Introduction to oau2's certification, oau2's Certification

Source: Internet
Author: User

Introduction to oau2's certification, oau2's Certification

1. Introduction to oau2certification
(1) Principle diagram of oau2's authentication:

2) Introduction: oau22. oau2is an open standard that allows users to allow third-party applications to access private resources (such as photos and videos) stored on a website, contact List), without providing the user name and password to a third-party application.

(3) Why use oau2authentication: prevent third-party applications from obtaining the user name and password, and complete authentication on the webpage. In addition
Use https requests to prevent packet capture leaks. Even if the user and password are captured, it is encrypted and difficult to crack.
You can obtain the token through oau2authentication, and then use the token to call the interfaces provided by the third-party platform to implement the required functions.
However, if the token is stored locally, encryption is required to prevent theft and leakage of user information.

2. Practical Application of oau22.

Process for obtaining Sina Weibo authorization certification:

(1) Create an application on the Sina Open Platform and obtain the appkey, appsecret, and callback address.
(2) install the MD5 Signature generation tool on the test machine to generate an md5 key or view the md5 value of the current keystore file in eclipse preference> build.
And fill in
(3) If the application is not approved, you must add a test account to the test information of the open platform. Only the test account can successfully access the interface.

Code for Sina Weibo's oau2certification to implement the Weibo function:
Main class:

Public class MainActivity extends Activity {private int SEND_WEIBO = 1;/** Note: SsoHandler is valid only when SDK supports SSO */private SsoHandler mSsoHandler;/** Weibo Web authorization class, provides login and other functions */private WeiboAuth mWeiboAuth;/** encapsulates "access_token", "expires_in", "refresh_token", and provides their management functions */private Oauth2AccessToken mAccessToken; private HttpUtils httpUtils = new HttpUtils (); private Handler handler = new Handler () {public void HandleMessage (android. OS. message msg) {if (msg. what = SEND_WEIBO) {RequestCallBack <String> callBack = new RequestCallBack <String> () {@ Override public void onSuccess (ResponseInfo <String> responseInfo) {// TODO Auto-generated method stub Toast. makeText (MainActivity. this, "Weibo success", Toast. LENGTH_SHORT ). show () ;}@ Override public void onFailure (HttpException error, String msg) {Toast. makeText (MainActiv Ity. this, "Weibo failed", Toast. LENGTH_SHORT ). show () ;}; try {InputStream is = getAssets (). open ("a.jpg"); File file = new File (Environment. getExternalStorageDirectory () + "/a.jpg"); if (! File. exists () {file. createNewFile ();} FileOutputStream out = new FileOutputStream (file); byte [] buffer = new byte [1024]; int len = 0; while (len = is. read (buffer ))! =-1) {out. write (buffer, 0, len);} out. close (); is. close (); if (file! = Null & file. length ()> 0) {RequestParams params = new RequestParams (); params. addBodyParameter ("status", "Test Case"); params. addBodyParameter ("source", "3680529134"); params. addBodyParameter ("access_token", mAccessToken. getToken (); params. addBodyParameter ("pic", file); httpUtils. configTimeout (3000); httpUtils. send (HttpMethod. POST, "https://upload.api.weibo.com/2/statuses/upload.json", params, callBack) ;} Catch (IOException e) {e. printStackTrace ();} // httpUtils. configTimeout (3000); // httpUtils. send (HttpMethod. POST, "https://upload.api.weibo.com/2/statuses/upload.json", params, callBack) ;}};@ Override protected void onCreate (Bundle savedInstanceState) {super. onCreate (savedInstanceState); setContentView (R. layout. activity_main); // create a Weibo instance mWeiboAuth = new WeiboAuth (this, Constants. APP_KE Y, Constants. REDIRECT_URL, Constants. SCOPE); Button btnLogin = (Button) findViewById (R. id. btn_sso); btnLogin. setOnClickListener (new OnClickListener () {@ Override public void onClick (View v) {mSsoHandler = new SsoHandler (MainActivity. this, mWeiboAuth); mSsoHandler. authorize (new AuthListener () ;}}) ;}/ *** this function is called when the SSO authorization Activity exits. ** @ See {@ link Activity # onActivityResult} */@ Override protected void onActivityResult (int requestCode, int resultCode, Intent data) {super. onActivityResult (requestCode, resultCode, data); // SSO authorization callback // important: onActivityResult if (mSsoHandler! = Null) {mSsoHandler. authorizeCallBack (requestCode, resultCode, data); Toast. makeText (this, "authentication successful" + mAccessToken. getToken (), Toast. LENGTH_SHORT ). show (); handler. sendEmptyMessage (SEND_WEIBO) ;}/ *** callback class for Weibo Authentication Authorization. 1. For SSO authorization, the callback will be executed only after * {@ link SsoHandler # authorizeCallBack} is called in {@ link # onActivityResult. 2. When the authorization is not SSO *, the callback will be executed after the authorization is complete. After the authorization is successful, save the access_token, expires_in, uid, and other information to * SharedPreferences. */Class AuthListener implements WeiboAuthListener {@ Override public void onComplete (Bundle values) {// parse Token mAccessToken = Oauth2AccessToken from Bundle. parseAccessToken (values); if (mAccessToken. isSessionValid () {// display the Token Log. d ("Test", "token =" + mAccessToken. getToken () ;}}@ Override public void onCancel () {Toast. makeText (MainActivity. this, "authentication canceled", Toast. LENGTH_LONG ). show () ;}@ Override public void onWeiboException (WeiboException e) {Toast. makeText (MainActivity. this, "Auth exception:" + e. getMessage (), Toast. LENGTH_LONG ). show ();}}}

Project:
Http://download.csdn.net/detail/aehaojiu/8609659
XUtils open-source projects are required:
Http://download.csdn.net/detail/aehaojiu/8610323

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.