2011-02-10 161 views
2

我想通過api(http://zootool.com/api/docs/add)用java將頁面添加到我的zootool頁面。爲此,我需要使用摘要式身份驗證。zootool api授權

一個PHP的例子給出了獲得頁面的授權:

<?php 

$username = 'username'; 
$password = 'password'; 
$api_url = 'http://zootool.com/api/users/items/?username=' 
        . $username . '&apikey=###'; 

$ch = curl_init(); 
curl_setopt($ch, CURLOPT_URL, $api_url); 

// HTTP Digest Authentication 
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_DIGEST); 
curl_setopt($ch, CURLOPT_USERPWD, strtolower($username) . ':' . sha1($password)); 

curl_setopt($ch, CURLOPT_USERAGENT, 'My PHP Script'); 
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); 

$result = curl_exec($ch); 
curl_close($ch); 

$data = json_decode($result, true); 

print_r($data); 

?> 

但是這是怎麼用Java語言寫在網頁中加入?搜索後,我發現Apache公用程序HttpClient可能是有用的,但我似乎無法繞過它。

我想:

String url = "http://zootool.com/api/add/?url=http://www.google.com 
         &title=Google&apikey=###"; 
    DigestScheme authscheme = new DigestScheme(); 

    HttpClient httpclient = new DefaultHttpClient(); 
    HttpGet httpget = new HttpGet(url); 
    HttpResponse authResponse = httpclient.execute(httpget); 

    Header challenge = authResponse.getHeaders("WWW-Authenticate")[0]; 

    authscheme.processChallenge(challenge); 

    Header solution = authscheme.authenticate(
      new UsernamePasswordCredentials("username", "password"), 
      new BasicHttpRequest(HttpPost.METHOD_NAME, 
      new URL(url).getPath())); 


    HttpResponse goodResponse = httpclient.execute(httpget); 

我試圖SH1哈希密碼,但沒有運氣(如API-手冊上規定)。看來我的代碼無法找到任何響應的挑戰。

Api-key,用戶名和密碼都是正確的。

UPDATE 我現在比較確定我需要使用搶先式摘要授權,但是在嘗試使用由apache給出的解決方法時,我仍然得到401和「身份驗證錯誤:摘要授權挑戰預期,但未找到」 - 來自java的警告。我使用的代碼是:

HttpHost targetHost = new HttpHost("www.zootool.com", 80, "http"); 

DefaultHttpClient httpclient = new DefaultHttpClient(); 
try { 
    httpclient.getCredentialsProvider().setCredentials(
       new AuthScope(AuthScope.ANY_HOST, AuthScope.ANY_PORT), 
       new UsernamePasswordCredentials("username", "sha1-password")); 

    // Create AuthCache instance 
    AuthCache authCache = new BasicAuthCache(); 
    // Generate DIGEST scheme object, initialize it and add it to the local 
    // auth cache 
    DigestScheme digestAuth = new DigestScheme(); 
    // Suppose we already know the realm name 
    digestAuth.overrideParamter("realm", "www.zootool.com"); 
    // Suppose we already know the expected nonce value 
    digestAuth.overrideParamter("nonce", "something"); 
    authCache.put(targetHost, digestAuth); 

    // Add AuthCache to the execution context 
    BasicHttpContext localcontext = new BasicHttpContext(); 
    localcontext.setAttribute(ClientContext.AUTH_CACHE, authCache); 


    HttpGet httpget = new HttpGet("/api/add/?url=http://www.google.com&title=Google&apikey=###"); 

    System.out.println("executing request: " + httpget.getRequestLine()); 
    System.out.println("to target: " + targetHost); 

    for (int i = 0; i < 3; i++) { 
     HttpResponse response = httpclient.execute(targetHost, httpget, localcontext); 
     HttpEntity entity = response.getEntity(); 

     System.out.println("----------------------------------------"); 
     System.out.println(response.getStatusLine()); 
     if (entity != null) { 
      System.out.println("Response content length: " + entity.getContentLength()); 
      } 
     EntityUtils.consume(entity); 
    } 

} finally { 
    // When HttpClient instance is no longer needed, 
    // shut down the connection manager to ensure 
    // immediate deallocation of all system resources 
    httpclient.getConnectionManager().shutdown(); 
    } 
} 

我是否必須爲DigestScheme參數提供有意義的值? 我是否在正確的軌道上?

/André

回答

0

搶先授權碼有效!錯誤是,必須將login = true添加到api url中,如下所示:

HttpGet httpget = new HttpGet("/api/add/?url=http://www.google.com&title=Google&apikey=####&login=true"); 

此信息在api手冊中不可用。