API (Application Programming Interface, Application programming Interface) is very common in Web applications, such as the development of meager applications have a meager API, Taobao has Taobao API, different APIs have different interface mode, The General API has a URL to the access address, through this access address can obtain the user's custom data, but this is not public, such as after the authentication to the correct access to the data.
The use of Sina Weibo API to publish a meager need to provide user name and password authentication before the correct release of meager, summed up the main following several API interface certification ideas:
1. Use HTTP Basic authentication
When you visit a URL that requires HTTP Basic authentication, if you do not provide a username and password, the server will return 401, if you open the browser directly, the browser will prompt you to enter a username and password (Google browser will not, bugs?) )。 You can try clicking on this URL to see the effect: Http://api.minicloud.com.cn/statuses/friends_timeline.xml
There are two ways to add HTTP Basic authentication authentication information to a request when sending a request:
One is to add authorization to the request header:
| The code is as follows | Copy Code |
| Authorization: "Basic user name and password base64 encrypted string" |
|
The second is to add a username and password to the URL:
Http://username:password@api.minicloud.com.cn/statuses/friends_timeline.xml
| The code is as follows | Copy Code |
| $fp = Fsockopen ("www.mydomain.com", 80); Fputs ($fp, "Get/downloads http/1.0"); Fputs ($fp, "Host:www.mydomain.com"); Fputs ($fp, "Authorization:basic". Base64_encode ("User:pass"). ""); Fpassthru ($FP); |
|
2. Using OAuth Certification
The OAuth protocol provides a secure, open, and easy standard for the authorization of user resources. Unlike previous licensing methods, OAuth's authorization does not enable third parties to reach the user's account information (such as user name and password), that is, a third party can apply for authorization of the user's resources without using the user's username and password, so OAuth is safe.
Download Address: Http://code.google.com/p/oauth2-php/downloads/list
3. Using Soap
For application development, it is important to make Internet communication between programs.
The current application communicates with objects such as DCOM and CORBA by using remote Procedure Call (RPC), but HTTP is not designed for this purpose. RPC creates compatibility and security issues, and firewalls and proxy servers typically block such traffic.
Communication between applications via HTTP is a better approach because HTTP is supported by all Internet browsers and servers. SOAP is created to accomplish this task.
SOAP provides a standard way for applications that run on different operating systems and use different technologies and programming languages to communicate with each other.
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
