Flickr auth与scribe-java提供回调网址

时间:2014-08-14 21:12:06

标签: java servlets oauth flickr scribe

我必须在Flickr上授权用户,所以我在Flickr上注册了我的应用程序,并为key,secret和callbackUrl注册了硬编码值。 现在,我正在使用scribe库,而是强制用户复制并提交验证程序,我想从回调网址获取参数 frob 。 我在Java中实现all,使用servlet会话来捕获重定向。 这是代码:

public class FlickrAuth extends HttpServlet {

    @Override
    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        OAuthService service = new ServiceBuilder().
                provider(FlickrApi.class)
                .apiKey(FLICKR_KEY)
                .apiSecret(FLICKR_SECRET)
                .callback("https://something.com/flickr")
                .build();


        Token requestToken = service.getRequestToken();
        String authorizationUrl = service.getAuthorizationUrl(requestToken);
        String url = authorizationUrl + "&perms=read";

        //Make a request to the url
        response.sendRedirect(url);

}

以这种方式管理servlet回调:

public class FlickrCallback extends HttpServlet {

@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

String code = request.getParameter("frob");

    OAuthService service = new ServiceBuilder().
            provider(FlickrApi.class)
            .apiKey(FLICKR_KEY)
            .apiSecret(FLICKR_SECRET)
            .callback(https://something.com/flickr)
            .build();

    Token requestToken = service.getRequestToken();

    Verifier verifier = new Verifier(code);

    Token accessToken = service.getAccessToken(requestToken, verifier);

}

当我尝试构建Verifier时,服务器引发此异常:

java.lang.IllegalArgumentException: Must provide a valid string as verifier

似乎重定向没有 frob 参数..但回调是正确的,并在Flick应用程序上正确注册..有人可以帮助我吗?

谢谢!

1 个答案:

答案 0 :(得分:4)

我目前使用Slick与Flickr OAuth一起工作,并且在比较你的内容时,我注意到了几个问题:

1)frob用于旧的身份验证流程,不在OAuth中使用。在OAuth流程中,您需要查找" oauth_verifier"在回调参数中。

  //change
  String code = request.getParameter("frob");
  //to
  String code = request.getParameter(OAuthConstants.VERIFIER); //oauth_verifier

2)你应该使用OAuthAuth中的原始requestToken来获取你的accessToken,而不是你得到一个新的requestToken 

  public class FlickrAuth extends HttpServlet {
     ...
     //after you get the initial requestToken, save it (e.g. session, database,..)
     Token requestToken = service.getRequestToken();
     request.getSession().setAttribute("some key", requestToken);


  public class FlickrCallback extends HttpServlet {
     ...
     //later you will need that original requestToken
     Token savedRequestToken = request.getSession().getAttribute("some key");
     Verifier verifier = new Verifier(code); //from request param oauth_verifier
     Token accessToken = service.getAccessToken(savedRequestToken, verifier);
相关问题
最新问题