使用 Scribe for GWT 进行 oauth

发布于 2024-12-29 00:17:08 字数 1083 浏览 1 评论 0原文

我正在尝试为我的网络应用程序实现“Twitter”登录。我使用 scribe 来简化一些事情。

我的实现依赖于 GWT RPC 机制将授权 URL 返回给客户端，以便客户端可以调用弹出窗口来重定向到授权 URL。

但是，当 URL 打开新选项卡并且用户使用 Twitter 帐户登录时，页面会提供 PIN 码（来自此站点：https://api.twitter.com/oauth/authorize) 需要重新输入 org.scribe.model.Modifier

这种做法对于用户来说会很麻烦。需要的是，当用户输入 Twitter 用户名/密码时就应该是这样的。或者至少自动化所有其他过程。

我错过了什么吗？

这是我的代码：

    twitterLogin.addClickHandler(new ClickHandler() {
        @Override
        public void onClick(ClickEvent event) {
            TwitterService.Util.getInstance().getAuthorizationUrl(new AsyncCallback<String>() {
                @Override
                public void onSuccess(String result) {
                    if (result != null)
                        Window.open(result, "__blank", null);
                }

                @Override
                public void onFailure(Throwable caught) {

                }
            });             
        }
    });

原文

I'm trying to implement "Twitter" login for my web application. I use scribe to simplify things a bit.

My implementation relies of GWT RPC mechanism to get the Authorization url back to the client so the client can call a popup window to redirect to the Autorization Url.

However, when the URL is opened to the new tab and user log in with Twitter account, the page provides the PIN number (from this site: https://api.twitter.com/oauth/authorize) that needs to be typed back into the org.scribe.model.Modifier

This kind of approach will be cumbersome to users. What is needed is that when the user typed in the Twitter username/password that should be it. Or at least automate all the other process.

Am I missing something?

Here's my code:

    twitterLogin.addClickHandler(new ClickHandler() {
        @Override
        public void onClick(ClickEvent event) {
            TwitterService.Util.getInstance().getAuthorizationUrl(new AsyncCallback<String>() {
                @Override
                public void onSuccess(String result) {
                    if (result != null)
                        Window.open(result, "__blank", null);
                }

                @Override
                public void onFailure(Throwable caught) {

                }
            });             
        }
    });

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

ま柒月 2025-01-05 00:17:08

要使用 OAuth 进行身份验证，您需要向身份验证服务器发送 2 个请求：
- 首先获得“请求令牌”
- 然后，为了获取“访问令牌”，

Twitter 会在新窗口中打开身份验证页面，他们可以在其中输入 Twitter 用户名/密码，因此这是可以预料的。

if (req.getRequestURI().equals("/twitter")) {
    Token requestToken = service.getRequestToken();
    System.out.println("Got the Request Token!" + requestToken.getToken());
    session = request.getSession(true);
    session.setAttribute("TOKEN", requestToken);
    response.sendRedirect(service.getAuthorizationUrl(requestToken));
} else if (req.getRequestURI().equals("/twitter/callback")) {
    String code = request.getParameter("oauth_verifier");
    System.out.println("Verifier :: " + code);
    System.out.println("service.getRequestToken()" + service.getRequestToken());
    session = request.getSession(false);
    Token requestToken = (Token) session.getAttribute("TOKEN");
    System.out.println("requestToken from Session " + service.getRequestToken().getToken() + " Secr" + service.getRequestToken().getSecret());

    if (code != null && !code.isEmpty()) {
        Verifier verifier = new Verifier(code);
        Token accessToken = service.getAccessToken(requestToken, verifier);
        OAuthRequest req = new OAuthRequest(Verb.GET, OAUTH_PROTECTED_URL);
        service.signRequest(accessToken, req);
        Response res = req.send();
        response.setContentType("text/plain");
        response.getWriter().println(res.getBody());
    }
}

To authenticate with OAuth, you need to send out 2 requests to the authenticating server:
- First to get the "Request Token"
- Then to get the "Access Token"

Twitter does open the authentication page in a new window where they can type their Twitter username/password, so that's to be expected.

if (req.getRequestURI().equals("/twitter")) {
    Token requestToken = service.getRequestToken();
    System.out.println("Got the Request Token!" + requestToken.getToken());
    session = request.getSession(true);
    session.setAttribute("TOKEN", requestToken);
    response.sendRedirect(service.getAuthorizationUrl(requestToken));
} else if (req.getRequestURI().equals("/twitter/callback")) {
    String code = request.getParameter("oauth_verifier");
    System.out.println("Verifier :: " + code);
    System.out.println("service.getRequestToken()" + service.getRequestToken());
    session = request.getSession(false);
    Token requestToken = (Token) session.getAttribute("TOKEN");
    System.out.println("requestToken from Session " + service.getRequestToken().getToken() + " Secr" + service.getRequestToken().getSecret());

    if (code != null && !code.isEmpty()) {
        Verifier verifier = new Verifier(code);
        Token accessToken = service.getAccessToken(requestToken, verifier);
        OAuthRequest req = new OAuthRequest(Verb.GET, OAUTH_PROTECTED_URL);
        service.signRequest(accessToken, req);
        Response res = req.send();
        response.setContentType("text/plain");
        response.getWriter().println(res.getBody());
    }
}

回复收藏 0 原文

~没有更多了~