Java 如何在 Google Calendar API Authorization 中处理 urn:ietf:wg:oauth:2.0:oob 重定向
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/19706562/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How to handle urn:ietf:wg:oauth:2.0:oob redirect in Google Calendar API Authorization
提问by theflyingwolves
I am currently working on a installed desktop application implemented in java. I intend to integrate Google Calendar API into the application.
我目前正在开发一个用 java 实现的已安装桌面应用程序。我打算将 Google Calendar API 集成到应用程序中。
During the authorization procedure, I come to this stage where I am able to get the authorization code only through triggering a browser where the user consent page is displayed. Users then have to click "accept" and will be redirected to a webpage where the authorization code is presented. Users are to copy this code to the Eclipse System.in in order for the authorization process to continue (to exchange the authorization code for a TokenResponse).
在授权过程中,我来到这个阶段,我只能通过触发显示用户同意页面的浏览器来获取授权码。然后用户必须单击“接受”,然后将被重定向到显示授权代码的网页。用户需要将此代码复制到 Eclipse System.in,以便授权过程继续(为 TokenResponse 交换授权代码)。
My question is that how can I simplify this process so that the user won't have to do this stupid copy-and-paste stuff for the authorization code to be received? (This won't work anyway, if the project is compiled into a jar file...) Currently all I know is that I will need to provide a callbackurl or something, I just can't figure this out. Therefore, I would appreciate a more concrete answer, rather than simply tell me the concepts.
我的问题是如何简化此过程,以便用户不必为接收授权代码执行这种愚蠢的复制和粘贴操作?(这无论如何都行不通,如果项目被编译成一个 jar 文件......)目前我所知道的是我需要提供一个 callbackurl 或其他东西,我只是想不通。因此,我希望得到更具体的答案,而不是简单地告诉我概念。
Thanks in advance.
提前致谢。
回答by Francois Bourgeois
The oauth2 authorization grant flow (I think, that's what you are doing) defines that your application gets the flow back via a HTTP redirect.
oauth2 授权授予流程(我认为,这就是您正在做的)定义您的应用程序通过 HTTP 重定向获取流。
It's like this:
就像这样:
- Your application opens a socket and listens there for HTTP requests
- It now opens the browser and lets the user enter his/her credentials
- The user clicks submit and sends the credentials to the oauth server
- The server checks the credentials and, if correct, redirects the browser to your application (to the socket you opened in 1.)
- Your application gets the auth code from the browser and exchanges it with the access ticket.
- 您的应用程序打开一个套接字并在那里侦听 HTTP 请求
- 它现在打开浏览器并让用户输入他/她的凭据
- 用户单击提交并将凭据发送到 oauth 服务器
- 服务器检查凭据,如果正确,则将浏览器重定向到您的应用程序(到您在 1 中打开的套接字)。
- 您的应用程序从浏览器获取身份验证代码并将其与访问票交换。
To let the server know where to redirect to, you use the oauth parameter redirect_uriin step 2.
要让服务器知道重定向到哪里,请在步骤 2 中使用 oauth 参数redirect_uri。
