我正在尝试使用一个流行的俄罗斯社交网络的api。我通过Java HttpUrlConnection使用OAuth。问题是,当我通过Java发送帖子数据时,我得到401响应代码。当我复制请求并将其粘贴到浏览器时,我会重定向到包含我需要的访问令牌的URL。这意味着我的帖子请求是正确的,但为什么当我用Java发送它时我得到401错误?当我发送错误密码的请求时,我得到200.这意味着请求也是正确的。
private void getHomeAuth() throws Exception {
String url = "https://oauth.vk.com/authorize?client_id=APP_ID&scope=friends&redirect_uri=https://oauth.vk.com/blank.html&display=page&v=5.34&response_type=token";
URL oauth = new URL(url);
HttpURLConnection connection = (HttpURLConnection) oauth.openConnection();
connection.setRequestMethod("GET");
connection.setRequestProperty("User-Agent", USER_AGENT);
int responseCode = connection.getResponseCode();
System.out.println("Response code: " + responseCode);
BufferedReader reader = new BufferedReader(new InputStreamReader(connection.getInputStream()));
String inputLine;
StringBuilder response = new StringBuilder();
while((inputLine = reader.readLine()) != null)
response.append(inputLine + "\n");
reader.close();
PrintWriter writer = new PrintWriter("auth.html");
writer.print(response);
writer.close();
parse();
cookies = connection.getHeaderField("Set-Cookie");
referer = connection.getURL().toString();
}
private void postAuth() throws Exception {
email = URLEncoder.encode("example@gmail.com", "UTF-8");
password = "password";
_origin = URLEncoder.encode(_origin, "UTF-8");
String url = "https://login.vk.com/?act=login&soft=1";
URL post = new URL(url);
String urlParameters = "ip_h=" + ip_h + "&_origin=" + _origin + "&to=" + to + "&expire=" + expire + "&email=" + email + "&pass=" + password;
HttpsURLConnection con = (HttpsURLConnection) post.openConnection();
con.setRequestMethod("POST");
con.setRequestProperty("User-Agent", USER_AGENT);
con.setRequestProperty("Cookie", cookies);
con.setDoOutput(true);
DataOutputStream wr = new DataOutputStream(con.getOutputStream());
wr.writeBytes(urlParameters);
wr.flush();
wr.close();
int responseCode = con.getResponseCode();
System.out.println("Sent post. Response code: " + responseCode + "\nRequest: " + post.toString() + urlParameters + "\nRequestMethod: " + con.getRequestMethod());
}
我也尝试在浏览器中通过插件发送此请求,结果是正确的。我从重定向链接获得了访问令牌。
问题可能是请求中的内容不正确。我试图监控来自java app的请求,但我失败了。
答案 0 :(得分:1)
我遇到此类问题的经验是,首先对用户进行身份验证的http请求也会将Cookie(范围因具体情况而异)放入响应中,后续的http请求应包含这些Cookie。仔细查看完整的返回响应标头,以查看可能已返回的cookie。