我正在尝试使用java通过api(http://zootool.com/api/docs/add)向我的zootool页面添加页面。为此,我需要使用摘要式身份验证。
给出了获取页面授权的php示例:
<?php
$username = 'username';
$password = 'password';
$api_url = 'http://zootool.com/api/users/items/?username='
. $username . '&apikey=###';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $api_url);
// HTTP Digest Authentication
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_DIGEST);
curl_setopt($ch, CURLOPT_USERPWD, strtolower($username) . ':' . sha1($password));
curl_setopt($ch, CURLOPT_USERAGENT, 'My PHP Script');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$result = curl_exec($ch);
curl_close($ch);
$data = json_decode($result, true);
print_r($data);
?>
但是如何在Java中添加页面呢?搜索后我发现apache commons HttpClient可能有用,但我似乎无法绕过它。
我试过了:
String url = "http://zootool.com/api/add/?url=http://www.google.com
&title=Google&apikey=###";
DigestScheme authscheme = new DigestScheme();
HttpClient httpclient = new DefaultHttpClient();
HttpGet httpget = new HttpGet(url);
HttpResponse authResponse = httpclient.execute(httpget);
Header challenge = authResponse.getHeaders("WWW-Authenticate")[0];
authscheme.processChallenge(challenge);
Header solution = authscheme.authenticate(
new UsernamePasswordCredentials("username", "password"),
new BasicHttpRequest(HttpPost.METHOD_NAME,
new URL(url).getPath()));
HttpResponse goodResponse = httpclient.execute(httpget);
我试图sh1-hash密码(如api-manual中所述),但没有运气。似乎我的代码无法找到任何回应的挑战。
Api-key,用户名和密码都是正确的。
UPDATE 我现在相对肯定我需要使用抢占式摘要授权,但是当尝试使用apache给出的解决方法时,我仍然会收到401和“身份验证错误:预期的摘要授权质询,但未找到” - 来自java的警告。我使用的代码是:
HttpHost targetHost = new HttpHost("www.zootool.com", 80, "http");
DefaultHttpClient httpclient = new DefaultHttpClient();
try {
httpclient.getCredentialsProvider().setCredentials(
new AuthScope(AuthScope.ANY_HOST, AuthScope.ANY_PORT),
new UsernamePasswordCredentials("username", "sha1-password"));
// Create AuthCache instance
AuthCache authCache = new BasicAuthCache();
// Generate DIGEST scheme object, initialize it and add it to the local
// auth cache
DigestScheme digestAuth = new DigestScheme();
// Suppose we already know the realm name
digestAuth.overrideParamter("realm", "www.zootool.com");
// Suppose we already know the expected nonce value
digestAuth.overrideParamter("nonce", "something");
authCache.put(targetHost, digestAuth);
// Add AuthCache to the execution context
BasicHttpContext localcontext = new BasicHttpContext();
localcontext.setAttribute(ClientContext.AUTH_CACHE, authCache);
HttpGet httpget = new HttpGet("/api/add/?url=http://www.google.com&title=Google&apikey=###");
System.out.println("executing request: " + httpget.getRequestLine());
System.out.println("to target: " + targetHost);
for (int i = 0; i < 3; i++) {
HttpResponse response = httpclient.execute(targetHost, httpget, localcontext);
HttpEntity entity = response.getEntity();
System.out.println("----------------------------------------");
System.out.println(response.getStatusLine());
if (entity != null) {
System.out.println("Response content length: " + entity.getContentLength());
}
EntityUtils.consume(entity);
}
} finally {
// When HttpClient instance is no longer needed,
// shut down the connection manager to ensure
// immediate deallocation of all system resources
httpclient.getConnectionManager().shutdown();
}
}
我是否必须为DigestScheme参数提供有意义的值? 我甚至走在正确的轨道上吗?
/André
答案 0 :(得分:0)
抢先授权代码有效!错误是必须将login = true添加到api url,如下所示:
HttpGet httpget = new HttpGet("/api/add/?url=http://www.google.com&title=Google&apikey=####&login=true");
api手册中没有此信息。