Java Basic Knowledge Hardening Network Programming note 20:android network communication Android common OAuth login and share

1. Apply for Baidu developer account and Baidu OAuth profile.

(1) Apply for developer account:

http://developer.baidu.com/

(2) Create the project:

Http://developer.baidu.com/console#app/project

(3) Introducing OAuth:

　　OAuth2.0 (open authorization) is an open standard that allows third-party applications to access private resources (such as photos, videos, contact lists) stored on a website without obtaining a user's user name and password after the user authorizes it.

Access Token: Credentials for user authentication and authorization. Third-party apps before calling Baidu Open API, you need to get access tokens first.

• Typical case: If a user has two services: one service is picture online storage service A and the other is picture online printing service B.　

since service A and service B are provided by two different service providers, the user has registered two users on each of the two service providers ' websites, assuming that the two usernames are different and the passwords are different. What should users do when they want to print a picture stored on service a using service B?

Law one: The user may first download the picture to be printed from service A and upload to the service B to print, this method is safe, but the processing is more cumbersome, inefficient;

Law II: The user will be registered on the service a user name and password to the service B, service B to use the user's account and then go to service A to download the picture to be printed, this way efficiency is improved, but the security greatly reduced, service B can use the user's username and password to service A to view or even tamper with the user's resources .

Many companies and individuals are trying to solve such problems, including Google, Yahoo, Microsoft, which also prompted the creation of the OAuth project team. OAuth was co-sponsored by Blaine Cook, Chris Messina, Larry Halff and David Recordon to provide an open standard for API access authorization. Version 1.0 of the OAuth specification was released on December 4, 2007. OAuth Features: (1) Simple: Whether it is an OAuth service provider or an application developer, it is easy to understand and use; (2) Security: Not related to user key information, more secure and more flexible; (3) Open: Any service provider can implement OAuth, and any software developer can use OAuth; See: Http://developer.baidu.com/wiki/index.php?title=docs/oauth 2. Authorization Code Authorization (1) basic process: (2) Authentication Authorization for Web applications (Authorization Code)• User Login

The login process starts with redirecting the user's browser (pop-up or open a new page if needed) to CSDN OAuth 2.0 's authorize Endpoint and pass three required parameters

• CLIENT_ID: API Key obtained when registering an app in the developer Center.
• Redirect_uri: The URL where the browser jumps back after successful login.
• Response_type: The service-side process, which is fixed to "code".

1 http://api.csdn.net/oauth2/authorize? Client_id=your_api_key&redirect_uri=your_callback_url&response_type=code

• Get access Token

Once the user has successfully logged in, they can use the authorization code returned by the service to obtain access tokens.

• CLIENT_ID: API Key obtained when registering an app in the developer Center.
• Client_secret: API secret for registering apps in Dev Center.
• Grant_type: This value is "Authorization_code".
• Redirect_uri: The URL to jump back after the process has ended.
• Code: Authorization code that the user obtains after successful login.

1 http://api.csdn.net/oauth2/access_token? Client_id=your_api_key&client_secret=your_api_secret&grant_type&redirect_ Uri=your_callback_url&code=the_code_from_above

The results of the service return are as follows:

{    "Access_token": "0dd49b2a5afa45bba6765ba4fdd1b3c9",    "expires_in": 86400,    "username": "Zhuyi"}

(3) Authentication authorization of the client (Resource Owner Password Credentials)

• Get access Token

Transfer the user name and password directly to get access Token.

• CLIENT_ID: API Key obtained when registering an app in the developer Center.
• Client_secret: API secret for registering apps in Dev Center.
• Grant_type: This value is "password".
• Username: The user name of the authorized user.
• Password: the password of the authorized user.

Http://api.csdn.net/oauth2/access_token? Client_id=your_api_key&client_secret=your_api_secret&grant_type&username =user_name&password=password

The results of the service return are as follows:

{    "Access_token": "0dd49b2a5afa45bba6765ba4fdd1b3c9",    "expires_in": 86400,    "username": "Zhuyi"}

Java Basic Knowledge Hardening Network Programming note 20:android network communication Android common OAuth login and share