在iOS 6上使用AFOAuth2Client和AFNetworking我能够获得访问令牌,但无法访问资源,服务器以未经授权的状态代码响应401。这是使用门卫作为OAuth提供程序的自定义Rails 3 API后端。使用OAuth2 gem的以下客户端ruby代码可以正常工作:
client = OAuth2::Client.new(app_id, secret, site: "http://subdomain.example.com/")
access_token = client.password.get_token('username', 'password')
access_token.get('/api/1/products').parsed
iOS代码如下所示,在登录按钮处理程序中,我使用用户名和密码进行身份验证,并存储凭据:
- (IBAction)login:(id)sender {
NSString *username = [usernameField text];
NSString *password = [passwordField text];
NSURL *url = [NSURL URLWithString:kClientBaseURL];
AFOAuth2Client *client = [AFOAuth2Client clientWithBaseURL:url clientID:kClientID secret:kClientSecret];
[client authenticateUsingOAuthWithPath:@"oauth/token"
username:username
password:password
scope:nil
success:^(AFOAuthCredential *credential) {
NSLog(@"Successfully received OAuth credentials %@", credential.accessToken);
[AFOAuthCredential storeCredential:credential
withIdentifier:client.serviceProviderIdentifier];
[self performSegueWithIdentifier:@"LoginSegue" sender:sender];
}
failure:^(NSError *error) {
NSLog(@"Error: %@", error);
[passwordField setText:@""];
}];
}
我为我的端点创建了AFHTTPClient子类,并在initWithBaseURL中检索了凭据,并使用访问令牌设置了授权标头:
- (id)initWithBaseURL:(NSURL *)url {
self = [super initWithBaseURL:url];
if (!self) {
return nil;
}
[self registerHTTPOperationClass:[AFJSONRequestOperation class]];
[self setDefaultHeader:@"Accept" value:@"application/json"];
AFOAuthCredential *credential = [AFOAuthCredential retrieveCredentialWithIdentifier:@"subdomain.example.com"];
[self setAuthorizationHeaderWithToken:credential.accessToken];
return self;
}
这是使用AFOAuth2Client和AFNetworking的正确方法吗?并且知道为什么这不起作用?
答案 0 :(得分:5)
通过更改来管理以实现此目的:
AFOAuthCredential *credential = [AFOAuthCredential retrieveCredentialWithIdentifier:@"subdomain.example.com"];
[self setAuthorizationHeaderWithToken:credential.accessToken];
为:
AFOAuthCredential *credential = [AFOAuthCredential retrieveCredentialWithIdentifier:@"subdomain.example.com"];
NSString *authValue = [NSString stringWithFormat:@"Bearer %@", credential.accessToken];
[self setDefaultHeader:@"Authorization" value:authValue];
更新
我没注意到的是AFOAuth2Client本身是AFHTTPClient的子类,因此可以用作API类的基类,例如:
@interface YFExampleAPIClient : AFOAuth2Client
+ (YFExampleAPIClient *)sharedClient;
/**
*/
- (void)authenticateWithUsernameAndPassword:(NSString *)username
password:(NSString *)password
success:(void (^)(AFOAuthCredential *credential))success
failure:(void (^)(NSError *error))failure;
@end
实施变为:
@implementation YFExampleAPIClient
+ (YFExampleAPIClient *)sharedClient {
static YFExampleAPIClient *_sharedClient = nil;
static dispatch_once_t onceToken;
dispatch_once(&onceToken, ^{
NSURL *url = [NSURL URLWithString:kClientBaseURL];
_sharedClient = [YFExampleAPIClient clientWithBaseURL:url clientID:kClientID secret:kClientSecret];
});
return _sharedClient;
}
- (void)authenticateWithUsernameAndPassword:(NSString *)username
password:(NSString *)password
success:(void (^)(AFOAuthCredential *credential))success
failure:(void (^)(NSError *error))failure {
[self authenticateUsingOAuthWithPath:@"oauth/token"
username:username
password:password
scope:nil
success:^(AFOAuthCredential *credential) {
NSLog(@"Successfully received OAuth credentials %@", credential.accessToken);
[self setAuthorizationHeaderWithCredential:credential];
success(credential);
}
failure:^(NSError *error) {
NSLog(@"Error: %@", error);
failure(error);
}];
}
- (id)initWithBaseURL:(NSURL *)url
clientID:(NSString *)clientID
secret:(NSString *)secret {
self = [super initWithBaseURL:url clientID:clientID secret:secret];
if (!self) {
return nil;
}
[self setDefaultHeader:@"Accept" value:@"application/json"];
return self;
}
@end
请注意,重写initWithBaseURL以设置HTTP接受标头。
GitHub上提供了完整的源代码 - https://github.com/yellowfeather/rails-saas-ios