1

我正在关注 Google 关于如何授权应用访问一个或多个 API 的示例。问题是,当我成功授权时,我得到了 access_token,但在此之后我无法从它存储到的钥匙串中获取它。我在某处读到 iPhone Simulator 不能与 Keychain 一起使用,是不是因为这个,如果是这样,你能告诉我一些其他方法来存储我的访问令牌吗?

这是我的代码:

    static NSString *const kKeychainItemName = @"OAuthGoogleReader";

    GTMOAuth2Authentication *auth;
    auth = [GTMOAuth2ViewControllerTouch authForGoogleFromKeychainForName:kKeychainItemName
                                                                 clientID:kClientID
                                                             clientSecret:kClientSecret];

BOOL isSignedIn = [auth canAuthorize];
    if (isSignedIn) {
        NSLog(@"Signed");
        self.window.rootViewController = self.viewController;
        auth.accessToken = [[NSUserDefaults standardUserDefaults] objectForKey:@"accessToken"];
          NSURLRequest *request = [NSURLRequest requestWithURL:[NSURL URLWithString:[NSString stringWithFormat:@"http://www.google.com/reader/api/0/subscription/list?access_token=%@", [auth accessToken]]]];
          GTMHTTPFetcher* myFetcher = [GTMHTTPFetcher fetcherWithRequest:request];

          // optional upload body data

          //[myFetcher setPostData:[postString dataUsingEncoding:NSUTF8StringEncoding]];
        [myFetcher setAuthorizer:auth];
          [myFetcher beginFetchWithDelegate:self
                          didFinishSelector:@selector(myFetcher:finishedWithData:error:)];
         // - (void)myFetcher:(GTMHTTPFetcher *)fetcher finishedWithData:(NSData *)retrievedData error:(NSError *)error;
    }else{
    NSString *scope = @"https://www.google.com/reader/api/";

    GTMOAuth2ViewControllerTouch *viewController;
    viewController = [[GTMOAuth2ViewControllerTouch alloc] initWithScope:scope
                                                                clientID:kClientID
                                                            clientSecret:kClientSecret
                                                        keychainItemName:kKeychainItemName
                                                                delegate:self
                                                        finishedSelector:@selector(viewController:finishedWithAuth:error:)];

        self.window.rootViewController = viewController;
    }

我得到错误:

2012-08-22 16:54:47.253 greader[20833:c07] Signed
2012-08-22 16:54:47.705 greader[20833:c07] Cannot authorize request with scheme http (<NSMutableURLRequest http://www.google.com/reader/api/0/subscription/list?access_token=(null)>)

如您所见, access_token 只是零。

还有一些关于如何使用这个库的简单例子也会很棒。

谢谢!

4

1 回答 1

1

The gtm-oauth2 library handles storing and retrieving the access token and other auth values on the keychain. The app should not need to use the access token string directly, nor should the app put the authorization tokens into NSUserDefaults, as that is insufficiently secure.

gtm-auth2 also by default will refuse to attach an access token to a URL with an http: scheme. OAuth 2 is secure only when used with https: scheme URLs.

于 2012-08-23T07:35:36.350 回答