我的应用程序允许用户使用Google或Yahoo的OpenID登录。还有一项功能允许用户上传到YouTube。有些用户通过YouTube上下文到达,目的是创建内容并上传到YouTube。这些用户需要授权我的应用程序通过OpenID访问其Google帐户中的地址,以及通过OAuth访问其YouTube帐户。我想通过为用户单次授权点击来实现这一目标。
我在这里看到了这一点:http://www.youtube.com/create/Xtranormal。从此应用发送到Google OpenID端点的请求是:
https://accounts.google.com/o/openid2/auth?
openid.ns=http://specs.openid.net/auth/2.0&
openid.claimed_id=http://specs.openid.net/auth/2.0/identifier_select&
openid.identity=http://specs.openid.net/auth/2.0/identifier_select&
openid.return_to=http://www.xtranormal.com/social/openid/complete/?next%3Dhttp%253A%252F%252Fyoutube.xtranormal.com%252Fytmm%252Fauth_popup_done%252F%26janrain_nonce%3D2011-08-29T16%253A35%253A53ZW0VqRw&
openid.assoc_handle=AOQobUcMlV0Hmk431QROK27UegIYqYffiPeCuZ8gsB2x5ULYP0FXuoDZ&
openid.ax.mode=fetch_request&
openid.ax.required=ext0,ext1,ext2&
openid.ax.type.ext0=http://axschema.org/namePerson/first&
openid.ax.type.ext1=http://axschema.org/namePerson/last&
openid.ax.type.ext2=http://axschema.org/contact/email&
openid.mode=checkid_setup&
openid.ns.ax=http://openid.net/srv/ax/1.0&
openid.ns.oauth=http://specs.openid.net/extensions/oauth/1.0&
openid.ns.sreg=http://openid.net/extensions/sreg/1.1&
openid.oauth.consumer=www.xtranormal.com&
openid.oauth.scope=http://gdata.youtube.com/&
openid.realm=http://www.xtranormal.com/&
openid.sreg.optional=postcode,country,nickname,email,fullname
应用程序上的所有其他OpenID支持(运行良好)都是使用OpenID4Java编写的。我已经尝试通过实施This answer中的提示来创建类似的请求,但是,我不能在我的生活中让Google弹出窗口向我询问YouTube,它只询问电子邮件地址。< / p>
我通过添加此消息扩展名来添加答案中的参数:
public class OAuthHybridRequest implements MessageExtension{
public static String SCOPE_YOUTUBE = "http://gdata.youtube.com/";
ParameterList parameters;
public OAuthHybridRequest(String scope){
parameters = new ParameterList();
parameters.set(new Parameter("consumer", DeploymentProperties.getDeploymentProperty("OAUTH_CONSUMER_KEY")));
parameters.set(new Parameter("scope", scope));
}
public ParameterList getParameters() {
return parameters;
}
public String getTypeUri() {
return "http://specs.openid.net/extensions/oauth/1.0";
}
...
}
这使我的请求看起来像这样:
https://accounts.google.com/o/openid2/auth?
openid.ns=http://specs.openid.net/auth/2.0&
openid.claimed_id=http://specs.openid.net/auth/2.0/identifier_select&
openid.identity=http://specs.openid.net/auth/2.0/identifier_select&
openid.return_to=http://martin.test.example.no/socialdelegation/hybrid/youtube/sso/auth?is_callback%3Dtrue%26requestedURL%3D%252Fmovieeditor%252Fscripts%252Fpopupcloser.jsp&
openid.realm=http://martin.test.example.no&
openid.assoc_handle=AOQobUcMkuyp1pVZjpF-b8dVqTfB6Y6IyOZxihsk-XD1DOq0xv06lrlPgaJEF-ITUCdJiXPi&
openid.mode=checkid_setup&
openid.ns.ext1=http://specs.openid.net/extensions/oauth/1.0&
openid.ext1.consumer=test.example.no&
openid.ext1.scope=http://gdata.youtube.com&
openid.ns.sreg=http://openid.net/sreg/1.0&
openid.sreg.required=fullname,nickname,email&
openid.ns.ext3=http://openid.net/srv/ax/1.0&
openid.ext3.mode=fetch_request&
openid.ext3.type.email=http://axschema.org/contact/email&
openid.ext3.type.firstName=http://axschema.org/namePerson/first&
openid.ext3.type.lastName=http://axschema.org/namePerson/last&
openid.ext3.type.userName=http://axschema.org/namePerson/friendly&
openid.ext3.type.gender=http://axschema.org/person/gender&
openid.ext3.type.fullName=http://axschema.org/namePerson&
openid.ext3.required=email,firstName,lastName,userName,gender,fullName
我在这里缺少什么?
答案 0 :(得分:2)
下载openid4java zip文件from here (comment 8)的oauth ext,并为您的项目添加类。然后:
// enable oauth ext for openid4java (do once)
Message.addExtensionFactory(OAuthMessage.class);
// add oauth extension to open-id request
AuthRequest authReq = ...;
OAuthRequest oauthRequest = OAuthRequest.createOAuthRequest();
oauthRequest.setScopes("oauth scope");
oauthRequest.setConsumer("oauth consumer key");
authReq.addExtension(oauthRequest);
// extract oauth request token from open-id response
AuthSuccess authSuccess = ...;
if (authSuccess.hasExtension(OAuthMessage.OPENID_NS_OAUTH)) {
OAuthResponse oauthRes = (OAuthResponse) authSuccess
.getExtension(OAuthMessage.OPENID_NS_OAUTH);
// use this request token (without secret and verifier) and your oauth lib
// to get oauth access token
String oauthRequestToken = oauthRes.getRequestToken();
}