OAuth2.0 Learning (5-4) Sina open platform-Weibo api-using OAuth2.0 call API

calling the API using the OAuth2.0

There are two ways to invoke the API interface using OAuth2.0:

1, the direct use of parameters, passed the parameter named Access_token

Url

1	https://api.weibo.com/2/statuses/public_timeline.json?access_token=abcd

2, in the header, the form of adding authorization:oauth2 space ABCD in the header, where ABCD is assumed to be the value of access token, other interface parameters can be passed normally.

Note: All of the Weibo open platform interfaces are deployed under the weibo.com domain, with only the authorized interface of the mobile side in the open.weibo.cn domain.

additional features in the authorizationScope

Scope is a feature of the OAuth2.0 new licensing page, through scope, the platform will open more microblogging core features to developers, but also enhance user privacy protection, enhance the user experience, the user in the new OAUTH2.0 authorization page has the right to choose to give the application function.

Scope Open Interface Documentation: interface documentation

Client Default callback page

Typically, the mobile Native app does not have a server callback address, and you can fill out the default callback page provided by the platform at the app console authorization callback page, which is not visible to the user and is used only for access tokens.

OAuth2.0 Client Default callback page: https://api.weibo.com/oauth2/default.html

Force Login

The authorization page reads the current user's Weibo login status by default, and if you want the user to log in again, pass in the parameter when calling the authorize interface: Forcelogin=true, this parameter is equivalent to Forcelogin=false by default.

Cancel Authorization Callback page

Developers can fill out the cancellation authorization callback page in the application console, and when the user cancels your app authorization, the open platform will call back the address you filled out. and passed to you the following parameters, Source: App Appkey,uid: un-authorized user, Auth_end: Time to cancel authorization

OAuth2.0 Related ResourcesThe following SDK contains the OAuth2.0 and the new API interface

Download the Android SDK	Download the iOS SDK	Download WP7 SDK
Download PHP SDK (maintained by SAE)	Download Java SDK	Download the Python SDK
Download Flash SDK	Download JavaScript SDK	Download the C # SDK

Mobile Development SDK Documentation

Android SDK Description Documentation	IOS SDK Documentation	WP7 SDK Documentation

Other references

OAuth is an internationally-accepted licensing method, and OAuth2.0 's official technical notes are available at http://oauth.net/2/

If you are still using Oauth1.0, please go to browse related documents.

OAuth2.0 Error code

In the implementation of Weibo OAuth2.0, when the authorization server receives the authentication authorization request, it verifies the request header and request parameters of this request according to the OAUTH2.0 protocol, and if the request is illegal or the authentication fails, the authorization server returns the corresponding error message, including the following parameters:

• Error: Wrong code
• Error_code: Wrong Internal number
• Error_description: Incorrect description information
• Error_url: A readable Web page URI with information about the error that is used to provide the end user with additional information about the error.

There are two ways to return an error message:

1. When an error occurs when requesting authorization Endpoint:https://api.weibo.com/2/oauth2/authorize, the return method is: Jump to Redirect_uri and query in URI A description of the error is included in the parameter.

2. When you request access token Endpoing:https://api.weibo.com/oauth2/access_token, an error occurs and returns: Returns the JSON text. For example:

Json

12345

{    "error": "unsupported_response_type",    "error_code": 21329,    "error_description": "不支持的ResponseType."}

The error code in the OAuth2.0 error response is defined as shown in the following table:

error code (ERR)	error Number (Error_code)	error description (error_description)
Redirect_uri_mismatch	21322	REDIRECT Address mismatch
Invalid_request	21323	Request is illegal
Invalid_client	21324	Invalid client_id or Client_secret parameter
Invalid_grant	21325	The provided access grant is invalid, expired, or revoked
Unauthorized_client	21326	Client does not have permissions
Expired_token	21327	Token expires
Unsupported_grant_type	21328	Unsupported Granttype
Unsupported_response_type	21329	Unsupported Responsetype
Access_denied	21330	User or authorization server denied access to data
Temporarily_unavailable	21331	Service temporarily inaccessible
Appkey Permission denied	21337	Insufficient app permissions

OAuth2.0 related issues, view OAuth2.0 related issues

OAuth2.0 Learning (5-4) Sina open platform-Weibo api-using OAuth2.0 call API