我正在尝试使用 java 通过 api ( http://zootool.com/api/docs/add ) 将页面添加到我的 zootool 页面。为此,我需要使用摘要式身份验证。
获取页面授权给出php示例:
<?php
$username = 'username';
$password = 'password';
$api_url = 'http://zootool.com/api/users/items/?username='
. $username . '&apikey=###';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $api_url);
// HTTP Digest Authentication
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_DIGEST);
curl_setopt($ch, CURLOPT_USERPWD, strtolower($username) . ':' . sha1($password));
curl_setopt($ch, CURLOPT_USERAGENT, 'My PHP Script');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$result = curl_exec($ch);
curl_close($ch);
$data = json_decode($result, true);
print_r($data);
?>
但是在 Java 中这是如何添加页面的呢?搜索后我发现 apache commons HttpClient 可能有用,但我似乎无法理解它。
我试过:
String url = "http://zootool.com/api/add/?url=http://www.google.com
&title=Google&apikey=###";
DigestScheme authscheme = new DigestScheme();
HttpClient httpclient = new DefaultHttpClient();
HttpGet httpget = new HttpGet(url);
HttpResponse authResponse = httpclient.execute(httpget);
Header challenge = authResponse.getHeaders("WWW-Authenticate")[0];
authscheme.processChallenge(challenge);
Header solution = authscheme.authenticate(
new UsernamePasswordCredentials("username", "password"),
new BasicHttpRequest(HttpPost.METHOD_NAME,
new URL(url).getPath()));
HttpResponse goodResponse = httpclient.execute(httpget);
我曾尝试对密码进行 sh1 哈希处理(如 api 手册中所述),但没有成功。看来我的代码找不到任何可以响应的挑战。
API key 、用户名和密码正确。
更新 我现在比较确定我需要使用抢先式摘要授权,但是当尝试使用 apache 给出的解决方法时,我仍然收到 401 和“身份验证错误:预期摘要授权挑战,但未找到” - 来自 java 的警告。我使用的代码是:
HttpHost targetHost = new HttpHost("www.zootool.com", 80, "http");
DefaultHttpClient httpclient = new DefaultHttpClient();
try {
httpclient.getCredentialsProvider().setCredentials(
new AuthScope(AuthScope.ANY_HOST, AuthScope.ANY_PORT),
new UsernamePasswordCredentials("username", "sha1-password"));
// Create AuthCache instance
AuthCache authCache = new BasicAuthCache();
// Generate DIGEST scheme object, initialize it and add it to the local
// auth cache
DigestScheme digestAuth = new DigestScheme();
// Suppose we already know the realm name
digestAuth.overrideParamter("realm", "www.zootool.com");
// Suppose we already know the expected nonce value
digestAuth.overrideParamter("nonce", "something");
authCache.put(targetHost, digestAuth);
// Add AuthCache to the execution context
BasicHttpContext localcontext = new BasicHttpContext();
localcontext.setAttribute(ClientContext.AUTH_CACHE, authCache);
HttpGet httpget = new HttpGet("/api/add/?url=http://www.google.com&title=Google&apikey=###");
System.out.println("executing request: " + httpget.getRequestLine());
System.out.println("to target: " + targetHost);
for (int i = 0; i < 3; i++) {
HttpResponse response = httpclient.execute(targetHost, httpget, localcontext);
HttpEntity entity = response.getEntity();
System.out.println("----------------------------------------");
System.out.println(response.getStatusLine());
if (entity != null) {
System.out.println("Response content length: " + entity.getContentLength());
}
EntityUtils.consume(entity);
}
} finally {
// When HttpClient instance is no longer needed,
// shut down the connection manager to ensure
// immediate deallocation of all system resources
httpclient.getConnectionManager().shutdown();
}
}
我是否必须为 DigestScheme 参数提供有意义的值? 我走在正确的轨道上了吗?
/安德烈
最佳答案
抢先授权代码有效!错误是必须将 login=true 添加到 api url,如下所示:
HttpGet httpget = new HttpGet("/api/add/?url=http://www.google.com&title=Google&apikey=####&login=true");
api 手册中没有此信息。
关于java - zootool api授权,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/4962756/