,我之前从未回答过(因为我假设用户知道OAuth授权)是OAuth授权流程的 发起 。
首先,按照此处规定的OAuth流程进行操作。我将根据已记录的内容向您展示如何在Java中完成此操作。
为了使此工作流程正常工作,您需要请求授权码(通过OAuth规范第4.1.1段中提到的“授权请求”)。
该方法从OAuth2Consumer类中调用:
OAuth2Consumer
public String generateRequestAuthorizationUrl(ResponseType responseType, String redirectUri, String state, String scopeDelimiter, String... scope) throws OAuthException {
记住 ,scopeDelimiter因为Facebook是逗号,,所以responseType是ResponseType.CODE。scope是Facebook认为是权限。
scopeDelimiter
,
responseType
ResponseType.CODE
scope
一个完整的例子是这样的:
String client_id = "<APP_ID>"; String client_secret = "<CLIENT_SECRET>"; String redirectUrl = "http://127.0.0.1:5080/Red5FacebookAuth/oauth/oauth_redirect"; OAuth2ServiceProvider provider = new OAuth2ServiceProvider("https://graph.facebook.com/oauth/authorize", "https://graph.facebook.com/oauth/access_token"); OAuth2Consumer consumer = new OAuth2Consumer(client_id, client_secret, provider); //Using HttpServletResponse (but you can kickstart it through an Action/Controller/etc. response.sendRedirect(consumer.generateRequestAuthorizationUrl(ResponseType.CODE, redirectUrl, null, ",", (String[])null)); //where null is the scope array,
com.facebook.FacebookOAuthService.processReceivedAuthorization当Facebook执行HTTP重定向时,这将反过来调用您。然后code是从Facebook收到的您的授权码。
com.facebook.FacebookOAuthService.processReceivedAuthorization
code
希望这可以帮助!
PS Facebook在请求访问令牌时不对页面进行HTTP重定向,因此为什么要手动将其存储在会话中而不是JOAuth(它使用OAuth 2草稿0)。如果其他OAuth 2服务提供商在请求访问令牌后使用HTTP重定向, 请不要 存储访问令牌,OAuth2Service它会自动为您执行。 PPS 使用任何日志记录框架来查看日志。
OAuth2Service
祝你好运,让我知道会发生什么!
