使用 openid4java 的 YouTube 的 OpenID+OAuth

发布于 2024-12-02 02:30:29 字数 3990 浏览 1 评论 0原文

我的应用程序允许用户使用 Google 或 Yahoo 的 OpenID 登录。还有一项功能允许用户上传到 YouTube。有些用户通过 YouTube 上下文到达，目的是创建某些内容并将其上传到 YouTube。这些用户需要授权我的应用程序通过 OpenID 访问其 Google 帐户上的地址，并通过 OAuth 访问其 YouTube 帐户。我希望通过用户的一次授权点击来实现这一点。

我在这里看到了这样做：http://www.youtube.com/create/Xtranormal。从该应用程序发送到 Google OpenID 端点的请求是：

https://accounts.google.com/o/openid2/auth?
openid.ns=http://specs.openid.net/auth/2.0&
openid.claimed_id=http://specs.openid.net/auth/2.0/identifier_select&
openid.identity=http://specs.openid.net/auth/2.0/identifier_select&
openid.return_to=http://www.xtranormal.com/social/openid/complete/?next%3Dhttp%253A%252F%252Fyoutube.xtranormal.com%252Fytmm%252Fauth_popup_done%252F%26janrain_nonce%3D2011-08-29T16%253A35%253A53ZW0VqRw&
openid.assoc_handle=AOQobUcMlV0Hmk431QROK27UegIYqYffiPeCuZ8gsB2x5ULYP0FXuoDZ&
openid.ax.mode=fetch_request&
openid.ax.required=ext0,ext1,ext2&
openid.ax.type.ext0=http://axschema.org/namePerson/first&
openid.ax.type.ext1=http://axschema.org/namePerson/last&
openid.ax.type.ext2=http://axschema.org/contact/email&
openid.mode=checkid_setup&
openid.ns.ax=http://openid.net/srv/ax/1.0&
openid.ns.oauth=http://specs.openid.net/extensions/oauth/1.0&
openid.ns.sreg=http://openid.net/extensions/sreg/1.1&
openid.oauth.consumer=www.xtranormal.com&
openid.oauth.scope=http://gdata.youtube.com/&
openid.realm=http://www.xtranormal.com/&
openid.sreg.optional=postcode,country,nickname,email,fullname

应用程序上的所有其他 OpenID 支持（运行良好）都是使用 OpenID4Java 编写的。我尝试通过实现这个答案，但是，我一生都无法让 Google 弹出窗口向我询问 YouTube，它只要求电子邮件地址。

我通过添加此消息扩展来添加答案中的参数：

public class OAuthHybridRequest implements MessageExtension{
    public static String SCOPE_YOUTUBE = "http://gdata.youtube.com/";
    ParameterList parameters;
    public OAuthHybridRequest(String scope){
        parameters = new ParameterList();
        parameters.set(new Parameter("consumer", DeploymentProperties.getDeploymentProperty("OAUTH_CONSUMER_KEY")));
        parameters.set(new Parameter("scope", scope));
    }   
    public ParameterList getParameters() {
        return parameters;
    }
    public String getTypeUri() {
        return "http://specs.openid.net/extensions/oauth/1.0";
    }
    ...
}

这使我的请求看起来像这样：

https://accounts.google.com/o/openid2/auth?
openid.ns=http://specs.openid.net/auth/2.0&
openid.claimed_id=http://specs.openid.net/auth/2.0/identifier_select&
openid.identity=http://specs.openid.net/auth/2.0/identifier_select&
openid.return_to=http://martin.test.example.no/socialdelegation/hybrid/youtube/sso/auth?is_callback%3Dtrue%26requestedURL%3D%252Fmovieeditor%252Fscripts%252Fpopupcloser.jsp&
openid.realm=http://martin.test.example.no&
openid.assoc_handle=AOQobUcMkuyp1pVZjpF-b8dVqTfB6Y6IyOZxihsk-XD1DOq0xv06lrlPgaJEF-ITUCdJiXPi&
openid.mode=checkid_setup&
openid.ns.ext1=http://specs.openid.net/extensions/oauth/1.0&
openid.ext1.consumer=test.example.no&
openid.ext1.scope=http://gdata.youtube.com&
openid.ns.sreg=http://openid.net/sreg/1.0&
openid.sreg.required=fullname,nickname,email&
openid.ns.ext3=http://openid.net/srv/ax/1.0&
openid.ext3.mode=fetch_request&
openid.ext3.type.email=http://axschema.org/contact/email&
openid.ext3.type.firstName=http://axschema.org/namePerson/first&
openid.ext3.type.lastName=http://axschema.org/namePerson/last&
openid.ext3.type.userName=http://axschema.org/namePerson/friendly&
openid.ext3.type.gender=http://axschema.org/person/gender&
openid.ext3.type.fullName=http://axschema.org/namePerson&
openid.ext3.required=email,firstName,lastName,userName,gender,fullName

我在这里缺少什么？

原文

My application allows users to log in using OpenID from Google or Yahoo. There's also a feature which allows users to upload to YouTube. Some users arrive via a YouTube context with the purpose of creating something and uploading to YouTube. These users will need to authorize my application to access both the address on their Google Account via OpenID, and their YouTube account via OAuth. I'd like this to be achieved with a single authorization click for the user.

I've seen this done here: http://www.youtube.com/create/Xtranormal. The request sent to the Google OpenID endpoint from this app is:

https://accounts.google.com/o/openid2/auth?
openid.ns=http://specs.openid.net/auth/2.0&
openid.claimed_id=http://specs.openid.net/auth/2.0/identifier_select&
openid.identity=http://specs.openid.net/auth/2.0/identifier_select&
openid.return_to=http://www.xtranormal.com/social/openid/complete/?next%3Dhttp%253A%252F%252Fyoutube.xtranormal.com%252Fytmm%252Fauth_popup_done%252F%26janrain_nonce%3D2011-08-29T16%253A35%253A53ZW0VqRw&
openid.assoc_handle=AOQobUcMlV0Hmk431QROK27UegIYqYffiPeCuZ8gsB2x5ULYP0FXuoDZ&
openid.ax.mode=fetch_request&
openid.ax.required=ext0,ext1,ext2&
openid.ax.type.ext0=http://axschema.org/namePerson/first&
openid.ax.type.ext1=http://axschema.org/namePerson/last&
openid.ax.type.ext2=http://axschema.org/contact/email&
openid.mode=checkid_setup&
openid.ns.ax=http://openid.net/srv/ax/1.0&
openid.ns.oauth=http://specs.openid.net/extensions/oauth/1.0&
openid.ns.sreg=http://openid.net/extensions/sreg/1.1&
openid.oauth.consumer=www.xtranormal.com&
openid.oauth.scope=http://gdata.youtube.com/&
openid.realm=http://www.xtranormal.com/&
openid.sreg.optional=postcode,country,nickname,email,fullname

All the other OpenID support on the application (which works well), is written with OpenID4Java. I've tried to create a similar request by implementing the tips in This answer, however, I can't for the life of me get the Google popup to ask me for YouTube, it only asks for the email address.

I'm adding the parameters from the answer by adding this message extension:

public class OAuthHybridRequest implements MessageExtension{
    public static String SCOPE_YOUTUBE = "http://gdata.youtube.com/";
    ParameterList parameters;
    public OAuthHybridRequest(String scope){
        parameters = new ParameterList();
        parameters.set(new Parameter("consumer", DeploymentProperties.getDeploymentProperty("OAUTH_CONSUMER_KEY")));
        parameters.set(new Parameter("scope", scope));
    }   
    public ParameterList getParameters() {
        return parameters;
    }
    public String getTypeUri() {
        return "http://specs.openid.net/extensions/oauth/1.0";
    }
    ...
}

Which makes my request look like this:

https://accounts.google.com/o/openid2/auth?
openid.ns=http://specs.openid.net/auth/2.0&
openid.claimed_id=http://specs.openid.net/auth/2.0/identifier_select&
openid.identity=http://specs.openid.net/auth/2.0/identifier_select&
openid.return_to=http://martin.test.example.no/socialdelegation/hybrid/youtube/sso/auth?is_callback%3Dtrue%26requestedURL%3D%252Fmovieeditor%252Fscripts%252Fpopupcloser.jsp&
openid.realm=http://martin.test.example.no&
openid.assoc_handle=AOQobUcMkuyp1pVZjpF-b8dVqTfB6Y6IyOZxihsk-XD1DOq0xv06lrlPgaJEF-ITUCdJiXPi&
openid.mode=checkid_setup&
openid.ns.ext1=http://specs.openid.net/extensions/oauth/1.0&
openid.ext1.consumer=test.example.no&
openid.ext1.scope=http://gdata.youtube.com&
openid.ns.sreg=http://openid.net/sreg/1.0&
openid.sreg.required=fullname,nickname,email&
openid.ns.ext3=http://openid.net/srv/ax/1.0&
openid.ext3.mode=fetch_request&
openid.ext3.type.email=http://axschema.org/contact/email&
openid.ext3.type.firstName=http://axschema.org/namePerson/first&
openid.ext3.type.lastName=http://axschema.org/namePerson/last&
openid.ext3.type.userName=http://axschema.org/namePerson/friendly&
openid.ext3.type.gender=http://axschema.org/person/gender&
openid.ext3.type.fullName=http://axschema.org/namePerson&
openid.ext3.required=email,firstName,lastName,userName,gender,fullName

What am I missing here?

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

以酷 2024-12-09 02:30:29

从此处下载 openid4java zip 文件的 oauth ext（评论 8）并将类添加到您的项目中。然后：

// enable oauth ext for openid4java (do once)
Message.addExtensionFactory(OAuthMessage.class);

// add oauth extension to open-id request
AuthRequest authReq = ...;
OAuthRequest oauthRequest = OAuthRequest.createOAuthRequest();
oauthRequest.setScopes("oauth scope");
oauthRequest.setConsumer("oauth consumer key");
authReq.addExtension(oauthRequest);

// extract oauth request token from open-id response
AuthSuccess authSuccess = ...;
if (authSuccess.hasExtension(OAuthMessage.OPENID_NS_OAUTH)) {
    OAuthResponse oauthRes = (OAuthResponse) authSuccess
        .getExtension(OAuthMessage.OPENID_NS_OAUTH);
    // use this request token (without secret and verifier) and your oauth lib
    // to get oauth access token
    String oauthRequestToken = oauthRes.getRequestToken();
}

Download oauth ext for openid4java zip file from here (comment 8) and add classes to your project. Then:

// enable oauth ext for openid4java (do once)
Message.addExtensionFactory(OAuthMessage.class);

// add oauth extension to open-id request
AuthRequest authReq = ...;
OAuthRequest oauthRequest = OAuthRequest.createOAuthRequest();
oauthRequest.setScopes("oauth scope");
oauthRequest.setConsumer("oauth consumer key");
authReq.addExtension(oauthRequest);

// extract oauth request token from open-id response
AuthSuccess authSuccess = ...;
if (authSuccess.hasExtension(OAuthMessage.OPENID_NS_OAUTH)) {
    OAuthResponse oauthRes = (OAuthResponse) authSuccess
        .getExtension(OAuthMessage.OPENID_NS_OAUTH);
    // use this request token (without secret and verifier) and your oauth lib
    // to get oauth access token
    String oauthRequestToken = oauthRes.getRequestToken();
}

回复收藏 0 原文

~没有更多了~