我一整天都在为此头疼。
我希望将我的 iOS 应用程序与 Withings api 集成。它使用 OAuth 1.0,我似乎无法完全理解如何实现它。
我一直在下载多个 OAuth 框架(MPOAuth、gtm-oauth、ssoauthkit),但无法完全弄清楚我应该做什么。
我搜索了很多,也在堆栈溢出中寻找关于如何实施 OAuth 1.0 以及特别是与 Withings 集成但没有成功的良好参考。
请解释将 iOS 应用程序与需要 OAuth 1.0 的 api 集成的流程。代码示例将非常有帮助。建议的第 3 方框架也不错。
澄清一下,我完全理解 OAuth 1.0 原则,只是在我的应用程序中实际实现它时遇到了问题。
我认为一个包含代码示例和良好参考的详尽答案对很多人来说非常有帮助,因为我找不到。如果有人在实施它方面有很好的经验,请花时间分享它。
我认为TDOAuth是最好的解决方案。它干净简单,只有一个 .h 和 .m 文件可以使用,没有复杂的示例项目..
这是 OAuth 1.0 流程:
第 1 步 - 获取请求令牌
//withings additional params
NSMutableDictionary *dict = [NSMutableDictionary dictionary];
[dict setObject:CALL_BACK_URL forKey:@"oauth_callback"];
//init request
NSURLRequest *rq = [TDOAuth URLRequestForPath:@"/request_token" GETParameters:dict scheme:@"https" host:@"oauth.withings.com/account" consumerKey:WITHINGS_OAUTH_KEY consumerSecret:WITHINGS_OAUTH_SECRET accessToken:nil tokenSecret:nil];
//fire request
NSURLResponse* response;
NSError* error = nil;
NSData* result = [NSURLConnection sendSynchronousRequest:rq returningResponse:&response error:&error];
NSString *s = [[NSString alloc] initWithData:result encoding:NSUTF8StringEncoding];
//parse result
NSMutableDictionary *params = [NSMutableDictionary dictionary];
NSArray *split = [s componentsSeparatedByString:@"&"];
for (NSString *str in split){
NSArray *split2 = [str componentsSeparatedByString:@"="];
[params setObject:split2[1] forKey:split2[0]];
}
token = params[@"oauth_token"];
tokenSecret = params[@"oauth_token_secret"];
第 2 步 - 获取授权令牌(通过在 UIWebView 中加载请求,webViewDidFinishLoad 委托方法将处理回调..)
//withings additional params
NSMutableDictionary *dict2 = [NSMutableDictionary dictionary];
[dict setObject:CALL_BACK_URL forKey:@"oauth_callback"];
//init request
NSURLRequest *rq2 = [TDOAuth URLRequestForPath:@"/authorize" GETParameters:dict2 scheme:@"https" host:@"oauth.withings.com/account" consumerKey:WITHINGS_OAUTH_KEY consumerSecret:WITHINGS_OAUTH_SECRET accessToken:token tokenSecret:tokenSecret];
webView.delegate = self;
[DBLoaderHUD showDBLoaderInView:webView];
[webView loadRequest:rq2];
按如下方式处理 webView 以启动第 3 步(我知道 isAuthorizeCallBack 闻起来很臭,但它可以完成工作,应该重构它..)
- (void)webViewDidFinishLoad:(UIWebView *)aWebView
{
[DBLoaderHUD hideDBLoaderInView:webView];
NSString *userId = [self isAuthorizeCallBack];
if (userId) {
//step 3 - get access token
[DBLoaderHUD showDBLoaderInView:self.view];
[self getAccessTokenForUserId:userId];
}
//ugly patchup to fix an invalid token bug
if ([webView.request.URL.absoluteString isEqualToString:@"http://oauth.withings.com/account/authorize?"])
[self startOAuthFlow];
}
- (NSString *)isAuthorizeCallBack
{
NSString *fullUrlString = webView.request.URL.absoluteString;
if (!fullUrlString)
return nil;
NSArray *arr = [fullUrlString componentsSeparatedByString:@"?"];
if (!arr || arr.count!=2)
return nil;
if (![arr[0] isEqualToString:CALL_BACK_URL])
return nil;
NSString *resultString = arr[1];
NSArray *arr2 = [resultString componentsSeparatedByString:@"&"];
if (!arr2 || arr2.count!=3)
return nil;
NSString *userCred = arr2[0];
NSArray *arr3 = [userCred componentsSeparatedByString:@"="];
if (!arr3 || arr3.count!=2)
return nil;
if (![arr3[0] isEqualToString:@"userid"])
return nil;
return arr3[1];
}
- (void)startOAuthFlow
{
[self step1];
[self step2];
}
最后 - 第 3 步 - 获取访问令牌
- (void)getAccessTokenForUserId:(NSString *)userId
{
//step 3 - get access token
//withings additional params
NSMutableDictionary *dict = [NSMutableDictionary dictionary];
[dict setObject:CALL_BACK_URL forKey:@"oauth_callback"];
[dict setObject:userId forKey:@"userid"];
//init request
NSURLRequest *rq = [TDOAuth URLRequestForPath:@"/access_token" GETParameters:dict scheme:@"https" host:@"oauth.withings.com/account" consumerKey:WITHINGS_OAUTH_KEY consumerSecret:WITHINGS_OAUTH_SECRET accessToken:token tokenSecret:tokenSecret];
//fire request
NSURLResponse* response;
NSError* error = nil;
NSData* result = [NSURLConnection sendSynchronousRequest:rq returningResponse:&response error:&error];
NSString *s = [[NSString alloc] initWithData:result encoding:NSUTF8StringEncoding];
//parse result
NSMutableDictionary *params = [NSMutableDictionary dictionary];
NSArray *split = [s componentsSeparatedByString:@"&"];
for (NSString *str in split){
NSArray *split2 = [str componentsSeparatedByString:@"="];
[params setObject:split2[1] forKey:split2[0]];
}
[self finishedAthourizationProcessWithUserId:userId AccessToken:params[@"oauth_token"] AccessTokenSecret:params[@"oauth_token_secret"]];
}
我还在这里保存了请求标头
NSMutableDictionary *dict2 = [NSMutableDictionary dictionary];
[dict2 setObject:CALL_BACK_URL forKey:@"oauth_callback"];
NSURLRequest *rq2 = [TDOAuth URLRequestForPath:@"/authorize"
GETParameters:dict2
scheme:@"https"
host:@"oauth.withings.com/account"
consumerKey:WITHINGS_OAUTH_KEY
consumerSecret:WITHINGS_OAUTH_SECRET
accessToken:self.token
tokenSecret:self.tokenSecret];
headers = rq2.allHTTPHeaderFields;
在回调方法中,我将向请求添加缺少的参数。通过这样做,我避免了“丑陋的补丁修复”。
- (BOOL)webView:(UIWebView *)wV shouldStartLoadWithRequest:(NSURLRequest *)request navigationType:(UIWebViewNavigationType)navigationType{
if (![request.allHTTPHeaderFields objectForKey:@"Authorization"] &&
[request.URL.absoluteString rangeOfString:@"acceptDelegation=true"].location == NSNotFound){
NSMutableURLRequest *mutableCp = [request mutableCopy];
NSLog(@"request :::%@", request);
[mutableCp setAllHTTPHeaderFields:headers];
dispatch_async(dispatch_get_main_queue(), ^{
[webView loadRequest:mutableCp];
});
return NO;
}
return YES;
}
我希望它会帮助某人
我建议您检查这个项目作为参考和真正有效的 OAuth 类。它继承自另一个伟大的项目,因此您需要将两者都添加到您的项目中。检查许可证是否符合您的要求。 https://github.com/rsieiro/RSOAuthEngine