Question

我正在尝试使用一个流行的俄罗斯社交网络的api。我通过Java HttpUrlConnection使用OAuth。问题是，当我通过Java发送帖子数据时，我得到401响应代码。当我复制请求并将其粘贴到浏览器时，我会重定向到包含我需要的访问令牌的URL。这意味着我的帖子请求是正确的，但为什么当我用Java发送它时我得到401错误？当我发送错误密码的请求时，我得到200.这意味着请求也是正确的。

private void getHomeAuth() throws Exception {
        String url = "https://oauth.vk.com/authorize?client_id=APP_ID&scope=friends&redirect_uri=https://oauth.vk.com/blank.html&display=page&v=5.34&response_type=token";

        URL oauth = new URL(url);
        HttpURLConnection connection = (HttpURLConnection) oauth.openConnection();
        connection.setRequestMethod("GET");
        connection.setRequestProperty("User-Agent", USER_AGENT);
        int responseCode = connection.getResponseCode();
        System.out.println("Response code: " + responseCode);

        BufferedReader reader = new BufferedReader(new InputStreamReader(connection.getInputStream()));
        String inputLine;
        StringBuilder response = new StringBuilder();

        while((inputLine = reader.readLine()) != null)
            response.append(inputLine + "\n");
        reader.close();
        PrintWriter writer = new PrintWriter("auth.html");
        writer.print(response);
        writer.close();
        parse();
        cookies = connection.getHeaderField("Set-Cookie");
        referer = connection.getURL().toString();
    }



private void postAuth() throws Exception {
        email = URLEncoder.encode("example@gmail.com", "UTF-8");
        password = "password";
        _origin = URLEncoder.encode(_origin, "UTF-8");
        String url = "https://login.vk.com/?act=login&soft=1";
        URL post = new URL(url);
        String urlParameters = "ip_h=" + ip_h + "&_origin=" + _origin + "&to=" + to + "&expire=" + expire + "&email=" + email + "&pass=" + password;
        HttpsURLConnection con = (HttpsURLConnection) post.openConnection();
        con.setRequestMethod("POST");
        con.setRequestProperty("User-Agent", USER_AGENT);
        con.setRequestProperty("Cookie", cookies);
        con.setDoOutput(true);
        DataOutputStream wr = new DataOutputStream(con.getOutputStream());
        wr.writeBytes(urlParameters);
        wr.flush();
        wr.close();
        int responseCode = con.getResponseCode();



        System.out.println("Sent post. Response code: " + responseCode + "\nRequest: " + post.toString() + urlParameters + "\nRequestMethod: " + con.getRequestMethod());

    }

我也尝试在浏览器中通过插件发送此请求，结果是正确的。我从重定向链接获得了访问令牌。

问题可能是请求中的内容不正确。我试图监控来自java app的请求，但我失败了。

Answer 1

我遇到此类问题的经验是，首先对用户进行身份验证的http请求也会将Cookie（范围因具体情况而异）放入响应中，后续的http请求应包含这些Cookie。仔细查看完整的返回响应标头，以查看可能已返回的cookie。

Java Post Request和浏览器发布请求之间的区别

1 个答案: