python 如何在本地针对 OAuth 进行开发?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/670398/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How do I develop against OAuth locally?
提问by CoolGravatar
I'm building a Python application that needs to communicate with an OAuth service provider. The SP requires me to specify a callback URL. Specifying localhost obviously won't work. I'm unable to set up a public facing server. Any ideas besides paying for server/hosting? Is this even possible?
我正在构建一个需要与 OAuth 服务提供者通信的 Python 应用程序。SP 要求我指定回调 URL。指定 localhost 显然不起作用。我无法设置面向公众的服务器。除了支付服务器/托管费用之外还有其他想法吗?这甚至可能吗?
回答by sblom
Two things:
两件事情:
The OAuth Service Provider in question is violating the OAuth spec if it's giving you an error if you don't specify a callback URL. callback_url is spec'd to be an OPTIONAL parameter.
But, pedantry aside, you probably want to get a callback when the user's done just so you know you can redeem the Request Token for an Access Token. Yahoo's FireEagle developer docshave lots of great information on how to do this.
如果您未指定回调 URL,则有问题的 OAuth 服务提供者会向您显示错误,则该 OAuth 服务提供者违反了 OAuth 规范。callback_url 被指定为一个可选参数。
但是,撇开迂腐不谈,您可能希望在用户完成后获得回调,以便您知道可以将请求令牌兑换为访问令牌。Yahoo 的 FireEagle 开发人员文档有很多关于如何执行此操作的重要信息。
Even in the second case, the callback URL doesn't actually have to be visible from the Internet at all. The OAuth Service Provider will redirect the browser that the user uses to provide his username/password to the callback URL.
即使在第二种情况下,回调 URL 实际上根本不必在 Internet 上可见。OAuth 服务提供者会将用户用来提供其用户名/密码的浏览器重定向到回调 URL。
The two common ways to do this are:
执行此操作的两种常见方法是:
- Create a dumb web service from within your application that listens on some port (say, http://localhost:1234/) for the completion callback, or
- Register a protocol handler (you'll have to check with the documentation for your OS specifically on how to do such a thing, but it enables things like <a href="skype:555-1212"> to work).
- 从您的应用程序中创建一个愚蠢的 Web 服务,该服务在某个端口(例如http://localhost:1234/)上侦听完成回调,或者
- 注册一个协议处理程序(你必须查看你的操作系统的文档,专门了解如何做这样的事情,但它可以使 <a href="skype:555-1212"> 之类的东西工作)。
(An example of the flow that I believe you're describing lives here.)
(我相信您正在描述这里的生活的流程示例。)
回答by Kracekumar
In case you are using *nix style system, create a alias like 127.0.0.1 mywebsite.devin /etc/hosts(you need have the line which is similar to above mentioned in the file, Use http://website.dev/callbackurl/for/appin call back URL and during local testing.
如果您使用 *nix 样式系统,请创建一个像127.0.0.1 mywebsite.devin的别名/etc/hosts(您需要在文件中使用与上述类似的行,用于http://website.dev/callbackurl/for/app回调 URL 和在本地测试期间。
回答by Jamie Fristrom
This was with the Facebook OAuth - I actually wasable to specify 'http://127.0.0.1:8080' as the Site URL and the callback URL. It took several minutes for the changes to the Facebook app to propagate, but then it worked.
这与Facebook的OAuth的-我其实是能够指定“http://127.0.0.1:8080”作为网站的URL和回调URL。对 Facebook 应用程序所做的更改需要几分钟才能传播,但随后就奏效了。
回答by zalew
回答by Vasil
This may help you:
这可能会帮助您:
http://www.marcworrell.com/article-2990-en.html
http://www.marcworell.com/article-2990-en.html
It's php so should be pretty straightforward to set up on your dev server.
它是 php,所以在你的开发服务器上设置应该非常简单。
I've tried this one once:
我试过这个一次:
It's pretty simple. You have a link to download the code at the bottom.
这很简单。您可以在底部找到下载代码的链接。
回答by sean
You could create 2 applications? 1 for deployment and the other for testing.
您可以创建 2 个应用程序吗?1 个用于部署,另一个用于测试。
Alternatively, you can also include an oauth_callback parameter when you requesting for a request token. Some providers will redirect to the url specified by oauth_callback (eg. Twitter, Google) but some will ignore this callback url and redirect to the one specified during configuration (eg. Yahoo)
或者,您也可以在请求请求令牌时包含 oauth_callback 参数。一些提供者将重定向到 oauth_callback 指定的 url(例如 Twitter、Google),但有些提供者会忽略此回调 url 并重定向到配置期间指定的那个(例如 Yahoo)
回答by james.wilmot
So how I solved this issue (using BitBucket's OAuth interface) was by specifying the callback URL to localhost (or whatever the hell you want really), and then following the authorisation URL with curl, but with the twist of only returning the HTTP header. Example:
所以我如何解决这个问题(使用 BitBucket 的 OAuth 接口)是通过将回调 URL 指定为 localhost(或任何你真正想要的),然后使用 curl 跟随授权 URL,但只返回 HTTP 标头。例子:
curl --user BitbucketUsername:BitbucketPassword -sL -w "%{http_code} %{url_effective}\n" "AUTH_URL" -o /dev/null
Inserting for your credentials and the authorisation url (remember to escape the exclamation mark!).
插入您的凭据和授权 url(记住转义感叹号!)。
What you should get is something like this:
你应该得到的是这样的:
200 http://localhost?dump&oauth_verifier=OATH_VERIFIER&oauth_token=OATH_TOKEN
And you can scrape the oath_verifier from this.
你可以从中刮取 oath_verifier。
Doing the same in python:
在python中做同样的事情:
import pycurl
devnull = open('/dev/null', 'w')
c = pycurl.Curl()
c.setopt(pycurl.WRITEFUNCTION, devnull.write)
c.setopt(c.USERPWD, "BBUSERNAME:BBPASSWORD")
c.setopt(pycurl.URL, authorize_url)
c.setopt(pycurl.FOLLOWLOCATION, 1)
c.perform()
print c.getinfo(pycurl.HTTP_CODE), c.getinfo(pycurl.EFFECTIVE_URL)
I hope this is useful for someone!
我希望这对某人有用!
