我正在为我的 Android 应用程序构建一个基于 REST 的 api。我目前使用访问令牌和基本标头身份验证。有什么改进认证过程的建议吗?
问问题
163 次
2 回答
1
我建议使用 OAuth 协议来管理 API 身份验证。您可以在此处阅读有关此协议的更多信息:http: //oauth.net/。
于 2013-05-06T17:26:41.087 回答
0
+1 ezimuel - "OAuth" is an excellent suggestion.
However, I was surprised to see the link Getting Started with the Tasks API and OAuth 2.0 on Android was deprecated.
Please check out these links:
Google Play Authorization: http://developer.android.com/google/play-services/auth.html (also uses OAuth 2.0)
Authenticating to OAuth 2.0 Services: http://developer.android.com/training/id-auth/authenticate.html
OAuth and REST in Android (1): http://simpleprogrammer.com/2011/05/25/oauth-and-rest-in-android-part-1/
OAuth and REST in Android (2): http://simpleprogrammer.com/2011/06/04/oauth-and-rest-in-android-part-2/
于 2013-05-06T17:36:01.353 回答